heise PlusAbo
Anzeige

Microsoft security controller Pluton is also coming to Intel Core

The "Pluton" controller developed by Microsoft can already be found in AMD and Qualcomm chips from Ryzen 6000 and Snapdragon X/8cx upwards; Intel will follow.

listen Print view
Concept of the Microsoft Pluton

Concept of the Microsoft Pluton

(Image: Microsoft)

5 min. read
c't Magazin
By
Contents

In 2020, Microsoft announced that the "Pluton" security controller developed in-house will also be used in x86 and ARM processors for Windows computers in addition to Azure servers. AMD and Qualcomm were the first to go along, followed by Intel this year. Further details of the Pluton technology, which has not yet been fully documented, are also coming to light.

Not a chip, more than a TPM

Plutonis not a separate "security chip", and that is an essential part of its concept. Rather, it is an integrated function in processors - but one that works independently as a Root of Trust (RoT) anchored in hardware. Pluton is therefore similar to a firmware TPM 2.0 (fTPM 2.0) and can also take over its functions, but according to Microsoft it should be able to do even more.

Videos by heise

Some experts criticize the latter: precisely because a TPM 2.0 only does exactly what is publicly documented and no more, it is considered particularly trustworthy. Although Microsoft publishes details about Pluton from time to time, there is no complete and finalized public documentation to date. Microsoft is not alone in this, as Apple and Google also do not publish the exact functional scope of their respective security controllers.

Microsoft Pluton can safely update its own firmware before Windows starts.

(Image: Microsoft)

Pluton solves TPM problems

However, Pluton solves some fundamental problems that interfere with the use of TPM. For example, Pluton (like an fTPM 2.0) is integrated in another chip, which is why sensitive data cannot simply be eavesdropped on an external bus, as is possible with adiscrete TPM with SPI or LPC(TPM sniffing).

Furthermore, Pluton cansecurely update its own firmware before the operating system is started. This avoids annoying problems, such as forgotten recovery keys for BitLocker. In addition, updates for Pluton are thus possible independently of a possibly compromised operating system. However, this also means that Pluton must be able to contact Microsoft servers without external intervention.

Pluton should also enable secure firmware updates for other system components and offers other functions, such as zero-trust authentication for accessing cloud services. Microsoft also calls this "chip-to-cloud security".

Intel: Pluton optional

Unlike AMD (also a supplier of Xbox chips with Pluton) and Qualcomm (cooperates with Microsoft on ARM notebooks), Intel initially took a wait-and-see approach to Pluton. In 2020, Intel wrote that it wanted to provide Pluton "as a choice" in cooperation with Microsoft.

To this end, Intel has expanded its Converged Security and Management Engine (CSME/CSxE), which has been built into all processors for years. Based on a "standalone small x86 processor" (memory, crypto engine, and I/Os), the CSxE runs isolated from the CPU cores (the host) on specially secured hardware with cryptographically secured firmware.

Intel's description of the "Silicon Security Engine" in the Core Ultra 100 data sheet lists all the essential features of Microsoft Pluton.

(Image: Intel)

New in the data sheet of the Core Ultra 100 alias Meteor Lake is an additional "Intel Silicon Security Engine", which uses the described CSxE hardware, but executes an upcoming "new firmware" (new FW IP). Intel then describes all the essential functions of Microsoft Pluton in section 5.15.2, but without mentioning the word Pluton (RoT, secure FW loading, certification authority, measurements).

Microsoft, on the other hand, clearly states: "[...] Pluton platforms in 2024 AMD and Intel systems will start to use a Rust-based firmware foundation given the importance of memory safety."

Pluton with TockOS and Rust

TockOS is currently only available for ARM Cortex-M and RISC-V, but is coming for x86.

(Image: TockOS)

As a presentation by Microsoft employees Bobby Reynolds and Gustavo Scotti, held at the TockWorld7 event, reveals, the Pluton firmware uses the embedded operating system TockOS, which is designed for high security, and is written in Rust. As TockOS has so far mainly targeted ARM Cortex-M and RISC-V, Microsoft is porting it to x86 for Intel.

According to the announcement of the presentation, the respective chip developers – i.e. AMD, Intel and Qualcomm - have certain freedoms as to how they implement their respective Pluton hardware. But: "Microsoft owns the firmware and has chosen to use Tock OS as a common platform for (nearly) all Pluton firmware deliverables."

Pluton thumbscrew Copilot+

To implement Pluton, Microsoft made the technology a prerequisite for the new "Copilot#" logo. This is actually about notebooks that are supposedly particularly well suited for the bundle of AI applications that Microsoft markets as Copilot. However, all chip manufacturers want to benefit from this marketing program and are also hoping that the approaching end of support for Windows 10 will boost sales of new (business) laptops.

(ciw)

Don't miss any news – follow us on Facebook, LinkedIn or Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.

Beliebte Bestenlisten

Alle Angebote
Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten