Intel® Platform Service Record (Intel® PSR) Introduction
Use Cases for the Intel Platform Service Record
Using the Intel Management and Security Status Application with Intel Platform Service Record
Time Stamp Structure and Calculation
Intel Platform Service Record Sample Output Example
System Requirements
Intel® Platform Service Record (Intel® PSR) is supported on Intel vPro® Essentials and Intel vPro® Enterprise on:
- Lunar Lake platforms (PSR 2.1)
- Meteor Lake Platforms (PSR 2.0)
- Raptor Lake platforms (PSR 1.0)
- Alder Lake platforms with Raptor Lake CPU (PSR 1.0)
Intel PSR requires Intel® CSME 16.1 firmware or later, and requires enablement by the OEM.
Note: Intel PSR is supported only if the Intel® UPID is supported, and the Intel PSR log can be retrieved only if the Intel UPID is enabled on the platform. For details on enabling Intel UPID, refer to Intel Unique Platform ID Usage.
Highlights
The Platform Service Record provides on-platform persistent and tamper-resistant ledgers and counters of the various items belonging to the platform.
Following is the structure of the Platform Service Record:
- Identifiers
| Item | Size (bytes) |
|---|---|
| Intel Unique Platform ID | 64 |
| Intel Platform Service Record ID | 16 |
- Platform Genesis Record that includes the following information:
| Item | Size (bytes) |
|---|---|
| Log Start Date (set at End of Manufacturing) | 8 |
| OEM | 64 |
| OEM Make | 64 |
| OEM Model | 64 |
| Country of Manufacture | 64 |
| OEM-defined metadata | 1024 |
- Capabilities section (in PSR 2.0) that indicates whether a feature or mechanism is supported by the OEM's design. A value of 0 indicates that a capability is not supported. A value of 1 indicates that the capability is supported:
| Capability | Size (bytes) | Comments |
|---|---|---|
| Chassis intrusion | 1 | Optional |
| Excessive shock detection | 1 | PSR 2.0; optional Requires implementing a modified ISH solution to report this event to Intel CSME |
| Critical temperature detection | 1 | PSR 2.0; optional Requires implementing a temperature sensor and modifying the EC and BIOS |
| Remote Platform Erase | 1 | PSR 2.0; optional |
| Local Platform Erase | 1 | PSR 2.0; optional |
| Firmware Recovery detection | 1 | PSR 2.1; optional |
| Firmware Update detection | 1 | PSR 2.1; optional |
| System Hang detection | 1 | PSR 2.1; optional |
| Power Drop detection | 1 | PSR 2.1; optional |
| Reserved | 23 |
Sanitization events are events in which the BIOS performs a Remote Platform Erase, Local Platform Erase, or Intel ME unconfigure (PSR 2.0; optional). These require enabling RPE and modifying the BIOS. Following are the types of events and devices whose statuses can be logged in the PSR:
- TPM
- Supported Storage Erase (storage supported with RPE)
- Storage Erase Verification comparison
- Clear BIOS variables
- BIOS reload golden configuration
- OEM Custom Actions (if defined)
- Intel CSME Unconfigure
Note: Only the latest sanitization event of each type (SSD, TPM, etc.) is recorded in the Platform Service Record Event Log. Older specific sanitization events are overwritten by the last event of the type, regardless of its status (failed/passed) or origin (LPE/RPE).
- Counters (4 bytes each) for:
- Number of seconds in S0 state
- Number of S0->S5 transitions
- Number of S0->S4 transitions
- Number of S0->S3 transitions
- Number of platform power-ons
- Platform resets
- ISH Connection Count (PSR 2.0). This is always less than or equal to the total boot count (S0->S5 transitions + S0->S4 transitions + S0->S3 transitions + Resets). Preferably at least 90% of the total boot count.
- CSME Reset Count (PSR 2.0)
- Reserved (36 bytes)
- PRTC Reset Count (PSR 2.0)
- Log in Recovery State Count (PSR 2.0)
- DAM (Delayed Authentication Mode) State Entered Count (PSR 2.0)
- Unlocked State Entered Count (PSR 2.0)
- PSR SVN Incremented Count (PSR 2.0)
- Reserved (12 bytes)
- Excessive Shock Count (PSR 2.0)
- Excessive Operational Temperature Count (PSR 2.0)
- Firmware Recovery Count (PSR 2.1)
- Firmware Update Count (PSR 2.1)
- System Hang Count (PSR 2.1)
- Power Drop Count (PSR 2.1)
- Reserved (20 bytes)
- Event data ledger
| Item | Size (bytes) |
|---|---|
| Number of events | 4 |
| Event 1...100 | 12 bytes for each event |
Structure of each event in the event data ledger:
| Field | Size (bytes) | Value |
|---|---|---|
| Event ID | 1 | |
|
Event sub ID (PSR 2.0. Reserved in PSR 1.0) |
3 | Event specific |
| Time stamp | 4 | |
| Reserved | 4 |
Event Details
The following table lists the different events that can be logged in the event data ledger:
| Event Name | Description | Behavior | Event ID |
|---|---|---|---|
| Log Started | First event in the log. Generated when the log is initiated. | 8 | |
| Log Ended | Event added at the end of the log. This is to have the timestamp when the log is retrieved. | 9 | |
| Log Full | Indicates that there is no more free storage in the log to add events. |
|
10 |
| Replay Protection Infrastructure Failure | A Replay Protection infrastructure failure has been detected (e.g., loss of RTC power when anti-replay is RTC-based) |
|
16 |
| Log Missing | The PSR firmware detected that one of the files used to store the PSR is missing |
|
17 |
| Log Integrity Compromised | The PSR firmware detected that the log's integrity or replay protection is compromised |
|
18 |
| PRTC Reset |
PRTC (Protected Run-Time Clock) failure was detected. The platform’s real-time clock is reset. |
Logging continues but new event time stamps may be inaccurate. See Time Stamp Structure and Calculation. | 19 |
| Log in Recovery State | Intel CSME firmware has entered a state or condition in which the Intel PSR cannot operate or is not recording. The event is recorded when normal operation resumes. | Logging continues | 20 |
| DAM State Entered | Intel CSME has entered DAM (Delayed Authentication Mode) state. Recording halted temporarily. Platform is ready for debug. | Logging continues | 21 |
| Unlocked State Entered | Intel CSME firmware has been unlocked for debugging. | In this state, Intel PSR is not available and is not recording. When normal operation resumes. an event indicating that state is added and recording resumes. | 22 |
| PSR SVN Incremented | The firmware's SVN was incremented (via a TCB recovery) or the SVN of the Intel PSR process was incremented (via a firmware update that increased the SVN). | 23 | |
|
Chassis Intrusion Detected |
BIOS has detected that the computer case has been opened | 32 | |
| Excessive Shock (PSR 2.0) | ISH has detected that the platform underwent excessive shock | 33 | |
| Excessive Operational Temperature (PSR 2.0) | Platform has reached the specified excessive operational temperature as managed by the EC | 34 | |
| Erase | Platform Erase Action result | 35 | |
| Firmware Recovery | A recovery event has occurred. Exact details of the recovery may differ between OEMs. | The last 5 occurrences of this event are logged. | 36 |
| Firmware Update | A firmware update has occurred. Exact details of the firmware that was updated may differ between OEMs. | The last 5 occurrences of this event are logged. | 37 |
| System Hang | System hang has occurred. Exact details may differ between OEMs. | The last 5 occurrences of this event are logged. | 38 |
| Power Drop | Power drop has occurred. Exact details may differ between OEMs. | The last 5 occurrences of this event are logged. | 39 |
Erase Event Types:
The type of erase event is specified in the event sub ID:
| Sub ID | Event |
|---|---|
| 2 | Secure erase all SSDs |
| 3 | Verify storage erase |
| 6 | TPM clear |
| 16 | OEM custom action |
| 25 | Clear BIOS NVM variables |
| 26 | BIOS reload of golden configuration |
| 31 | Intel ME unconfigure |
The Intel Platform Service Record provides an indicator that can attest that the PSR data has been generated by the platform. This enables detection of tampering.
Intel® CSME provides an API over the Intel MEI interface, available both before and after POST, that allows the Platform Service Record data to be retrieved in a Data Structured Blob.
The Platform Service Record can be retrieved from the platform through UEFI and OS driver interfaces, enabling access to the PSR Data Structure through:
- The Intel® Management and Security Status application, to display PSR Data and Export to File
- UEFI BIOS setup menu to display the PSR or export the PSR Data to USB
- 3rd party applications. Customers can use the PSR SDK sample code and the APIs described below to build applications that access the data in the PSR.
For information on the Intel® MEI interface that Intel® CSME provides for software applications to enable them to retrieve the PSR information and state, see Platform Service Record Intel MEI Protocol.
Use Cases for the Intel Platform Service Record
- The Platform Service Record ID can be captured during manufacturing and later compared with the Platform Service Record ID on the platform to determine whether it was changed after the platform was shipped by the OEM. A mismatch would indicate that the PSR has been reset, and that historical data is therefore missing.
- Key events captured within the PSR Event Ledger, e.g., Chassis Intrusion Detection, can be observed over the life cycle of the platform to help assess confidence
- Platform S0 operational use and power state transitions can be assessed to aid in the determination of general wear or correlations of other platform events when determining plans to decommision (repurpose, resell, recycle) the platform.
- Ability to export PSR data and attesting of the platform (for example, via a cloud service)
Using the Intel Management and Security Status Application with Intel Platform Service Record
This section shows highlights of how the Intel PSR is accessed via the Intel IMSS application. For details on using the Intel IMSS application, see the Intel Management and Security Status Application User Guide.
You access the Intel PSR via the Intel® Unique Platform ID tab:
If the Intel UPID has been enabled on the platform, the View Intel® PSR and Save Intel® PSR buttons are enabled.
To view the platform's Intel PSR information:
Click View Intel® PSR. The System Information window is displayed.
Clicking General displays:
- Log State
- PSR version
- PSR ID
- UPID
Clicking Genesis displays:
- Log Start Date
- OEM Name
- OEM Make
- OEM Model
- Country of Manufacturer
- OEM Data
Clicking Ledger displays:
- S0 Run Time in Seconds
- S0 to S5 Transition Count
- S0 to S4 Transition Count
- S0 to S3 Transition Count
- Warm Reset Count
Clicking Events displays a list of events recorded in the log:
Clicking an event displays information about the event:
Time Stamp Structure and Calculation
The timestamp in the Intel PSR is displayed in UTC format: YYYY-MM-DDThh:mmZ. This applies to both the genesis record and the events.
Genesis record time: the number of seconds that have passed since 1.1.1970.
Event time: the number of seconds that have passed since the log was created.
To calculate the time that an event occurred, you add the event time to the genesis time.
If an event causes the Intel CSME clock to reset its time (e.g., removal of the PRTC coin battery), a PRTC Failure event with a timestamp of zero is added to the log. The timestamps of all subsequent events will show the number of seconds since the PRTC Failure event that caused the time loss (they will not display the date in YYYY-MM-DDThh:mmZ format).
Intel Platform Service Record Sample Output Example
The Intel PSR SDK includes a sample application (PlatformServiceRecord.exe) that demonstrates how to use the Intel PSR. The application includes the following functions:
- Retrieving the Platform Service Record log status
- Retrieving the Platform Service Record Log and verifying it
- Parsing and displaying the Platform Service Record log blob
- Saving the Platform Service Record to a file
For details on these options and others, and examples of running the sample application for various purposes, see the documentation included with the sample application.
Following is one example of the output that is generated when you run the sample application:
