AMD supports choice in the marketplace with DAS 1.0, featuring DASH 1.1, AMD Virtualization™ (AMD-V™) technology and Trusted Platform Module (TPM) 1.2, all based solely on open industry standards to enable manageability, virtualization, and security with features that don’t lock solutions into a single, proprietary technology.

By deploying systems that support DAS 1.0, businesses can simplify their embedded system management process and manage a mixed environment in a consistent manner—helping to reduce complexity, simplifying administrative tasks, and contribute to lower overall costs. DASH (Desktop and mobile Architecture for System Hardware) defines a common framework for remote management of systems, providing the flexibility to accomplish essential management tasks such as remote power management, automated system start-up and shut down, patching, remote diagnostics, and system security patch and update compliance, as well as system security in a distributed environment.

It is easy to safeguard systems with comprehensive security from boot-up to shut down with the combination of AMD chip-level security features like TPM support and AMD Virtualization which enable systems to run secure and real-time operating systems in secure, virtualized sessions.

For the Manageability, Virtualization and Security of Embedded Solutions

A M D DA S 1 . 0

AMD DAS (DASH, AMD Virtualization™ (AMD-V™) Technology, and Security) 1.0 is a term used to describe the various technologies used to help fulfill the increasing security and reliability needs of embedded solutions.

MANAGEABILITY Embedded systems have grown into highly dispersed networks of systems. Along with that growth the costs of deploying, administering, and maintaining those systems have increased. To manage these costs, while at the same time increasing reliability and uptime, businesses have begun to leverage remote management techniques designed to simplify deployments and reduce the costs associated with the administration and maintenance of these systems.

Such techniques now enable “blank” systems to be deployed and the software associated with a particular installation installed remotely. Those installed systems can then receive software updates remotely, including application, operating system, and firmware updates. Use of remote management systems can alert a service center in the event of a system failure helping to reduce the time required to get a system back into service. Remote management can also help to reduce the number of technician visits to remote installations by enabling the remote diagnostics and repair of non-functioning systems, regardless the state of the system. If a technician determines that it is necessary to visit an installation he/she will often know what needs to be fixed before even leaving the shop ensuring all the right tools and parts are in hand upon arrival to the site.

DISTRIBUTED MANAGEMENT TASK FORCE (DMTF) To help simplify manageability and reduce costs, leading vendors in the IT industry have collaborated for many years on various management standards to make it easier to manage a heterogeneous IT environment. A key standards body developing standards for systems management is the Distributed Management Task Force (DMTF).

The Distributed Management Task Force (DMTF) is an industry organization leading development, adoption, and promotion of interoperable enterprise and systems management standards. DMTF has more than 4,000 active participants representing 43 countries and nearly 160 entities.

As an active member of the DMTF and a member of its Board of Directors, AMD is strongly committed to developing and supporting industry standards for manageability to help our customers reduce management complexity and overall maintenance costs.

Our collaborative leadership in the DMTF has resulted in the development of standards which make it easier than ever for customers to manage increasingly diverse IT environments, including standards for DASH on clients and SMASH on servers. We've applied these standards to developing our own future-ready platform solutions for our industry partners and customers. AMD-based embedded platforms built with a DASH 1.1 compliant network interface adapter can help manage your company’s embedded system infrastructure.

BETTER MANAGEABILITY THROUGH INDUSTRY STANDARDS Reducing the complexity of managing a business’s deployed systems can help reduce overall system management costs. However, because many companies deploy systems from multiple vendors, management complexity can be difficult to contain.

Platforms and management tools that support management standards can help simplify management of a company’s deployed systems. By deploying standards-based solutions, businesses can reduce the number of management tools they must use and maintain and streamline management processes and tasks. This allows organizations to choose the best mix of vendor solutions that meet their needs and still control the cost of managing their environment.

In contrast proprietary solutions can increase management complexity, limit choice through vendor lock-in, and reduce flexibility to respond to business needs.

ADVANTAGES OF STANDARDS-BASED MANAGEABILITY

STANDARDS-BASED PROPRIETARY

You can choose the best mix of vendor solutions Locks you in to one vendor

Simplifies management of a multi-vendor environment‣ Standards-based solutions interoperate‣ One console for management‣ Low learning curve

Can increase complexity to add other vendors' products‣ Solutions may not work together‣ Many tools to manage‣ Can increase learning curve

Respond to changing business needs while controlling management cost

Limited flexibility - can be difficult to respond to changing business needs

Can lower costs‣ Choose the right mix of solutions to meet your needs‣ Simplify management of a multi-vendor environment

Can increase costs‣ Could pay for features you don't need‣ May end up with a complex mix of proprietary solutions

REMOTE MANAGEMENT USING DASH AMD embedded systems that support remote management all support DMTF standards, including DASH (Desktop and Mobile Architecture for System Hardware). DASH is a suite of specifications developed by the DMTF that delivers open standards-based web services management for desktop, mobile, and embedded systems.

DASH is a comprehensive framework that provides the next generation of standards for secure out-of-band and remote management of systems in multi-vendor, distributed environments and enables the same tools, syntax, semantics, and interfaces to work across a full range of products: traditional desktop systems, mobile and laptop computers, blade PCs, and even embedded systems.

DASH enables robust, secure remote management. DASH 1.1 includes the following remote management features:

FEATURES BENEFITS

Remote Power ControlFrom a remote management console, administrators can power off, power on, or power cycle a client system. They may want to power off systems to reduce energy usage. Or they may want power on a system, apply a patch, and power off again.

Remote DiagnosticsAdministrators can remotely diagnose problems by remotely powering on a remote system and redirecting the serial output to their remote console. They can then specify the system boot from a diagnostic disk or device to perform troubleshooting remotely.

Console RedirectionProvides a standardized interface that allows a remote console to add/delete users, set/change passwords, and assign roles to users. Pre-defined roles include admin, operator, and read-only.

Text Console RedirectionProvides BIOS-assisted console and keyboard redirection during boot, BIOS setup, or diagnostic programs (once the OS takes over during boot, text redirection stops)

Media RedirectionProvides a "virtual" CD-ROM/floppy/disk device that reads data from a remote device or image file. This allows BIOS to boot from a remote Disk/CDROM/floppy image.

DiscoveryFrom a management console, administrators can automatically discover the remote systems they can manage with DASH. A managed system can then be queried in a standard way. The console can also determine if a system supports DASH and which specific capabilities or features are accessible.

Asset Inventory

From their management tool or console, administrators can view hardware and software inventory for systems in the network. For example, an admin can check the configuration of hardware components like memory or hard drives, or see what software and versions are installed. This inventory can be viewed whether a remote system is powered on or off.

BIOS (Basic Input Output System) Management

Provides the capability to remotely change BIOS settings.

NIC (Network Interface Card) Management

Provides management of MAC and IP addresses, DNS and DHCP configuration. Adds the capability to represent and manage a network port that provides a LAN interface and its associated controller.

Operating System StatusEnables representation of OS name/version and OS state (shutdown, OS-up, standby/hibernate) or to request a change in state e.g. shutdown or hibernate

Remote System Health Monitoring

Administrators can remotely monitor the health of hardware components in the system, such as temperature, chassis intrusion, and fan operation.

Opaque Data Management (offline mailbox)

Allows a software agent on the system to store data in the DASH management controller so that a remote console or remote application can later read the data out-of-band regardless of OS state or system power state

Software Update Provides management interfaces for updating firmware and software.

Sensor interfacesIncludes optional sensor interfaces for fan speed, fan status, temperature, power supply status, and chassis intrusion

Platform alertsA console can subscribe to alerts via a WS-eventing protocol. Platform alerts may include temperature alerts, fan failure, chassis intrusion, ProcHot, ThermTrip, and BIOS boot failure.

FEATURES BENEFITS Virtualization Extensions to the x86 Instruction Set

Enables software to more efficiently create virtual machines so that multiple operating systems and their applications can run simultaneously on the same processor.

Tagged TLBHardware features that facilitate efficient switching between virtual machines for better application responsiveness.

Rapid Virtualization Indexing (RVI)

Helps accelerate the performance of many virtualized applications by enabling hardware-based virtual machine memory management.

I/O VirtualizationEnables direct device access by a virtual machine, bypassing the hypervisor for improved application performance and improved isolation of virtual machines for increased integrity and security.

AMD VIRTUALIZATIONTM (AMD-V™) TECHNOLOGY In the past, many embedded applications have utilized multiple processing platforms in a system for security, performance, and reliability reasons. By running applications on completely separate processing platforms applications could be fully isolated from one another. This would help prevent external or low priority processes from accessing critical or sensitive data, as well as prevent those external or lower priority processes from interfering with the real-time or reliable operation of critical system functions. Through client-side virtualization, developers can now implement completely isolated application and operating system functions on a single processing platform enabling less complex, lower power, and lower cost system implementations. Some examples of applications that can benefit from client-side virtualization include industrial controls and automation, casino gaming, enterprise storage, telecommunications, and medical.

In client-side virtualization, a hypervisor or a virtual machine monitor (VMM) partitions the client device into multiple environments known as virtual machines (VMs). Each VM can then be loaded with its own operating system. For example, a user can run the Windows Embedded Standard 7 operating system on one VM and a real-time operating system on the second—offering real-time responsiveness with an interactive 3D user interface, all running in isolation on a single physical host processor.

Users can encapsulate different tasks, such as secure communications, data storage and user interface in different VMs. For example, an instance of the Windows 7 operating system could be dedicated to running a user interface, while Linux runs secure communications and data storage applications, with each operating system completely isolated from one another delivering a high level of security and reliability for critical communications and data storage.

AMD-V technology is a set of unique on-chip features that help AMD processor-based clients run multiple operating systems and applications on a single machine by improving the efficiency of virtualization software. AMD-V technology allows you to better utilize your resources, making your client systems more effective.

AMD-V technology features and benefits:

STANDARD SECURITY SOLUTIONS Offering a security solution is especially important for security and regulatory compliance in financial, government, and healthcare applications. However, with many embedded applications, becoming networked and the rise in attacks on these embedded applications, further emphasizes the increasing need for the protection of confidential and sensitive data across a broad range of embedded applications.

AMD promotes open, industry standard security solutions for embedded applications. Trusted Computing is a category of technology developed and promoted by the Trusted Computing Group. AMD is a member of the Trusted Computing Group. The Trusted Computing Group (TCG) is a not-for-profit organization formed to develop, define, and promote open and vendor-neutral industry standards for

trusted computing building blocks and software interfaces across multiple platforms.

Trusted Computing is the industry's answer to growing security problems and is based in a hardware root of trust, helping to make embedded systems, applications, and networks more secure. The computer or system can be made to consistently behave in specific ways, and those behaviors can be enforced by hardware and software when OEMs enable these technologies.

Through the implementation of an on-board TPM (Trusted Platform Module) 1.2 module, an embedded platform will benefit from the following features:

For more information on the TCG:http://www.trustedcomputinggroup.org/

FEATURES BENEFITS

Authentication Helps ensure that only authorized systems are allowed access to the network.

Encryption Protection of the stored and communicated data

Network Access Control Helps ensure that only authorized users or systems access the networkStandards Based Compatibility between deployed systems from different manufacturersSecure Boot Helps to verify the integrity of firmware, OS, and applications prior to execution

©2011 Advanced Micro Devices, Inc. All rights reserved. AMD, the AMD Arrow logo, Radeon, and combinations thereof, are trademarks of Advanced Micro Devices. DirectX is a registered trademarks of Microsoft Corporation in the U.S. and/or other jurisdictions. HDMI is a trademark of HDMI Licensing, LLC. PCIe and PCI Express are registered trademarks of PCI-SIG. Other names are for informational purposes only and may be trademarks of their respective owners. PID# 50102A

www.amd.com/embedded