2. Is there a problem?
People who are keen on security and try to avoid risks are noticing it immediately: If there is an underlying second operating system – do we have control over it? How secure is this at all? Is there a way to disable AMD PSP / AMD Secure Technology?
To Answer those questions we need to check out if there is a sufficient documentation out there which allows to comprehend all mechanisms and we need to watch out for possible security flaws.
AMD PSP / AMD Secure Technology has been mentioned in chapter 2.14 of the BIOS and Kernel Developer’s Guide for AMD Familiy 16h Models 30h-3Fh for the first time. On page 156 you can find just a very brief summary of this technology.
Neither is there a hint how to disable those functionality in total or in parts, nor is the source code availabe to the public.
So as far as we know AMD PSP / AMD Secure Technology can’t be disabled at all.
2.2 Security vulnerabilities and exploits
Also in AMD PSP vulnerabilities have been found. It was possible to craft a certificate to get code execution rights on the AMD Secure Processor and to infiltrate AMD’s security subsystem (source 04).
This management engine is definitely running. The lack of an ordinary documentation leads inevitable to security holes which represent a not only potentional but and proven risk to data and computer security.