AMD openSIL Planned to Replace AGESA Firmware in Client and Server in 2026
by Gavin Bonshor on May 5, 2023 5:15 PM ESTAt a recent OCP Regional Summit held in Prague, AMD shared its plans to replace its AMD Generic Encapsulated Software Architecture (AGESA) firmware with an open-source alternative called Open-Source Silicon Initialization Library (openSIL). The new firmware would be ready for production use in 2026, following a multi-year, four phase development cycle.
Firmware is a crucial component for modern computer systems, and on modern AMD systems, that critical code blob is AGESA. Among other things, AGESA is responsible for initializing several sub-systems of the platform, including processor cores, chipset, and memory; and it is frequently updated to support new hardware and resolve bugs.
But for all the utility that firmware brings, it can also be a weak point in a system via vulnerable to cyber attacks. So as part of their new firmware initiative, AMD has proposed making the development, architecture, and validation of the Silicon Initialization Firmware open-source to enhance security. AMD has a history of supporting open-source solutions for software and drivers, and openSIL is designed to be lightweight, simple, transparent, and secure and can be scaled easily.
As initially reported on by Phoronix, openSIL is not intended to replace the Unified Extensible Firmware Interface (UEFI) but rather to be integrated with other host firmware such as coreboot, reboot, and FortiBIOS. It is written in standard industry language, allowing vendors to statically link it to the host firmware and bypass any host firmware protocols.
AMD is presently testing openSIL in the Proof-of-Concept (POC) phase, and it is currently compatible with AMD's 4th-generation EPYC (Genoa) processors and related platforms. The 5th-generation EPYC (Turin) processors will also be included in the POC phase. AMD intends to make openSIL the default choice for the 6th-generation EPYC series by 2026, and AGESA will be phased out.
While AMD admits that openSIL is still a work in progress, it is very close to parity with AGESA. However, since openSIL won't be ready until 2026 and AMD's most recent roadmap shows Zen 5 for 2024, it may take until Zen 6 or even Zen 7 before seeing a finished product. AMD has not released a projected roadmap for openSIL on the client side, but it will eventually replace AGESA on all AMD products.
18 Comments
View All Comments
Threska - Friday, May 5, 2023 - link
Waaaay into the future.Kamen Rider Blade - Saturday, May 6, 2023 - link
It's still the right move IMO. AMD committing to Open Source in a VERY important area that everybody has been asking for transparency on.Kamen Rider Blade - Saturday, May 6, 2023 - link
It's also better to take your time to do it right, then to rush things.Drkrieger01 - Saturday, May 6, 2023 - link
Very true, but also remember that it's good to make mistakes to learn things every now and then ;)juancn - Monday, May 8, 2023 - link
It make sense to progressively move all you new products into the new framework, until a large enough chunk is supported, rather than try to back port old firmware into the new framework, losing all the effort you did to squash bugs in the old AGESA code.Kevin G - Monday, May 8, 2023 - link
For firmware planning, that is what you have to do. Operating systems/hypervisors need lead time to be able to adapt to the underpinnings.Techie2 - Saturday, May 6, 2023 - link
I'm not sure how open source can be more secure than proprietary but if it can then so be it. There needs to be massive increases in online security from schools to government to e-tailer websites. Personal computers are often the weakest security point so it's all a real challenge to fix as the hackers have a big head start.meacupla - Saturday, May 6, 2023 - link
open source is not more or less secure than proprietary, but there is greater transparency and more people to find bugs. The fixes usually come a lot quicker too, like days compared to a month.Threska - Sunday, May 7, 2023 - link
Well as the mythical man-month says (brook's law), more people thrown at a problem doesn't speed things up. Plus not everyone is competent in a particular domain. e.g. security, etc.EnFission - Sunday, May 7, 2023 - link
It's not like anyone can make commits to the finalized production release. There will be specialized maintainers who will review submission attempts to veto, refine, and approve proposed changes. This does however allow for anyone with niche knowledge to point out flaws or optimizations before they hit the consumers' system.