DVMT – Dynamic Video Memory Technology (Intel Corporation).

The amount of video memory allocated depends upon the amount requested by the operating system. When the memory is no longer required, it is returned to the operating system for use by other applications or system functions. DVMT allocates memory based on system needs.

Watchdog Timer

A watchdog timer is a computer hardware timer that triggers a system reset or other corrective action if the main program, due to some fault condition, such as a hang, neglects to regularly service the watchdog (writing a “service pulse” to it, also referred to as “kicking the dog”, “petting the dog”, “feeding the watchdog” or “waking the watchdog”). The intention is to bring the system back from the unresponsive state into normal operation.

For those embedded systems that can’t be constantly watched by a human, watchdog timers may be the solution. For example, most embedded systems need to be self-reliant, and it’s not usually possible to wait for someone to reboot them if the software hangs. Some embedded designs, such as space probes, are simply not accessible to human operators. If their software ever hangs, such systems are permanently disabled. In cases similar to these, a watchdog timer can help in solving the problem.

The watchdog timer is a chip external to the processor and is tied directly to the processor’s reset signal.

SM (System Management) Bus

SM Bus is the System Management Bus. It’s used in pc’s and computers for low-speed system management communications.

It’s simple two-wire bus used for communication with low-bandwidth devices on a motherboard, especially power related chips such as a laptop’s rechargeable battery subsystem. Other devices might include temperature sensors and lid switches.

Northbridge (Intel 945GSE)

The Northbridge typically handles communications among the CPU, RAM, BIOS ROM, and PCI Express video cards, and the Southbridge. The Northbridge also contains integrated video controllers, also known as a Graphics and Memory Controller Hub (GMCH) in Intel systems.

Southbridge (ICH7M)

The Southbridge, also known as an I/O controller hub (ICH), is a chip that implements the “slower” capabilities of the motherboard in a Northbridge/Southbridge chipset computer architecture.The Southbridge can usually be distinguished from the Northbridge by not being directly connected to the CPU. Rather, the Northbridge ties the Southbridge to the CPU. Through the use of controller integrated channel circuitry, the Northbridge can directly link signals from the I/O units to the CPU for data control and access.

The functionality found in the Southbridge includes:

  • PCI Bus The PCI bus support includes the traditional PCI specification, but may also include support for PCI Express.
  • LPC Bridge The LPC Bridge provides a data and control path to the Super I/O (the normal attachment for the keyboard, mouse, parallel port, serial port, and floppy controller) and FWH (firmware hub which provides access to BIOS flash storage).
  • SPI Bus The SPI bus is a simple serial bus mostly used for firmware(e.g.,BIOS) flash storage access.
  • SMBus The SMBus is used to communicate with other devices on the motherboard (e.g., system temperature sensors, fan controllers).
  • DMA Controller The DMA controller allows LPC devices direct access to main memory without needing help from the CPU.
  • Interrupt Controller The interrupt controller provides a mechanism for attached devices to get attention from the CPU.
  • Mass Storage Controllers such as SATA. This typically allows direct attachment of system hard drives.
  • Real-Time Clock The real time clock provides a persistent time account.
  • Power Management (APM and ACPI ). The APM or ACPI functions provide methods and signaling to allow the computer to sleep or shut down to save power.
  • Non-volatile System Memory The system CMOS, assisted by battery supplemental power, creates a limited non-volatile storage area for system configuration data.
  • AC’97 or Intel High Definition Audio sound interface.

Trusted Platform Module (TPM)

Trusted Platform Module offers facilities for the secure generation of cryptographic keys, and limitation of their use, in addition to a hardware pseudo-random number generator. It also includes capabilities such as remote attestation and sealed storage. “Remote attestation” creates a nearly unforgeable hash key summary of the hardware and software configuration. The extent of the summary of the software is decided by the program encrypting the data. This allows a third party to verify that the software has not been changed. “Binding” encrypts data using the TPM endorsement key, a unique RSA key burned into the chip during its production, or another trusted key descended from it. “Sealing” encrypts data similar to binding, but in addition specifies a state in which the TPM must be in order for the data to be decrypted (unsealed).

A Trusted Platform Module can be used to authenticate hardware devices. Since each TPM chip has a unique and secret RSA key burned in as it is produced, it is capable of performing platform authentication. For example, it can be used to verify that a system seeking access is the expected system.

Generally, pushing the security down to the hardware level in conjunction with software provides more protection than a software-only solution that is more easily compromised by an attacker. However even where a TPM is used, a key is still vulnerable while a software application that has obtained it from the TPM is using it to perform encryption/decryption operations, as has been illustrated in the case of a cold boot attack.