Host Embedded Controller Interface

Host Embedded Controller Interface (HECI) is technology introduced in 2006 used for Active Management Technology (AMT) in Intel chipsets that support Core 2 Duo microprocessors.

Details
The HECI bus allows the host operating system (OS) to communicate directly with the Management Engine (ME) integrated in the chipset. This bi-directional, variable data-rate bus enables the host and ME to communicate system management information and events in a standards-compliant way, essentially replacing the System Management Bus (SMBus). The bus consists of four wires: a request and grant pair along with a serial transmit and receive data pair.

Original equipment manufacturers (OEMs) have historically provided active management technologies through the use of proprietary on-board controllers, such as Baseboard Management Controllers. These solutions typically suffer two main disadvantages due to their proprietary nature. High BOM costs are usually incurred due to the need for additional components and routing. High product lifecycle costs are incurred due to the non-standard implementation, which increases software and hardware design and validation costs while remaining relatively inflexible to future changes. On the other hand, the inflexibility is even greater with HECI due to coupling HECI with a chipset, and having to redevelop HECI software for each different chipset as opposed to one common BMC software for multiple chipsets.

HECI and the previously used SMBus have the following aspects in common: the Host OS is able to control system management devices such as: on-board fan controllers, remote wake devices such as Wake-on-LAN, power supply devices such as Smart Battery Data. Builtin HECI functionality and third-party management cards can allow the Host OS to directly initiate management events (such as remote wake, or, out-of-band throttling to decrease thermal and power profile) in case HECI is supported by the running OS. Example devices are network cards and graphics cards. Besides that, both HECI and other ME technologies are chipset/ME vendor-specific.

Host-Initiated Messages

 * Read battery status
 * Read thermal data
 * Enable/disable wake devices
 * Notify devices to change power state (thermal, performance, or power throttling)

Management Engine-Initiated Messages

 * Alert Host to battery event
 * Low or Critical battery level
 * Switch between A/C (wall socket power) and D/C (battery)
 * Alert Host to thermal event (Hot or Critical thermal trip)
 * Change Fan Speed
 * Detect network wake
 * Boot/Shutdown System
 * Detected Host Intrusion
 * Change boot device
 * Report system inventory

Example
As an example, assume the case of Wake-on-LAN. Traditionally, the OS controls Wake-on-LAN and must call third-party device drivers to enable support on a network card. With the HECI bus, the host is able to assert its request line (REQ#), the ME will assert its grant line (GNT#), and the host can send its message using its serial transmit signal. Upon receipt of the Wake-on-LAN enable message on HECI, the ME directly enables Wake-on-LAN in the integrated (or externally supported) network device. Without HECI drivers in the OS, Wake-on-LAN functionality is lost even if standard network drivers would be able to enable it. This is a major problem in large-scale enterprise deployments with standard software images.

When the magic wake packet is received by the LAN device, the encapsulated data is passed to the ME, which has its own TCP/IP stack and can decapsulate the packet. The ME then asserts its request line (REQ#), the host acknowledges by asserting grant (GNT#), and the message is passed to the host to initiate a wake event.

With this technology, the magic packet may be encapsulated in TCP packets thus allowing the packet to traverse network infrastructures via routers and thereby increasing the attack surface, something which traditional Wake-on-LAN does not enable. An advantage in Intel-centric deployments is that the solution does not require non-Intel drivers. If no host/ME interaction is needed, HECI and other ME technologies are OS independent.