Europe’s sovereign‑cloud programmes and the hidden processor backdoors

Regulatory action → What it requires → Compliance timeline

Regulation / Programme	Effective date	Core requirement	How it treats the silicon layer
IPCEI‑CIS (Important Projects of Common European Interest – Cloud and Information Services)	1 Jan 2024 (funding decision)	Funding for data‑center infrastructure that must be operationally independent from non‑EU providers.	No explicit hardware‑level assessment; compliance is limited to network‑segmentation, data‑encryption and legal autonomy.
SecNumCloud (French ANSSI certification)	1 July 2014 (initial version) – latest version 3.2 published 2022	~1 200 technical controls covering encryption, access‑control, incident‑response and extraterritorial‑law immunity (Chapter 19).	The specification mentions “hardware must be trusted” but does not require verification of Ring ‑3 management engines (Intel CSME, AMD PSP).
RISAA (Reforming Intelligence and Securing America Act) – U.S. amendment to FISA	15 Oct 2024 (enacted) – two‑year term expired 20 Apr 2026, extended 45 days	Treats hardware manufacturers as “electronic communications service providers” subject to secret orders with gag clauses.	Directly impacts any processor that ships with a management engine; EU providers cannot block a RISAA order that targets the silicon itself.
EU Cybersecurity Act (Regulation (EU) 2019/881)	27 Jun 2019	Establishes EU‑wide cybersecurity certification schemes; encourages member states to adopt sector‑specific schemes.	Allows member states to create schemes (e.g., SecNumCloud) but does not mandate a hardware‑root‑of‑trust assessment.

Why the silicon layer matters

1. Ring ‑3 management engines – Intel’s Converged Security and Management Engine (CSME) and AMD’s Platform Security Processor (PSP) run on a separate microcontroller inside the CPU package. They have their own memory, clock, network stack and can issue traffic using the host’s MAC/IP addresses.
2. Legal exposure – RISAA expands U.S. jurisdiction to hardware manufacturers. A secret FISA‑702 order could compel Intel or AMD to enable a back‑door in the ME/PSP, bypassing any EU legal shield.
3. Technical exposure – The engines expose ports such as 16992‑16995 (Intel AMT) and a proprietary AMD management channel. Even when the host OS is powered off, the engines remain in low‑power mode, draining batteries and staying reachable on the network.

What the current EU frameworks do not require

• No firmware‑integrity verification of the ME/PSP code base.
• No mandatory disable‑by‑default clause for AMT/AMD‑SVM features.
• No requirement for out‑of‑band monitoring of traffic that originates inside the processor.
• No legal provision to compel the silicon vendor to provide a “clean‑room” firmware build that is free of U.S. legal obligations.

Practical steps for compliance officers

Action	Description	Deadline (based on framework updates)
Perform a hardware risk assessment	Use tools such as Eclypsium or CHIPSEC to verify the firmware version of ME/PSP and whether remote‑management features are enabled.	Must be completed before the next SecNumCloud audit (expected Q3 2026).
Disable or lock down management engines	For Intel, set the ME to “disable” via the BIOS and revoke default AMT credentials; for AMD, apply the PSP lockdown firmware released by the vendor.	Immediate for new procurements; retro‑fit existing fleet within 180 days of the 2026 SecNumCloud revision.
Network segmentation	Place all servers with Intel/AMD silicon in a VLAN that blocks outbound ports 1699x and any unknown TLS flows to external IPs.	Align with the next quarterly security review (June 2026).
Legal clause in contracts	Insert a clause requiring the supplier to provide evidence that no RISAA‑type secret order has been acted upon on the delivered hardware.	Must be negotiated before contract award (typically Q2 2026).
Supply‑chain provenance	Prefer hardware that ships with an open‑source root of trust (e.g., RISC‑V or OpenTitan‑based secure elements) and that can be audited under the EU’s Trusted Computing Base (TCB) guidelines.	Long‑term; start pilot projects in 2027.

How the gap could be closed in the future

• EU‑wide hardware certification – The European Commission is drafting a “Trusted Silicon” scheme (expected draft release early 2027) that would require manufacturers to provide a transparent firmware supply chain and to certify that Ring ‑3 engines are either disabled or controllable by the customer.
• Mandating open‑source root‑of‑trust – Projects such as OpenTitan are being referenced in the upcoming EU “Secure Elements” roadmap. While OpenTitan does not replace the main CPU, it can provide an independent attestation path that is not subject to the ME/PSP.
• Regulatory amendment to RISAA – EU diplomatic channels are lobbying for a reciprocal amendment that would prohibit U.S. orders targeting hardware used in EU‑certified sovereign clouds.

Bottom line for EU CIOs and policymakers

• The legal shield offered by SecNumCloud and IPCEI‑CIS is effective only up to the OS and hypervisor layer. The processor’s management engine remains a legal and technical blind spot.
• Operational controls (firmware lockdown, network segmentation, strict contract clauses) can reduce the attack surface to a level that only highly resourced nation‑state actors could exploit, as argued by Prof. Aurélien Francillon.
• Risk‑tolerant organisations may accept that residual exposure, but any entity handling highly classified or critical public‑sector data should treat the ME/PSP as an unmitigated risk until a dedicated EU hardware‑certification regime is in place.

---

For further reading:

• Intel Security Advisory INTEL‑SA‑00391 (2023) – details on ME vulnerabilities.
• AMD SEV‑SNP “Fabricked” attack paper (April 2026) – demonstrates PSP exploitability.
• ANSSI technical position paper on confidential computing (Oct 2025) – outlines limits of SGX/TDX/SEV‑SNP for sovereignty.
• European Commission draft “Trusted Silicon” framework (public consultation, Jan 2027).