Europe's SecNumCloud Ignores Intel ME Silicon Risk
Key insights
- Intel ME and AMD PSP operate at Ring-3, below every OS and hypervisor, outside SecNumCloud scope but inside US jurisdiction.
- SecNumCloud certifies cloud architecture and legal sovereignty but has no framework for evaluating processor firmware or chip-level supply chains.
- Security researchers are divided on exploitability, though nation-state threat actors with persistent sub-OS access represent a credible risk scenario.
Why this matters
European cloud operators certified under SecNumCloud may be unknowingly hosting infrastructure that US authorities could theoretically access through Intel ME or AMD PSP, regardless of contractual or legal data sovereignty guarantees. AI workloads concentrated on sovereign clouds, from national AI training clusters to classified government inference pipelines, inherit this hardware-layer exposure, making the gap directly relevant to AI infrastructure decisions across the EU. The story signals that the next phase of AI sovereignty debates will move below the software stack, forcing cloud procurement teams and regulators to grapple with silicon supply chain provenance in ways existing frameworks are not built to handle.
Summary
Europe's SecNumCloud certification was designed to wall off US legal reach from European cloud infrastructure. It does that. But Intel Management Engines and AMD Platform Security Processors sit inside every certified server at Ring-3, below the OS, outside certification scope, and under US jurisdiction.
SecNumCloud certifies the cloud. Nobody certifies the silicon.
Essentially: (Intel, AMD) supply a persistent sub-OS layer that Europe's sovereign frameworks never evaluated.
- Intel ME and AMD PSP operate below hypervisors and host OS controls, executing code independently of the host.
- SecNumCloud covers legal sovereignty and cloud architecture, not processor firmware provenance.
- Nation-state adversaries are the plausible threat model here; network isolation is an incomplete defense.
Hardware supply chains don't honor sovereignty frameworks written above them.
Potential risks and opportunities
Risks
- European cloud operators certified under SecNumCloud, including OVHcloud and Deutsche Telekom's Open Telekom Cloud, face reputational and contractual liability if a nation-state Intel ME exploit surfaces against a sovereign workload
- EU AI Act compliance teams building on SecNumCloud-certified infrastructure may need to retroactively assess hardware provenance, adding cost and delay to AI deployment pipelines relying on sovereign compute guarantees
- ANSSI and European regulators face pressure to expand SecNumCloud scope within 12 to 18 months, potentially requiring costly hardware audits or firmware replacement cycles from cloud operators mid-certification
Opportunities
- Security vendors specializing in firmware and BMC analysis, including Eclypsium and Binarly, are positioned to offer Intel ME and AMD PSP audit services to SecNumCloud-certified operators facing new certification pressure
- Open-source hardware efforts, including RISC-V-based servers and Raptor Computing's OpenPOWER platforms, gain a concrete policy argument for EU procurement preference as silicon sovereignty becomes a regulatory requirement
- EU Chips Act funding streams could accelerate toward processor designs with auditable management engines, creating a funded market for indigenous European chip security IP and displacing Intel ME and AMD PSP dependency over a 5 to 10 year horizon
What we don't know yet
- Whether ANSSI, France's cybersecurity agency and administrator of SecNumCloud, has internally assessed Intel ME and AMD PSP risk and what that assessment concluded
- Whether any EU member state AI compute procurement has been re-evaluated or paused pending a hardware-layer sovereignty review since the article's May 2026 publication
- No public CVE or confirmed nation-state exploit of Intel ME in a sovereign cloud environment has been disclosed as of May 2026, leaving exploitability an open empirical question
Originally reported by theregister.com
Read the original article →Original headline: The Register: Europe Built Sovereign Clouds to Escape US Law — Then Left US Silicon's Ring-3 Management Engines Inside