If you were wondering why the T2 chip in the new iMac Pro could force a DFU restore in extreme cases (like power failure during an update), that’s because the chip plays an important security role in the high-end machine …
MacWorld has an interesting look at the surprising number of tasks carried out by the chip.
On most Macs, there are discrete controllers for audio, system management and disk drives. But the T2 handles all these taks. The T2 is responsible for controlling the iMac Pro’s stereo speakers, internal microphones, and dual cooling fans, all by itself.
But it’s the security functionality that causes the chip to lock down the machine if something doesn’t look right.
When you start up the iMac Pro, the familiar Apple logo appears almost immediately. This is a sign that the T2 is taking control. For security reasons, the T2 is the iMac Pro hardware’s “root of trust,” and it validates the entire boot process when the power comes on. The T2 starts up, checks things out, loads its bootloader, verifies that it’s legitimate and cryptographically signed by Apple, and then moves on to the next part of the boot process.
A failed update could cause the T2 to see macOS as compromised, refusing to permit a boot-up attempt.
It’s also the reason that the SSD will be unreadable if removed from the machine.
As for the disk controller? There isn’t one—or more accurately, the disk controller is built into the T2 itself. This gives the T2 complete control over internal storage on the iMac Pro. This has some major benefits in terms of speed and security. Every bit of data stored on an iMac Pro’s SSD is encrypted on the fly by the T2, so that if a nefarious person tried to pull out the storage chips and read them later, they’d be out of luck.
If you really dislike the slight risk of the chip bricking your machine until it can be restored by another one, you can switch off the protection.
The whole piece is an interesting read.