There's a big debate on at the moment about whether to
adopt historical, insecure-by-design 'standards' into the
next generation of cloud server systems. ACPI, and the whole
PC firmware blob mess, are attack vectors that we cannot ever
fix. We should not design them into the systems that we and
others will depend on being trustworthy.
So it looks like this is about servers, and not (necessarily?) phones.
Well, on x86 there is already SMM and it predates ACPI by years. I believe that ARM SBSA is targeted at only servers, where even HP don't restrict access to firmware updates that solve security bugs.
(edit: formatting)