Building Secure Firmware
Armoring the Foundation of the Platform
Paperback Engels 2020 9781484261057Samenvatting
Use this book to build secure firmware.
As operating systems and hypervisors have become successively more hardened, malware has moved further down the stack and into firmware. Firmware represents the boundary between hardware and software, and given its persistence, mutability, and opaqueness to today’s antivirus scanning technology, it represents an interesting target for attackers.As platforms are universally network-connected and can contain multiple devices with firmware, and a global supply chain feeds into platform firmware, assurance is critical for consumers, IT enterprises, and governments. This importance is highlighted by emergent requirements such as NIST SP800-193 for firmware resilience and NIST SP800-155 for firmware measurement.
This book covers the secure implementation of various aspects of firmware, including standards-based firmware—such as support of the Trusted Computing Group (TCG), Desktop Management Task Force (DMTF), and Unified Extensible Firmware Interface (UEFI) specifications—and also provides code samples and use cases. Beyond the standards, alternate firmware implementations such as ARM Trusted Firmware and other device firmware implementations (such as platform roots of trust), are covered.
What You Will Learn
-Get an overview of proactive security development for firmware, including firmware threat modeling
-Understand the details of architecture, including protection, detection, recovery, integrity measurement, and access control
-Be familiar with best practices for secure firmware development, including trusted execution environments, cryptography, and language-based defenses
-Know the techniques used for security validation and maintenance
Who This Book Is For
Given the complexity of modern platform boot requirements and the threat landscape, this book is relevant for readers spanning from IT decision makers to developers building firmware
Specificaties
Lezersrecensies
Inhoudsopgave
Chapter 1: Introduction Security
Threat Model
Design
Validation
Chapter 2: Introduction Host Firmware
Industry Standard
Boot Flow / Phase hand-off
Minimal Firmware Requirement
Hardware ROT
CPU/silicon init
PCI resource allocation.
prepare platform info (memmap/ACPI)
Jump to OS.
Runtime Interface (SMM, UEFI Runtime, ASL)
General Principle - Protect / Detect / Recovery
Part 2: Boot Security
Chapter 3: Firmware Resilience - Protection
Flash Lock
Flash Wear out
Capsule Flow (*)
Signed Update
Chapter 4: Firmware Resilience - Detection
Boot Flow (*)
Intel Boot Guard
OBB Verification
UEFI Secure Boot
Local
Remote
TXT- SX
(coreboot)
Chapter 5: Firmware Resilience – Recovery
Recovery Flow (*)
Signed Recovery
Top Swap
Rollback, SVNs
Chapter 6: OS/Loader Resilience
Platform Recovery
OS Recovery
(Android Verified Boot)
Chapter 7: Trusted Boot
Measured Boot Flow (*)
SRTM (Boot Guard)
DRTM (TXT)
TPM1.2/2.0
Physical Presence
MOR / Secure MOR
Chapter 8: Authentication
User Authentication
HDD Password
OPAL Password
Chapter 9: S3 resume
S3 resume flow (*)
LockBox
Chapter 10: Device Security
PCI Bus (*)
DMA protection
Device Measurement
Device Authentication
Device firmware update
Chapter 11: Silicon Security Configuration
Flash SPI lock
SMM Lock
BAR Lock
Chapter: Supply Chain (Vincent)
OEM/ODM/BIOS vendor/IHV
Open source
Fingerprinting
Manufacturing flow to shipment
Part 3: Data Security
Chapter 12: UEFI Kernel
DXE/PEI Core (*)
Heap Guard
Stack Guard
NX protection
Enclave
Chapter 13: Management Mode
SMM Core (*)
SMM Communication (*)
StandaloneMM (*)
MMIO Protection
Secure SMM Communication
Intel Runtime Resilience
STM (SMI Transfer Monitor)
Chapter: UEFI Variable (Vincent)
Authentication
Variable Lock
Variable Check
Variable Quota Management
Confidentiality
Integrity and Rollback
TPM Binding
RPMB
RPMC
Part 4: Miscellaneous
Chapter 14: General Coding Practice
Buffer Overflow
Banned API
Integer Overflow
SafeInt lib
Chapter: Cryptograph (Vincent)
Hash usage in firmware
Encryption usage in firmware
Signing & verification usage in firmware
Chapter 15: Compiler Defensive Technology
Stack Cookie
Non-Executable
Address Space Randomization
Control Flow Integrity (CFI) / Control Flow Enforcement (CET)
Runtime Check (stack/un-initialized data/integer overflow)
Chapter: Race Condition (Vincent)
BSP/AP handling in UEFI
BSP/AP handling in SMM
TOC/TOU
Chapter 16: Information Leak
Side Channel
MDS
SMM
Chapter 17: Programming Language
C Language
Rust Language
Part: Security Test
Chapter 18: HBFA
Hardware Emulation
Security Unit Test
Fuzzing (AFL)
Static analysis
Chapter 19: chipsec
Configuration Check
SMI Fuzzing
Variable fuzzing
Whitelisting/Blacklisting
Part 5: Other
Chapter 20: Conclusion
Part 6: Appendices
Secure coding checklist
Secure review checklist
API summary
Part 7: References
Rubrieken
- advisering
- algemeen management
- coaching en trainen
- communicatie en media
- economie
- financieel management
- inkoop en logistiek
- internet en social media
- it-management / ict
- juridisch
- leiderschap
- marketing
- mens en maatschappij
- non-profit
- ondernemen
- organisatiekunde
- personal finance
- personeelsmanagement
- persoonlijke effectiviteit
- projectmanagement
- psychologie
- reclame en verkoop
- strategisch management
- verandermanagement
- werk en loopbaan
