Cover image for Building Secure Firmware: Armoring the Foundation of the Platform

Building Secure Firmware: Armoring the Foundation of the Platform

Author Jiewen Yao , Vincent Zimmer
Release Date: 2020/10/01
Topic:
0%
30
Chapters
0-1
Hours read
0k
Total Words
    Start Reading Now    
       Add to Wishlist       
View table of contents

Book Description

Use this book to build secure firmware.

As operating systems and hypervisors have become successively more hardened, malware has moved further down the stack and into firmware. Firmware represents the boundary between hardware and software, and given its persistence, mutability, and opaqueness to today’s antivirus scanning technology, it represents an interesting target for attackers.

As platforms are universally network-connected and can contain multiple devices with firmware, and a global supply chain feeds into platform firmware, assurance is critical for consumers, IT enterprises, and governments. This importance is highlighted by emergent requirements such as NIST SP800-193 for firmware resilience and NIST SP800-155 for firmware measurement.

This book covers the secure implementation of various aspects of firmware, including standards-based firmware—such as support of the Trusted Computing Group (TCG), Desktop Management Task Force (DMTF), and Unified Extensible Firmware Interface (UEFI) specifications—and also provides code samples and use cases. Beyond the standards, alternate firmware implementations such as ARM Trusted Firmware and other device firmware implementations (such as platform roots of trust), are covered.


What You Will Learn

  • Get an overview of proactive security development for firmware, including firmware threat modeling
  • Understand the details of architecture, including protection, detection, recovery, integrity measurement, and access control
  • Be familiar with best practices for secure firmware development, including trusted execution environments, cryptography, and language-based defenses
  • Know the techniques used for security validation and maintenance

Who This Book Is For

Given the complexity of modern platform boot requirements and the threat landscape, this book is relevant for readers spanning from IT decision makers to developers building firmware

Table of Contents

  1. Cover
  2. Front Matter
  3. Part I. Overview
    1. 1. Introduction to Firmware
    2. 2. Proactive Firmware Security Development
  4. Part II. Security Architecture
    1. 3. Firmware Resiliency: Protection
    2. 4. Firmware Resiliency: Detection
    3. 5. Firmware Resiliency: Recovery
    4. 6. OS Resiliency
    5. 7. Trusted Boot
    6. 8. Device Security
    7. 9. S3 Resume
    8. 10. Access Control
    9. 11. Configuration
    10. 12. Security Model
    11. 13. Virtual Firmware
  5. Part III. Security Development
    1. 14. Firmware Secure Coding Practice
    2. 15. Compiler Defensive Technology
    3. 16. The Kernel
    4. 17. Trusted Execution Environment
    5. 18. Silicon Secure Configuration
    6. 19. Cryptography
    7. 20. Programming Language
  6. Part IV. Security Test
    1. 21. Security Unit Test
    2. 22. Security Validation and Penetration Test
    3. 23. Maintenance
  7. Back Matter
18.217.84.171