Erik Bjorge

Researchers from Intel's Platform Armoring and Resiliency team will walk through the evolution of various firmware threat models as a result of the low-level skill advancement of software and hardware adversaries. In response, TianoCore added new in the UEFI Development Kit 2018 (UDK2018) release, along with enhancing existing security features.

This session provides real-world examples of several attack classes along with effective mitigation techniques against them. Topics include an introduction to platform security, an update on changes to the UEFI threat model, and a walkthrough of a critical Unified Extensible Firmware Interface (UEFI) security features (ex: HTTPS boot, pre-boot DMA protection using VT-d, guard page protection for potential stack/heap overflows).

CHIPSEC is a security research and validation tool implemented in Python that allows for low-level access to hardware. The powerful scripting capabilities can be used for some tasks, including verification of security mitigations as well future security research. This workshop will provide an overview of the existing tool architecture and how to write modules and tools. Modules will focus on using CHIPSEC for verification of firmware mitigations. Tools will focus on using CHIPSEC to stress the system and perform tasks such as fuzzing interfaces.

CHIPSEC is one tool used to help verify that systems meet basic security best practices. In general, this tool works with the threat model used by Unified Extensible Firmware Interface (UEFI) based firmware. However, other firmware may have different threat models that will cause failures in different CHIPSEC modules. This session is a brief overview of the different types of failures that may be seen and the limitations of the tool.