Dell Firmware Security: Past, Present and Future
Justin Johnson
Dell
Tracing the history of firmware security in Dell BIOS, I will discuss the current implementation of security technologies in Dell BIOS, how we got here, motivations for protecting the BIOS the way we do, and new technologies that the OpenXT community should be aware of. I will cover TPM measurements, what we measure and why; UEFI Secure Boot and how to configure in Dell BIOS setup; Intel BootGuard and its role in protecting the BIOS; transitioning technologies in the last two years and what’s changing in the next two, including pre-boot VT-d and Windows 10 SystemGuard.
⏭ | |
🔎 | Boot Integrity · OpenXT |
⬇ | Slides |
References
- NIST SP 800-147 Bios Protection Guidelines (2011)
- Intel Hardware-based Security Technologies (2013)
- UEFI Specifications
- TCG EFI Platform Specification 1.20 for TPM 1.2 (2006)
- Hardening with Hardware: How Windows is using hardware to improve security (2018)
Related
- Rick Martinez — Dell Client BIOS: Signed Firmware Update (2013)
- Rick Martinez — BIOS hash verification (2017)