Firmware is the new frontier for platform security. It is safe to say that if your firmware is compromised, then your platform is compromised. The firmware sets up and maintains the platform’s hardware security capabilities and hands off control to the operating system securely. The firmware is integral to the platform and some or all of it is stored in non-volatile storage (like flash) directly attached to the platform. This makes it difficult to find malware embedded in firmware, difficult to mitigate its effects, because most firmware is essential to the boot process, and difficult to remediate.
In this paper, we look at a few ways you can use UEFI firmware and the Intel® System Resource Defense feature of the Intel Runtime BIOS Protection found in the 11th Gen Intel® Core™ Processor (codename Tiger Lake) when the firmware has been compromised.
First, we’ll look at two types of firmware attacks that are a serious threat to computing platforms today. Second, we’ll look at how the defense-in-depth strategy deals with these attacks. Third, we’ll show how 11th Gen Intel Core Processors and UEFI firmware are uniquely equipped to help end-users and IT administrators thwart these attacks.