Esc

System Firmware Verification

Definition

Cryptographically verifying installed system firmware integrity.

How it works

Cryptographic hash values are computed for system firmware. The hash values are compared against precomputed firmware hash values to determine if the firmware has been tampered with.

When system firmware verification fails a set of predefined responses is typically invoked. The responses may direct the system to disable some devices or operations.

Considerations

Requires the use of system provided security modules
Secure hash values will need to be computed for firmware

json

References

All

Patent

Guideline

The following references were used to develop the System Firmware Verification knowledge-base article.

(Note: the consideration of references does not imply specific functionality exists in an offering.)

Methods and systems for hardware and firmware security monitoring

Reference Type: Patent Organization: ECLYPSIUM , Inc Author: Yuriy Bulygin, Oleksandr Bazhaniuk

Source: https://patents.google.com/patent/US20200074086A1/en

Platform Firmware Resiliency Guidelines

Reference Type: Guideline Organization: NIST Author: NIST

Source: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-193.pdf

D3FEND^™

A knowledge graph of cybersecurity countermeasures