2018-09-15 –, Lightning
CHIPSEC is one tool used to help verify that systems meet basic security best practices. In general, this tool works with the threat model used by Unified Extensible Firmware Interface (UEFI) based firmware. However, other firmware may have different threat models that will cause failures in different CHIPSEC modules. This session is a brief overview of the different types of failures that may be seen and the limitations of the tool.
Maggie Jauregui is a Security Researcher for the Platform Armoring and Resiliency team at Intel Corporation. Maggie focuses on firmware security. She has presented her research at conferences such as DEF CON, CanSecWest, DerbyCon, Grace Hopper, BSidesPDX, and UEFI Plugfest.
Brian Richardson is Technical Evangelist & Senior Technical Marketing Engineer at Intel.
He has spent most of his career as a “BIOS guy,” working on the firmware that quietly boots billions of computers. He has focused on the industry transition to the Unified Extensible Firmware Interface (UEFI) and supporting the TianoCore open source community. Brian has presented at various conferences and seminars, including LinuxCon and Embedded Systems Conference. When he’s not talking about firmware at conferences, Brian takes photos of his travels and procrastinates on various video projects.
- UDK2018 Security Feature Roundup
- Building Open Source Unified Extensible Firmware Interface (UEFI) Firmware with EFI Development Kit II (EDK II)
- Debugging Unified Extensible Firmware Interface (UEFI) Firmware under Linux
- Writing CHIPSEC Modules & Tools
- Implementing MicroPython as an Unified Extensible Firmware Interface (UEFI) Test Framework
Erik Bjorge is a Firmware Engineer working in the Platform Armoring and Resiliency team at Intel Corporation. Erik has been developing system firmware at Intel since 2000. Erik is also a contributor and one of the maintainers of the CHIPSEC open source project https://github.com/chipsec/chipsec. Erik has also presented at the 2018 UEFI Plugfest on firmware security.