Understanding the UEFI Secure Boot Chain
1.0.0
Search…
⌃K
1.0.0
Understanding the UEFI Secure Boot Chain
1.0.0
Search…
⌃K
Understanding UEFI Secure Boot Chain
Executive Summary
Overview
Secure Boot Chain in UEFI
Additional Secure Boot Chain Implementations
Looking Forward – Platform Firmware Resiliency
Glossary
References
Figures
Figure 1-1: Clark-Wilson model, From Lee
Figure 2-1: UEFI Secure Boot
Figure 2-2: Image Verification flow
Figure 2-3: Image Verification with timestamp signature database
Figure 2-4: Intel® Boot Guard diagram credit CYBER-RESILIENCY IN CHIPSET AND BIOS
Figure 2-5: Secure Boot Verification Flow
Figure 2-6: Intel® BIOS Guard
Figure 3-1: Linux MOK Boot, source: UEFI Secure Boot Webinar
Figure 3-2: coreboot Verified Boot
Figure 3-3: Android Verified Boot 1.0 without A/B source: Android Verified Boot 2.0
Figure 3-4: Android Verified Boot 1.0 with A/B source: Android Verified Boot 2.0
Figure 3-5: Android Verified Boot 2.0 source: Android Verified Boot 2.0
Figure 4-1: Component and Trust Chain, from NIST SP800-193
Figure 4-2: High-level View of PCIe® Component Authentication
Figure 4-3: Cerberus power on sequence source: “Project Cerberus Hardware Security
Figure 4-4: Cerberus boot flow source: “Project Cerberus Hardware Security"
Figure 4-5: Cerberus recovery flow source: “Project Cerberus Hardware Security"
Figure 4-6: Cerberus firmware update source: “Project Cerberus Hardware Security"
Figure 4-7: Intel® PFR Overview source: csdn.net
Figure 4-8: Intel® PFR boot flow source: csdn.net
Figure 4-9: Intel® PFR Reset Sequence source: csdn.net
Figure 4-10: Titan System Integration
Figure 4-11: Titan Verified Boot
Figure 4-12: Lattice PFR source: latticesemi.com/pfr
Powered By
GitBook
Figure 2-6: Intel® BIOS Guard
Previous
Figure 2-5: Secure Boot Verification Flow
Next
Figure 3-1: Linux MOK Boot, source: UEFI Secure Boot Webinar
Last modified
2yr ago
