Understanding the UEFI Secure Boot Chain
Understanding the UEFI Secure Boot Chain
Understanding the UEFI Secure Boot Chain
Understanding the UEFI Secure Boot Chain
Understanding UEFI Secure Boot Chain
Executive Summary
Overview
Secure Boot Chain in UEFI
Additional Secure Boot Chain Implementations
Looking Forward – Platform Firmware Resiliency
Platform Firmware Resiliency
Device Firmware Boot
Device Firmware Update
Project Cerberus
Intel® Platform Firmware Resilience (Intel® PFR)
Google Titan
Other Platform Firmware Resiliency (PFR) Implementations
Glossary
References
Figures
Powered by GitBook

Project Cerberus

As part of the Open Compute Project (OCP), Project Cerberus defines a hierarchical Root of Trust (RoT) architecture. All active components are required to support both hardware and firmware combined identifing through the Device Identifier Composition Engine (DICE).

Figure 4-3 thru 4-6 describe the power on sequence, boot flow, recovery flow, and firmware update flow.

Figure 4-3: Cerberus power on sequence (source: “Project Cerberus Hardware Security”)

Figure 4-4: Cerberus boot flow (source: “Project Cerberus Hardware Security”)

Figure 4-5: Cerberus recovery flow (source: “Project Cerberus Hardware Security”)

Figure 4-6: Cerberus firmware update (source: “Project Cerberus Hardware Security”)

The concept of Cerberus is similar to Intel® Boot Guard., but there are several key differences:

  1. Intel® Boot Guard uses Microcode as RoT, while Cerberus uses a dedicated RoT device.

  2. Intel® Boot Guard can mitigate hardware bus attacks.

  3. Intel® Boot Guard only verifies the host system firmware, while Cerberus verifies all boot firmware (platform firmware, BMC, etc.)

  4. Cerberus defines a detailed flow for update and recovery.

Table 4-3: Cerberus Boot

Item

Entity

Provider

Location

TP

Boot Firmware Verification (in Cerberus Microcontroller)

OEM

Flash (Read Only Code), Device ROM.

CDI

Cerberus Microcontroller

OEM

Flash (Read Only Code), Device ROM.

Boot Firmware Signature Database (Policy)

OEM

Flash (Read Only Data), ROM

UDI

Boot Firmware (BMC, Firmware)

OEM/IHV

Flash (Read Only Data) – active area

Table 4-4: Cerberus Recovery

Item

Entity

Provider

Location

TP

Boot Firmware Verification (in Cerberus Microcontroller)

OEM

Flash (Read Only Code), Device ROM.

CDI

Cerberus Microcontroller

OEM

Flash (Read Only Code), Device ROM.

Boot Firmware Signature Database (Policy)

OEM

Flash (Read Only Data), ROM

UDI

Boot Firmware Recovery (BMC, Firmware)

OEM/IHV

Flash (Read Only Data) - recovery area

Table 4-5: Cerberus Firmware Update

Item

Entity

Provider

Location

TP

Boot Firmware Verification (in Cerberus Microcontroller)

OEM

Flash (Read Only Code), Device ROM.

CDI

Cerberus Microcontroller

OEM

Flash (Read Only Code), Device ROM.

Boot Firmware Signature Database (Policy)

OEM

Flash (Read Only Data), ROM

UDI

Boot Firmware (BMC, Firmware)

OEM/IHV

Flash (Read Only Data) – staging area

Previous
Device Firmware Update
Next
Intel® Platform Firmware Resilience (Intel® PFR)
Last updated 11 months ago
Edit on GitHub
Contents
Figure 4-3: Cerberus power on sequence (source: “Project Cerberus Hardware Security”)
Figure 4-4: Cerberus boot flow (source: “Project Cerberus Hardware Security”)
Figure 4-5: Cerberus recovery flow (source: “Project Cerberus Hardware Security”)
Figure 4-6: Cerberus firmware update (source: “Project Cerberus Hardware Security”)