Signed Recovery

NIST SP800-193 defines three principles supporting platform resiliency:
  • Protection,
  • Detection
  • Recovery
Signed UEFI capsule update and Intel® BIOS Guard provide these protections. Intel® Boot Guard and OBB verification provide detection. If firmware corruption is detected, the firmware can perform recovery to prevent a permanent denial of service (PDOS) attack. EDK II implements a signed recovery (see Table 2-10).
Table 2-10: Firmware Recovery Verification
Firmware Recovery Verification
Originally on flash, loaded into DRAM.
Firmware Recovery TCB Code
Originally on flash, loaded into DRAM.
Firmware Recovery Signature Database (Policy)
Originally on flash, loaded into DRAM.
Firmware Recovery Package
Originally on external storage (e.g. Hard drive, USB, Memory, or Flash), loaded into DRAM


The UDI is provided a new firmware image, the same as the UEFI Capsule Update implementation. The entire firmware binary must be signed using the OEM private key.

Public Key Storage

The OEM public key should be embedded in the original firmware & recovery launcher module.


If firmware corruption is detected during boot, the recovery boot path is triggered. In this scenario, TP is the firmware recovery launcher module. This module loads the recovery image from a known source and verifies the signature. If TP passes verification, the recovery image is loaded and the recovery launcher module transfers control to the recovery image. If recovery verification fails, the recovery image is discarded and the recovery launcher attempts to locate additional recovery images. If all recovery images fail verification, the recovery process is aborted.
NOTE: The signed recovery image itself may be updatable even if it is on the flash region.