February 14, 2017
We are offering a training at LOPSA Cascadia IT Conference on Friday March 10th in Seattle, titled “Defending System Firmware.”
Register for the conference here: https://www.casitconf.org/casitconf17/register-now/
This is our first hands-on training, where you’ll be running the tools yourself, and we will see live test results.
Most enterprises only defend operating system and application software; system and peripheral firmware (eg., BIOS, UEFI, PCIe, Thunderbolt, USB, etc) has many attack vectors.
This workshop targets enterprise system administrators responsible for maintaining the security of their systems. The workshop is:
- an introduction to UEFI system firmware,
- an overview of the NIST secure BIOS platform lifecycle model of SP-(147,147b,155) and how to integrate that into normal enterprise hardware lifecycle management, and
- an introduction to the available open source firmware security tools created by security researchers and others, and how to integrate UEFI-based systems into the NIST lifecycle using available tools, to help protect your enterprise.
It will be a 3.5 hour presentation, and you can optionally can run some tests on your laptop:
- Intel CHIPSEC,
- Linux UEFI Validation distribution (LUV-live),
- FirmWare Test Suite live boot distribution (FWTS-live), and
- a few other tools.
Attendees trying to participate in the lab will need to have a modern Intel x86 or x64-based (not AMD), UEFI-based firmware, running Windows or Linux OS software. That means no AMD systems, no Apple Macbooks, no ARM systems. Any system used in the lab must have all data backed up, in case some tool bricks the device. Attendees should understand the basics of system hardware/firmware, be able to use a shell (eg, bash, cmd.exe, UEFI Shell), and able to use Python-based scripts.
Possible modifications: * Allow participants to use much-less interesting/useful VM only tests * Supply participants with Intel Minnowboard loaner equipment for the lab (very expensive!)
Target audience: System administrators, SRE, DevOps who work with Intel UEFI-based server hardware
Target Skill Level: Intermediate
Required Equipment: Intel UEFI-based system, preferably not as primary/sole machine (eg: an older, but UEFI laptop)