Q
Problem solve Get help with specific problems with your technologies, process and projects.

How can platform firmware be protected from attacks?

The NIST published guidance on building up platform firmware resiliency. Expert Judith Myerson looks at the NIST guidelines and the major takeaways for enterprises.

The National Institute of Standards and Technology, or NIST, published a draft version of the Platform Firmware...

Resiliency Guidelines earlier in 2017. What does this NIST publication recommend to protect firmware against destructive attacks?

To protect firmware against destructive boot and runtime attacks, the NIST provides guidelines for supporting the resiliency of platform firmware. The guidelines address the issue of firmware that was not properly implemented, such as in a traditional x86 platform of personal computer clients and network devices. The guidelines focus on protecting the platform against unauthorized changes and recovering from attacks rapidly.

To ensure a computing system can be operated free from malware, firmware code and critical data must be uncorrupted. Firmware code is a set of instructions used by any device's processing unit to perform operations on the device. Critical data includes configuration settings and policies, including the system's boot order, for instance.

Firmware update images must be authenticated and authorized when applied to platform devices such as embedded controllers, host processors and network interface controllers. Authentication is provided by the device or system manufacturer. Authorization from the device or system owner is needed to perform updates. Not all vendors provide platform firmware updates that can patch vulnerabilities, fix bugs or add new functionality.

Platforms are often comprised of multiple devices from different manufacturers and vendors. A platform may need multiple independent roots of trust and chains of trust to achieve complete platform firmware resiliency. A hard disk controller may have a separate microcontroller and firmware from the host platform. Both the hard disk controller and the host platform may need their own independent chain of trust for recovery if the critical data becomes corrupted.

Original equipment manufacturers and component/device suppliers can use the NIST guidelines to build platforms with stronger security mechanisms. System administrators, security professionals and users can use the guidelines to guide procurement and firmware update strategies.

Ask the expert:
Want to ask Judith Myerson a question about security? Submit your question now via email. (All questions are anonymous.)

This was last published in December 2017

Dig Deeper on Data security strategies and governance

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

What do you think about the NIST guidelines on protecting firmware?
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close