On This Page

System Firmware Attack and Defense for the Enterprise

Eclypsium Inc. & Intel Corporation | August 4-7



Overview

A variety of attacks targeting system firmware have been discussed publicly, drawing attention to interaction with system firmware components. This includes operating system loaders, secure boot mechanisms, runtime interfaces, and system management mode (SMM). This training will detail and organize objectives, attack vectors, vulnerabilities, and protection mechanisms in this fascinating environment.

The training includes two parts.
1. Present a structured approach to system firmware security analysis and mitigations through lecture and hands-on exercises to test system firmware for vulnerabilities. After the training, students will have basic understanding of platform hardware components, system firmware components, attacks against system firmware, and available mitigations. Students can apply this knowledge to identify firmware vulnerabilities and perform forensic analysis.
2. Apply concepts to an enterprise environment. Using an understanding of security issues, students explore potential risks to operational environments including both supply chain and remote malware attacks. Students will perform assessments and basic forensic analysis of potential firmware attacks.

Who Should Take this Course

This training is designed for IT security professionals, or anyone with strong security background, who are interested in understanding and assessing security of system firmware.

Student Requirements

Understanding of x86 platform hardware and firmware fundamentals is welcome, but not required. A moderate understanding of the Linux command line environment is expected.

Students should bring a PC laptop with UEFI-based firmware and a UEFI-enabled operating system (ex: Microsoft Windows 10*, macOS*). Students will need to be comfortable booting and running software from the provided USB thumb drives.

What Students Should Bring

Students should bring a PC laptop with UEFI-based firmware and a UEFI-enabled operating system (ex: Microsoft Windows 10*, macOS*). Students will need to be comfortable booting and running software from the provided USB thumb drives.

What Students Will Be Provided With

All necessary equipment and software necessary will be provided. This includes the MinnowBoard platform, open source EDK II firmware package, bootable USB drives, and tools for firmware analysis.

Trainers

Brian Richardson is an Intel technical evangelist who has spent most of his career as a "BIOS guy" working on the firmware that quietly boots billions of computers. Brian has focused on the industry transition to the Unified Extensible Firmware Interface (UEFI), demystifying how firmware works and simplifying firmware development tools. Brian has presented at conferences including LinuxCon, Linaro Connect, Bsides and Intel Developer Forum. When he's not blogging for the Intel Software Evangelists project, Brian shoots videos and photos of his travel around the world.

John Loucaides is a Security Researcher for Intel Software, specializing in firmware.

Eclypsium CEO and Founder Yuriy Bulygin has led the Advanced Threat Research team at Intel Security and microprocessor security analysis team at Intel Corporation. He also created CHIPSEC, open-source firmware and hardware security assessment framework.

Eclypsium CTO and Founder Alex Bazhaniuk has been performing security research and product security for a number of years at Intel Corporation. Alex presented his research at well-known security conferences and teaches popular trainings in firmware security. Previously, he co-founded the first DEF CON group in Ukraine.