DocumentCode
3268680
Title
Too young to be secure: Analysis of UEFI threats and vulnerabilities
Author
Bashun, Vladimir ; Sergeev, A. ; Minchenkov, Victor ; Yakovlev, Alex
Author_Institution
St. Petersburg State Univ. of Aerosp. Instrum., St. Petersburg, Russia
fYear
2013
fDate
11-15 Nov. 2013
Firstpage
16
Lastpage
24
Abstract
Unified Extensible Firmware Interface (UEFI) is a software interface between an operating system and platform firmware designed to replace a traditional BIOS. In general, UEFI has many technical advantages over BIOS (pre-OS environment, boot and run-time services, CPU-independent drivers etc.) including also powerful security mechanisms (e.g. secure boot, update, etc.). They are aimed to provide platform integrity, be root of trust of security architecture, control all stages of boot process until it pass control to authenticated OS kernel. From the other side UEFI technology is the focus of many new potential threats and exploits and presents new vulnerabilities that must be managed. The main goal of this research is to provide analysis of the UEFI security issues, find the point and source of the security problems and classify them. The paper describes the architectural and implementation troubles of UEFI which lead to threats, vulnerabilities and attacks. It also includes extensive review of the previous research activities in this area and the results of our own experiments. As the result of the work some recommendation about how to make this young technology more safe and secure are provided.
Keywords
firmware; operating system kernels; trusted computing; BIOS; CPU-independent drivers; UEFI attacks; UEFI security issues; UEFI technology; UEFI threats; UEFI vulnerabilities; authenticated OS kernel; boot process; boot services; operating system; platform firmware; platform integrity; powerful security mechanisms; preOS environment; run-time services; security architecture; security problems; software interface; trust; unified extensible firmware interface; Hardware; Kernel; Malware; Microprogramming; Read only memory; Boot firmware; Bootkit; Rootkit; UEFI Secure Boot;
fLanguage
English
Publisher
ieee
Conference_Titel
Open Innovations Association (FRUCT), 2013 14th Conference of
Conference_Location
Espoo
ISSN
2305-7254
Type
conf
DOI
10.1109/FRUCT.2013.6737940
Filename
6737940
Link To Document