Brussels / 2 & 3 February 2019

schedule

CHIPSEC on non-UEFI Platforms

Using CHIPSEC to harden firmware against attacks & exploits


CHIPSEC is a firmware threat assessment tool used to help verify systems meet basic security best practices. The tool’s threat model is based UEFI, so other firmware threat models may cause failures in CHIPSEC modules. This session is a brief overview of the CHIPSEC, limitations of the tool, interpreting failures seen on different firmware implementations, and information on developing new test modules.

CHIPSEC is a firmware threat assessment tool used to help verify systems meet basic security best practices. CHIPSEC runs under Microsoft Windows, Linux, Mac OS X, and the UEFI Shell. The tool’s threat model is primarily based on Unified Extensible Firmware Interface (UEFI). However, other firmware may have different threat models that will cause failures in different CHIPSEC modules. This session is a brief overview of the CHIPSEC, limitations of the tool, failures seen on different types of firmware, and information on developing new test modules in Python.

Speakers

Photo of Brian Richardson Brian Richardson

Links