Read Paper (in PDF)
Frank Adelstein and Matt Stillerman
ATC-NY
USA
Dexter Kozen
Cornell University
USA
Malicious boot firmware is a largely unrecognized but significant security risk to our national information infrastructure. Since boot firmware executes before the operating system is loaded, it can easily circumvent any operating system-based security mechanism. Boot firmware programs are typically written by third-party device manufacturers and may come from various suppliers of unknown origin. In this paper we describe an approach to this problem based on load-time verification of onboard device drivers against a standard security policy designed to limit access to system resources.
Keywords: Malicious Code, Boot Firmware, Open Firmware, language-based security, verification