I just noticed that the OWASP project, the Open source Web App Security Project, has an IoT project, and that project has a Firmware Analysis Project
“The Firmware Analysis Project is intended to provide security testing guidance for the IoT Attack Surface ‘Device Firmware'”.
Nothing specific to UEFI, coreboot, ACPI, SMM, etc. They are using the embedded OS definition of firmware.
https://www.owasp.org/index.php/OWASP_Internet_of_Things_Project#Firmware_Analysis
One thought on “OWASP IoT firmware guidance”