[…]Last week at Google Cloud Next ’19, we announced the general availability of Shielded VM—virtual machine instances that are hardened with a set of easily configurable security features that assure you that when your VM boots, it’s running a verified bootloader and kernel. Shielded VM can help you protect your system from attack vectors like: Malicious guest OS firmware, including malicious UEFI extensions,
Boot and kernel vulnerabilities in guest OS, and Malicious insiders within your organization.[…]
https://cloud.google.com/shielded-vm/
Firmware Security 