https://echo360.org/media/5fef9dbf-3c2a-4fa3-bfba-8f507847aefc/public

https://newsroom.intel.com/news/rsa-2019-intel-partner-ecosystem-offer-new-silicon-enabled-security-solutions/

Coreboot + TPM + Heads.

https://puri.sm/posts/pureboot-the-high-security-boot-process/

https://docs.puri.sm/PureBoot.html

https://www.phoronix.com/scan.php?page=news_item&px=Purism-PureBoot

https://twitter.com/lattera/status/1092959249011924992

This shows how to update BIOS on a FreeBSD-based environment:

https://github.com/lattera/articles/blob/master/hardware/apu/2019-02-05_flashing_bios/article.md

Super UEFIinSecureBoot Disk

Super UEFIinSecureBoot Disk is a bootable image with GRUB2 bootloader designed to be used as a base for recovery USB flash drives. Key feature: disk is fully functional with UEFI Secure Boot mode activated. It can launch any operating system or .efi file, even with untrusted, invalid or missing signature.

https://github.com/ValdikSS/Super-UEFIinSecureBoot-Disk

There’s a new short document on setting up UEFI Tianocore development environment, it is Windows-centric:

https://github.com/MinnowWare/HowTo-setup-an-UEFI-Development-PC

see-also: https://github.com/tianocore/tianocore.github.io/wiki/Windows-systems

https://twitter.com/_jsoo_/status/1099845953287204865

B2R2: Building an Efficient Front-End for Binary Analysis
Rapidly Mitigating Vulnerabilities with Security Workarounds
A Cross-Architecture Instruction Embedding Model for Natural Language Processing-Inspired Binary Code Analysis
Binary Mutation Analysis of Tests Using Reassembleable Disassembly
CLIK on PLCs! Attacking Control Logic with Decompilation and Virtual PLC
Enhancing Symbolic Execution by Machine Learning Based Solver Selection
Symbolic Path Tracing to Find Android Permission-Use Triggers
Towards Automatically Generating a Sound and Complete Dataset for Evaluating Static Analysis Tools
Performance, Correctness, Exceptions: Pick Three

https://rev.fish/bar2019/

Intel announced plans today to open-source a new firmware security testing tool named HBFA –or the Host-based Firmware Analyzer. The new project, a security testing tool for UEFI-based firmware, will be formally introduced at next week’s RSA 2019 security conference that will be held in San Francisco.[…]

https://www.zdnet.com/article/intel-open-sources-hbfa-app-to-help-with-firmware-security-testing/

We encourage anybody involved in the open source semiconductor engineering space to come along and give share your work or experience. Presentations slots as short as 3 minute lightning-talks up to 30 minute talks with Q and A are available. So if you’ve designed, worked on or even just used open source IP cores and/or management systems, verification IP, build flows, SoCs, simulators, synthesis tools, FPGA and ASIC implementation tools, languages and DSLs, compilers, or anything related we’d love to have you join us to share your experience.

https://fossi-foundation.org/2019/02/24/announcing-latchup-portland

https://fossi-foundation.org/latchup/

There’s an URL to the rom.bin at the end of the article.

https://stragedevices.blogspot.com/2019/02/finding-verified-intel-atom-msrs-in.html

https://review.coreboot.org/c/coreboot/+/29563

https://eclypsium.com/2019/01/26/the-missing-security-primer-for-bare-metal-cloud-services/

https://twitter.com/osxreverser/status/1100410945107505153

The Thunderclap vulnerabilities are security flaws that affect the way modern computers interact with peripheral devices such as network cards, storage, and graphics cards. These vulnerabilities allow an attacker with physical access to a Thunderbolt port to compromise a target machine in a matter of seconds, running arbitrary code at the highest privilege level and potentially gaining access to passwords, banking logins, encryption keys, private files, browsing and other data. Attacks exploiting these vulnerabilities can also be carried out by seemingly innocuous peripherals like chargers and projectors that correctly charge or project video but simultaneously compromise the host machine. The Thunderclap platform is a hardware/software stack for research into the security of computer peripherals and their interaction with operating systems. It was used to discover the Thunderclap vulnerabilities and develop proof-of-concept exploits. […]
The Thunderclap platform consists of an FPGA that runs the Thunderclap application. The FPGA then plugs into a computer via PCI Express or Thunderbolt. The Thunderclap application makes the FPGA behave to the computer like a genuine Ethernet card (the Intel 82574L network interface card or NIC). The operating system will identify the ethernet peripheral, load drivers, allow the device to access memory (via DMA and an IOMMU if enabled), and ask it to send and receive packets. With this deep interaction with the operating system, Thunderclap’s device model provides hooks that allow payload functions to be added to device behavior. For example, when the operating system asks the NIC to send a packet, it provides the NIC with the address of the data to send. A payload function might search nearby memory looking for plaintext data that was intended for a different network device.

Homepage

thunderclap.io/thunderclap-paper-ndss2019.pdf

https://github.com/thunderclap-io

The project presents the most complete and thoroughly tested formal semantics of x86-64 to date. Our semantics faithfully formalizes all the non-deprecated, sequential user-level instructions of the x86-64 Haswell instruction set architecture. This totals 3155 instruction variants, corresponding to 774 mnemonics. The semantics is fully executable and has been tested against more than 7,000 instruction-level test cases and the GCC torture test suite.

https://github.com/kframework/X86-64-semantics

see-also:

http://www.kframework.org/index.php/Main_Page
https://runtimeverification.com/blog/k-framework-an-overview/
https://github.com/davidlazar/llvm-semantics

x86-assembly-cheat:
x86 IA-32 and x86-64 userland minimal examples tutorial. Hundreds of runnable asserts. Nice GDB setup. IO done with libc, so OS portable in theory. NASM and GAS covered. Tested in Ubuntu 18.04. Containers (ELF), linking, calling conventions.

https://github.com/cirosantilli/x86-assembly-cheat

arm-assembly-cheat:
ARMv7 and ARMv8 assembly userland minimal examples tutorial. Runnable asserts on x86 hosts with QEMU user mode or natively on an ARM guests. Nice GDB step debug setup. Tested on Ubuntu 18.04 host and Raspberry Pi 2 and 3 guests.

https://github.com/cirosantilli/arm-assembly-cheat

https://github.com/jyao1/edk2/commit/76bf50d8954a79fbec3d73ece7a7dab7c9938a33

https://bugzilla.tianocore.org/show_bug.cgi?id=1521