list of IoT/embedded OS firmware tools

I mostly focus on Platform Firmware, UEFI, ACPI, etc. I usually don’t focus too much on IoT/embedded OS firmware, even though I blog about them. But there’s a lot of tools for the latter, and I’ve not yet added a section for them in Awesome Firmware Security[1]. And I have 2 friends who need such a list. Below is first pass at searching old blog posts for tools. Will refine and add to Awesome Firmware Security later. Please leave a Comment to point out any other major tools of this category that I’ve missed.

https://firmwaresecurity.com/2016/08/25/firminator/ Hmm, it looks like the domain firminator.io is no longer valid.

[1] https://github.com/PreOS-Security/awesome-firmware-security/blob/master/README.md


Firmware security is main feature of new HP printers

Excerpting their press release:

HP Announces World’s Most Secure Printers: New HP LaserJets include built-in self-healing security features with protection down to the BIOS

HP today announced three new enterprise class LaserJet printers that deliver increased protection against malicious attacks. The stronger security is part of a broader HP strategy to provide the deepest security across PCs and printers. Printer security is a topic of growing importance. According to the Ponemon Institute, 64 percent of IT managers believe their printers are likely infected with malware. At the same time, 56 percent of enterprise companies ignore printers in their endpoint security strategy.(1) To help address this gap, HP is delivering its new HP LaserJet Enterprise printers and multi-function printers (MFPs) with industry-leading security features(2) built in, including:

* HP Sure Start enables detection of and self-healing recovery from malicious BIOS attacks, extending the same BIOS security protecting HP’s Elite line of PCs since 2013 to the new HP LaserJet Enterprise printers.
* Whitelisting ensures only known, good firmware can be loaded and executed on a printer.
* Run-time Intrusion Detection is a new feature providing in-device memory monitoring for malicious attacks. It was developed in partnership with Red Balloon Security, an embedded device security company started by researchers from Columbia University. The company has done extensive research for several government agencies, as well as private sector companies in industries such as telecommunications and controller systems.

These new features will be standard on new HP LaserJet Enterprise printers and OfficeJet Enterprise X printers with HP PageWide Technology going forward. With a firmware update, these three features can also be enabled on several HP LaserJet Enterprise printers available since April. In addition, Whitelisting and Run-time Intrusion Detection can be added to many existing HP LaserJet Enterprise printers and OfficeJet Enterprise X printers launched since 2011 through an HP FutureSmart service pack update. FutureSmart is HP firmware that helps protect customers’ investments in HP Enterprise printers by enabling delivery of new capabilities via updates.

It would be nice to see firmware security as a major feature of all new devices! 🙂

Full announcement:

HP printer firmware information page:


AMI MegaRAC gets DMTF Redfish support

This week at Intel Developer Forum (IDF), AMI showcased their MegaRAC manageability solutions. MegaRAC is AMI’s Remote Management Firmware family of products for both in-band and out-of-band management, including supporting IPMI, Intel AMT, AMD systems with DMTF DASH. Amongst the new features of MegaRAC SP-X are DMTF Redfish support, and Intel(R) Innovation Engine support.

I don’t know much about Intel’s new “Innovation Engine” is yet, so I’ll excerpt one paragraph from the AMI press release:

“The Innovation Engine is a small, embedded, Intel-architecture processor and I/O subsystem built into future Intel data center platforms,” said Lisa Spelman, General Manager of Data Center Marketing at Intel. “Firmware such as MegaRAC PM-X running on the IE can improve or differentiate the system-builders’ platforms in a wide range of ways, including manageability, cost reduction or security.”

Maybe this means that AMI is the second vendor to support Redfish, after HP?

Read AMI’s full press release here:



Firmware patents….

SPOILER ALERT: This post discusses patents. If you’re an employee at a company, ask your manager if you’re able to read this sort of information…..

I wonder how bad it’s going to get with firmware patents… Searching the patent databases, I find THOUSANDS with ‘firmware’, HUNDREDS with ‘UEFI’, and dozens with ‘coreboot’, and many for ACPI. For example, it appears that Microsoft has patented the ability to securely update firmware:

Microsoft: Secure Firmware Updates
US 20140068585 A1, CN 104603792 A, US 8898654 B2

This is just one example, all of the big OEMs, IHVs, and ISA vendors have patents left and right in this space. 😦

Are vendors able to build UEFI — or even coreboot — systems without lawyers from some of the big companies knocking on their door asking for royalties? Where is the firmware equivalent of the “Open Invention Network”, to help smaller vendors even use basic firmware functionality with lawyers looking to monetize everything? I wonder if the Maker movement or Open Hardware or Free Hardware is going to be able to survive this.


Intel ATR on firmware security threats

Jim Walter, Director of Advanced Threat Research for Intel Security, with contributions from Yuriy Bulygin and John Loucaides, wrote a blog for Dark Reading that summarizes some recent firmware attacks.

Vulnerable From Below: Attacking Hypervisors Using Firmware And Hardware
Malicious attacks with firmware privileges can compromise an entire system, so it is especially important to apply measures to reduce the risks.

Read the full article here:





Firmware at Intel Developer Forum

IDF, Intel’s Developer Forum, is happening shortly, August 18-20 (or so). It appears Brian and Vincent of Intel UEFI will be speaking, at least:

Vendors usually announce/release new things at their annual conferences, so I’m looking forward to seeing what Intel does… With 201 sessions, only a 2-minute glance at the schedule, here’s a teaser (but not all) of the more interesting presentations I noticed:

STTS001 — Firmware in the Data Center: Building a Modern Deployment Framework Using Unified Extensible Firmware Interface (UEFI) and Redfish REST APIs
STTS002 — Building a Firmware Component Ecosystem with the Intel® Firmware Engine
ACAS002 — Defense Against the Dark Arts – Introduction to Malware Research
STTS003 — Developing Best-in-Class Security Principles with Open Source Firmware
DCWC005 — Tech Chat: Trusted Networks in the Cloud – Attestation of Network Elements for Secure Cloud
ISGC003 — Tech Chat: A Primer on Intel® Software Guard Extensions (Intel® SGX)
SFTC003 — Tech Chat: Securing the Internet of Things with Intel® Micro Runtime (Intel® MRT)
ARCS003 — Intel® Architecture Code Name Skylake Deep Dive: Hardware-Based Security for Windows® 10
SPCS012 — Zoom-in on Your Code with Intel® Processor Trace and Supporting Tools
ISGC001 — Tech Chat: Intel® Security Controller – The Platform to Automate Your Security Application for Software-Defined Infrastructure
MAKE003 — Hands-on Maker Lab: Bring Up a MinnowBoard, the Intel® Atom™ Processor Based Open Hardware Platform
STTC003 — Tech Chat: Using Intel® Firmware Engine to Generate Simulated Platforms for Wind River Simics*
DCWC007 — Tech Chat: Differentiating Your Data Center Platforms in Firmware
ISGC003 — Tech Chat: A Primer on Intel® Software Guard Extensions (Intel® SGX)
SFTC003 — Tech Chat: Securing the Internet of Things with Intel® Micro Runtime (Intel® MRT)
SPCC002 — Tech Chat: A Wireless Smartphone-Based Pulmonary Function Analyzer
HSTS004 — Thunderbolt™ 3 Technology and USB-C*
INFS009 — Trusted Containers and VMs in Cloud Environments
ISGS004 — Biometric Authentication in Trusted Execution Environments
RPCS009 — Developer Training on Intel® Active Management Technology
SSDS004 — The Future of Storage Security