國立虎尾科技大學 |

Building Secure Firmware = Armoring the Foundation of the Platform /

Record Type:	Language materials, printed : Monograph/item
Title/Author:	Building Secure Firmware/ by Jiewen Yao, Vincent Zimmer.
Reminder of title:	Armoring the Foundation of the Platform /
Author:	Yao, Jiewen.
other author:	Zimmer, Vincent.
Description:	XXX, 930 p. 423 illus.online resource. :
Contained By:	Springer Nature eBook
Subject:	Data protection. -
Online resource:	https://doi.org/10.1007/978-1-4842-6106-4
ISBN:	9781484261064

Building Secure Firmware = Armoring the Foundation of the Platform /
Yao, Jiewen.

Building Secure FirmwareArmoring the Foundation of the Platform /[electronic resource] :by Jiewen Yao, Vincent Zimmer. - 1st ed. 2020. - XXX, 930 p. 423 illus.online resource.

Part I: Overview -- Chapter 1: Introduction to Firmware -- Chapter 2: Proactive Firmware Security Development -- Part II: Security Architecture -- Chapter 3: Firmware Resilience - Protection -- Chapter 4: Firmware Resilience - Detection -- Chapter 5: Firmware Resilience – Recovery -- Chapter 6: OS Resilience -- Chapter 7: Trusted Boot -- Chapter 8: Device Security -- Chapter 9: S3 Resume -- Chapter 10: Access Control -- Chapter 11: Configuration -- Chapter 12: Security Model -- Chapter 13: Virtual Firmware -- Part III: Security Development -- Chapter 14: General Coding Practice -- Chapter 15: Compiler Defensive Technology -- Chapter 16: The Kernel -- Chapter 17: Trusted Execution Environment -- Chapter 18: Silicon Security Configuration -- Chapter 19: Cryptography -- Chapter 20: Programming Language -- Part IV: Security Test and Maintenance -- Chapter 21: Security Unit Test -- Chapter 22: Security Validation and Penetration -- Chapter 23: Maintenance.

Use this book to build secure firmware. As operating systems and hypervisors have become successively more hardened, malware has moved further down the stack and into firmware. Firmware represents the boundary between hardware and software, and given its persistence, mutability, and opaqueness to today’s antivirus scanning technology, it represents an interesting target for attackers. As platforms are universally network-connected and can contain multiple devices with firmware, and a global supply chain feeds into platform firmware, assurance is critical for consumers, IT enterprises, and governments. This importance is highlighted by emergent requirements such as NIST SP800-193 for firmware resilience and NIST SP800-155 for firmware measurement. This book covers the secure implementation of various aspects of firmware, including standards-based firmware—such as support of the Trusted Computing Group (TCG), Desktop Management Task Force (DMTF), and Unified Extensible Firmware Interface (UEFI) specifications—and also provides code samples and use cases. Beyond the standards, alternate firmware implementations such as ARM Trusted Firmware and other device firmware implementations (such as platform roots of trust), are covered. You will: Get an overview of proactive security development for firmware, including firmware threat modeling Understand the details of architecture, including protection, detection, recovery, integrity measurement, and access control Be familiar with best practices for secure firmware development, including trusted execution environments, cryptography, and language-based defenses Know the techniques used for security validation and maintenance.

ISBN: 9781484261064

Standard No.: 10.1007/978-1-4842-6106-4doiSubjects--Topical Terms:

557764
Data protection.

LC Class. No.: QA76.9.A25

Dewey Class. No.: 005.8

Building Secure Firmware = Armoring the Foundation of the Platform /
LDR:03979nam a22003855i 4500 001 1018070
003 DE-He213
005 20201027074846.0
007 cr nn 008mamaa
008 210318s2020 xxu| s |||| 0|eng d
020 $a 9781484261064 $9 978-1-4842-6106-4
024 7 $a 10.1007/978-1-4842-6106-4 $2 doi
035 $a 978-1-4842-6106-4
050 4 $a QA76.9.A25
072 7 $a UR $2 bicssc
072 7 $a COM053000 $2 bisacsh
072 7 $a UR $2 thema
082 0 4 $a 005.8 $2 23
100 1 $a Yao, Jiewen. $e author. $4 aut $4 http://id.loc.gov/vocabulary/relators/aut $3 1312995
245 1 0 $a Building Secure Firmware $h [electronic resource] : $b Armoring the Foundation of the Platform / $c by Jiewen Yao, Vincent Zimmer.
250 $a 1st ed. 2020.
264 1 $a Berkeley, CA : $b Apress : $b Imprint: Apress, $c 2020.
300 $a XXX, 930 p. 423 illus. $b online resource.
336 $a text $b txt $2 rdacontent
337 $a computer $b c $2 rdamedia
338 $a online resource $b cr $2 rdacarrier
347 $a text file $b PDF $2 rda
505 0 $a Part I: Overview -- Chapter 1: Introduction to Firmware -- Chapter 2: Proactive Firmware Security Development -- Part II: Security Architecture -- Chapter 3: Firmware Resilience - Protection -- Chapter 4: Firmware Resilience - Detection -- Chapter 5: Firmware Resilience – Recovery -- Chapter 6: OS Resilience -- Chapter 7: Trusted Boot -- Chapter 8: Device Security -- Chapter 9: S3 Resume -- Chapter 10: Access Control -- Chapter 11: Configuration -- Chapter 12: Security Model -- Chapter 13: Virtual Firmware -- Part III: Security Development -- Chapter 14: General Coding Practice -- Chapter 15: Compiler Defensive Technology -- Chapter 16: The Kernel -- Chapter 17: Trusted Execution Environment -- Chapter 18: Silicon Security Configuration -- Chapter 19: Cryptography -- Chapter 20: Programming Language -- Part IV: Security Test and Maintenance -- Chapter 21: Security Unit Test -- Chapter 22: Security Validation and Penetration -- Chapter 23: Maintenance.
520 $a Use this book to build secure firmware. As operating systems and hypervisors have become successively more hardened, malware has moved further down the stack and into firmware. Firmware represents the boundary between hardware and software, and given its persistence, mutability, and opaqueness to today’s antivirus scanning technology, it represents an interesting target for attackers. As platforms are universally network-connected and can contain multiple devices with firmware, and a global supply chain feeds into platform firmware, assurance is critical for consumers, IT enterprises, and governments. This importance is highlighted by emergent requirements such as NIST SP800-193 for firmware resilience and NIST SP800-155 for firmware measurement. This book covers the secure implementation of various aspects of firmware, including standards-based firmware—such as support of the Trusted Computing Group (TCG), Desktop Management Task Force (DMTF), and Unified Extensible Firmware Interface (UEFI) specifications—and also provides code samples and use cases. Beyond the standards, alternate firmware implementations such as ARM Trusted Firmware and other device firmware implementations (such as platform roots of trust), are covered. You will: Get an overview of proactive security development for firmware, including firmware threat modeling Understand the details of architecture, including protection, detection, recovery, integrity measurement, and access control Be familiar with best practices for secure firmware development, including trusted execution environments, cryptography, and language-based defenses Know the techniques used for security validation and maintenance.
650 0 $a Data protection. $3 557764
650 1 4 $a Security. $3 1114130
700 1 $a Zimmer, Vincent. $e author. $4 aut $4 http://id.loc.gov/vocabulary/relators/aut $3 1263865
710 2 $a SpringerLink (Online service) $3 593884
773 0 $t Springer Nature eBook
776 0 8 $i Printed edition: $z 9781484261057
776 0 8 $i Printed edition: $z 9781484261071
856 4 0 $u https://doi.org/10.1007/978-1-4842-6106-4
912 $a ZDB-2-CWD
912 $a ZDB-2-SXPC
950 $a Professional and Applied Computing (SpringerNature-12059)
950 $a Professional and Applied Computing (R0) (SpringerNature-43716)