JavaScript is disabled for your browser. Some features of this site may not work without it.
Attention submitters: Web accessibility policy to take effect October 15, 2019
For more information, please see our web accessibility policy and web accessibility help for submitters.
For more information, please see our web accessibility policy and web accessibility help for submitters.
Malicious Code Detection for Open Firmware
Abstract
Malicious boot firmware is a largely unrecognized but significant security risk to our global information infrastructure. Since boot firmware executes before the operating system is loaded, it can easily circumvent any operating system-based security mechanism. Boot firmware programs are typically written by third-party device manufacturers and may come from various suppliers of unknown origin. In this paper we describe an approach to this problem based on load-time verification of onboard device drivers against a standard security policy designed to limit access to system resources. We also describe our ongoing effort to construct a prototype of this technique for Open Firmware boot platforms.
Date Issued
2002-09-27Publisher
Cornell University
Subject
computer science; technical report
Previously Published As
http://techreports.library.cornell.edu:8081/Dienst/UI/1.0/Display/cul.cs/TR2002-1875
Type
technical report