Firmware is the new frontier for platform security. It is safe to say that if your firmware is compromised, then your platform is compromised. The firmware sets up and maintains the platform’s hardware security capabilities and hands off control to the operating system securely.
In this paper, we look at a few ways you can use Insyde Software’s UEFI firmware and the Intel® System Resource Defense feature of the Intel Runtime BIOS Protection found in the 11th Gen Intel® Core™ Processor (codename Tiger Lake) when the firmware has been compromised. Either an attacker’s unauthorized code is executing in the firmware or authorized code in the firmware is executing badly under the attacker’s control. How can the user or IT administrator limit the damage and respond?