Please note: the training ticket does not include access to the conference. Similarly, the conference ticket does not grant access to the trainings. If you have any questions, reach out to us.
Training Objectives:
- The primary purpose of this training is to equip participants with in-depth knowledge and practical skills to assess the security of UEFI-compliant firmware implementation and configuration.
- The focus will be on a deep understanding of the UEFI Secure Boot state machine, its modes, and its policy, enabling participants to secure the boot process against vulnerabilities.
- To protect UEFI Secure Boot, we will go down the chain of trust up to Intel Boot Guard to understand its role, how Intel Root of Trust is configured in the production environment, and potential flaws that can be found in the wild.
- The course includes hands-on experience with hardware and emulated environments, analysis of common attacks, and integration of advanced security mechanisms.
Training Detailed Description:
Day 1 - Introduction and Fundamentals
Welcome and Introduction
- Course objectives and overview
- Introduction to x86 boot flow, UEFI, Root of Trust, and Chain of Trust Technologies
Hardware Theory of Operation
- Overview of hardware theory, including flashing firmware, recovery methods, and reading from serial
- Hands-On Exercise: Basic firmware flashing and recovery procedures
Introduction to UEFI Secure Boot
- Basic understanding of UEFI Secure Boot mechanisms
- Importance and functionality in the boot process
- Hands-On Exercise: Initial setup and configuration of UEFI Secure Boot in an emulated environment
Day 2 - Deep Dive into UEFI Secure Boot
UEFI Secure Boot: Advanced Concepts
- Detailed exploration of UEFI Secure Boot mechanisms
- Managing and utilizing UEFI Variables and Authenticated Variables
- Hands-On Lab: Advanced configuration and management of UEFI Secure Boot
Exploration of various implementations of UEFI Secure Boot
- Practical implementation on actual hardware (Odroid H4+)
- Hands-On Lab: UEFI Secure Boot with vendor BIOS and open-source firmware
UEFI Secure Boot in practice
- Signing OS Loaders and Applications for production environments
- Option ROMs challanges.
- The role of the UEFI revocation list and shim SBAT
- Provisioning, configuration, and maintenance using various open-source tools
- Hands-On Lab: Practical security assessment and maintenance of UEFI Secure Boot
- Overview of attack surfaces and vulnerabilities
- Case studies: PKfail, BlackLotus, BootHole, and other notable CVEs
- Hands-On Exercise: Simulating and analyzing attacks in a controlled environment
- Detailed exploration of Root of Trust concepts
- Overview of Intel Boot Guard and its significance
- Hands-On Exercise: Implementing Root of Trust in an emulated environment
- Processes and procedures for provisioning Root of Trust in modern hardware platforms
- Case study: Intel Alder Lake N security features and provisioning
- Hands-On Lab: Provisioning Root of Trust, configuring security settings and whole chain of trust assessment
- Embedded Developers: Professionals developing embedded systems who need to implement secure boot mechanisms and understand the root of trust technologies
- Firmware Developers: Developers working on firmware who need to secure the boot process and manage UEFI Variables effectively.
- Platform and System Architects: Architects responsible for designing secure systems, ensuring that security principles are integrated into the boot process and system architecture.
- Medical and Defense Product Owners: Product owners in the medical and defense sectors who need to ensure the highest level of security in their products, particularly in securing the boot process.
- Hardware Hackers: Enthusiasts and professionals who explore hardware systems, aiming to understand and protect against security vulnerabilities in firmware.
- Pen Testers: Penetration testers focusing on low-level security who assess the security of hardware and firmware components, including UEFI Secure Boot.
- Operating Systems Security Researchers, Developers, and Maintainers
- Running Windows, Linux, or macOS
- Minimum 16GB RAM
- At least 20GB of free disk space
- At least one free USB port
- VirtualBox (latest version)
- OVA Image with Ubuntu (provided before the training)
- Any additional hardware required for the training, including the Odroid H4+
- Detailed installation instructions for VirtualBox and other required software will be provided before the training
- The OVA image will be pre-configured with the necessary tools and software
- Ensure all software is installed and tested prior to the training to avoid delays
- Support will be available on the first day for troubleshooting setup issues
- The trainer is familiar only with the Linux environment and cannot support debugging issues on Windows or macOS systems
- The default operating system for training will be Ubuntu 24.04 LTS running in VM.
- Fluency in the Linux command line and essential command-line tools. Working experience in the shell.
- Basic understanding of git and build tools (gcc, make) in the command line.
- Familiarity with basic text editors like Vim or Nano.
- Basic understanding of C.
- Basic understanding of cryptography.
- Familiarity with embedded hardware (UART, SPI).
- Lab Manual: A comprehensive lab manual detailing the course agenda, step-by-step instructions for all practical exercises, and troubleshooting tips.
- OVA Image with Ubuntu: A pre-configured OVA image with Ubuntu 24.04 LTS, pre-installed with all necessary tools and software required for the training.
- Preparation Checklist: This checklist helps participants complete all necessary preparations before the course starts, including software installations and basic configurations.
- Odroid H4+ Hardware: Provided by the trainer for the purpose of the course hands-on exercises.
- USB Pen Drive: Pre-loaded with necessary files and tools for the training exercises.
Day 3 - Chain of Trust Assessment, Integration, and Provisioning
Analysis of Popular Attacks on UEFI Secure Boot
Root of Trust and Chain of Trust Technologies
Provisioning Root of Trust in Modern Hardware
Who Should Attend? | Target Audience:
The following job roles are expected to benefit the most from this training:
What to Bring? | Software and Hardware Requirements:
Attendees should bring the following for the training:
Own Laptop:
Software:
Provided by Trainer:
NOTE
What to Bring? | Prerequisite Knowledge and Skills:
Resources Provided at the Training | Deliverables:
Before the Course
During the Course
ABOUT THE TRAINERS
Piotr Król is an open-source firmware enthusiast who founded 3mdeb in March 2015. His expertise is rooted in the hacker ethos of collaborative innovation and transparency, guiding 3mdeb's focus on projects like Zarhus OS, a Yocto-based Embedded Linux distribution, and Dasharo, a coreboot downstream project. These projects are dedicated to open development, embedded firmware resilience, platform security, transparency, the right to repair, and digital sovereignty.
