{"product_id":"building-secure-firmware-armoring-the-foundation-of-the-platform-paperback","title":"Building Secure Firmware: Armoring the Foundation of the Platform - Paperback","description":"\u003cp\u003eby \u003cb\u003eJiewen Yao\u003c\/b\u003e (Author), \u003cb\u003eVincent Zimmer\u003c\/b\u003e (Author)\u003c\/p\u003e\u003cp\u003eUse this book to build secure firmware.\u003cbr\u003eAs operating systems and hypervisors have become successively more hardened, malware has moved further down the stack and into firmware. Firmware represents the boundary between hardware and software, and given its persistence, mutability, and opaqueness to today's antivirus scanning technology, it represents an interesting target for attackers.\u003c\/p\u003e\u003cp\u003eAs platforms are universally network-connected and can contain multiple devices with firmware, and a global supply chain feeds into platform firmware, assurance is critical for consumers, IT enterprises, and governments. This importance is highlighted by emergent requirements such as NIST SP800-193 for firmware resilience and NIST SP800-155 for firmware measurement.\u003c\/p\u003e \u003cp\u003eThis book covers the secure implementation of various aspects of firmware, including standards-based firmware--such as support of the Trusted Computing Group (TCG), Desktop Management Task Force (DMTF), and Unified Extensible Firmware Interface (UEFI) specifications--and also provides code samples and use cases. Beyond the standards, alternate firmware implementations such as ARM Trusted Firmware and other device firmware implementations (such as platform roots of trust), are covered.\u003c\/p\u003e \u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003e\u003cb\u003eWhat You Will Learn\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003c\/p\u003e\u003cul\u003e\n\u003cli\u003eGet an overview of proactive security development for firmware, including firmware threat modeling\u003c\/li\u003e\n\u003cli\u003eUnderstand the details of architecture, including protection, detection, recovery, integrity measurement, and access control\u003c\/li\u003e\n\u003cli\u003eBe familiar with best practices for secure firmware development, including trusted execution environments, cryptography, and language-based defenses\u003c\/li\u003e\n\u003cli\u003eKnow the techniques used for security validation and maintenance\u003c\/li\u003e\n\u003c\/ul\u003e\u003cb\u003e\u003cb\u003e\u003cbr\u003e\u003c\/b\u003eWho This Book Is For\u003c\/b\u003e\u003cb\u003e\u003cbr\u003e\u003c\/b\u003eGiven the complexity of modern platform boot requirements and the threat landscape, this book is relevant for readers spanning from IT decision makers to developers building firmware\u003cb\u003e\u003cbr\u003e\u003c\/b\u003e\u003ch3\u003eBack Jacket\u003c\/h3\u003e\u003cp\u003eUse this book to build secure firmware.\u003cbr\u003eAs operating systems and hypervisors have become successively more hardened, malware has moved further down the stack and into firmware. Firmware represents the boundary between hardware and software, and given its persistence, mutability, and opaqueness to today's antivirus scanning technology, it represents an interesting target for attackers.\u003c\/p\u003e\u003cp\u003eAs platforms are universally network-connected and can contain multiple devices with firmware, and a global supply chain feeds into platform firmware, assurance is critical for consumers, IT enterprises, and governments. This importance is highlighted by emergent requirements such as NIST SP800-193 for firmware resilience and NIST SP800-155 for firmware measurement.\u003c\/p\u003e\u003cp\u003eThis book covers the secure implementation of various aspects of firmware, including standards-based firmware--such as support of the Trusted Computing Group (TCG), Desktop Management Task Force (DMTF), and Unified Extensible Firmware Interface (UEFI) specifications--and also provides code samples and use cases. Beyond the standards, alternate firmware implementations such as ARM Trusted Firmware and other device firmware implementations (such as platform roots of trust), are covered.\u003c\/p\u003e\u003cp\u003eYou will: \u003c\/p\u003e\u003cp\u003e\u003c\/p\u003e\u003cul\u003e\n\u003cli\u003eGet an overview of proactive security development for firmware, including firmware threat modeling\u003c\/li\u003e\n\u003cli\u003eUnderstand the details of architecture, including protection, detection, recovery, integrity measurement, and access control\u003c\/li\u003e\n\u003cli\u003eBe familiar with best practices for secure firmware development, including trusted execution environments, cryptography, and language-based defenses\u003c\/li\u003e\n\u003cli\u003eKnow the techniques used for security validation and maintenance\u003c\/li\u003e\n\u003c\/ul\u003e\u003cb\u003e\u003cbr\u003e\u003c\/b\u003e\u003ch3\u003eAuthor Biography\u003c\/h3\u003e\u003cp\u003e\u003cb\u003eJiewen Yao\u003c\/b\u003e is a principal engineer in the Intel Architecture, Graphics, and Software Group. He has been engaged as a firmware developer for over 15 years. He is a member of the UEFI Security sub team, and the TCG PC Client sub working group. He has presented at industry events such as the Intel Developer Forum, UEFI Plugfest, and RSA conference. He worked with co-author Vincent Zimmer to publish 30 \"A Tour Beyond BIOS\" technical papers for tianocore.org and firmware.intel.com. He holds 40 US patents.\u003c\/p\u003e\u003cp\u003e\u003cb\u003eVincent Zimmer\u003c\/b\u003e is a senior principal engineer in the Intel Architecture, Graphics, and Software Group. He has been engaged as a firmware developer for over 25 years and leads the UEFI Security sub team. He has presented at industry events such as the Open Source Firmware Conference, Linux Fest Northwest, Intel Developer Forum, UEFI Plugfest, Open Compute Project Summit, BlackHat Las Vegas, BSides Seattle, Toorcon, and Cansecwest. In addition to collaborating with Jiewen Yao on many white papers, he has co-authored several books on firmware, papers, and over 400 issued US patents.\u003c\/p\u003e\u003cdiv\u003e\n\u003cstrong\u003eNumber of Pages:\u003c\/strong\u003e 930\u003c\/div\u003e\u003cdiv\u003e\n\u003cstrong\u003eDimensions:\u003c\/strong\u003e 1.9 x 10 x 7 IN\u003c\/div\u003e\u003cdiv\u003e\n\u003cstrong\u003eIllustrated:\u003c\/strong\u003e Yes\u003c\/div\u003e\u003cdiv\u003e\n\u003cstrong\u003ePublication Date:\u003c\/strong\u003e October 28, 2020\u003c\/div\u003e","brand":"Books by splitShops","offers":[{"title":"Default Title","offer_id":47413349646514,"sku":"9781484261057","price":59.38,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0770\/3891\/1666\/files\/2fd65a0c832adb3bbcf1a4bbbf0c57d3.webp?v=1778347647","url":"https:\/\/box.dadyminds.org\/products\/building-secure-firmware-armoring-the-foundation-of-the-platform-paperback","provider":"DADYMINDS BOX","version":"1.0","type":"link"}