U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

This is an archive
(replace .gov by .rip)

How Do You Protect Firmware from Attacks? Follow these Guidelines! NIST Releases Special Publication 800-193, Platform Firmware Resiliency Guidelines
May 04, 2018

Modern computing and information technology systems are built upon a variety of hardware components, many of which rely on firmware and configuration data to drive their behavior. Firmware is a type of software that provides low-level control for the device's hardware. This software is written in the hardware’s nonvolatile memory and is thus saved when the hardware is turned off or loses its external power source. Almost all electronic devices contain some firmware, and this firmware is often permanently installed and cannot be changed. As a result, updating the firmware of a device may rarely or never be done during its lifetime.

NIST announces the release of Special Publication 800-193, Platform Firmware Resiliency Guidelines, a document that provides technical guidelines and recommendations supporting resiliency of the collection of hardware and firmware components of a computer system, also called the platform. These guidelines describe security mechanisms for protecting the platform against unauthorized changes, detecting unauthorized changes that occur, and securing recovery from attacks.

This document is intended to guide implementers, including system manufacturers and component suppliers, on how to use these mechanisms to build a strong security foundation into platforms. The document may also be useful when developing enterprise-wide procurement strategies and deployment.

Related Topics

Security and Privacy: roots of trust

Technologies: BIOS

Created May 04, 2018, Updated June 22, 2020