Description
Firmware integrity is a critical component when assessing the trustworthiness of a
system. Existing attestation frameworks rely on reference measurements being available
in advance. Although standards exist, OEMs in the consumer market do not yet provide
usable reference data for their devices.
This thesis introduces two approaches to verify TPMs Measured Boot logs using
existing firmware data. The first approach relies on extracting reference measurements
from firmware updates provided by the OEMs. The second approach is based on
gathering crowdsourced measurements from multiple devices and deriving reference
values.
The firmware update approach was implemented and evaluated on two Lenovo
ThinkPads. The evaluation showed that reference values could be derived for static
firmware components such as firmware volumes, drivers, and applications included in
the firmware image. However, structural differences between device models require
further adaptation to different firmware structures. To achieve a full assessment of
the trustworthiness of the firmware and its configuration, additional complementary
methods need to be developed.
|
Thesis topic in co-operation with the Fraunhofer Institute for Applied and Integrated Security AISEC, Garching