Preventing Malicious Modifications to Firmware Using Hardware Root of Trust (HRoT)
محفوظ في:
| الحاوية / القاعدة: | ProQuest Dissertations and Theses (2025) |
|---|---|
| المؤلف الرئيسي: | |
| منشور في: |
ProQuest Dissertations & Theses
|
| الموضوعات: | |
| الوصول للمادة أونلاين: | Citation/Abstract Full Text - PDF |
| الوسوم: |
لا توجد وسوم, كن أول من يضع وسما على هذه التسجيلة!
|
MARC
| LEADER | 00000nab a2200000uu 4500 | ||
|---|---|---|---|
| 001 | 3213675604 | ||
| 003 | UK-CbPIL | ||
| 020 | |a 9798315754992 | ||
| 035 | |a 3213675604 | ||
| 045 | 2 | |b d20250101 |b d20251231 | |
| 084 | |a 66569 |2 nlm | ||
| 100 | 1 | |a Podder, Rakesh | |
| 245 | 1 | |a Preventing Malicious Modifications to Firmware Using Hardware Root of Trust (HRoT) | |
| 260 | |b ProQuest Dissertations & Theses |c 2025 | ||
| 513 | |a Dissertation/Thesis | ||
| 520 | 3 | |a As computing devices such as servers, workstations, laptops, and embedded systems are transported from one site to another, they are susceptible to unauthorized firmware modifications. Additionally, traditional over-the-air (OTA) firmware update mechanisms often lack robust security features, exposing devices to threats such as unauthorized updates, malware injection, etc. While the industry has made efforts to secure the boot process using a hardware root of trust (HRoT), post-boot firmware tampering remains a significant risk. In this work, we introduce a comprehensive framework that addresses firmware security across both transit and remote update phases by leveraging HRoT and cryptographic techniques. To prevent unauthorized firmware modifications during device shipment, we propose the PIT-Cerberus (Protection In Transit) framework, which enhances the HRoT’s attestation capabilities to securely lock and unlock BIOS/UEFI. In addition, we introduce the Secure Remote Firmware Update Protocol (S-RFUP) to fortify OTA firmware updates by incorporating industry standards such as Platform Level Data Model (PLDM) and Management Component Transport Protocol (MCTP). These standards enable interoperability across diverse platforms while reducing management complexity. The protocol enhances security and operational integrity during updates, ensuring that only authenticated and verified firmware modifications occur. Both frameworks are implemented within a trusted microcontroller as part of Project Cerberus, an open-source security platform for server hardware. We present a security analysis, implementation details, and validation results, demonstrating the effectiveness of our approach in securing firmware both in transit and during remote updates. | |
| 653 | |a Computer science | ||
| 653 | |a Computer engineering | ||
| 773 | 0 | |t ProQuest Dissertations and Theses |g (2025) | |
| 786 | 0 | |d ProQuest |t ProQuest Dissertations & Theses Global | |
| 856 | 4 | 1 | |3 Citation/Abstract |u https://www.proquest.com/docview/3213675604/abstract/embedded/75I98GEZK8WCJMPQ?source=fedsrch |
| 856 | 4 | 0 | |3 Full Text - PDF |u https://www.proquest.com/docview/3213675604/fulltextPDF/embedded/75I98GEZK8WCJMPQ?source=fedsrch |