Skip to main content
SpringerLink
Log in

Analysis of the Security of UEFI BIOS Embedded Software in Modern Intel-Based Computers

  • Published:
Automatic Control and Computer Sciences Aims and scope Submit manuscript

Abstract

The paper presents an overview of current attacks on BIOS and Intel ME embedded software of modern Intel-based computers. We describe the results of the analysis of its security for system boards of basic manufacturers. We also allocate classes of attacks that make it possible to create implants whose discovery by traditional methods of searching for undeclared features becomes impossible or extremely difficult.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.

Similar content being viewed by others

REFERENCES

  1. Ermolov, A., Bypassing Intel Boot Guard, 2017. https://embedi.com/blog/bypassing-intel-boot-guard.

  2. Ververis, V., Security Evaluation of Intel’s Active Management Technology, 2010. https://people.kth.se/~maguire/ DEGREE-PROJECT-REPORTS/100402-Vassilios_Ververis-with-cover.pdf.

  3. Wojtczuk, R. and Tereshkin, A., Introducing Ring -3 Rootkits, 2009. https://invisiblethingslab.com/resources/ bh09usa/Ring%20-3%20Rootkits.pdf.

  4. Ermolov, M. and Goryachy, M., How to Hack a Turned-Off Computer, or Running Unsigned Code in Intel ME, 2018. http://blog.ptsecurity.com/2018/01/running-unsigned-code-in-intel-me.html.

  5. Sklyarov, D., Intel ME 11.x Firmware Images Unpacker. https://github.com/ptresearch/unME11.

  6. Sklyarov, D., Intel ME 12.x Firmware Images Unpacker. https://github.com/ptresearch/unME12.

  7. Skochinsky, I., Rootkit in your laptop: Hidden code in your chipset and how to discover what exactly it does, 2012. http://me.bios.io/images/c/ca/Rootkit_in_your_laptop.pdf.

  8. Ermolov, A., Schrödinger Trusted Boot Intel Boot Guard, 2017. https://dsec.ru/wp-content/uploads/pdf-dsec-old/.

  9. Ermolov, M. and Goryachy, M., Disabling Intel ME 11 via undocumented mode, 2017. https://www.ptsecurity.com/ upload/corporate/ww-en/analytics/Intel-ME-disable-eng.pdf.

  10. Kallenberg, C. and Wojtczuk, R., Speed Racer: Exploiting an Intel Flash Protection Race Condition. http://composter.com.ua/documents/Exploiting_Flash_Protection_Race_Condition.pdf.

Download references

Author information

Authors and Affiliations

  1. Peter the Great Polytechnic University, 195251, St. Petersburg, Russia

    I. D. Pankov, A. S. Konoplev & A. Yu. Chernov

Authors
  1. I. D. Pankov
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. A. S. Konoplev
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. A. Yu. Chernov
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to A. S. Konoplev or A. Yu. Chernov.

Ethics declarations

The authors declare that they have no conflicts of interest.

Additional information

Translated by L. Kartvelishvili

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Pankov, I.D., Konoplev, A.S. & Chernov, A.Y. Analysis of the Security of UEFI BIOS Embedded Software in Modern Intel-Based Computers. Aut. Control Comp. Sci. 53, 865–869 (2019). https://doi.org/10.3103/S0146411619080224

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.3103/S0146411619080224

Keywords:

Search

Navigation