ACPI: Design Principles and Concerns

  • Loïc Duflot
  • Olivier Levillain
  • Benjamin Morin
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5471)

Abstract

ACPI (Advanced Configuration Power Interface) allows operating systems to efficiently configure the hardware platform they are running on and deal with power management tasks. These tasks used to be achieved by the BIOS because it was the only platform component to know which specific chipset or device registers dealt with power management. In this paper, we illustrate how this shift in the global power management model introduces additional threats, especially for trusted platforms, by showing how rootkits can use ACPI to conceal some of their functions. We also study the relationship between trusted computing blocks and ACPI.

Keywords

ACPI trusted platforms rootkits 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    ACPI Component Architecture. Unix format test suite (2008), http://www.acpica.org/downloads
  2. 2.
    Devices, A.M.: Amd64 virtualization: Secure virtual machine architecture reference manual (2005)Google Scholar
  3. 3.
    Duflot, L., Etiemble, D., Grumelard, O.: Security Issues Related to Pentium System Management Mode. In: CanSecWest Security Conference Core 2006 (2006)Google Scholar
  4. 4.
    Embleton, S., Sparks, S.: The System Management Mode (SMM) Rootkit. In: Black Hat Briefings (2008)Google Scholar
  5. 5.
    Grawrock, D.: The intel safer computing initiative (2007)Google Scholar
  6. 6.
    Heasman, J.: Implementing and detecting an acpi bios rootkit. In: Blackhat federal 2006 (2006), www.blackhat.com/presentations/bh-federal-06/BH-Fed-06-Heasman.pdf
  7. 7.
    Heiser, G., Elphinstone, K., Kuz, I., Klein, G., Petters, S.: Towards trustworthy computing systems: taking microkernel to the next level. In: ACM operating systems review (2007)Google Scholar
  8. 8.
    Hewlett-Packard: Intel, Microsoft, Phoenix, and Toshiba. The acpi specification: revision 3.0b (2008), http://www.acpi.info/spec.htm
  9. 9.
    Intel Corp. Intel 82845 Memory Controller Hub (MCH) Datasheet (2002)Google Scholar
  10. 10.
    Intel Corp. Intel 64 and IA 32 Architectures Software Developer’s Manual Volume 1: Basic architecture (2007)Google Scholar
  11. 11.
    Intel Corp. Intel 64 and ia 32 architectures software developer’s manual volume 2a: instruction set reference, a-m (2007), http://www.intel.com/design/processor/manuals/253666.pdf
  12. 12.
    Intel Corp. Intel 64 and IA 32 Architectures Software Developer’s Manual Volume 2B: Instruction Set Reference, N-Z (2007)Google Scholar
  13. 13.
    Intel Corp. Intel 64 and IA 32 Architectures Software Developer’s Manual Volume 3A: System Programming Guide Part 1 (2007)Google Scholar
  14. 14.
    Intel Corp. Intel I/O Controller Hub 9 (ICH9) Family Datasheet (2008)Google Scholar
  15. 15.
    Mandriva. Mandriva linux one (2008), http://www.mandriva.com/en/product/mandriva-linux-one
  16. 16.
    Microsoft and Intel. Advanced power management v1.2 specification (1996), www.microsoft.com/whdc/archive/amp_12.mspx
  17. 17.
    PCI-SIG. Pci local bus specification, revision 2.1. (1995)Google Scholar
  18. 18.
    Trusted Computing Group. Tpm specification version 1.2: Design principles (2008), https://www.trustedcomputinggroup.org/specs/TPM/MainP1DPrev103.zip

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Loïc Duflot
    • 1
  • Olivier Levillain
    • 1
  • Benjamin Morin
    • 1
  1. 1.DCSSI 51 bd. de la Tour MaubourgParis Cedex 07France

Personalised recommendations