Stuart Yoder explains why standard assessment tools like #LFVS, #HSI, and #CHIPSEC struggle on #ARM systems, where diverse hardware designs make direct inspection unreliable. The lack of consistent, inspectable security primitives leaves significant blind spots for teams trying to validate platform security.

🔗 Video, description & slides:
https://cfp.3mdeb.com/developers-vpub-0xc-2024/talk/RMEWFV/

🎤 Announcing Stuart Yoder's talk at Dasharo vPub: "Security Assessment on Arm Platforms"!

As a System Architect at Arm, Stuart will share insights into security assessments across Arm-based hardware. Considering tools like LFVS HSI and Chipsec, he will discuss ongoing efforts to enhance security evaluation techniques.

🗓️ Sep 12, 20:00 UTC

📄 More info: https://buff.ly/3ZbZSTe
🎟️ Sign up: https://buff.ly/47dBUJk

#Dasharo #Arm #Security #Firmware #CyberSecurity #Chipsec #FirmwareSecurity

I recently upstreamed a script to spawn a QEMU virtual machine running UEFI Shell + CHIPSEC which helps debug issues and implement new features: https://github.com/chipsec/chipsec/blob/1.9.0/scripts/qemu_efi.py

This script has an issue: to launch the OVMF shell in QEMU, it disables networking (-nic none), otherwise OVMF tries PXE Boot. If you know how to keep networking, or sense other ways to improve this script, feel free to contribute to https://github.com/chipsec/chipsec 💻​
#chipsec #uefishell #OVMF