Modern-day BIOS and other device firmware are complex pieces of code that can suffer from similar types of security vulnerabilities as application-level software does. BIOS/firmware level vulnerabilities are often destructive since exploiting them can potentially render a system inoperable, perhaps permanently. Recovering from such attacks may even require reprogramming by the original manufacturer, resulting in significant disruptions to users.


Objectives

Developing efficient testing techniques to quickly identify vulnerabilities at the bios/firmware level

Modern-day BIOS and other device firmware are complex pieces of code that can suffer from similar types of security vulnerabilities as application-level software. BIOS/firmware level vulnerabilities are often particularly destructive since exploiting them can potentially affect the entire compute stack rendering a system inoperable, perhaps permanently. Recovering from such attacks may even require reprogramming the device by the original manufacturer, potentially resulting in significant disruptions to users. In this project we aim to develop efficient testing techniques to quickly identify vulnerabilities at the bios/firmware level. We employ a two-pronged approach to analyzing firmware for security vulnerabilities – static analysis of code for memory safety related weaknesses and vulnerabilities, and model checking via symbolic execution of firmware code also for memory safety related weaknesses. By itself, each of these techniques result in significant false positives as well as false negatives. We believe that a combination of the two techniques will provide better security guarantees.

Developing robust protocols based on code signing and verification and using Trusted Platform Modules to initialize hardware components, boot the system, provide runtime services implemented by hardware components and, in general, protect the platform against unauthorized changes.

Modern hardware devices are complex systems. There is a complex supply chain involved in their manufacturing process that consists of a set of upstream component originators that are transferred to a set of downstream component users to produce more complex sub-devices and assembled by the final vendor. As a hardware device moves in this supply chain, there is a potential threat of tampering. This is of significant concern since there is an increased emphasis on using trusted hardware devices to provide security services. Even if the software is trusted and bug-free, if it is run on an untrusted device, not many security guarantees can be expected from it. The project assumes that the manufacturer of a product is trusted not to have tampered with the product before sending it downstream. Thus, the protection in transit problem is reduced to the problem of ensuring that the first-time use of a product after it has left the vendor is only by the rightful/authorized immediate downstream user. This is achieved by having the manufacturer of the product lock it down after production and introducing a mechanism by which the product can authenticate the rightful user and self-unlock to allow the use of the product. For a proof-of-concept, we are investigating the problem in the context of a complex product such as a workstation or laptop being shipped to a human end user. We are using hardware trusted root of trust to perform authentication, locking, and unlocking of devices. The locking of the device is performed at the BIOS/BMC level by the vendor. Authentication is based on sharing secrets. We use a mesh of trusted agents for the secure sharing of secrets.


Our Team

Faculty Members

Indrakshi Ray
Project Manager

Colorado State University

Homepage
Indrajit Ray
Faculty Member

Colorado State University

Homepage
Sudipto Ghosh
Faculty Member

Colorado State University

Homepage
Vinayak Prabhu
Faculty Member
Colorado State University

Students

Rakesh Podder
Website Profile
Jack Sovereign

Alumni

Jared Crouse, M.S. 2021

Mohit Singh, M.S. 2021

Publications

  • Rakesh Podder, Jack Sovereign, Indrajit Ray, Madhan B. Santharam and Stefano Righi, “The PIT-Cerberus Framework: Preventing Device Tampering During Transit,” In 2024 IEEE 24th International Conference on Software Quality, Reliability and Security (QRS), Cambridge, United Kingdom, 2024, pp. 584-595, doi: 10.1109/QRS62785.2024.00064. Paper
  • Vinayak Prabhu, Mohit Singh, Indrajit Ray, Indrakshi Ray, and Sudipto Ghosh, “Detecting Secure Memory Deallocation Violations with CBMC”, In 8th ACM Cyber-Physical System Security Workshop (CPSS), 2022.

News

Our Sponsers

Since 1985, AMI has designed, created and manufactured key hardware and software solutions for the global computer marketplace, providing the highest quality and compatibility necessary to build today’s advanced computing systems.