Too young to be secure: Analysis of UEFI threats and vulnerabilities

Abstract

Unified Extensible Firmware Interface (UEFI) is a software interface between an operating system and platform firmware designed to replace a traditional BIOS. In general, UEFI has many technical advantages over BIOS (pre-OS environment, boot and run-time services, CPU-independent drivers etc.) including also powerful security mechanisms (e.g. secure boot, update, etc.). They are aimed to provide platform integrity, be root of trust of security architecture, control all stages of boot process until it pass control to authenticated OS kernel. From the other side UEFI technology is the focus of many new potential threats and exploits and presents new vulnerabilities that must be managed. The main goal of this research is to provide analysis of the UEFI security issues, find the point and source of the security problems and classify them. The paper describes the architectural and implementation troubles of UEFI which lead to threats, vulnerabilities and attacks. It also includes extensive review of the previous research activities in this area and the results of our own experiments. As the result of the work some recommendation about how to make this young technology more safe and secure are provided.