Hi [[ session.user.profile.firstName ]]

Enabling Rust for UEFI Firmware

This webinar will introduce work in progress to enable Rust, a modern language designed for memory safe operations, in EDK II. The session will also include use cases for Rust in EDK II, advantages of Rust when applied to firmware components, limitations in firmware environments and the types of issues that can be avoided by using a memory safe language in EDK II. Memory safety issues contributed to approximately 70% of recent security issues in software. In firmware, over 50% of reported issues in EDK II open source are related to memory safety.
Recorded Aug 20 2020 58 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Jiewen Yao and Vincent Zimmer, Intel
Presentation preview: Enabling Rust for UEFI Firmware

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Firmware Integrity Measurements and Attestation Recorded: Oct 21 2020 43 mins
    Dick Wilkins, Phoenix Technologies
    In 2011, the USG National Institute of Standards and Technology (NIST) published a draft of “BIOS Integrity Measurement Guidelines” (NIST Special Publication 800-155). For various reasons, these guidelines have not been widely accepted or implemented. Last year, NIST entered a collaboration with the Trusted Computing Group (TCG) to develop specifications that could be industry accepted and TCG has started publishing drafts of these specifications. This presentation will update the UEFI Forum membership on the status of this collaboration and how it will likely affect platform firmware.
  • Implementing and Using the UEFI Key Management Service (KMS) Recorded: Sep 17 2020 39 mins
    Zach Bobroff and Alex Podgorsky, AMI
    The UEFI specification has had the Key Management Service (KMS) protocol definition since version 2.3.1 and provides services to generate, store, retrieve, and manage cryptographic keys. As normal, the specification provides just the definition for the service and the underlying implementation can vary. There are several implementation options to implement the KMS protocol. A simple implementation is to build it on top of something already in the system such as a TPM. The most practical implementation requires interfacing with a Key Management Interoperability Protocol (KMIP) Server over a secure network connection. This presentation will cover the high-level interactions between a UEFI firmware and a KMIP server to implement the UEFI KMS protocol and several real use cases of the KMS protocol in modern systems.
  • Driver Development with EDKII Recorded: Sep 15 2020 39 mins
    Tomas Pilar, NUVIA Inc.
    The world of UEFI is unlike OS-based software ecosystems in several aspects and the difference can be daunting to a developer who is starting to write UEFI device drivers. This talk is aimed at junior independent hardware vendor (IHV) driver developers, at BIOS developers and at Integrators.

    The topics covered will include:
    • Common issues encountered and how to overcome them
    • Resources that proved valuable in development and maintenance:
    • Continuous Integration
    • Comprehensive Debugging Information
    • Documentation (EDKII and Yours)
    • Examples of interesting bugs encountered in the wild

    The goal of this webinar is to illustrate some areas for improvement within our community and help junior driver developers overcome early difficulties.
  • Enabling Rust for UEFI Firmware Recorded: Aug 20 2020 58 mins
    Jiewen Yao and Vincent Zimmer, Intel
    This webinar will introduce work in progress to enable Rust, a modern language designed for memory safe operations, in EDK II. The session will also include use cases for Rust in EDK II, advantages of Rust when applied to firmware components, limitations in firmware environments and the types of issues that can be avoided by using a memory safe language in EDK II. Memory safety issues contributed to approximately 70% of recent security issues in software. In firmware, over 50% of reported issues in EDK II open source are related to memory safety.
  • Best Practices for Secure Firmware Patching Recorded: Aug 19 2020 39 mins
    Alex Bazhaniuk, Eclypsium and Tim Lewis, Insyde Software
    Today firmware is ever-present, and although we understand the importance of updating firmware, there still isn't widespread adoption of best practices for updating firmware in the enterprise. Updating is critical to keeping systems safe and understandably why a firmware update plan is necessary, from both a system and device side. In this presentation, Insyde Software and Eclypsium address the topic of firmware updates and provide some best practices to add to an overall security strategy.
  • Microsoft’s Continued Investments in the UEFI Ecosystem Recorded: Jul 15 2020 53 mins
    Bret Barkelew, Matthew Carlson, Jeremiah Cox
    The webinar will include a summary of Microsoft’s continued investments into the business-critical UEFI ecosystem. This will include open source tools to improve developer efficiency (allowing more time for testing), open source continuous integration and unit testing in TianoCore, and an exploration of the “Code First” model including several case studies of new Windows features built upon open source Project Mu’s EDK2-based code, tests, & documentation.
  • JTAG-Based UEFI Debug and Trace Recorded: Jul 14 2020 45 mins
    Alan Sguigna, ASSET InterTech
    The IEEE Joint Test Action Group (JTAG) standards define debug, test and hardware validation technologies that are ingrained within much of today’s commercial silicon. In particular, platform debug is enabled by JTAG-based run-control (for example: halt, go, set breakpoint, single-step) and trace (for example: instruction trace, real-time UEFI “tool-hosted printf” message trace). On many systems, JTAG-based debugging is typically available from the very first instruction after CPU reset, allowing it to assist with development of early boot software that runs before any device or bus is initialized.

    This presentation will provide examples on the utility of JTAG-based UEFI debug and trace on x86 platforms.
  • LinuxBoot Integration with UEFI Host Firmware Recorded: Jun 17 2020 44 mins
    Isaac Oram, Intel and Jonathan Zhang, Facebook
    This webinar introduces LinuxBoot, its integration into host firmware solutions, provides current status and makes a proposal on how the UEFI firmware industry could embrace the challenges and opportunities that alternative firmware approaches introduce.

    Different from traditional enterprise, hyperscaler and cloud service providers have different requirements for host firmware. These differences prompted formation of the OCP (Open Compute Foundation) OSF (Open System Firmware) project.

    Facebook and its partners have been working together on LinuxBoot to enable Intel(R) Xeon Scalable Processor. As a starting point, we have completed proof of concept on Skylake generation and OCP Tioga Pass platform.

    Hyperscaler unique requirements are an opportunity for the multiple firmware communities to work together to streamline UEFI requirements, increase firmware accessibility, and explore additional ecosystem opportunities as OCP adoption increases
  • TrenchBoot and GRUB - A Quick Introduction Recorded: Jun 16 2020 46 mins
    Daniel Kiper, Oracle
    TrenchBoot is a cross-community OSS integration project for hardware-rooted, late launch integrity of open and proprietary systems. It reduces the attack surface exposed by the platform firmware. The presentation will introduce the TrenchBoot itself and later discuss how it compares to a UEFI secure boot and where it complements the secure boot. The webinar will also explore various challenges created by the UEFI environment for TrenchBoot but also for DRTM in general. Then the presentation will highlight some solutions to the discovered deficiencies discussed in the OSS community.
  • Building a System That “Just Works” – Arm Firmware Ecosystem Recorded: May 20 2020 40 mins
    Samer El-Haj-Mahmoud (Arm) and Dong Wei (Arm)
    This webinar will provide an overview of the market reality of the boot system firmware on Arm systems, from servers to edge devices. It covers the range of firmware standards available for those systems, including Arm Trusted Firmware, SBBR (UEFI/ACPI), EBBR (UEFI on top of uboot), as well as LinuxBoot. The session also covers the evolution of the Arm firmware standards and the ServerReady program around UEFI and ACPI to design systems that “just work”, regardless of the segment.
  • Compute Express Link: Proposed Enhancements to UEFI and ACPI Specifications Recorded: May 19 2020 39 mins
    Mahesh Natu (Intel) and Thanu Rangarajan (Arm)
    Compute Express Link (CXL) is a new high-speed CPU-to-Device and CPU-to-Memory interconnect designed to accelerate next-generation data center performance. CXL is designed to be an industry open standard interface for high-speed communications, as accelerators and memory expanders are increasingly used to complement CPUs in support of emerging applications. The CXL 1.1 specification is already available, with work on future versions underway. CXL reinforces the need for standardization, with focus on technologies such as UEFI, ACPI and PCIe to provide the necessary interfaces between the firmware and the operating systems to support CXL new use cases of accelerators and memory expansion across different implementations. This presentation will first briefly introduce CXL 1.1 standard. It will then delve into the technical details of the proposed enhancements to the UEFI and ACPI specifications required for operating systems to manage CXL devices and ports in a system.
  • Is your Pi “ServerReady”? Embracing UEFI and ACPI at the Edge Recorded: Apr 29 2020 46 mins
    Andrei Warkentin, VMware and Samer El-Haj-Mahmoud, Arm
    Firmware standards such as UEFI and ACPI are one of the foundational pillars for Arm servers, and a major reason for the continued growth of this horizontally-integrated ecosystem. Non-server "Edge" systems, however, are still an embedded-style vertically-integrated market, which is preventing at-scale adoption and proliferation of Arm-based Edge/IoT Compute.

    Thus, let's make "Arm Edge" as boring as "Arm Servers" and start with the iconic Raspberry Pi.

    This is a presentation and demo of VMware's and Arm's joint open effort to bring Arm ServerReady experiences to the Raspberry Pi 4 via community-developed SBBR (UEFI + ACPI) firmware. The session covers the history of the Pi UEFI port, current status and technical challenges that remain to be solved.
Webinars for the Firmware Community
Through a collaborative approach with world-class companies, institutions and experts, the UEFI Forum advances innovation in firmware technology standards. These extensible, globally-adopted UEFI specifications bring new functionality and enhanced security to the evolution of devices, firmware and operating systems.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Enabling Rust for UEFI Firmware
  • Live at: Aug 20 2020 3:00 pm
  • Presented by: Jiewen Yao and Vincent Zimmer, Intel
  • From:
Your email has been sent.
or close