Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

How Do You Protect Firmware from Attacks? Follow these Guidelines! NIST Releases Special Publication 800-193, Platform Firmware Resiliency Guidelines
May 04, 2018

Modern computing and information technology systems are built upon a variety of hardware components, many of which rely on firmware and configuration data to drive their behavior. Firmware is a type of software that provides low-level control for the device's hardware. This software is written in the hardware’s nonvolatile memory and is thus saved when the hardware is turned off or loses its external power source. Almost all electronic devices contain some firmware, and this firmware is often permanently installed and cannot be changed. As a result, updating the firmware of a device may rarely or never be done during its lifetime.

NIST announces the release of Special Publication 800-193, Platform Firmware Resiliency Guidelines, a document that provides technical guidelines and recommendations supporting resiliency of the collection of hardware and firmware components of a computer system, also called the platform. These guidelines describe security mechanisms for protecting the platform against unauthorized changes, detecting unauthorized changes that occur, and securing recovery from attacks.

This document is intended to guide implementers, including system manufacturers and component suppliers, on how to use these mechanisms to build a strong security foundation into platforms. The document may also be useful when developing enterprise-wide procurement strategies and deployment.

Parent Project

See: Hardware Security

Related Topics

Security and Privacy: roots of trust

Technologies: BIOS

Created May 04, 2018, Updated June 22, 2020