Universal Platform Firmware Resiliency (PFR) – Servers

NIST SP 800 193 Standard Based Implementation: Robust Security in Hardware, Comprehensive Coverage

The National Institute of Standards and Technology (NIST) released the NIST SP 800 193 specification in 2018, which defines a uniform security mechanism known as Platform Firmware Resilience (PFR). PFR, using a hardware-based solution, is a new approach to securing enterprise server firmware that comprehensively prevents attacks on all firmware in a server.

PFR addresses the vulnerability of enterprise servers that contain multiple processing components, each having its own firmware. This firmware can be attacked by hackers who may surreptitiously install malicious code in a component’s flash memory that hides from standard system-level detection methods and leaves the system permanently compromised. The specification is based on three guiding principles:

  1. Protection – Lattice has demonstrated state machine-based algorithms that offer Nanosecond response time in detecting security breaches into the SPI memory. This prevents unauthorized access to modify any of the firmware in SPI memory. The solution is customizable through simple easy to use databases. Using secure communication with the PFR algorithm, the BMC will be able to authorize modifications to SPI memory to support in-system updates.
  2. Detection – Elliptic Curve Cryptography (ECC) based measurements made on the firmware stored in each of the SPI memory detects all unauthorized modifications to it. The detection method is independent of the existing firmware security approaches used in that design. Using the integrated board power management function, it is possible to detect any unauthorized modifications to firmware before the board is started up.
  3. Recovery – If a security breach is detected, Lattice’s implementation provides a customizable recovery mechanism. This mechanism can perform a simple rollback to a previous version of firmware, or a full blown recovery to the latest authorized version of the firmware. The Power Management and Control PLD algorithm can be customized to respond to the nature of the breach to implement the full trusted recovery process for any Board.

Implementation Features

  • Scalable – Protect, with nanosecond level response all firmware on the board. The solution can also protect other add-in sub systems through secure communication with the corresponding roots of trust
  • Non-By-passable – As this solution implements the full power sequencing for the server board along with the PFR implementation, it cannot be by passed
  • Self-Protecting – The PFR implementation uses a revolutionary Root-of-Trust FPGA as an anchor. This FPGA can dynamically control its attack surface and protects itself from external attacks
  • Self-Detecting – The Root-of-Trust FPGA can detect any security breach of its configurations by using a non-by-passable cryptographic hardware block.
  • Self-Recovery – The Root-of-Trust FPGA can switch over to the golden image automatically when it discovers a breach to its active configuration

Contact us to get details of the PFR implementation.

PFR Implementation Block Diagram

Platform Firmware Resiliency (PFR) Block Diagram

Video

Platform Firmware Resilience (PFR)
Expand Video

Platform Firmware Resilience (PFR)

Learn how to implement PFR that meets the new NIST SP 800913 standard for in your server system using a Lattice Root of Trust FPGA solution.

Documentation

Information Resources
TITLE NUMBER VERSION DATE FORMAT SIZE
Select All
Securing Enterprise Server Firmware: A New Approach
WP0016 1.0 10/25/2018 PDF 828.8 KB

*By clicking on the "Notify Me of Changes" button, you agree to receive notifications on changes to the document(s) you selected.