Upcoming Events

Date:
Apr 1, 2020 to Oct 31, 2020
Webinars - UEFI BrightTALK Channel

Due to COVID-19 travel restrictions and health concerns, the Spring 2020 UEFI Plugfest has been canceled. In place of the Spring Plugfest, the UEFI 2020 Virtual Plugfest will now take place online through a series of themed educational webinars presented by UEFI Forum members. The webinars will be free and open to the public.

Recordings of the webinars will be available after the presentations have concluded. If you register now but are unable to attend the live presentation, you can view the presentation recording on the UEFI Forum YouTube channel after the webinar has concluded.

 

Upcoming Webinars:

Firmware Integrity Measurements and Attestation

In 2011, the USG National Institute of Standards and Technology (NIST) published a draft of “BIOS Integrity Measurement Guidelines” (NIST Special Publication 800-155). For various reasons, these guidelines have not been widely accepted or implemented. Last year, NIST entered a collaboration with the Trusted Computing Group (TCG) to develop specifications that could be industry accepted and TCG has started publishing drafts of these specifications. This presentation will update the UEFI Forum membership on the status of this collaboration and how it will likely affect platform firmware.

Register to attend the webinar: https://www.brighttalk.com/webcast/18206/441982

 

Past Webinars:

Driver Development with EDKII

The world of UEFI is unlike OS-based software ecosystems in several aspects and the difference can be daunting to a developer who is starting to write UEFI device drivers. This talk is aimed at junior independent hardware vendor (IHV) driver developers, at BIOS developers and at Integrators.

The topics covered will include:

  • Common issues encountered and how to overcome them
  • Resources that proved valuable in development and maintenance:
  • Continuous Integration
  • Comprehensive Debugging Information
  • Documentation (EDKII and Yours)
  • Examples of interesting bugs encountered in the wild

The goal of this webinar is to illustrate some areas for improvement within our community and help junior driver developers overcome early difficulties.

Webinar Slides

 

Implementing and Using the UEFI Key Management Service (KMS)

The UEFI specification has had the Key Management Service (KMS) protocol definition since version 2.3.1 and provides services to generate, store, retrieve, and manage cryptographic keys. As normal, the specification provides just the definition for the service and the underlying implementation can vary. There are several implementation options to implement the KMS protocol. A simple implementation is to build it on top of something already in the system such as a TPM. The most practical implementation requires interfacing with a Key Management Interoperability Protocol (KMIP) Server over a secure network connection. This presentation will cover the high-level interactions between a UEFI firmware and a KMIP server to implement the UEFI KMS protocol and several real use cases of the KMS protocol in modern systems.

Webinar Slides

 

Best Practices for Secure Firmware Patching

Wednesday, August 19

Today firmware is ever-present, and although we understand the importance of updating firmware, there still isn't widespread adoption of best practices for updating firmware in the enterprise. Updating is critical to keeping systems safe and understandably why a firmware update plan is necessary, from both a system and device side. In this presentation, Insyde Software and Eclypsium address the topic of firmware updates and provide some best practices to add to an overall security strategy.

Webinar Slides

 

Enabling Rust for UEFI Firmware

Thursday, August 20

This webinar will introduce work in progress to enable Rust, a modern language designed for memory safe operations, in EDK II. The session will also include use cases for Rust in EDK II, advantages of Rust when applied to firmware components, limitations in firmware environments and the types of issues that can be avoided by using a memory safe language in EDK II. Memory safety issues contributed to approximately 70% of recent security issues in software. In firmware, over 50% of reported issues in EDK II open source are related to memory safety.

Webinar Slides

 

JTAG-Based UEFI Debug and Trace

Tuesday, July 14

The IEEE Joint Test Action Group (JTAG) standards define debug, test and hardware validation technologies that are ingrained within much of today’s commercial silicon. In particular, platform debug is enabled by JTAG-based run-control (for example: halt, go, set breakpoint, single-step) and trace (for example: instruction trace, real-time UEFI “tool-hosted printf” message trace). On many systems, JTAG-based debugging is typically available from the very first instruction after CPU reset, allowing it to assist with development of early boot software that runs before any device or bus is initialized.

This presentation will provide examples on the utility of JTAG-based UEFI debug and trace on x86 platforms.

Webinar Slides

 

Microsoft’s Continued Advancements in the UEFI Ecosystem

Wednesday, July 15

The webinar will include a summary of Microsoft’s continued investments into the business-critical UEFI ecosystem. This will include open source tools to improve developer efficiency (allowing more time for testing), open source continuous integration and unit testing in TianoCore, and an exploration of the “Code First” model including several case studies of new Windows features built upon open source Project Mu’s EDK2-based code, tests, & documentation.

Webinar Slides

 

TrenchBoot and GRUB - A Quick Introduction

Tuesday, June 16

TrenchBoot is a cross-community OSS integration project for hardware-rooted, late launch integrity of open and proprietary systems. It reduces the attack surface exposed by the platform firmware. The presentation will introduce the TrenchBoot itself and later discuss how it compares to a UEFI secure boot and where it complements the secure boot. The webinar will also explore various challenges created by the UEFI environment for TrenchBoot but also for DRTM in general. Then the presentation will highlight some solutions to the discovered deficiencies discussed in the OSS community.

Webinar Slides

 

LinuxBoot Integration with UEFI Host Firmware

Wednesday, June 17

This webinar introduces LinuxBoot, its integration into host firmware solutions, provides current status and makes a proposal on how the UEFI firmware industry could embrace the challenges and opportunities that alternative firmware approaches introduce.

Webinar Slides

 

Compute Express Link (CXL): Proposed Enhancements to UEFI and ACPI Specifications

Tuesday, May 19 from 8:00 am – 8:45 am PT

Compute Express Link (CXL) is a new high-speed CPU-to-Device and CPU-to-Memory interconnect designed to accelerate next-generation data center performance. CXL is designed to be an industry open standard interface for high-speed communications, as accelerators and memory expanders are increasingly used to complement CPUs in support of emerging applications. The CXL 1.1 specification is already available, with work on future versions underway. CXL reinforces the need for standardization, with focus on technologies such as UEFI, ACPI and PCIe to provide the necessary interfaces between the firmware and the operating systems to support CXL new use cases of accelerators and memory expansion across different implementations. This presentation will first briefly introduce CXL 1.1 standard. It will then delve into the technical details of the proposed enhancements to the UEFI and ACPI specifications required for operating systems to manage CXL devices and ports in a system.

Webinar Slides

 

Building a System That “Just Works” – Arm Firmware Ecosystem

Wednesday, May 20

This webinar will provide an overview of the market reality of the boot system firmware on Arm systems, from servers to edge devices. It covers the range of firmware standards available for those systems, including Arm Trusted Firmware, SBBR (UEFI/ACPI), EBBR (UEFI on top of uboot), as well as LinuxBoot. The session also covers the evolution of the Arm firmware standards and the ServerReady program around UEFI and ACPI to design systems that “just work”, regardless of the segment.

Webinar Slides