Email this Article Email   

CHIPS Articles: NIST Releases Platform Firmware Resiliency Guidelines

NIST Releases Platform Firmware Resiliency Guidelines
By CHIPS Magazine - May 7, 2018
The National Institute of Standards and Technology released a publication that will assist organizations better guard against potentially destructive attacks to the collection of hardware and firmware components of a computer system, also called the platform, according to a NIST release.

Special Publication 800-193, Platform Firmware Resiliency Guidelines provides technical guidelines and recommendations to support the resiliency of platform firmware and data against destructive cyber threats. The strategies describe security mechanisms for protecting the platform against unauthorized changes, detecting unauthorized changes that occur, and securing recovery from attacks. SP 800-193 is intended to guide implementers, including system manufacturers and component suppliers, on how to use these recommendations to build a strong security foundation into platforms, NIST said.

The platform is described as a collection of fundamental hardware and firmware components needed to boot and operate a system. A successful attack on platform firmware could render a system inoperable, perhaps permanently, or require reprogramming by the original manufacturer, resulting in significant costs and disruptions to users.

“The technical guidelines in this document promote resiliency in the platform by describing security mechanisms for protecting the platform against unauthorized changes, detecting unauthorized changes that occur, and recovering from attacks rapidly and securely,” NIST said.

System administrators, cybersecurity professionals, and users can use this document to guide procurement strategies and priorities for future systems, NIST recommended.

As a non-regulatory agency of the Commerce Department, NIST promotes U.S. innovation and industrial competitiveness by advancing measurement science, standards and technology in ways that enhance economic security and improve our quality of life. For more information, visit www.nist.gov.

Related CHIPS Articles
Related DON CIO News
Related DON CIO Policy

CHIPS is an official U.S. Navy website sponsored by the Department of the Navy (DON) Chief Information Officer, the Department of Defense Enterprise Software Initiative (ESI) and the DON's ESI Software Product Manager Team at Space and Naval Warfare Systems Center Pacific.

Online ISSN 2154-1779; Print ISSN 1047-9988
Hyperlink Disclaimer