Preview is not available for this file. Please download the file.
Description
According to NIST SP800-155 – firmware integrity measurement, each firmware component needs to ensure that industry best practices are followed, such as firmware integrity reporting. To meet this requirement, the Trusted Computing Group (TCG) defined how to provide the reference integrity manifest (RIM) at manufacturing time, and also how to collect the firmware integrity measurement (FIM) at system boot time.
The Intel Firmware Support Package (FSP) is an Intel delivered binary that is integrated into Original Equipment Manufacturer (OEM) system firmware. An OEM may get the original source code, modify the FSP, and subsequently create an OEM specific FSP binary. In some use cases, a third party needs to verify the provenance of the FSP binary. This verification includes supply chain concerns about the authenticity of an FSP during update and manufacturing times. As one mechanism for verification, a third-party attestation service can introspect on the component.