Chapter 10 – Platform Security and Trust
We will bankrupt ourselves in the vain search for absolute security.
—Dwight D. Eisenhower
The Unified Extensible Firmware Interface (UEFI) and Platform Initialization (PI) specifications describe the platform elements that take control of the system across the various restart events. These elements are also responsible for ceding control to hypervisors, operating systems, or staying in the UEFI boot services environment as the “runtime.” These modules and drivers can provide support for various secure boot and trusted computing scenarios.
Beyond the feature drivers and boot flow, the UEFI and PI specifications describe interfaces and binary image encoding of executable modules for purposes of interoperability. ...