UEFI and Legacy BIOS
Memory Layout (SMRAM and Memory Map)
UEFI GUID Interface
services and protocols
UEFI application development
EDK-II development environment
development with Visual Studio
OVMF with QEMU and TIANOCORE
UEFI DXE Driver
UEFI PCI resource management
Secure Boot and Key Management
UEFI Driver Signing
||The UEFI training requires founded knowlegde about programming C language
The course is offered as combined training (webinar or classic). SYBERA provides this training also as Inhouse seminar at customer site.
Training UEFI Firmware
This course is a "must to have" for every developer who wants to create UEFI firmware software. This course provides an opportunity
to explore the subject UEFI in depth. Besides the basics of UEFI (phases, specification, Shell) the required knowledge are mediated
for developing UEFI software.
UEFI (Unified Extensible Firmware Interface) is a standard firmware interface for PCs, the Legacy BIOS (Basic Input / Output System)
is to be replaced. The interface consists of data tables that contain platform-related information, plus boot and runtime service calls
that are available to the operating system and its boot loader. Together, these provide a standard environment for booting an operating
system and running pre-boot applications.
This standard was created by more than 140 technology companies within the UEFI consortium,
which also Microsoft belongs to. It aims to improve the interoperability of software and overcome the limitations of the BIOS.
UEFI firmware provides among others the following advantages: Increased safety by protecting the process before starting against
bootkit attacks, faster start and resume from hibernation, support for drives larger than 2TB, support for modern 64-bit firmware
device drivers, to address more than 17.2 billion GB of memory at startup and the possibility to use the BIOS with the hardware.
The UEFI Shell is an interactive BIOS extension and provides, similar to an operating system, an environment for running programs.
It encompasses a scripting interpreter to run script files, from external storage devices (for example, USB) which can be booted and
is optionally present as the boot device in the BIOS. The UEFI Shell owns similar to MS DOS or Linux a command line with an instruction
set for file manipulation, driver management, device access, information, memory access, BIOS status and scripting control. With the
EFI Development Kit (EDK 2) a development environment for the UEFI programming (drivers and applications) was created, which facilitates
much, but also challenges new harbors. UEFI Secure Boot was created to enhance security in the pre-boot environment.
Secure Boot is a
technology where the system firmware checks that the system boot loader is signed with a cryptographic key authorized by a database contained
in the firmware. With adequate signature verification in the next-stage boot loader(s), kernel, and, potentially, user space, it is possible
to prevent the execution of unsigned code. Thus, Secure Boot is a form of Verified Booting. Boot path validation is also part of other
technologies such as Trusted Boot. The Boot path validation is indepedent of secure storage of cryptographic keys and remote attestation.
Windows 8 systems ship with a certificate in the UEFI that analyzes the boot loader to ensure it is both the right one and is signed by Microsoft.
If you were to encounter a rootkit , the UEFI wouldn't allow it to boot. In other words, UEFI protects the pre-OS environment. Additionally,
as the system boots, Windows 8 detects if any of the OS elements have been tampered with and automatically restores the unmodified versions.
As you know from that earlier post, Secure Boot is just one of the three pillars of what is called the Trusted Boot process. Secure Boot enables
a related feature: Early-Launch Anti-Malware (ELAM). This provides the ability for an anti-malware driver to register as a trusted Boot
Critical Driver. This makes it the first non-Microsoft, non-platform specific code that will run on the computer. The anti-malware driver
can then verify other drivers in turn before they are initialized. Secure Boot helps prevent malware from running before the OS, Early Launch
AV helps ensure that trusted anti-malware software is the first third-party component run on each startup. Measured Boot is another boot feature
in Windows 8 that is also related to anti-malware software. Measured boot gives the anti-malware software a detailed, reliable log of components
that loaded prior to the anti-malware driver during startup. This log can be used by anti-malware software or an administrator in a business
environment to validate whether there may be malware on the computer, or evidence of tampering with boot components.
The aim of this training is to uncover the background of UEFI BIOS and to realize own DXE driver projects. With practical examples the
topics UEFI Shell, Shell script, SMRAM, UEFI Services und Protocols, Open Virtual Machine Firmware (OVMF) development with QEMU and
TIANOCORE, UEFI driver development (DXE Driver), SMM and Secure Boot are covered. The training is thus aimed at hardware and software
developers to become familiar with the topic UEFI firmware.