Skip to main content
USENIX
  • Conferences
  • Students
Sign in
  • Home
  • Attend
    • Registration Information
    • Registration Discounts
    • Venue, Hotel, and Travel
    • Students and Grants
    • Co-Located Workshops
  • Program
  • Participate
    • Instructions for Participants
    • Call for Papers
  • Sponsorship
  • About
    • Workshop Organizers
    • Services
    • Questions
    • Help Promote!
    • Past Workshops
  • Home
  • Attend
  • Program
  • Participate
    • Instructions for Participants
    • Call for Papers
  • Sponsorship
  • About
    • Workshop Organizers
    • Services
    • Questions
    • Help Promote!
    • Past Workshops

sponsors

Bronze Sponsor

help promote

WOOT '16 button

connect with us


  •  Twitter
  •  Facebook
  •  LinkedIn
  •  Google+
  •  YouTube

twitter

Tweets by @usenix

usenix conference policies

  • Event Code of Conduct
  • Conference Network Policy
  • Statement on Environmental Responsibility Policy

You are here

Home ยป Symbolic Execution for BIOS Security
Tweet

connect with us

Symbolic Execution for BIOS Security

Authors: 

Oleksandr Bazhaniuk, John Loucaides, Lee Rosenbaum, Mark R. Tuttle, and Vincent Zimmer, Intel Corporation

Abstract: 

We are building a tool that uses symbolic execution to search for BIOS security vulnerabilities including dangerous memory references (call outs) by SMM interrupt handlers in UEFI-compliant implementations of BIOS. Our tool currently applies only to interrupt handlers for SMM variables. Given a snapshot of SMRAM, the base address of SMRAM, and the address of the variable interrupt handler in SMRAM, the tool uses S2E to run the KLEE symbolic execution engine to search for concrete examples of a call to the interrupt handler that causes the handler to read memory outside of SMRAM. This is a work in progress. We discuss our approach, our current status, our plans for the tool, and the obstacles we face.

Oleksandr Bazhaniuk, Intel Corporation

John Loucaides, Intel Corporation

Lee Rosenbaum, Intel Corporation

Mark R. Tuttle, Intel Corporation

Vincent Zimmer, Intel Corporation

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
@inproceedings {191950,
author = {Oleksandr Bazhaniuk and John Loucaides and Lee Rosenbaum and Mark R. Tuttle and Vincent Zimmer},
title = {Symbolic Execution for {BIOS} Security},
booktitle = {9th {USENIX} Workshop on Offensive Technologies ({WOOT} 15)},
year = {2015},
address = {Washington, D.C.},
url = {https://www.usenix.org/conference/woot15/workshop-program/presentation/bazhaniuk},
publisher = {{USENIX} Association},
month = aug,
}
Download
Bazhaniuk PDF
View the slides
  • Log in or    Register to post comments

Bronze Sponsors

© USENIX

  • Privacy Policy
  • Conference Policies
  • Contact Us