Hardening components of a d3f:Platform with the intention of making them more difficult to exploit.
Platforms includes components such as:
- BIOS UEFI Subsystems
- Hardware security devices such as Trusted Platform Modules
- Boot process logic or code
- Kernel software components
There are 7 countermeasure techniques in this category, Platform Hardening.
|Platform Hardening||D3-PH||Hardening components of a d3f:Platform with the intention of making them more difficult to exploit. Platforms includes components such as: * BIOS UEFI Subsystems * Hardware security devices such as Trusted Platform Modules * Boot process logic or code * Kernel software components|
|- Disk Encryption||D3-DENCR||Encrypting a hard disk partition to prevent cleartext access to a file system.|
|- Driver Load Integrity Checking||D3-DLIC||Ensuring the integrity of drivers loaded during initialization of the operating system.|
|- RF Shielding||D3-RFS||Adding physical barriers to a platform to prevent undesired radio interference.|
|- TPM Boot Integrity||D3-TBI||Assuring the integrity of a platform by demonstrating that the boot process starts from a trusted combination of hardware and software and continues until the operating system has fully booted and applications are running. Sometimes called Static Root of Trust Measurement (STRM).||Static Root of Trust Measurement , and STRM|
|- Bootloader Authentication||D3-BA||Cryptographically authenticating the bootloader software before system boot.||Secure Boot|
|- Software Update||D3-SU||Replacing old software on a computer system component.|