LAS16-200: Firmware Summit - UEFI secure boot

•

2 j'aime•1,618 vues

Title: Secure Boot A 101 style introduction to what Secure Boot is as Secure means different things to different people. Covering the current status, what features are implemented currently on ARM64 and what features should be implemented in the future. Followed by a discussion period. Speaker: Ard Biesheuvel

Technologie

UEFI Secure Boot
Ard Biesheuvel <ard.biesheuvel@linaro.org>

ENGINEERS AND DEVICES
WORKING TOGETHER
UEFI Secure Boot - current status on AArch64
● Essentially the same as a year ago
○ Software layers above the non-volatile variable store are working and regression tested through
CI (both AArch64 and ARM)
○ No implementation exists to make the non-volatile variable store tamper proof and replay
protected, as the UEFI Secure Boot spec requires
● What is holding us back?
○ Spec based reference implementation of the tamper proof varstore requires (S)MM support,
which is not even in the spec yet for AArch64.
○ Non-spec based ref implementation is likely too platform specific, which complicates sharing
between members and/or open sourcing
● Is there a plan B?
○ External manipulation of PK/KEK/db/dbx variables, while making them immutable from the
OS/firmware pov. Stop gap solution, but effective

Thank You
#LAS16
For further information: www.linaro.org
LAS16 keynotes and videos on: connect.linaro.org

Contenu connexe

Tendances

Review paper on bios vs uefi

Faizan Mushtaq

Bios vs uefi

Faizan Mushtaq

The EFI secure boot is a protocol to verify authenticity of loaded and executed PE binary. Usually it is a second stage bootloader, e.g. GRUB2, or an OS kernel. The shim is an extension to the EFI secure boot which makes whole authentication process more flexible. The presentation will deal with the most important aspects of EFI secure boot and shim. Additionally, it will discuss how Xen hypervisor boot process can be protected with EFI secure boot and shim. However, this does not mean that everything is done and work out of the box. So, in the end it will be shown what is done to make EFI secure boot and shim usable when you boot Xen using GRUB2.

XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...

The Linux Foundation

Distro Recipes 2013: Secure Boot and Linux: several issues, one solution

Anne Nicolas

Cisco ios overview

NetProtocol Xpert

Cisco ios

Teja Babu

LCU14 500 ARM Trusted Firmware

Linaro

LAS16-111: Raspberry Pi3, OP-TEE and JTAG debugging Speakers: Date: September 26, 2016 ★ Session Description ★ ARM TrustZone is a critical technology for securing IoT devices and systems. But awareness of TrustZone and its benefits lags within the maker community as well as among enterprises. The first step to solving this problem is lowering the cost of access. Sequitur Labs and Linaro have joined forces to address this problem by making a port of OP-TEE available on the Raspberry Pi 3. The presentation covers the value of TrustZone for securing IoT and how customers can learn more through this joint effort. Embedded systems security remains a challenge for many developers. Awareness of mature, proven technologies such as ARM TrustZone is very low among the Maker community as well as among enterprises. As a result this foundational technology is largely being ignored as a security solution. Sequitur Labs and Linaro have taken an innovative approach combining an Open Source solution – OP-TEE with Raspberry Pi 3. The Raspberry Pi 3 is one of the world’s most popular platforms among device makers. Its value as an educational tool for learning about embedded systems development is proven. Sequitur Labs have also enabled bare metal debugging via JTag on the Pi 3 enhancing the value of the Pi 3 as an educational tool for embedded systems development. The presentation will focus on ARM v8a architecture and instruction set ARM Trusted Firmware TrustZone and OP-TEE basics JTAG and bare metal debugging the Raspberry Pi 3 ★ Resources ★ Etherpad: pad.linaro.org/p/las16-111 Presentations & Videos: http://connect.linaro.org/resource/las16/las16-111/ ★ Event Details ★ Linaro Connect Las Vegas 2016 – #LAS16 September 26-30, 2016 http://www.linaro.org http://connect.linaro.org

LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3

Linaro

Trusted firmware deep_dive_v1.0_

Linaro

SFO15-TR9: PSCI, ACPI (and UEFI to boot) Speaker: Bill Fletcher Date: September 24, 2015 ★ Session Description ★ An introductory session of a system-level overview at Power State Coordination - Focus on ARMv8 - Goes top-down from ACPI - A demo based on the current code in qemu - The specifications are very dynamic - what’s onging for ACPI and PSCI ★ Resources ★ Video: https://www.youtube.com/watch?v=vXzPdpaZVto Presentation: http://www.slideshare.net/linaroorg/sfo15tr9-psci-acpi-and-uefi-to-boot Etherpad: pad.linaro.org/p/sfo15-tr9 Pathable: https://sfo15.pathable.com/meetings/303087 ★ Event Details ★ Linaro Connect San Francisco 2015 - #SFO15 September 21-25, 2015 Hyatt Regency Hotel http://www.linaro.org http://connect.linaro.org

SFO15-TR9: PSCI, ACPI (and UEFI to boot)

Linaro

LCU13: An Introduction to ARM Trusted Firmware

Linaro

Slimline Open Firmware

Heiko Joerg Schick

Introduction to Optee (26 may 2016)

Yannick Gicquel

Lcu14 107- op-tee on ar mv8

Linaro

Useful USB Gadgets on Linux

Gary Bisson

Q2.12: Power Management Across OSs

Linaro

Sdk For Firmware Development

Ramesh Prasad

HKG18-212 - Trusted Firmware M: Introduction

Linaro

LCA14: LCA14-502: The way to a generic TrustZone® solution

Linaro

Lcu14 306 - OP-TEE Future Enhancements

Linaro

Tendances (20)

Review paper on bios vs uefi

Bios vs uefi

XPDDS17: EFI Secure Boot, Shim and Xen: Current Status and Developments - Da...

Distro Recipes 2013: Secure Boot and Linux: several issues, one solution

Cisco ios overview

Cisco ios

LCU14 500 ARM Trusted Firmware

LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3

Trusted firmware deep_dive_v1.0_

SFO15-TR9: PSCI, ACPI (and UEFI to boot)

LCU13: An Introduction to ARM Trusted Firmware

Slimline Open Firmware

Introduction to Optee (26 may 2016)

Lcu14 107- op-tee on ar mv8

Useful USB Gadgets on Linux

Q2.12: Power Management Across OSs

Sdk For Firmware Development

HKG18-212 - Trusted Firmware M: Introduction

LCA14: LCA14-502: The way to a generic TrustZone® solution

Lcu14 306 - OP-TEE Future Enhancements

En vedette

Boot process: BIOS vs UEFI

Alea Soluciones, S.L.

Integrated version control with Fossil SCM

Ashberk

Making NFV-Based Business Services Secure

ADVA

Overview&Framework 1-Manage Software and Firmware Files

Ad Ghauri

Pre-boot authentication software, in particular full hard disk encryption software, play a key role in preventing information theft. In this paper, we present a new class of vulnerability affecting multiple high value pre-boot authentication software, including the latest Microsoft disk encryption technology : Microsoft Vista's Bitlocker, with TPM chip enabled. Because Pre-boot authentication software programmers commonly make wrong assumptions about the inner workings of the BIOS interruptions responsible for handling keyboard input, they typically use the BIOS API without flushing or initializing the BIOS internal keyboard buffer. Therefore, any user input including plain text passwords remains in memory at a given physical location. In this article, we first present a detailed analysis of this new class of vulnerability and generic exploits for Windows and Unix platforms under x86 architectures. Unlike current academic research aiming at extracting information from the RAM, our practical methodology does not require any physical access to the computer to extract plain text passwords from the physical memory. In a second part, we will present how this information leakage combined with usage of the BIOS API without careful initialization of the BIOS keyboard buffer can lead to computer reboot without console access and full security bypass of the pre-boot authentication pin if an attacker has enough privileges to modify the bootloader. Other related work include information leakage from CPU caches, reading physical memory thanks to firewire and switching CPU modes.

[DEFCON 16] Bypassing pre-boot authentication passwords by instrumenting the...

Moabi.com

Bios y UEFI

Carlos Torres

BIOS, UEFI y Legacy

David Hernandez Cruz

01. BIOS introduction

certain310

Introduction to Firmware

Caroline Murphy

Play with UEFI

Takuya ASADA

UEFI時代のブートローダ

Takuya ASADA

En vedette (11)

Boot process: BIOS vs UEFI

Integrated version control with Fossil SCM

Making NFV-Based Business Services Secure

Overview&Framework 1-Manage Software and Firmware Files

[DEFCON 16] Bypassing pre-boot authentication passwords by instrumenting the...

Bios y UEFI

BIOS, UEFI y Legacy

01. BIOS introduction

Introduction to Firmware

Play with UEFI

UEFI時代のブートローダ

Similaire à LAS16-200: Firmware Summit - UEFI secure boot

LAS16-200: Firmware summit - Tianocore Progress and Status

Linaro

BKK16-309A Open Platform support in UEFI

Linaro

Bkk16 309B Enterprise Firmware - The gold standard and how to get there

Linaro

VMworld 2013: Failsafe at PCIe Level: Enabling PCIe Hot Swap

VMworld

Linaro has multiple labs and board farms with varying purposes. This session will start with an overview of each of these, their locations, their focus, etc. It will then provide examples and direction on how a Member can add their hardware to a board farm. It will also provide an overview of how a Member or employee can navigate/leverage/check out a board for experimentation and usage (this varies based upon which lab/board farm is being considered, so all will be reviewed) in each of the farm locations. Finally, the session will provide pointers to any respective documentation, user guides, etc. for each of the locations.

BKK16-213 Where's the Hardware?

Linaro

HKG18-317 - Arm Server Ready Program

Linaro

EFI is a very hot topic now because more and more hardware vendors are providing some new systems with it. The long term goal is a total removal of legacy BIOS support. It means that Xen should be prepared for that case. Indeed it is mostly ready. During this presentation it will be shown what EFI is in real and how Xen and other required pieces use EFI infrastructure. However, there are still some shortcomings in Xen and they will be described too. There will be also some guidance how to efficiently start Xen on EFI platform. Some guests topics related to EFI also will be covered.

XPDS14 - Xen in EFI World - Daniel Kiper, Oracle

The Linux Foundation

Presentation given at openSUSE Conference 2019 (recording: https://metaspora.org/open-source-firmware-oSC19.pdf) Firmware is found in all computing devices, including PCs, laptops, networking equipment, printers, embedded devices such as IoT and industrial controllers, mobile phones, tablets, and more. The community around open source firmware has grown over the last years, allowing for more exchange in the development and granting freedom to end users. Prominent projects like U-Boot, Tianocore, coreboot and others teach how firmware works and welcome contributions. This talk provides a brief introduction into firmware, an overview of the general build process, a perception of the current state of development on two platforms, an end user report, and a summary of the first Open Source Firmware Conference, which was supported by the openSUSE project.

Open Source Firmware - oSC19

Daniel Maslowski

Nashorn in the future (English)

Logico

For many years, the Xen community has been delivering a solid virtualization platform for the enterprise. In support of the Xen community innovation effort, Oracle has been translating our enterprise experience with mission-critical workloads and large-scale infrastructure deployments into upstream contributions for the Linux and Xen efforts. In this session, you'll hear from a key Oracle expert, and community member, about Oracle contributions that focus on large-scale Xen deployments, networking, PV drivers, new PVH architecture, performance enhancements, dynamic memory usage with ‘tmem', and much more. This is your chance to get an under the hood view and see why the Xen architecture is the ideal choice for the enterprise.

LCNA14: Why Use Xen for Large Scale Enterprise Deployments? - Konrad Rzeszute...

The Linux Foundation

The future of RISC-V Supervisor Binary Interface(SBI)

Atish Patra

kci-linuxcon

Tyler Baker

Offering a backup and disaster recovery service that works 110% of the time helps MSPs earn the trust and business of new and existing clients. Andrew Bensinger, CEO of Replibit, has more than 10 years of experience designing business continuity software. In this Expert Series webinar, join Andrew and Ted Hulsy, VP of Marketing at eFolder, as they discuss disaster recovery best practices that will help you meet and exceed the expectations of your clients.

eFolder Expert Series Webinar - BDR Do's and Dont's: Featuring Andrew Bensing...

eFolder

This is a level 200 - 300 presentation. It assumes: Good understanding of vCenter 4, ESX 4, ESXi 4. Preferably hands-on We will only cover the delta between 4.1 and 4.0 Overview understanding of related products like VUM, Data Recovery, SRM, View, Nexus, Chargeback, CapacityIQ, vShieldZones, etc Good understanding of related storage, server, network technology Target audience VMware Specialist: SE + Delivery from partners

VMware vSphere 4.1 deep dive - part 1

Louis Göhl

VMworld 2015: Managing vSphere 6 Deployments and Upgrades

VMworld

[NetherRealm Studios] Game Studio Perforce Architecture

Perforce

The role of_open_source_firmware_in_risc-v

Atish Patra

Morello Software and Toolchain Work in Arm - Mark Nicholson, Arm

KTN

Your development team wants to be Agile and speed up release cycles. But your organization needs to comply with functional safety standards, such as IEC 61508. And that requires documentation and proof of compliance. You can get the best of both worlds. Learn how to roll compliance into your Agile development processes. You’ll learn how: -Establishing requirements traceability supports Agile development. -Applying coding standards accelerates the path to compliance. -Using Perforce tools makes it easy to balance compliance and Agile.

The Best of Both Worlds: Agile Development and Fast Compliance

Perforce

Junjie Tong, China Unicom This presentation explores our experience with the tests on NFVI in China Unicom's SDN/NFV lab.We have done the tests on both the hardware and VIM and discuss the lessones and painis about NFVI testing.We also discuss the sepcial requirements from NFV perspectives, what further improvements are needed for indusrty products and the working progress and plans on NFVI in China Unicom.

Test and perspectives on nfvi from china unicom sdn nfv lab

OPNFV

Similaire à LAS16-200: Firmware Summit - UEFI secure boot (20)

LAS16-200: Firmware summit - Tianocore Progress and Status

BKK16-309A Open Platform support in UEFI

Bkk16 309B Enterprise Firmware - The gold standard and how to get there

VMworld 2013: Failsafe at PCIe Level: Enabling PCIe Hot Swap

BKK16-213 Where's the Hardware?

HKG18-317 - Arm Server Ready Program

XPDS14 - Xen in EFI World - Daniel Kiper, Oracle

Open Source Firmware - oSC19

Nashorn in the future (English)

LCNA14: Why Use Xen for Large Scale Enterprise Deployments? - Konrad Rzeszute...

The future of RISC-V Supervisor Binary Interface(SBI)

kci-linuxcon

eFolder Expert Series Webinar - BDR Do's and Dont's: Featuring Andrew Bensing...

VMware vSphere 4.1 deep dive - part 1

VMworld 2015: Managing vSphere 6 Deployments and Upgrades

[NetherRealm Studios] Game Studio Perforce Architecture

The role of_open_source_firmware_in_risc-v

Morello Software and Toolchain Work in Arm - Mark Nicholson, Arm

The Best of Both Worlds: Agile Development and Fast Compliance

Test and perspectives on nfvi from china unicom sdn nfv lab

Plus de Linaro

Short The growing amount of data captured by sensors and the real time constraints imply that not only big data analytics but also Machine Learning (ML) inference shall be executed at the edge. The multiple options for neural network acceleration in Arm-based platforms provide an unprecedented opportunity for new intelligent devices. It also raises the risk of fragmentation and duplication of efforts when multiple frameworks shall support multiple accelerators. Andrea Gallo, Linaro VP of Segment Groups, will summarise the existing NN frameworks, accelerator solutions, and will describe the efforts underway in the Arm ecosystem. Abstract The dramatically growing amount of data captured by sensors and the ever more stringent requirements for latency and real time constraints are paving the way for edge computing, and this implies that not only big data analytics but also Machine Learning (ML) inference shall be executed at the edge. The multiple options for neural network acceleration in recent Arm-based platforms provides an unprecedented opportunity for new intelligent devices with ML inference. It also raises the risk of fragmentation and duplication of efforts when multiple frameworks shall support multiple accelerators. Andrea Gallo, Linaro VP of Segment Groups, will summarise the existing NN frameworks, model description formats, accelerator solutions, low cost development boards and will describe the efforts underway to identify the best technologies to improve the consolidation and enable the competitive innovative advantage from all vendors. Audience The session will be useful for executives to engineers. Executives will gain a deeper understanding of the issues and opportunities. Engineers at NN acceleration IP design houses will take away ideas for how to collaborate in the open source community on their area of expertise, how to evaluate the performance and accelerate multiple NN frameworks without modifying them for each new IP, whether it be targeting edge computing gateways, smart devices or simple microcontrollers. Benefits to the Ecosystem The AI deep learning neural network ecosystem is starting just now and it has similar implications with open source as GPU and video accelerators had in the early days with user space drivers, binary blobs, proprietary APIs and all possible ways to protect their IPs. The session will outline a proposal for a collaborative ecosystem effort to create a common framework to manage multiple NN accelerators while at the same time avoiding to modify deep learning frameworks with multiple forks.

Deep Learning Neural Network Acceleration at the Edge - Andrea Gallo

Linaro

Arm Architecture HPC Workshop Santa Clara 2018 - Kanta Vekaria

Linaro

Talk Title: Huawei’s requirements for the ARM based HPC solution readiness Talk Abstract: A high level review of a wide range of requirements to architect an ARM based competitive HPC solution is provided. The review combines both Industry and Huawei’s unique views with the intend to communicate openly not only the alignment and support in ongoing efforts carried over by other ARM key players but to brief on the areas of differentiation that Huawei is investing towards the research, development and deployment of homegrown ARM based HPC solution(s). Speaker: Joshua Mora Speaker Bio: 20 years of experience in research and development of both software and hardware for high performance computing. Currently leading the architecture definition and development of ARM based HPC solutions, both hardware and software, all the way to the applications (ie. turnkey HPC solutions for different compute intensive markets where ARM will succeed !!).

Huawei’s requirements for the ARM based HPC solution readiness - Joshua Mora

Linaro

“Delivering a well working distribution is hard. There are a lot of different hardware platforms that need to be verified and the software stack is in a big flux during development phases. In rolling releases, this gets even worse, as nothing ever stands still. The only sane answer to that problem are working Continuous Integration tests. The SUSE way to check whether any change breaks normal distribution behavior is OpenQA. Using OpenQA we can automatically run tests that hard working QA people did manually in the old days. That way we have fast enough turnaround times to find and reject breaking changes This session shows how OpenQA works, what pitfalls we had to make ARM work with OpenQA and what we’re doing to improve it for ARM specific use cases.”

Bud17 113: distribution ci using qemu and open qa

Linaro

Speaker: Renato Golin Speaker Bio: He started programming in the late 80's in C for PCs after a few years playing with 8-bit computers, but he only started programming professionally in the late 90's during the .com bubble. After many years working on Internet's back-end, he moved to UK and worked a few years on bioinformatics at EBI before joining ARM, where he worked on the DS-5 debugger and on the EDG-to-LLVM bridge, where he became the LLVM Tech Lead. Recently, he worked with large clusters and big data at HPCC before moving to Linaro. Talk Title: OpenHPC Automation with Ansible Talk Abstract: "In order to test OpenHPC packages and components and to use it as a platform to benchmark HPC applications, Linaro is developing an automated deployment strategy, using Ansible, Mr-Provisioner and Jenkins, to install the OS, OpenHPC and prepare the environment on varied architectures (Arm, x86). This work is meant to replace the existing ageing Bash-based recipes upstream while still keeping the documents intact. Our aim is to make it easier to vary hardware configuration, allow for different provisioning techniques and mix internal infrastructure logic to different labs, while still using the same recipes. We hope this will help more people use OpenHPC with a better out-of-the-box experience and with more robust results"

OpenHPC Automation with Ansible - Renato Golin - Linaro Arm HPC Workshop 2018

Linaro

Speaker: Pavel Shamis Company: Arm Speaker Bio: "Pavel is a Principal Research Engineer at ARM with over 16 years of experience in development HPC solutions. His work is focused on co-design software and hardware building blocks for high-performance interconnect technologies, development communication middleware and novel programming models. Prior to joining ARM, he spent five years at Oak Ridge National Laboratory (ORNL) as a research scientist at Computer Science and Math Division (CSMD). In this role, Pavel was responsible for research and development multiple projects in high-performance communication domain including: Collective Communication Offload (CORE-Direct & Cheetah), OpenSHMEM, and OpenUCX. Before joining ORNL, Pavel spent ten years at Mellanox Technologies, where he led Mellanox HPC team and was one of the key driver in enablement Mellanox HPC software stack, including OFA software stack, OpenMPI, MVAPICH, OpenSHMEM, and other. Pavel is a recipient of prestigious R&D100 award for his contribution in development of the CORE-Direct collective offload technology and he published in excess of 20 research papers. " Talk Title: HPC network stack on ARM Talk Abstract: Applications, programming languages, and libraries that leverage sophisticated network hardware capabilities have a natural advantage when used in today¹s and tomorrow's high-performance and data center computer environments. Modern RDMA based network interconnects provides incredibly rich functionality (RDMA, Atomics, OS-bypass, etc.) that enable low-latency and high-bandwidth communication services. The functionality is supported by a variety of interconnect technologies such as InfiniBand, RoCE, iWARP, Intel OPA, Cray¹s Aries/Gemini, and others. Over the last decade, the HPC community has developed variety user/kernel level protocols and libraries that enable a variety of high-performance applications over RDMA interconnects including MPI, SHMEM, UPC, etc. With the emerging availability HPC solutions based on ARM CPU architecture it is important to understand how ARM integrates with the RDMA hardware and HPC network software stack. In this talk, we will overview ARM architecture and system software stack, including MPI runtimes, OpenSHMEM, and OpenUCX.

HPC network stack on ARM - Linaro HPC Workshop 2018

Linaro

Speaker: Jay Kruemcke Speaker Company: SUSE Bio: "Jay is responsible for the SUSE Linux server products for High Performance Computing, 64-bit ARM systems, and SUSE Linux for IBM Power servers. Jay has built an extensive career in product management including using social media for client collaboration, product positioning, driving future product directions, and evangelizing the capabilities and future directions for dozens of enterprise products. " Talk Title: It just keeps getting better - SUSE enablement for Arm Talk Abstract: SUSE has been delivering commercial Linux support for Arm based servers since 2016. Initially the focus was on high end servers for HPC and Ceph based software defined storage. But we have enabled a number of other Arm SoCs and are even supporting the Raspberry Pi. This session will cover the SUSE products that are available for the Arm platform and view to the future.

It just keeps getting better - SUSE enablement for Arm - Linaro HPC Workshop ...

Linaro

Speakers: Gilad Shainer and Scot Schultz Company: Mellanox Technologies Talk Title: Intelligent Interconnect Architecture to Enable Next Generation HPC Talk Abstract: The latest revolution in HPC interconnect architecture is the development of In-Network Computing, a technology that enables handling and accelerating application workloads at the network level. By placing data-related algorithms on an intelligent network, we can overcome the new performance bottlenecks and improve the data center and applications performance. The combination of In-Network Computing and ARM based processors offer a rich set of capabilities and opportunities to build the next generation of HPC platforms. Gilad Shainer Bio: Gilad Shainer has served as Mellanox's vice president of marketing since March 2013. Previously, Mr. Shainer was Mellanox's vice president of marketing development from March 2012 to March 2013. Mr. Shainer joined Mellanox in 2001 as a design engineer and later served in senior marketing management roles between July 2005 and February 2012. Mr. Shainer holds several patents in the field of high-speed networking and contributed to the PCI-SIG PCI-X and PCIe specifications. Gilad Shainer holds a MSc degree (2001, Cum Laude) and a BSc degree (1998, Cum Laude) in Electrical Engineering from the Technion Institute of Technology in Israel. Scot Schultz Bio: Scot Schultz is a HPC technology specialist with broad knowledge in operating systems, high speed interconnects and processor technologies. Joining the Mellanox team in 2013, Schultz is 30-year veteran of the computing industry. Prior to joining Mellanox, he spent the past 17 years at AMD in various engineering and leadership roles in the area of high performance computing. Scot has also been instrumental with the growth and development of various industry organizations including the Open Fabrics Alliance, and continues to serve as a founding board-member of the OpenPOWER Foundation and Director of Educational Outreach and founding member of the HPC-AI Advisory Council.

Intelligent Interconnect Architecture to Enable Next Generation HPC - Linaro ...

Linaro

Yutaka Ishikawa - Post-K and Arm HPC Ecosystem - Linaro Arm HPC Workshop Santa Clara 2018 Bio: "Yutaka Ishikawa is the project leader of developing the post K supercomputer. From 1987 to 2001, he was a member of AIST (former Electrotechnical Laboratory), METI. From 1993 to 2001, he was the chief of Parallel and Distributed System Software Laboratory at Real World Computing Partnership. He led development of cluster system software called SCore, which was used in several large PC cluster systems around 2004. From 2002 to 2014, he was a professor at the University Tokyo. He led a project to design a commodity-based supercomputer called T2K open supercomputer. As a result, three universities, Tsukuba, Tokyo, and Kyoto, obtained each supercomputer based on the specification in 2008. He was also involved with the design of the Oakleaf-PACS, the successor of T2K supercomputer in both Tsukuba and Tokyo, whose peak performance is 25PF." Session Title: Post-K and Arm HPC Ecosystem Session Description: "Post-K, a flagship supercomputer in Japan, is being developed by Riken and Fujitsu. It will be the first supercomputer with Armv8-A+SVE. This talk will give an overview of Post-K and how RIKEN and Fujitsu are currently working on software stack for an Arm architecture."

Yutaka Ishikawa - Post-K and Arm HPC Ecosystem - Linaro Arm HPC Workshop Sant...

Linaro

Event: Arm Architecture HPC Workshop by Linaro and HiSilicon Location: Santa Clara, CA Speaker: Andrew J Younge Talk Title: Vanguard Astra - Petascale Arm Platform for U.S. DOE/ASC Supercomputing Talk Desc: The Vanguard program looks to expand the potential technology choices for leadership-class High Performance Computing (HPC) platforms, not only for the National Nuclear Security Administration (NNSA) but for the Department of Energy (DOE) and wider HPC community. Specifically, there is a need to expand the supercomputing ecosystem by investing and developing emerging, yet-to-be-proven technologies and address both hardware and software challenges together, as well as to prove-out the viability of such novel platforms for production HPC workloads. The first deployment of the Vanguard program will be Astra, a prototype Petascale Arm supercomputer to be sited at Sandia National Laboratories during 2018. This talk will focus on the arthictecural details of Astra and the significant investments being made towards the maturing the Arm software ecosystem. Furthermore, we will share initial performance results based on our pre-general availability testbed system and outline several planned research activities for the machine. Bio: Andrew Younge is a R&D Computer Scientist at Sandia National Laboratories with the Scalable System Software group. His research interests include Cloud Computing, Virtualization, Distributed Systems, and energy efficient computing. Andrew has a Ph.D in Computer Science from Indiana University, where he was the Persistent Systems fellow and a member of the FutureGrid project, an NSF-funded experimental cyberinfrastructure test-bed. Over the years, Andrew has held visiting positions at the MITRE Corporation, the University of Southern California / Information Sciences Institute, and the University of Maryland, College Park. He received his Bachelors and Masters of Science from the Computer Science Department at Rochester Institute of Technology (RIT) in 2008 and 2010, respectively.

Andrew J Younge - Vanguard Astra - Petascale Arm Platform for U.S. DOE/ASC Su...

Linaro

HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline

Linaro

HKG18-100K1 - George Grey: Opening Keynote

Linaro

HKG18-318 - OpenAMP Workshop

Linaro

HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline

Linaro

HKG18-315 - Why the ecosystem is a wonderful thing, warts and all

Linaro

HKG18- 115 - Partitioning ARM Systems with the Jailhouse Hypervisor

Linaro

HKG18-TR08 - Upstreaming SVE in QEMU

Linaro

HKG18-113- Secure Data Path work with i.MX8M

Linaro

HKG18-120 - Devicetree Schema Documentation and Validation

Linaro

HKG18-223 - Trusted FirmwareM: Trusted boot

Linaro

Plus de Linaro (20)

Deep Learning Neural Network Acceleration at the Edge - Andrea Gallo

Arm Architecture HPC Workshop Santa Clara 2018 - Kanta Vekaria

Huawei’s requirements for the ARM based HPC solution readiness - Joshua Mora

Bud17 113: distribution ci using qemu and open qa

OpenHPC Automation with Ansible - Renato Golin - Linaro Arm HPC Workshop 2018

HPC network stack on ARM - Linaro HPC Workshop 2018

It just keeps getting better - SUSE enablement for Arm - Linaro HPC Workshop ...

Intelligent Interconnect Architecture to Enable Next Generation HPC - Linaro ...

Yutaka Ishikawa - Post-K and Arm HPC Ecosystem - Linaro Arm HPC Workshop Sant...

Andrew J Younge - Vanguard Astra - Petascale Arm Platform for U.S. DOE/ASC Su...

HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline

HKG18-100K1 - George Grey: Opening Keynote

HKG18-318 - OpenAMP Workshop

HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline

HKG18-315 - Why the ecosystem is a wonderful thing, warts and all

HKG18- 115 - Partitioning ARM Systems with the Jailhouse Hypervisor

HKG18-TR08 - Upstreaming SVE in QEMU

HKG18-113- Secure Data Path work with i.MX8M

HKG18-120 - Devicetree Schema Documentation and Validation

HKG18-223 - Trusted FirmwareM: Trusted boot

Dernier

Effective data discovery is crucial for maintaining compliance and mitigating risks in today's rapidly evolving privacy landscape. However, traditional manual approaches often struggle to keep pace with the growing volume and complexity of data. Join us for an insightful webinar where industry leaders from TrustArc and Privya will share their expertise on leveraging AI-powered solutions to revolutionize data discovery. You'll learn how to: - Effortlessly maintain a comprehensive, up-to-date data inventory - Harness code scanning insights to gain complete visibility into data flows leveraging the advantages of code scanning over DB scanning - Simplify compliance by leveraging Privya's integration with TrustArc - Implement proven strategies to mitigate third-party risks Our panel of experts will discuss real-world case studies and share practical strategies for overcoming common data discovery challenges. They'll also explore the latest trends and innovations in AI-driven data management, and how these technologies can help organizations stay ahead of the curve in an ever-changing privacy landscape.

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc

[BuildWithAI] Introduction to Gemini.pdf

Sandro Moreira

Corporate and higher education. Two industries that, in the past, have had a clear divide with very little crossover. The difference in goals, learning styles and objectives paved the way for differing learning technologies platforms to evolve. Now, those stark lines are blurring as both sides are discovering they have content that’s relevant to the other. Join Tammy Rutherford as she walks through the pros and cons of corporate and higher ed collaborating. And the challenges of these different technology platforms working together for a brighter future.

Corporate and higher education May webinar.pptx

Rustici Software

Vector Search -An Introduction in Oracle Database 23ai.pptx

Remote DBA Services

Three things you will take away from the session: • How to run an effective tenant-to-tenant migration • Best practices for before, during, and after migration • Tips for using migration as a springboard to prepare for Copilot in Microsoft 365 Main ideas: Migration Overview: The presentation covers the current reality of cross-tenant migrations, the triggers, phases, best practices, and benefits of a successful tenant migration Considerations: When considering a migration, it is important to consider the migration scope, performance, customization, flexibility, user-friendly interface, automation, monitoring, support, training, scalability, data integrity, data security, cost, and licensing structure Next Wave: The next wave of change includes the launch of Copilot, which requires businesses to be prepared for upcoming changes related to Copilot and the cloud, and to consolidate data and tighten governance ShareGate: ShareGate can help with pre-migration analysis, configurable migration tool, and automated, end-user driven collaborative governance

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

sammart93

Tracing the root cause of a performance issue requires a lot of patience, experience, and focus. It’s so hard that we sometimes attempt to guess by trying out tentative fixes, but that usually results in frustration, messy code, and a considerable waste of time and money. This talk explains how to correctly zoom in on a performance bottleneck using three levels of profiling: distributed tracing, metrics, and method profiling. After we learn to read the JVM profiler output as a flame graph, we explore a series of bottlenecks typical for backend systems, like connection/thread pool starvation, invisible aspects, blocking code, hot CPU methods, lock contention, and Virtual Thread pinning, and we learn to trace them even if they occur in library code you are not familiar with. Attend this talk and prepare for the performance issues that will eventually hit any successful system. About authorWith two decades of experience, Victor is a Java Champion working as a trainer for top companies in Europe. Five thousands developers in 120 companies attended his workshops, so he gets to debate every week the challenges that various projects struggle with. In return, Victor summarizes key points from these workshops in conference talks and online meetups for the European Software Crafters, the world’s largest developer community around architecture, refactoring, and testing. Discover how Victor can help you on victorrentea.ro : company training catalog, consultancy and YouTube playlists.

Finding Java's Hidden Performance Traps @ DevoxxUK 2024

Victor Rentea

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Edi Saputra

Angeliki Cooney has spent over twenty years at the forefront of the life sciences industry, working out of Wynantskill, NY. She is highly regarded for her dedication to advancing the development and accessibility of innovative treatments for chronic diseases, rare disorders, and cancer. Her professional journey has centered on strategic consulting for biopharmaceutical companies, facilitating digital transformation, enhancing omnichannel engagement, and refining strategic commercial practices. Angeliki's innovative contributions include pioneering several software-as-a-service (SaaS) products for the life sciences sector, earning her three patents. As the Senior Vice President of Life Sciences at Avenga, Angeliki orchestrated the firm's strategic entry into the U.S. market. Avenga, a renowned digital engineering and consulting firm, partners with significant entities in the pharmaceutical and biotechnology fields. Her leadership was instrumental in expanding Avenga's client base and establishing its presence in the competitive U.S. market.

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...

Angeliki Cooney

The value of a flexible API Management solution for Open Banking Steve Melan, Manager for IT Innovation and Architecture - State's and Saving's Bank of Luxembourg Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The value of a flexible API Management solution for O...

apidays

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Juan lago vázquez

DBX First Quarter 2024 Investor Presentation

Dropbox

The Good, the Bad and the Governed - Why is governance a dirty word? David O'Neill, Chief Operating Officer - APIContext Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

apidays

Passkeys: Developing APIs to enable passwordless authentication Cody Salas, Sr Developer Advocate | Solutions Architect - Yubico Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

apidays

Following the popularity of "Cloud Revolution: Exploring the New Wave of Serverless Spatial Data," we're thrilled to announce this much-anticipated encore webinar. In this sequel, we'll dive deeper into the Cloud-Native realm by uncovering practical applications and FME support for these new formats, including COGs, COPC, FlatGeoBuf, GeoParquet, STAC, and ZARR. Building on the foundation laid by industry leaders Michelle Roby of Radiant Earth and Chris Holmes of Planet in the first webinar, this second part offers an in-depth look at the real-world application and behind-the-scenes dynamics of these cutting-edge formats. We will spotlight specific use-cases and workflows, showcasing their efficiency and relevance in practical scenarios. Discover the vast possibilities each format holds, highlighted through detailed discussions and demonstrations. Our expert speakers will dissect the key aspects and provide critical takeaways for effective use, ensuring attendees leave with a thorough understanding of how to apply these formats in their own projects. Elevate your understanding of how FME supports these cutting-edge technologies, enhancing your ability to manage, share, and analyze spatial data. Whether you're building on knowledge from our initial session or are new to the serverless spatial data landscape, this webinar is your gateway to mastering cloud-native formats in your workflows.

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Safe Software

Strategies for Landing an Oracle DBA Job as a Fresher

Remote DBA Services

Webinar Recording: https://www.panagenda.com/webinars/why-teams-call-analytics-is-critical-to-your-entire-business Nothing is as frustrating and noticeable as being in an important call and being unable to see or hear the other person. Not surprising then, that issues with Teams calls are among the most common problems users call their helpdesk for. Having in depth insight into everything relevant going on at the user’s device, local network, ISP and Microsoft itself during the call is crucial for good Microsoft Teams Call quality support. To ensure a quick and adequate solution and to ensure your users get the most out of their Microsoft 365. But did you know that ‘bad calls’ are also an excellent indicator of other problems arising? Precisely because it is so noticeable!? Like the canary in the mine, bad calls can be early indicators of problems. Problems that might otherwise not have been noticed for a while but can have a big impact on productivity and satisfaction. Join this session by Christoph Adler to learn how true Microsoft Teams call quality analytics helped other organizations troubleshoot bad calls and identify and fix problems that impacted Teams calls or the use of Microsoft365 in general. See what it can do to keep your users happy and productive! In this session we will cover - Why CQD data alone is not enough to troubleshoot call problems - The importance of attributing call problems to the right call participant - What call quality analytics can do to help you quickly find, fix-, and prevent problems - Why having retrospective detailed insights matters - Real life examples of how others have used Microsoft Teams call quality monitoring to problem shoot problems with their ISP, network, device health and more.

Why Teams call analytics are critical to your entire business

panagenda

Accelerating FinTech Innovation: Unleashing API Economy and GenAI Vasa Krishnan, Chief Technology Officer - FinResults Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

apidays

In this keynote, Asanka Abeysinghe, CTO,WSO2 will explore the shift towards platformless technology ecosystems and their importance in driving digital adaptability and innovation. We will discuss strategies for leveraging decentralized architectures and integrating diverse technologies, with a focus on building resilient, flexible, and future-ready IT infrastructures. We will also highlight WSO2's roadmap, emphasizing our commitment to supporting this transformative journey with our evolving product suite.

Platformless Horizons for Digital Adaptability

WSO2

The microservices honeymoon is over. When starting a new project or revamping a legacy monolith, teams started looking for alternatives to microservices. The Modular Monolith, or 'Modulith', is an architecture that reaps the benefits of (vertical) functional decoupling without the high costs associated with separate deployments. This talk will delve into the advantages and challenges of this progressive architecture, beginning with exploring the concept of a 'module', its internal structure, public API, and inter-module communication patterns. Supported by spring-modulith, the talk provides practical guidance on addressing the main challenges of a Modultith Architecture: finding and guarding module boundaries, data decoupling, and integration module-testing. You should not miss this talk if you are a software architect or tech lead seeking practical, scalable solutions. About the author With two decades of experience, Victor is a Java Champion working as a trainer for top companies in Europe. Five thousands developers in 120 companies attended his workshops, so he gets to debate every week the challenges that various projects struggle with. In return, Victor summarizes key points from these workshops in conference talks and online meetups for the European Software Crafters, the world’s largest developer community around architecture, refactoring, and testing. Discover how Victor can help you on victorrentea.ro : company training catalog, consultancy and YouTube playlists.

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

Victor Rentea

Understanding the FAA Part 107 License ..

Christopher Logan Kennedy

Dernier (20)

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

[BuildWithAI] Introduction to Gemini.pdf

Corporate and higher education May webinar.pptx

Vector Search -An Introduction in Oracle Database 23ai.pptx

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Finding Java's Hidden Performance Traps @ DevoxxUK 2024

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...

Apidays New York 2024 - The value of a flexible API Management solution for O...

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

DBX First Quarter 2024 Investor Presentation

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Strategies for Landing an Oracle DBA Job as a Fresher

Why Teams call analytics are critical to your entire business

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

Platformless Horizons for Digital Adaptability

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

Understanding the FAA Part 107 License ..

LAS16-200: Firmware Summit - UEFI secure boot

1. UEFI Secure Boot Ard Biesheuvel <ard.biesheuvel@linaro.org>

2. ENGINEERS AND DEVICES WORKING TOGETHER UEFI Secure Boot - current status on AArch64 ● Essentially the same as a year ago ○ Software layers above the non-volatile variable store are working and regression tested through CI (both AArch64 and ARM) ○ No implementation exists to make the non-volatile variable store tamper proof and replay protected, as the UEFI Secure Boot spec requires ● What is holding us back? ○ Spec based reference implementation of the tamper proof varstore requires (S)MM support, which is not even in the spec yet for AArch64. ○ Non-spec based ref implementation is likely too platform specific, which complicates sharing between members and/or open sourcing ● Is there a plan B? ○ External manipulation of PK/KEK/db/dbx variables, while making them immutable from the OS/firmware pov. Stop gap solution, but effective

3. Thank You #LAS16 For further information: www.linaro.org LAS16 keynotes and videos on: connect.linaro.org

LAS16-200: Firmware Summit - UEFI secure boot

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (20)

En vedette

En vedette (11)

Similaire à LAS16-200: Firmware Summit - UEFI secure boot

Similaire à LAS16-200: Firmware Summit - UEFI secure boot (20)

Plus de Linaro

Plus de Linaro (20)

Dernier

Dernier (20)

LAS16-200: Firmware Summit - UEFI secure boot