11:25
-
11:45
-
11:45
Day 2
Open source firmware for high assurance confidential infrastructure
<p>This talk presents a practical approach to building a high‑assurance core
infrastructure for home and small business environments, using modern open
firmware on commodity server hardware.</p>
<p>As AI workloads move from cloud to on‑premise, the need for trustworthy and
attestable hardware platforms for running models and handling sensitive data
becomes critical. But what does "trustworthy" actually mean at the
hardware/firmware level, and can we realistically achieve it with today’s
platforms?</p>
<p>We will walk through how to build a system based on a modern AMD server board
combined with open‑source firmware (coreboot[1] and OpenSIL[2]) to gain more
control and transparency across the boot chain. We will discuss:</p>
<ul>
<li>How open firmware and silicon initialization enable a stronger supply chain
transparency and verifiability</li>
<li>How to establish, measure, and attest a minimal and understandable firmware
and software stack</li>
<li>How to combine this with AMD’s security and confidential computing features
to protect workloads and keys</li>
<li>Practical pitfalls when deploying such systems at home or in small
organizations</li>
</ul>
<p>The goal is to show how open firmware can complement security and confidentiality
computing features to create a platform you can actually inspect, reason
about, and attest from top to bottom - rather than treating the hardware and
firmware as opaque, trusted black boxes.</p>
<p>[1] https://www.coreboot.org/
[2] https://github.com/openSIL/openSIL</p>