So I mentioned in my last blog that I could always talk about https://www.cisa.gov/news-events/news/call-action-bolster-uefi-cybersecurity-now. Well, it turns out the UEFI Forum posted a pretty good read this week on the topic of UEFI and ecosystems, namely the top posting at https://uefi.org/learning_center/papers, in the document https://uefi.org/sites/default/files/resources/Decoding%20UEFI%20Firmware-Aug24-2023-Final_v2_0.pdf.
To begin, I think Dong Wei https://www.crunchbase.com/person/dong-wei and I first appeared in print together with the original Beyond BIOS book in 2006,
with Dong providing the forward
Next up was the 2008 UEFI Shell book
with preface
This 2008 book was followed with a 2009 whitepaper https://uefi.org/sites/default/files/resources/A_Tale_of_Two_Standards_0.pdf
Next was the presentation circuit with 2010 presentation in Shanghai
and San Francisco
Shanghai https://en.sjtu.edu.cn/ was nice to visit since so many of my long-time collaborators in our Intel Shanghai office, like Jiewen Yao, are alumni of this institution.
Then the 2nd edition of the Beyond BIOS book in 2010 came next
with Dong reprising his preface-writing skills with
Finally a couple of proposals for UEFI and RISC-V for the 2015
and 2016 conference
were created with Dong.
All of the collaborations before 2023 with Dong were when he was at HP (and then HPe after the split).
And now in 2023 with Dong as ARM Ltd's chief standards architect and an ARM Fellow. The total collaboration instances makes nine per my accounting.
Speaking of 'chief's', Insyde Software's Chief Technology Officer (CTO) https://www.insyde.com/company/executive-management was another rich engagement.
The collaborations with Tim commenced in 2008 with the UEFI Shell book first edition
and an IDF presentation that same year presented at both the Taipei and Shanghai events
The Intel Developer Forum (IDF) was an annual event in California show-casing various Intel and industry advancements. Today I believe it has been superseded by venues such as Intel Ignite.
I co-authored an Intel Technology Journal https://www.intel.com/content/dam/www/public/us/en/documents/research/2011-vol15-iss-1-intel-technology-journal.pdf article with Tim in 2011
Tim and I also jointly presented in 2011 at the Intel Developer Forum in San Francisco
All of the preceding presentations were done when Tim was with Phoenix Technology. Tim had joined Insyde when the joint book-authorship was reprised with the 2nd edition of the UEFI Shell book in 2017 https://www.degruyter.com/document/doi/10.1515/9781501505751/html
Tim was also gracious to serve as the technical reviewer for Firmware Security https://link.springer.com/book/10.1007/978-1-4842-6106-4 book in 2020
These collaborations with Tim look like they sum to seven.
Tim and Dong have made seminal contributions to the ACPI, UEFI, and PI specifications. In fact as late as 2010 Tim was the chair of the UEFI Security Subteam (started with the UEFI Forum in 2010). From the 2nd edition of Beyond BIOS
before I took over that subteam. In fact I drafted this recent overview of the UEFI Forum Subteam's
From there you can see the various working groups. I believe Dong and Mark Doran co-chair ASWG, Mark PIWG, Mark USWG, etc. Among the co-authors of this blog's showcase paper. Dick Wilkins is the Phoenix Board of Directors (BOD) rep, Bill Keown for Lenovo, and Dong for ARM, respectively. Co-author Brian Mullen chairs the new Software Bill of Material (SBOM) subteam, Dick chairs the UEFI Security Response Team, and I chair the UEFI Security Subteam. I elided subteams like graphics, configuration, and networking from the infographic as they are mostly dormant these last few years. I created the above image derived from earlier https://uefi.org/sites/default/files/resources/UEFI_Plugfest_VZimmer_Fall_2016.pdf as a companion to another mutation (from image in https://embeddedcomputing.com/technology/security/software-security/understanding-uefi-firmware-update-and-its-vital-role-in-keeping-computing-systems-secure) I crafted to give folks an idea about how SBOM's impact EDKII-style system firmware, viz.,
Well, that's it for today. This is my small gesture to leave a bit of history since a lot of this system firmware work I've done will be unlikely to land in more esteemed repos like http://www.bitsavers.org/bits/ and is surely aging off the internet. I even recall that a request was required to get the Intel Technology Journal back on intel.com. Regrettably the same audible wasn't called for other publications like "Technology at Intel" magazine or most back-dated Intel Developer Forum prezos. An example of what gets lost on the internet can be found in citation curation sites like https://dblp.uni-trier.de/pid/34/5641.html; here I only see Tim mentioned once, for example.
No comments:
Post a Comment