Security Working Group meeting - Wednesday Feb 15 - results
Joseph Reynolds
jrey at linux.ibm.com
Thu Feb 16 06:15:31 AEDT 2023
An OpenBMC Security Working Group meeting was held on Wednesday Feb 15
at 10:00am PDT.
A reminder was not sent.
MEETING ACCESS ON DISCORD VOICE
First, join Discord via https://discord.gg/69Km47zH98
<https://discord.gg/69Km47zH98> and confirm via email.
Then, to join: navigate Discord > OpenBMC > Voice channels > Security ~
https://discord.com/channels/775381525260664832/1002376534377635860
<https://discord.com/channels/775381525260664832/1002376534377635860>
Access and notes about the Security Working Group are in the OpenBMC
Security wiki:
https://github.com/openbmc/openbmc/wiki/Security-working-group
<https://github.com/openbmc/openbmc/wiki/Security-working-group>
The meeting agenda and minutes are in
<https://docs.google.com/document/d/1b7x9BaxsfcukQDqbvZsU2ehMq4xoJRQvLxxsDUWmAOI>,
items proposed on the Discord OpenBMC #security channel, and anything
else that comes up:
Attended: ddaniil, Dick Wilkins, RuudHaring, skhoteswara, cacih, Daniil
Engranov, James Mihm, Joseph Reynolds
TOPICS:
1 What security guidelines do we have?
DISCUSSION:
For BMC firmware builders, installers, and BMC admins, see
https://github.com/openbmc/openbmc/wiki/Configuration-guide
<https://github.com/openbmc/openbmc/wiki/Configuration-guide>
Interest in adding topics for: Build > bmc secure boot and for
attestation. ← Please edit these into the wiki, referencing project
docs as needed.
We should have a threat model so the above-mentioned people know which
security features to enable or configure.
Consensus was to create a new wiki: Threat Model Topics
Purpose: Collect existing thoughts about threats. Note this will not be
complete, and does not follow any specific threat modeling process.
Use cases for this threat model? (1) Inform developers on needed
security features, (2) guidance for integrators, installers, and admins
(per the Configuration Guide), and (3) for security audits.
2 James mentioned work toward having the OpenBMC community project
provide information needed for downstream users to certify their
solution to the FIPS 140-2 (not yet -3) spec. To be clear, such users
must necessarily refer back to their decision to use the OpenBMC
community project, so this material should be in the OpenBMC community
scope.
DISCUSSION:
We discussed an example of a FIPS 140 topic: an entropy collector needed
to create cryptographically secure random numbers needed to create
secure TLS connections. Specifically, AST2600 entropy generator
https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=13789
<https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=13789>,
versus entropy collector -
https://atsec-information-security.blogspot.com/2019/10/stephan-mueller-publishes-sp800-90b.html
<https://atsec-information-security.blogspot.com/2019/10/stephan-mueller-publishes-sp800-90b.html>
The consensus was to produce this as a new openbmc/security/docs
document which would list each of the FIPS requirements and give info
for each. For example, how openbmc satisfies that requirement. Let’s
create a gerrit review (marked WIP) for this.
- Joseph
More information about the openbmc
mailing list