Security Working Group meeting - Wednesday Feb 15 - results

Joseph Reynolds jrey at linux.ibm.com
Thu Feb 16 06:15:31 AEDT 2023


An OpenBMC Security Working Group meeting was held on Wednesday Feb 15 
at 10:00am PDT.
A reminder was not sent.

MEETING ACCESS ON DISCORD VOICE
First, join Discord via https://discord.gg/69Km47zH98 
<https://discord.gg/69Km47zH98> and confirm via email.
Then, to join: navigate Discord > OpenBMC > Voice channels >  Security ~ 
https://discord.com/channels/775381525260664832/1002376534377635860 
<https://discord.com/channels/775381525260664832/1002376534377635860>

Access and notes about the Security Working Group are in the OpenBMC 
Security wiki:
https://github.com/openbmc/openbmc/wiki/Security-working-group 
<https://github.com/openbmc/openbmc/wiki/Security-working-group>

The meeting agenda and minutes are in 
<https://docs.google.com/document/d/1b7x9BaxsfcukQDqbvZsU2ehMq4xoJRQvLxxsDUWmAOI>, 
items proposed on the Discord OpenBMC #security channel, and anything 
else that comes up:

Attended: ddaniil, Dick Wilkins, RuudHaring, skhoteswara, cacih, Daniil 
Engranov, James Mihm, Joseph Reynolds


TOPICS:

1 What security guidelines do we have?

DISCUSSION:

For BMC firmware builders, installers, and BMC admins, see

https://github.com/openbmc/openbmc/wiki/Configuration-guide 
<https://github.com/openbmc/openbmc/wiki/Configuration-guide>

Interest in adding topics for: Build > bmc secure boot and for 
attestation.  ← Please edit these into the wiki, referencing project 
docs as needed.


We should have a threat model so the above-mentioned people know which 
security features to enable or configure.

Consensus was to create a new wiki: Threat Model Topics

Purpose: Collect existing thoughts about threats.  Note this will not be 
complete, and does not follow any specific threat modeling process.

Use cases for this threat model?  (1) Inform developers on needed 
security features, (2) guidance for integrators, installers, and admins 
(per the Configuration Guide), and (3) for security audits.



2 James mentioned work toward having the OpenBMC community project 
provide information needed for downstream users to certify their 
solution to the FIPS 140-2 (not yet -3) spec.  To be clear, such users 
must necessarily refer back to their decision to use the OpenBMC 
community project, so this material should be in the OpenBMC community 
scope.

DISCUSSION:

We discussed an example of a FIPS 140 topic: an entropy collector needed 
to create cryptographically secure random numbers needed to create 
secure TLS connections.  Specifically, AST2600 entropy generator 
https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=13789 
<https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=13789>, 
versus entropy collector - 
https://atsec-information-security.blogspot.com/2019/10/stephan-mueller-publishes-sp800-90b.html 
<https://atsec-information-security.blogspot.com/2019/10/stephan-mueller-publishes-sp800-90b.html>


The consensus was to produce this as a new openbmc/security/docs 
document which would list each of the FIPS requirements and give info 
for each.  For example, how openbmc satisfies that requirement.  Let’s 
create a gerrit review (marked WIP) for this.




- Joseph


More information about the openbmc mailing list