Adversaries may use bootkits to persist on systems and evade detection. Bootkits reside at a layer below the operating system and may make it difficult to perform full remediation unless an organization suspects one was used and can act accordingly.
ID | Name | Description | NIST Rev5 | D3FEND | ISO 27001 | |
CM0021 | Software Digital Signature | Prevent the installation of Flight Software without verification that the component has been digitally signed using a certificate that is recognized and approved by the mission. | CM-11(3) CM-14 CM-14 SA-10(1) SI-7 SI-7(12) SI-7(15) | |||
CM0014 | Secure boot | Software/Firmware must verify a trust chain that extends through the hardware root of trust, boot loader, boot configuration file, and operating system image, in that order. The trusted boot/RoT computing module should be implemented on radiation tolerant burn-in (non-programmable) equipment. | SC-51 SI-7(9) |