iDRAC10 Security Configuration Guide

Silicon-based Root-of-Trust

PowerEdge servers that are enabled with iDRAC use an immutable, silicon-based Root-of-Trust (RoT) to cryptographically attest to the integrity of BIOS and iDRAC firmware. This Root-of-trust is based on one-time programmable, read-only public keys that provide protection against malware tampering. iDRAC provides enhanced security with the use of a new dedicated security processor with no external interfaces to store all authentication keys and perform iDRAC secure boot. The BIOS boot process leverages Intel Boot Guard technology along with SPDM measurement verification by iDRAC to verify the digital signature of the cryptographic hash of the boot image. A failure to verify the boot image results in a shutdown of the server and a user notification in the Lifecycle Controller Log. If Boot Guard validates the boot image successfully, the rest of the BIOS modules are validated by using a chain of trust procedure until control is handed off to the operating system or hypervisor.

With chain of trust, each BIOS module contains a hash of the next module in the chain. The key modules in BIOS are the Initial Boot Block (IBB), Security (SEC), Pre-EFI Initialization (PEI), Memory Reference Code (MRC), Driver Execution Environment (DXE), and Boot Device Selection (BDS). If Intel Boots Guard authenticates IBB, then IBB validates SEC+PEI before handing control to it. SEC+PEI then validates PEI+MRC which further validates the DXE+BDS modules. At this point, control is handed over to UEFI Secure Boot as explained in later sections.