What is SRTM?
Quick note explaining SRTM for BIOS/UEFI and embedded firmware readers.
SRTM is a UEFI firmware security concept related to boot trust, variable protection, measurement, or firmware update policy.
Why it matters
- Explains advanced firmware-security mechanisms.
- Helps reason about trust anchors, measurements, and update protection.
- Useful for security-focused BIOS/UEFI analysis.
Practical example
Example: when debugging image authentication, check whether the signer is trusted by db and whether the image hash or certificate is blocked by dbx.
Quick checklist
Quick takeaway
SRTM is a small concept, but it often becomes important when reading logs or debugging real firmware.
Put it into the system flow
I try not to treat SRTM as a dictionary entry. I read it as part of a firmware path: who produces it, who consumes it, and what symptom appears when it is wrong. That habit makes the note useful during debugging, not only during study.
A practical picture
For security and SMM topics, I read SRTM as a trust-boundary question. Who can call this path? Where does the buffer come from? When is the policy locked? What happens if the input is controlled by an attacker?
In a real debugging session
For SRTM, the important question is not only what it protects, but when it is locked, who can change it, and where the current state can be verified. Firmware security often fails because the policy is correct on paper but applied at the wrong time.
While reading source code, pay attention to phase transitions, NVRAM variables, SMM policy, flash descriptor settings, and image authentication paths. Security bugs often hide behind ordinary control flow.
Related notes
- What is TPM Event Log?
- What is Secure Boot User Mode?
- What is Secure Boot Setup Mode?
- What is Image Authentication?
- What is Flash Protection?
Public references
Found this useful?
Save it or share it with someone learning firmware, BIOS/UEFI, and embedded systems.
Biến note thành bài viết hoàn chỉnh
Notes là nơi ghi nhanh khái niệm.