Using Intel Trusted Execution Technology (TXT) for performing a Measured Launch of the NOVA Microhypervisor

Originally started as a research project at TU Dresden more than 15 years ago,
the NOVA microhypervisor now serves as foundation for BedRock's Ultravisor on
ARMv8 and x86 platforms. By combining modern security features, such as
virtualization, control-flow enforcement and total memory encryption with
formal verification, NOVA provides a very light-weight and trustworthy TCB.
However, even a formally verified TCB can be subverted at rest or during
the boot process. In this talk I will present NOVA's ability to establish
a dynamic root of trust for measurement (DRTM), by performing an Intel TXT
late launch of itself.