Qubes Air: Hardware, Firmware, and Architectural Foundations
Qubes OS has traditionally been recognized for its excellence on personal laptops and desktops, securely compartmentalizing computing tasks. Extending Qubes OS to modern AMD server platforms introduces exciting opportunities but also unique security considerations. This foundational talk explores selected
AMD server hardware, Dasharo firmware (coreboot+UEFI), AMD's OpenSIL and Intel FSP framework, and OpenBMC solutions. It outlines the architectural vision, threat considerations for Qubes OS certification (including BMC, Platform Firmware Resiliency), and a strategic roadmap toward securely deploying Qubes OS on servers, laying hardware, firmware, and hypervisor foundation for the Qubes Air ideas: Qubes in the cloud and Qubes Hybrid Mode.
