2025-09-26 –, Social Hub Main Room
Qubes OS has traditionally been recognized for its excellence on personal laptops and desktops, securely compartmentalizing computing tasks. Extending Qubes OS to modern AMD server platforms introduces exciting opportunities but also unique security considerations. This foundational talk explores selected
AMD server hardware, Dasharo firmware (coreboot+UEFI), AMD's OpenSIL and Intel FSP framework, and OpenBMC solutions. It outlines the architectural vision, threat considerations for Qubes OS certification (including BMC, Platform Firmware Resiliency), and a strategic roadmap toward securely deploying Qubes OS on servers, laying hardware, firmware, and hypervisor foundation for the Qubes Air ideas: Qubes in the cloud and Qubes Hybrid Mode.
Participants will explore:
* An introduction to modern server platforms (Gigabyte MZ33-AR1, ASRock SPC741D8-2L2T/BCM).
* Dasharo firmware integration leveraging AMD OpenSIL.
* Establishing OpenBMC (ZarhusBMC) as the secure Root of Trust.
* Security implications of AMD Platform Security Processor (PSP/ASP), BMC security, and Platform Firmware Resiliency (PFR).
* A clear roadmap and milestone overview toward certifiable, secure, server-grade Qubes OS implementations.
