What can the EC do security-wise?


I was reading about the embedded controller, but I have found little on how things work out security wise. Since the EC-firmware is not cryptographic verified by intel boot guard, is there a way to detect changes to the EC (in the BIOS)?
Is the EC-firmware measured into a TPM2 PCR?

If an attacker can change the EC, what harm could he do? (I just mean security-wise, breaking the battery or overheating through a broken thermal control is not my concern).
According to the documentation, the embedded controller has modules regarding verified boot [0]. What do these do exactly and can these be used to kind of break secure boot security?

I also found that the EC can interact with the TPM [1]. What is the influence here? Can it modify/fake PCR measurements?

[0] chromiumos/platform/ec - Git at Google
[1] CrOS EC (Embedded Controller) - Cr50 And Chrome OS Verified Boot Troubleshooting

1 Like

Since you did the framework-ec project, do you have any insight on this?