TrenchBoot Anti Evil Maid for Qubes OS
The Qubes OS news site has adetailed article on work being done to ensure the integrity of thesystem at boot time.
As you may know, traditional firmware security measures like UEFISecure Boot and measured boot, even with a Static Root of Trust(SRT), may only sometimes be enough to ensure a completely secureenvironment for your operating system. Compromised firmware mayallow for the injection of malicious software into your system,making it difficult to detect. To overcome these limitations, manysilicon vendors have started implementing Dynamic Root of Trust(DRT) technologies to establish a secure environment for operatingsystem launch and integrity measurements. We're excited to takeadvantage of these advancements through integration with theTrenchBoot Project.