The whitelisting looks very helpful. My original plan was to dump the complete firmware image for integrity checking but I was unable to get a good read due to some read locked areas even an external programmer couldn't read. So this makes for a good alternative. Retesting after a reboot is also a good idea. I will try that and compare results. I didn't realize so much of the firmware was dynamic. I thought taking a single known good image would be enough. The ACPI information also looks quite useful. I have played with fwts some but it is very complicated. Since the ACPI tables change frequently perhaps I should drop them from the test script. To answer some of your questions, the test results were generated with version 1.3.0. I have built chipsec on a usb drive running centos 7. Because of this, yes, I boot from different media between tests, hdd and usb. The only changes between tests was normal use, ie reboots, os updates, software use. No suspect software has been installed, though finding out the python pypi repository had been compromised did give me a few worries. The reason for the test was a bios info screen popped up on boot which I found unusual because it normally only does that following a firmware update and I had not done one. A few things stand out. You mention MMIO and IOMMU. There are certainly a lot of changes there including some flags that are switched between 0 and 1 so it appears the configuration has changed. I leave the BIOS in a static "secure" configuration. It was in this configuration for both runs, though I do have to enter the bios to enable usb boot to run chipsec, then after the run I disable it again. It seems that shouldn't matter but I can't be certain. You mention some devices were reinitialized. Is this expected behavior? No firmware updates have taken place. Also I note pci dump has changed. There have been no hardware changes other than usb devices plugged and unplugged. You mention the cmos changes are related to real time clock but what about ec dump changes? Some of the efi variables stand out as well. TrEEPhysicalPresence SMBIOSELOG000 System SctCsmMemoryMapVariable Thanks greatly for your help and references. To a non specialist the complexity can seem overwhelming.