Over the past two years, MITRE researchers have been exploring PC firmware security. This has culminated in being only the second group ever to find and disclose BIOS exploits that can bypass signed update requirements, and the first to subvert TPM-stored measurements from a measured boot, and persist even across BIOS updates. This talk will begin by giving an overview of the numerous firmware attacks that have surfaced in the past five years. We will also give a sense of how many problems we have also discovered that are still being fixed by vendors. The second half of the talk will go on to describe Copernicus, a tool we have released to the community to allow checking if your BIOS is writable or vulnerable to a known exploit. Copernicus also allows for the dumping and inspection of the BIOS flash contents, so that the BIOS can be integrity checked, or so that researchers can do their own analyses of their own BIOSes. We will also describe the existing and upcoming classes from OpenSecurityTraining.info which are directly relevant to BIOS security research.