Electrical computers and digital processing systems: support – Digital data processing system initialization or configuration
Reexamination Certificate
2000-02-02
2003-07-08
Lee, Thomas (Department: 2185)
Electrical computers and digital processing systems: support
Digital data processing system initialization or configuration
C713S002000, C713S100000, C713S193000
Reexamination Certificate
active
06591362
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of Invention
The present invention relates to a method for computer firmware protection and, in particular, to a method for protecting the computer basic input/output system (BIOS) from viruses.
2. Description of Related Art
One of the most critical elements in the computer system is the firmware for booting, namely, BIOS. In general, it is stored in non-volatile memory. BIOS is an executable code, which enables CPU to perform tasks such as initialization, diagnostic, loading the operating system (OS) kernel from mass storage, and routine input/output (I/O) functions.
When the power is turned on, CPU will “boot up” by fetching the instruction code residing in the BIOS. Due to its inherent nature, the BIOS has two conflicting requirements: (1) BIOS has to be perfectly protected, otherwise the whole system can not be started once BIOS is modified or destroyed; and (2) BIOS should be able to be easily modified so that improved functions or debugged upgrade action can be added in.
Usually, BIOS is implemented in erasable programmable read-only memory (EPROM) because it can not be modified by electrical currents. One has to remove EPROM from the slot and expose it to the ultraviolet light for a long time if the stored contents are to be modified. Therefore, BIOS stored in EPROM can be prevented from viruses. On the other hand, BIOS stored in EPROM devices do not support “field upgrades” because these devices are not in-circuit programmable, which is a necessary characteristic for field upgrades. Recently, the computer system structure is continuously renewed. Whether BIOS can be upgraded in time becomes an important issue. So most of current BIOS firmware adopts flash memory. However, since the BIOS flash memory is easy to be modified, it can be vulnerable to viruses, which may cause serious problems. For a typical computer virus, its code executes a code sequence to modify the BIOS contents. Once BIOS is improperly modified, the infected program code would be distributed to other areas or the kernel of OS. Moreover, since BIOS is the first program to be executed after the computer is turned on, it is before the start of any system or network anti-virus software. This makes the detection and cleaning of BIOS viruses more difficult. In particular, this type of viruses can get away from the scan of anti-virus software so that the system can not detect its existence.
The current protection of BIOS can be classified into two categories. (1) Hardware protection: a jumper or general purpose I/O is used to control the 12V input signal V
cc
of flash memory to prevent the flash memory from being written. Though this has a good protection effect, yet the operation is inconvenient. The defect is that the prevention and reaction toward viruses are passive. (2) Software protection: the usual method uses software protection. For some flash memory that does not support the above hardware protection, the system will directly give a set of command toward the flash memory to screening viruses. Nevertheless, the defect is that this set of command is a standard defined by the flash memory, thus it can be easily disabled by the virus. For example, the virus CIH can disable this type of software protection.
SUMMARY OF THE INVENTION
In view of the foregoing, one object of the present invention is to provide a method for protecting BIOS from viruses, which utilizes the necessary signal produced when flash memory is written to generate a system management interrupt (SMI). Therefore, when a writing action occurs to BIOS stored in the flash memory, an SMI handler routine of BIOS can avoid the invasion of viruses.
Pursuant to the above object, the method for protecting BIOS from viruses of the present invention is achieved by connecting flash memory stored with BIOS and the input pins of the system management interrupt (SMI) event source of a chipset. The method includes the steps of: (a) requiring an interruption by an executing program writing to the flash memory; (b) performing relevant BIOS settings for a necessary signal WE# from the flash memory; (c) obtaining an SMI signal sent out from the chipset by a computer CPU; (d) checking the source of the SMI signal by an SMI handler routine of BIOS; (e) determining whether an SMI source caused by the executing program is the viruses invasion; and (f) protecting the flash memory from being written. Step (b), in particular, further includes the steps of: (b
1
) performing POST when BIOS is started; (b
2
) initializing SMI handler routine; (b
3
) performing relevant settings for the chipset so that the chipset will generate an SMI signal when the flash memory is written; (b
4
) setting I/O trap SMI functions to prevent viruses from disabling SMI; and (b
5
) loading the operating system (OS).
Further scope of applicability of the present invention will become apparent from the detailed description given hereinafter. However, it should be understood that the detailed description and specific examples, while indicating preferred embodiments of the invention, are given by way of illustration only, since various changes and modifications within the spirit and scope of the invention will become apparent to those skilled in the art from this detailed description.
REFERENCES:
patent: 5022077 (1991-06-01), Bealkowski et al.
patent: 5410699 (1995-04-01), Bealkowski et al.
patent: 5511184 (1996-04-01), Lin
patent: 5537540 (1996-07-01), Miller et al.
patent: 5802277 (1998-09-01), Cowlard
patent: 5844986 (1998-12-01), Davis
patent: 5881151 (1999-03-01), Yamamoto
patent: 6009524 (1999-12-01), Olarig et al.
patent: 6026016 (2000-02-01), Gafken
patent: 6292012 (2001-09-01), Yeh et al.
patent: 6401208 (2002-06-01), Davis et al.
patent: 6408387 (2002-06-01), Wells
patent: 6510521 (2003-01-01), Albrecht et al.
Birch & Stewart Kolasch & Birch, LLP
Cao Chun
Inventech Corporation
Lee Thomas
LandOfFree
System for protecting BIOS from virus by verified system... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System for protecting BIOS from virus by verified system..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System for protecting BIOS from virus by verified system... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3023862