Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Security kernel or utility
Reexamination Certificate
1999-07-27
2004-03-30
Hua, Ly V. (Department: 2767)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Security kernel or utility
C713S600000, C713S187000, C713S168000, C713S193000, C713S189000, C380S285000, C705S076000, C705S057000
Reexamination Certificate
active
06715074
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates generally to the BIOS of a general purpose computer and more particularly to techniques for allowing the BIOS to be reprogrammed that are resistant to inadvertent or unauthorized reprogramming of the BIOS.
2. Description of Related Art
The BIOS (Basic In/Out System) is generally a piece of software or code stored in a specific memory area of a computer. The computer uses the BIOS to get itself started properly when turned on. The BIOS may be used, from time to time, thereafter to help manage data transactions between hardware and programs.
Many electronic devices that do not operate like standard personal computers have begun to incorporate BIOS into their circuitry. For example, a modem may include an 80C186 microprocessor which utilizes a BIOS. Furthermore, CD and tape writers, laser and ink jet printers which contain microcontroller or microprocessor based computing circuitry have begun to incorporate a BIOS of some kind for use at start up to get the device operating and running when turned on.
Some PC (personal computer) operating systems (e.g., Linux, NT) have dispensed with the services of the BIOS while the system is running, but they all require and rely on the BIOS when the PC is started or turned on. A PC chipset (the majority of interconnect and control circuitry of a PC found within a few chips on a PC motherboard) has many configurable options, such as memory and bus timing, port configuration and so on, which are configured by the BIOS at start up. However, an inoperable computer results if the options are not configured correctly by the BIOS at start up.
At one time the BIOS were programmed into ROM chips on the PC mother board. The BIOS ROM chips could not be reprogrammed, but instead had to be replaced with a newly programmed BIOS ROM chip.
As ROM chips became programmable, EEPROM's, and Flash ROMS began to be used for BIOS chips. In particular, Flash ROMs can be programmed without being removed from a circuit board. This is useful in the personal computer industry because a Flash ROM BIOS chip (“Flash BIOS”) can be reprogrammed (“flashed”) and upgraded with new data without opening the chassis of the personal computer.
At present, there are various computer systems that allow the BIOS code to be flashed. Before a presently existing computer system flashes the system BIOS, the flash (reprogramming) application generally verifies that the BIOS image to be programed/flashed into the Flash BIOS is a correct size or has a correct file name for the computer, but in present systems it is not possible to actively check the BIOS image to make sure it will be compatible with the computer it will be loaded into. Furthermore, at present it is not possible to program a Flash ROM BIOS in a “protected programming” mode of the computer's operating system such as while operating in Windows '95 or '98. Thus, ROM BIOS flashing must be performed in a “real” mode operating system such as MS-DOS. A drawback of this technique of flashing the BIOS is that the verification code required for flashing the ROM BIOS exists as an executable file that may be found and disassembled by a hacker. The hacker could easily discern sufficient information from the disassembled code to create a flash ROM BIOS image that will be accepted as a BIOS image and render the computer unusable.
There are some other serious problems associated with the ability of a computer user to Flash his own computer's BIOS. For example, suppose a user wanted to upgrade the information in his Flash BIOS. He would have to obtain a new BIOS program from the computer manufacturer, the worldwide web, or another source. Then to perform the Flash BIOS upgrade, the user would initiate a “burner” program on his PC. That is, the burner program will use circuitry built into the PC's mother board (provided it supports flash upgrading) and erase the existing data/information in the Flash BIOS chip and then program or load the new BIOS data/information into the chip. This is all fine and good unless an inappropriate BIOS program obtained and then loaded into the Flash BIOS is used. If an inappropriate BIOS program was loaded into the BIOS chip, the user's computer would be rendered inoperable.
Another problem, as discussed above, is that a hacker could write a computer virus that could initiate the burner software and Flash the BIOS of an unsuspecting user's computer thereby rendering the computer inoperable.
Thus, there is a need for a computer system that resists having its BIOS flashed so that an incompatible BIOS program, other data, or no data is left in the memory area where the BIOS program is kept. Furthermore, there is a need for a computer system that has a virus resistant and hardware independent method for flashing the BIOS so that only a system compatible BIOS code can be flashed into the Flash BIOS chip.
SUMMARY OF THE INVENTION
In one embodiment of the present invention a computer system comprises a hard disk drive where a BIOS image can be stored on a magnetic media. If a user wants to reprogram a ROM BIOS part with the BIOS image, a utility, program is executed. The utility program generates a software system management interrupt in order to trigger a handler program. The handler program is stored in the system management memory portion of RAM which is inaccessible to a user. The handler program checks the BIOS image for a specific code to determine whether the BIOS image is a certified BIOS image that is certified for the operating computer system. If the handler program determines that the BIOS image is certified, then it will reprogram the ROM BIOS part with the certified BIOS image.
REFERENCES:
patent: 5717886 (1998-02-01), Miyauchi
patent: 5768598 (1998-06-01), Marisetty et al.
patent: 5778070 (1998-07-01), Mattison
patent: 5835761 (1998-11-01), Ishii et al.
patent: 5859911 (1999-01-01), Angelo et al.
patent: 5930504 (1999-07-01), Gabel
patent: 5974250 (1999-10-01), Angelo et al.
patent: 6014611 (2000-01-01), Arai et al.
patent: 6233681 (2001-05-01), Kang
patent: 6243656 (2001-06-01), Arai et al.
patent: 6363463 (2002-03-01), Mattison
patent: 6425079 (2002-07-01), Mahmoud
patent: 6510521 (2003-01-01), Albrecht et al.
patent: 6513159 (2003-01-01), Dodson
patent: 6571206 (2003-05-01), Casano et al.
patent: 6581162 (2003-06-01), Angelo et al.
patent: WO 97/29569 (1997-08-01), None
patent: WO 98/15082 (1998-04-01), None
Hewlett--Packard Development Company, L.P.
Hua Ly V.
LandOfFree
Virus resistant and hardware independent method of flashing... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Virus resistant and hardware independent method of flashing..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Virus resistant and hardware independent method of flashing... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3276756