The present invention relates to a computer system which has a re-programmable start-up memory that is protected against unauthorized reprogramming. More specifically, the present invention defines a start-up system for a computer which takes certain steps to avoid unauthorized alteration of the computer's non-volatile memory.
Initial turn on of a computer executes instructions from a specified start-up routine. Many computers store the start-up routine in read only memory. It has become more common in recent years to store the start-up routine in nonvolatile random access memory ("NVRAM"). This allows the contents of the start-up routine (the basic input or output system or "BIOS") to be changed after initial manufacture to upgrade the start-up routine. The act of changing the content of the non-volatile memory is called "flashing" the memory.
The ability to change the BIOS, however, has opened a unique hole for viruses such as the "Meningitis" virus or other computer-infiltrating agents. Viruses often invade the operation of a computer in various ways. Many viruses render the computer subsequently unusable. If the BIOS is damaged, the computer cannot be started or starts in an unintended way. Hence, the computer operation is compromised. If sufficiently damaged, e.g., reset to zero, the BIOS cannot even be reprogrammed. This requires professional repair, e.g. shipping the computer back to the vendor for reprogramming.
Various measures have been taken to avoid virus infiltration into the BIOS.
For example, vendors have taken steps to avoid unauthorized reprogramming of the BIOS. A physical switch has been used. The switch must be set before the BIOS can be upgraded. People sometimes do not, however, reset the switch after they set the switch to upgrade for the first time. This leaves a later susceptibility to a virus resetting or infiltrating the NVRAM.
Another solution used by some manufacturers is to prevent the NVRAM from reset at any time except on initial boot-up. This solution allows the flash to be reset only when the system is first booted. One of the realizations made by the present inventor, however, is that this action does nothing to avoid the update routine itself being virus-infiltrated. This also does not prevent a virus from invading the boot sector of the hard disk in anticipation of the next boot cycle.
Moreover, once the virus-writers find out about a possible virus block, they find ways around the block.
The present invention takes various steps to prevent the contents of the NVRAM from being reprogrammed unless certain security measures are met. These security measures include any one or more of the following: (Using multiple different techniques makes it more difficult for a virus to circumvent any security measures.)
Flashing is only allowed on initial power-up to prevent a virus from resetting the NVRAM via a software reset.
Flashing is only allowed from a floppy disk, and not from the hard disk. This prevents a virus from infecting the boot sector of the hard disk, and then infecting the NVRAM the next time that the computer is power cycled.
Some aspect of the updating routine is checked to detect tampering.
Warnings are produced indicating that the system is to reflash. This prevents silently reflashing the system as is done by certain viruses.
The system prevents re-flashing unless a specific bit in the NVRAM has been set during a previous operation time. That bit is reset during every startup cycle.
Other advantages and features will become apparent from the following description and from the claims.