1. Field of the Invention
This invention relates to computing devices, and more particularly, to a method and apparatus for synchronizing the firmware associated with such devices.
Portions of the disclosure of this patent document may contain material that is subject to copyright protection. The copyright owner has no objection to the facsimile reproduction by anyone of the patent document or the patent disclosure as it appears in the Patent and Trademark Office file or records, but otherwise reserves all copyright rights whatsoever. Sun Microsystems, Java and all Java-based trademarks and logos are trademarks or registered trademarks of Sun Microsystems, Inc. in the United States and other countries. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International in the United States and other countries. Products bearing SPARC trademarks are based upon an architecture developed by Sun Microsystems, Inc.
2. Background Art
In many electronic information communication paradigms, first and second devices communicate with one another even though they may be physically remote. One such arrangement is that where a remote client computer station communicates with another client computer station or a central server.
Generally, in order for the devices to communicate, they must interact by way of a common protocol, otherwise the devices will not xe2x80x9cunderstandxe2x80x9d one another. It is often difficult, however, to ensure that both devices, such as a server and a remote workstation as described above, are arranged to utilize the same protocol. An incompatibility of the protocol between two devices may arise from changes in the protocol of one but not both devices. A change in protocol may arise when the firmware, such as software, is upgraded on one but not all devices to a more recently released or xe2x80x9cnewerxe2x80x9d version.
As an example, in the server/remote workstation arrangement described above, it is common for the users or clients of the remote workstation(s) to upgrade the version of the software implemented at only their workstation. Upgrades to the server may be controlled by a completely independent entity, such as a system administrator, and not be coordinated at all with changes in the firmware (and thus protocol) at the remote workstation(s).
It may be possible to manually compare the firmware xe2x80x9cversionxe2x80x9d information in order to determine if the workstation and server are operating with the same protocol. It is often impractical to change the protocol of the server, and as such it is common for the remote workstation to be updated with the appropriate version of the firmware. Thus, if a user determines that the firmware at the workstation is xe2x80x9colder,xe2x80x9d in the sense of a having numerically lower version number than that of the version operated by the server, the user may update software or firmware on the workstation. There are numerous pitfalls associated with such a procedure.
A first problem is simply that there is no reliable mechanism for ensuring that multiple workstations and the server(s) are all continuously updated. The above-described update process requires a particular person or persons to be responsible for updating the firmware associated with each workstation. Lapses in the update process may render one or more workstations associated with a network inoperable.
Problems may arise when a user attempts to install or update firmware on their workstation. One problem arises when the upload is interrupted, such as in the case of a power failure. If the updated firmware is only partially written to the memory of the remote workstation when the interruption occurs, the workstation is often disabled because the workstation""s protocol remains incongruous with the server with only a partial update of the firmware. The disabling of the workstation may also occur in similar fashion if there is an error in the firmware load module.
Another problem associated with updating firmware of a remote workstation using an upload arrangement arises from security risks. Unauthorized persons can force undesirable software onto the workstation during the upload of the desired updated firmware, or may block the upload process. Diagnostic mechanisms which allow the insertion of code from an external source are particularly susceptible to attack.
The invention is a method and apparatus for synchronizing firmware, such as versions of software, associated with a first computer device and a second computer device.
In accordance with one embodiment of the invention, the method comprises the steps of transmitting information regarding a characteristic of the firmware associated with the first device from the first device to the second device, comparing the firmware information transmitted from the first device to information regarding the same characteristic of the firmware associated with the second device, and associating new or different firmware with the second device if the characteristics associated with the firmware of the first and second devices are not the same to thereby synchronize the firmware associated with the two devices.
In accordance with one or more embodiments of the invention, in the event the firmware associated with the second device is not the same as that of the first device, then the firmware associated with the second device is modified to match or synchronize with that of the first device by loading updated firmware to the second device.
In accordance with one or more embodiments of the invention, updated firmware is not installed onto the second device until the integrity of the updated firmware is verified. This prevents the introduction of unwanted code, such as a virus, untrusted code, or other unauthorized code to the system. In one embodiment, the firmware to be installed to the second device comprises a load module having a private key associated therewith and the step of verifying comprises using a public key to verify the private key.
In accordance with one or more embodiments of the invention, the first device is a server which is capable of providing services to a number of interface devices, and the second device comprises one of such interface devices. In accordance with one embodiment, the second device includes a memory element onto which the firmware is loaded and a read-only memory area which includes emergency firmware for ensuring the device is not rendered inoperative in the event updated firmware is not properly or completely installed.
In one or more embodiments, computer hardware and/or software is arranged to perform the method of the invention.