Software security in microprocessor systems typically involves verifying the authenticity, accuracy, etc., of several layers of code in a software stack, including the operating system (OS) and applications that run within the operating system. Microprocessors and microprocessor systems, however, typically also include software that is specific to a particular computing system, such as “firmware”, which can include software to perform basic input/output system (BIOS) routines. It may be desirable in some computing systems to verify the integrity of the firmware running within the system, since this firmware may be used by other functions within the OS or various applications and is therefore a vital part of the “trust chain” of verifiable software running in the system.
Prior art software security techniques may not verify the integrity of firmware within a computing system, particularly in a server system, because verifying firmware typically requires the system to be reset while system management operations verify the firmware. One prior art technique, in particular, attempts to measure and verify firmware without resetting the system by including the requisite system management operations within software stored in a portion of non-volatile memory (e.g., flash memory) that is responsible for booting the system (i.e., “boot block”).
One problem with the above-mentioned prior art technique is that the boot block in some non-volatile memories may be accessible by a user and the code stored therein may be modified, thereby compromising the trust chain of software running the system. Another shortcoming of the prior art is that the prior art may require server systems to include a boot block. In a computing system, in which software integrity is at risk by malicious intruders, such as viruses, worms, etc., it is increasingly important to verify the integrity of software running therein, including firmware. Furthermore, in systems in which downtime may be undesirable, or even unacceptable, prior art security techniques are remiss in providing an acceptable software security solution.