During startup, a typical computing device, such as a desktop computer, invokes a boot process to initialize the computing device and associated peripheral devices. The process of initializing each peripheral device is typically controlled by software, referred to as boot firmware, which is often stored in a read-only memory (ROM) on the computing device or on the respective peripheral device. After the computing device executes the boot firmware associated with each peripheral device, the computing device launches an operating system and possibly other software applications.
Until the device loads the operating system and any subsequent security software applications that rely on the operating system, the computing device may be susceptible to attack. In particular, it is possible for boot firmware to introduce serious security threats either accidentally or maliciously prior to the execution of the operating system and any security software applications that otherwise may neutralize the posed security threat. As a result, by the time the operating system and security software applications are available, the security of the computing device may have already been compromised. Most conventional computing devices offer little resistance to security threats introduced by boot firmware.
In response to potential boot firmware security breaches, some computing devices provide security measures to ensure that the boot firmware comes from a trusted source. These security measures rely on digital signatures, which uniquely identify the source of the associated boot firmware. The computing device can decode a digital signature to identify the source of the boot firmware and accept or reject the boot firmware based on the source. In this manner, the computing device can gauge the reliability of boot firmware based on the source, allowing the computing device to execute only boot firmware from trusted sources.
One potential deficiency of this approach is that these approaches do not scale well. Typically, there are numerous sources generating boot firmware and the number of sources is growing. Furthermore, every new source must be verified so that the associated boot firmware may be executed. Thus, this approach yields to difficulties that arise as the number of sources grows, since the approach is dependent on the source.
Another potential deficiency of this approach is that the computing device may verify the reliability of the boot firmware only once. More specifically, the computing device receives the boot firmware and associated digital signature from the peripheral device, decodes the digital signature to accept or reject the boot firmware and executes only the accepted boot firmware. Thereafter, however, the computing device executes the boot firmware and assumes that the boot firmware is from the reliable source and has not changed. Other security measures may determine changes since the boot firmware was accepted and executes only boot firmware that has not changed from the accepted boot firmware. A computing device may use these two security measures in conjunction in an attempt to prevent the execution of boot firmware from unreliable sources, which may be malicious in nature, and prevent reliable boot firmware from being altered with malicious intent.
However, these security measures are passive measures, enforcing security by preserving trust, such as verifying the reputation of a source. Boot firmware from a malicious source can be installed under the guise of a reliable source, e.g., by misappropriating the digital credentials of the reliable source. In addition, even reliable sources can produce boot firmware that poses security threats accidentally through programmer error. Both of these pose threats which passive security measures are incapable of preventing.