Information processing systems typically include a programmable non-volatile memory, such as an electrically erasable programmable read only memory (“EEPROM”) or flash memory, for storing a bootstrap loader, a basic input/output system (“BIOS”), and other firmware. The code stored in this non-volatile memory may be modified for updates and patches, but is retained when the system is powered down. Therefore, it may be the target of malicious attacks on the information processing system.
One approach to perform secure boot and secure firmware execution is by computing a boot image of the firmware through hashing/encryption and storing the boot image in a non-volatile memory. During boot up, a boot image computation is performed on the targeted firmware and the result of the computation is compared with the stored boot image to determine whether firmware has been tampered with.