There are many types of electronic devices that must undergo a boot-up process when initially energized or reset. During the boot-up process, machine instructions controlling the basic operating characteristics of the electronic device are typically accessed where stored in read only memory (ROM) and executed to initialize the device and enable loading of further machine instructions into random access memory (RAM) that will be executed to enable the electronic device to implement still further functions. For example, when a personal computer is booted-up, instructions comprising a basic input-output system (BIOS) are executed that enable an operating system to be loaded into RAM from a hard drive and executed by the computer's central processing unit (CPU). The term “boot-up” is a short form of an earlier and perhaps more descriptive term “bootstrap.”
Other types of electronic devices that must be booted-up include game consoles, digital recording devices, personal data systems, and almost any other electronic product that includes some form of processor that must execute a set of initial machine instructions to enable further functionality, as additional machine instructions are loaded into memory and executed. Because the boot-up process determines an initial state of an electronic device, it affects important operating parameters of the device and can have a substantial impact on how the electronic device is used after the boot-up process is completed. Preventing modification of the boot-up process can be important to a company that sold the electronic device, to avoid the loss of revenue arising from the use of the device.
For example, in the electronic gaming industry, much of the commercial value of game consoles sold to play electronic games derives from the licensing revenue generated by the game software that runs on the game consoles. Accordingly, the machine instructions that are loaded during the boot-up process implement functionality to prevent unlicensed copies of software from being run on the game consoles and enforces the manufacturer's policies relating to the use of the game consoles for playing electronic games. Certain users tend to view the restrictions on running unlicensed copies of software and the restrictions that enforce such policies on a game console as a challenge and an unwelcome limitation on the use of the game consoles. Such users work to overcome these restrictions by “hacking” the game console circuitry and software. For example, one way to avoid these restrictions is to cause the boot-up process running on a game console to load an altered software kernel in which certain changes have been made. These changes remove the restrictions imposed by the manufacturer of the game console, which can result in the loss of control by the manufacturer regarding how the game consoles are used, and can cause the loss of revenue, if unlicensed copies of software games are thereby enabled to run on the game console. Accordingly, it is common for a substantial effort to be undertaken by game console manufacturers to prevent a hacker from enabling an altered software kernel from being used during the boot-up process.
A similar problem exists in other areas of technology that employ electronic devices that must boot-up. For example, manufacturers of satellite television receivers that limit channels received based upon the monthly fee paid by users must ensure that their security policies and policies regarding use of their products are followed so that the consumer is only able to use the electronic device in accord with the terms of its license. A hacker might be able to modify the code that causes the processor in a satellite receiver to determine the television channels that the user has paid to view, thereby enabling all of the channels to be received and viewed without proper payment of the license fee to do so.
Accordingly, it would be desirable to ensure that only authorized software code is executed during a boot-up of an electronic device. Any technique that is used should prevent a modified or alternative set of machine instructions from being substituted for the authorized software that is intended to be executed during boot up of the device, and thus ensure that the electronic device implements the functionality and policies of the party that manufactured and/or distributed it to the end user. The known approaches used to prevent hackers from defeating the restrictions and policies regarding use of an electronic device, which are included in the code loaded at boot up of electronic devices, are apparently not fully successful. By using add-in circuit cards that include alternative software code, the known security approaches can at least partially be defeated by hackers who couple the circuit cards into the circuitry of the electronic device. Clearly, a more secure and rigorous approach is required to prevent an alternative code from being inserted and executed during the boot-up process of an electronic device.