Computer systems include firmware to provide an interface between the operating system and hardware such as peripheral devices. The firmware for some computer systems includes a Basic Input/Output System (BIOS).
During the boot process, the processor executes BIOS code to enumerate or identify devices including peripheral devices of the computer system. The BIOS includes tables identifying the devices and how to communicate with them. The firmware is stored in a nonvolatile memory.
As computer systems have grown in sophistication so has the need for secure storage. A peripheral storage device such as a hard drive may be used to supplement the BIOS. One approach for secure storage establishes a hard drive partition for handling secure storage. The hard drive, however, is typically also exposed to the operating system and application code external to the BIOS.
If the partition is accessible from program code other than the BIOS program code, the partition is subject to tampering or data corruption. Concealing the partition or locking the partition to prevent changes by non-BIOS program code requires co-operation from applications external to the BIOS and is thus inherently insecure. The partition contents may be lost, for example, by reformatting or re-partitioning the hard drive.