a2) United States Patent
`US 7,069,452 B1
`(0) Patent No.:
`Jun. 27, 2006
`(45) Date of Patent:
`Hindet al.
`
`US007069452B1
`
`(54)
`
`(75)
`
`METHODS, SYSTEMS AND COMPUTER
`PROGRAM PRODUCTS FOR SECURE
`FIRMWARE UPDATES
`
`Inventors: John R. Hind, Raleigh, NC (US);
`Marcia Lambert Peters, Durham, NC
`(US)
`
`(73)
`
`Assignee:
`
`International Business Machines
`Corporation, Armonk, NY (US)
`
`(*)
`
`Notice:
`
`Subject to any disclaimer, the term ofthis
`patent is extended or adjusted under 35
`US.C. 154(b) by 1207 days.
`
`(21)
`
`Appl. No.: 09/614,982
`
`(22)
`
`Filed:
`
`Jul. 12, 2000
`
`(51)
`
`(52)
`
`(58)
`
`(56)
`
`Int. Cl.
`
`(2006.01)
`GO6F 17/00
`US. Che cece 713/200; 713/189; 713/1;
`713/2
`
`Field of Classification Search................ 703/200;
`713/1-2, 200-202, 189-194
`See application file for complete search history.
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`........ 711/163
`6/1991 Bealkowskiet al.
`5,022,077 A *
`5,293,424 A *
`3/1994 Holtey et al.
`..........
`.
`.
`Christeson et al.
`5,579,522 A * 11/1996
`5,844,986 A * 12/1998
`
`OTHER PUBLICATIONS
`
`“Introduction to Digtial Signal Processors”, Jun. 15, 1999,
`[Retrieved from the Internet Apr. 29, 2004], “http://www.
`ece.utexas.edu/~bevans/hp-dsp-seminar/01__introduct-
`ion/”’.*
`ANSIStandard X9.31. Digital Signatures Using Reversible
`Public Key Cryptographyfor the Financial Services Industry
`(rDSA), 1998.
`Schneier, Bruce, Applied Cryptography, Dec. 1995, pp.
`435-441 and 466-474.
`
`* cited by examiner
`
`Primary Examiner—David Jung
`(74) Attorney, Agent, or Firm—Myers Bigel Sibley &
`Sajovec
`
`(57)
`
`ABSTRACT
`
`Methods, systems and computer program products which
`provide secure updates of firmware (i.e. data stored in a
`programmable memory device of a processing system) are
`disclosed. Updates of a programmable memory of a device
`maybe controlled by providing an update window offinite
`duration during which the programmable memory may be
`updated. Access to the programmable memory may be based
`on the state of an access latch. The access latch may be set
`to allow access after a hardware reset of the device. An
`update control program may be executedto control access to
`the programmable memory andthe latch reset to prevent
`access upon completion of the update control program.
`Verification of the update may be provided through encryp-
`tion techniques and rules incorporated in certificates for
`application of updates to provide for selectively updating
`devices. Also disclosed are methods of securely providing
`differing functionality to generic devices.
`
`36 Claims, 12 Drawing Sheets
`
`
`
`408
`
`408
`
`404
`
`410
`
`412
`
`Bose Exhibit 1019
`
`Bosev. Koss
`
`ipdate
`available?
`
`YES
`+
`Load update
`it
`je in
`‘scratchpad
`memory
`+
`Verify
`signature in
`update image
`with public key
`
`
`
`
`Signature
`verified?
`
`
`
`
`
`
`
`
`
`‘Sat latch to
`disable
`updates
`
`

`

`U.S. Patent
`
`Jun. 27, 2006
`
`Sheet 1 of 12
`
`US 7,069,452 B1
`
`14
`
`Read Only Memory
`
` Memory Controller
`
` Programmable Memory
`16
`12
`10 Power On
`
`
`
`
`Latch Reset
`
` Access
`
` Processor
`
`Reset
`
`Figure 1
`
`

`

`U.S. Patent
`
`Jun. 27, 2006
`
`Sheet 2 of 12
`
`US 7,069,452 B1
`
`I/O Data Ports
`246
`
`Display
`234
`
`Processor
`238
`
`Read Only
`Memory
`240
`
`230
`
`Programmable
`Memory
`236
`
`Input Devices
`232
`
`Processing System
`
`Figure 2
`
`

`

`U.S. Patent
`
`Jun. 27, 2006
`
`Sheet 3 of 12
`
`US 7,069,452 B1
`
`Update
`Control
`Program
`282
`
`Public Key
`284
`
`Read Only Memory
`240
`
`236
`
`Processor
`238
`
`:
`Firmware
`254
`—
`
`Configuration
`Data
`270
`
`Programmable Memory
`
`242
`
`-
`Operating
`System
`252
`
`1/0 Device
`Drivers
`258
`
`Update Image
`280
`
`System Memory
`
`Figure 3
`
`

`

`U.S. Patent
`
`Jun. 27, 2006
`
`Sheet 4 of 12
`
`US 7,069,452 B1
`
`300
`
`302
`
`304
`
`308
`
`Power on reset
`asserted
`
`
`
`
`
`
`Enable update
`of
`programmable
`memory
`
`
`
`memory
`
`
`Execute
`program in
`update ROM
`
`
`
`
`pdate
`program
`
`sompletez
`
`
`
`YES
`
`Disable update
`ability of
`programmable
`
`Figure 4A
`
`

`

`U.S. Patent
`
`Jun. 27, 2006
`
`Sheet 5 of 12
`
`US 7,069,452 B1
`
`300
`
`302
`
`320
`
`304
`
`308
`
`322
`
`Poweron reset
`asserted
`
`Enable access
`to Update
`ROM
`
`Execute
`program in
`Update ROM
`
`306
`
`
`Enable update
`of
`
`
`programmable
`memory
`
`
`
`
`
`
`Disable update
`ability of
`programmable
`memory
`
`Disable access
`to Update
`
`ROM
`
`Figure 4B
`
`
`
`
`pdate
`program
`somplete?
`
`
`YES
`
`

`

`U.S. Patent
`
`Jun. 27, 2006
`
`Sheet 6 of 12
`
`US 7,069,452 B1
`
`Figure 5
`
`
`
`Load update
`image in
`scratchpad
`memory
`
`
`
`Verify
`signature in
`update image
`with public key
`
`
`
`Signature
`verified?
`
`NO
`
`Setlatch to
`disable
`updates
`
`

`

`
`Extract Public
`key from
`certificate and
`decrypt
`signature of
`next certificate
`
`NO
`
`U.S. Patent
`
`Jun. 27, 2006
`
`Sheet 7 of 12
`
`US 7,069,452 B1
`
`450
`
`452
`
`Figure 6
`
`
`
`
`Obtain
`signature and
`certificate
`chain from
`
`update image
`
`
`
`Decrypt
`
`signature with
`
`CA's public key
`
`
`
`Signaturé
`
`
`present and
`valid?
`
`
`
`
`
`
`YES
`
`_/Gignature
`valid?
`
`
`
`
`
`Verify image
`signature with
`appropriate
`public key
`
`
`
`Exit update
`Perform
`
`
`and disable
`update with
`
`
`
`update of
`image
`
`memory
`
`
`

`

`U.S. Patent
`
`Jun. 27, 2006
`
`Sheet 8 of 12
`
`US 7,069,452 B1
`
`510
`
`510°
`
`510"
`
`Signature
`920
`Signature
`520"
`
`Public Key of Next
`Level
`522
`Public Keyof Next
`522!
`
`Firmware Usage Rules
`924
`Firmware Usage Rules
`524
`
`
`
`Signature
`520"
`
`Public icyof Next
`522"
`
`Firmware Usage Rules
`524"
`
`Figure 7
`
`

`

`U.S. Patent
`
`Jun. 27, 2006
`
`Sheet 9 of 12
`
`US 7,069,452 B1
`
`600
`
`602
`
`604
`
`606
`
`608
`
`610
`
`612
`
`o a
`
`Develop firmware update for
`multiple systems/functions
`
`Sign firmware update image
`
`
`
`Provide update authority's
`certificate with any firmware
`
`
`update conditions ina
`certificate extension field(s)
`
`
`
`
`Provide brand certificate with
`any firmware update
`extensions and with the brand's
`
`public key
`
`Provide manufacturer's
`certificate with any firmware
`update extensions and with the
`manufacturer's public key
`
`
`
`Provide root certificate
`authority's certificate with the
`certificate authority's public key
`
`Distribute firmware update
`
`End
`
`Figure 8
`
`

`

`U.S. Patent
`
`Jun. 27, 2006
`
`Sheet 10 of 12
`
`US 7,069,452 B1
`
`
`Obtain
`
`signature and
`Decrypt
`certificate
`signature with
`
`
`chain from
`CA's public key
`
`update image
`
`
`652
`
` Signature
`present and
`valid?
`
`Figure 9
`
`
`
`
`
` Set flag to
`?
`update
`Update OK?
`YES
`
`Extract Public
`key frem
`certificate and
`decrypt
`signature of
`next certificate
`
`662
`
`NO
`
`
`
`
`
`Signature
`valid’?
`NO
`664
`
`YES
`
`
`?
`Setflag to
`Update OK?
`YES
`update
`
`666
`
`
`
`NO——-_______-_-»|
`
`
`
`676
`
`NO-»
`
`
`
`
`Verify image
`
`signature with
`Signature
`
`
`valid?
`appropriate
`
`
`public key
`
`Exit update
`
`
`Perform
`and disable
`
`update with
`
`
`
`update of
`image
`
`memory
`
`680
`
`

`

`U.S. Patent
`
`Jun. 27, 2006
`
`Sheet 11 of 12
`
`US 7,069,452 B1
`
`
`
`Firware Update
`Repository
`700
`
`
`
`Firmware Distribution
`702
`
`
`
`Updateable Device
`£05
`
`Updateable Device
`
`706.
`
`
`
`Figure 10
`
`

`

`U.S. Patent
`
`Jun. 27, 2006
`
`Sheet 12 of 12
`
`US 7,069,452 B1
`
`710
`
`712
`
`714
`
`
`
`
`
`
` Distribute generic
`devices with functions
`defined by the firmware
`in the device and
`having a secure
`firmware update
`capability
`
`
`
`
`
`
`
`
`
`Distribute firmware
`
`
`updatesto define the
`functions of the
`
`
`devices based ona
`device level
`authorization
`
`
`
`
`
`
`
`
`Apply devicelevel
`firmware updatesto the
`
`generic devices to
`provide differing levels
`
`of functionality for the
`devices
`
`
`
`Figure 11
`
`

`

`US 7,069,452 Bl
`
`1
`METHODS, SYSTEMS AND COMPUTER
`PROGRAM PRODUCTS FOR SECURE
`FIRMWARE UPDATES
`
`RELATED APPLICATIONS
`
`The present application is related to commonly assigned
`and concurrently filed U.S. patent application Ser. No.
`09/614,983, entitled “METHODS, SYSTEMS AND COM-
`PUTER PROGRAM PRODUCTS FOR RULE BASED
`FIRMWARE UPDATES UTILIZING CERTIFICATE
`
`EXTENSIONS”, the disclosure of which is incorporated by
`reference as if set forth fully herein.
`
`FIELD OF THE INVENTION
`
`The present invention relates to data processing systems
`and more particularly to data processing systems having
`programmable memories.
`
`BACKGROUND OF THE INVENTION
`
`Many devices today make use of computational elements
`controlled by software instructions embedded in the device
`to give the device its functional personality. This software,
`often called firmware because of its persistent association
`with the device hardware operation, washistorically placed
`in read-only memory (ROM) and wasactivated when the
`device was powered on. With time, it was recognized that
`firmware, like other forms of software, might be subject to
`coding mistakes and that over the lifetime of the device there
`was a need to modify the functional characteristics of the
`device, for example, to adaptit to a new target environment.
`This need to repair firmware coding errors and/or modify
`firmware functionality led to the use of field-programable
`random-access memory (RAM) as a repository for on-
`device firmware. This provided an easier means of modifi-
`cation than replacing ROM chips.
`As a result of this evolution, typically, firmware can be
`updated without physical hardware modification, using
`removable digital media or a network connection as the
`mechanism by which new firmware is communicated to the
`device. The extensive increase in network connectivity in
`recent years has resulted in an increase in the number of
`firmware-driven devices that allow personality updates.
`With the increasing number of update capable devices may
`come significant security problems. With the ubiquitous
`nature of firmware-driven devices, such security problems
`may extend to homes, businesses and other areas where such
`devices are utilized. For example, personal computers, pag-
`ers, cell phones, satellite receivers, set-top boxes, cable and
`DSL modems,routers, digital TVs, or even appliances like
`refrigerators, sewing machines, and ovens mayall be sus-
`ceptible to such security problems.
`In a personal computer, firmware instructions are gener-
`ally referred to as a Basic Input-Output System (BIOS). A
`BIOS typically contains hardware diagnostics, code which
`initializes and enables/disables certain hardware features
`
`(for example boot from network, system board sound or
`display capability, memory parity, I/O bus speed, DMA,
`etc.), and instructions enabling the operating system and
`application programs to interface with the computer hard-
`ware. Parameters governing branches throughthe initializa-
`tion code to enable/disable or configure certain hardware
`features are often stored in battery-backed-up CMOS RAM.
`All of these instructions,
`typically, must be executed or
`
`10
`
`15
`
`20
`
`25
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`2
`instantiated as an application program interface (API) suc-
`cessfully in order for the computer to boot.
`It is well knownin the art that the hardware in which the
`
`firmware (e.g., PC BIOS) instructions reside may be a
`field-programmable ROM such as an EE-PROMora Flash
`RAM.Such hardware designs are desirable in allowing the
`manufacturer to update the firmware after manufacture, for
`example, to enable new capabilities or fix problems. How-
`ever, storing the BIOSin a flash memory mayalso open new
`vulnerabilities
`that can be exploited by hackers. For
`example, some of the approximately 50,000 computer
`viruses known today—such as the Chernobyl virus (known
`as CIH and W95.CIH)—overwrite the BIOS with invalid
`instructions, completely disabling the computer and requir-
`ing physical replacement of the BIOSchip.
`However, security problems may extend beyond the mali-
`cious third parties attempting to damage devices in custom-
`ers’ hands. It is well known that many devices are built on
`generic hardware, wherethe sole difference between several
`models may be the sticker on the front panel, the firmware
`load in the resident flash, and the price. In such devices, a
`customer may, for example, change an inexpensive device
`into a more expensive device merely by updating the firm-
`ware. For example, a manufacturer of Compact Disk Read
`Write (CDRW)drive mechanismsrecently began to receive
`service calls about its named brand $300 6x-write-speed
`drives which turned out to be $100 OEM 4x-write-speed
`drives with their named brand firmware update installed.
`Accordingly, manufacturers of devices that use easily
`updateable firmware may be faced with significant security
`problems that are complicated by situations where the
`device executes non-firmware application code, and/or the
`device owner is complicit in the hacking activity.
`
`SUMMARY OF THE INVENTION
`
`Embodiments of the present invention include methods,
`systems, computer program products and business methods
`which provide secure updates of firmware(i.e. data stored in
`a programmable memory device of a processing system).
`Such secure updates may be provided by controlling updates
`of a programmable memory of a device by providing an
`update window offinite duration during which the program-
`mable memory may be updated and allowing updates of the
`programmable memory only during the update window.
`Furthermore, the update window maybeprovided by allow-
`ing access to the programmable memory based onthestate
`of an access latch. The access latch may be set to allow
`access to the programmable memory after a hardware reset
`of the device. An update control program, which mayreside
`in Read Only Memory, may be executed to control access to
`the programmable memory andthe latch reset to prevent
`access to the programmable memory upon completion of the
`update control program.
`In further embodiments of the present invention, access to
`a memory where the update control program resides may be
`allowed when the access latch allows access to the program-
`mable memory and prevented when the access latch pre-
`vents access to the programmable memory. Furthermore, it
`may be determined if an update of the programmable
`memory is available and, if so, the programmable memory
`may be updated. Such a determination ofthe availability of
`an update may be made by examiningatleast one ofa local
`memory location, a local drive, a network drive and an input
`device status to determine if an update is available or by
`examining persistent status information.
`
`

`

`US 7,069,452 Bl
`
`3
`The programmable memory maybe updated by obtaining
`an update image containing update data to be written to the
`programmable memory, obtaining installation information
`from the update image and writing the update data to the
`programmable memory based on the installation informa-
`tion obtained from the update image. In particular embodi-
`ments of the present invention, the installation information
`may be an install program andtheinstall program executed
`to write the update data to the programmable memory.
`In still further embodiments of the present invention, the
`programmable memory may be updated by loading an
`update image into a temporary workspace and updating the
`programmable memory from the loaded update image. Fur-
`thermore, existing data from the programmable memory
`may bestored so as to provide a backup copy ofthe data of
`the programmable memory. In such embodiments, it may be
`determinedif the update of the programmable memory was
`successful and the contents of the programmable memory
`restored from the backup copyif the update of the program-
`mable memory wasnot successful.
`In yet additional embodiments of the present invention,
`the update control program may verify the authenticity of
`the update of the programmable memory. Such verification
`can be accomplished in various ways, for example by means
`of a shared secret, or by a public-key cryptosystem, or in
`other ways knownto those with skill in the art. In certain
`embodiments, verification of the image may be accom-
`plished by including and checking a digital signature com-
`prising a hash of the image encrypted by the private key of
`an update authority. In addition to the signature, an X.509
`certificate of the update authority may also be included with
`the distribution of the image. See CCITT Recommendation
`X.509, “The Directory-Authentication Framework”, Con-
`sultation Committee,
`International Telephone and Tele-
`graph, International Telecommunications Union, Geneva,
`1989. The verification of the signature may be provided by
`computing the hash over the image, decrypting the signature
`using the public key from the included certificate, and
`comparing the decrypted result with the computed hash
`value. If they are equal,
`the signature verification has
`succeeded. The control program then validates the update
`authority’s certificate by validating a signature contained
`therein, the signature having been created by the certificate
`authority signing the update authority’s certificate using the
`certificate authority’s private key. In a non-chained form,
`this validation may be provided by using a public key of the
`certificate authority that issued the update authority’s cer-
`tificate to decrypt the digital signature contained in the
`update authority’s certificate and comparing it against a
`computed hash of the update authority’s certificate. The
`certificate authority’s public key used to perform this vali-
`dation may be contained in the ROM imageorin the current
`contents of the protected memory. In a more complex
`arrangement, the image would contain a chainofcertificates
`that can be validated back to a certificate signed by the root
`certificate authority.
`In still further embodiments of the present invention, the
`update may include a plurality of certificates in a hierarchy
`of certificates. In such embodiments,
`the verification of
`authenticity may be accomplished by evaluating each of the
`plurality of certificates in the update image to determine if
`a valid digital signature is provided with each certificate of
`the update image. Such an evaluation may be accomplished
`by decrypting a digital signature of a certificate utilizing a
`public key associated with thecertificate and comparing the
`decrypted digital signature with a predefined value to deter-
`mine if the digital signature is a valid digital signature
`
`20
`
`30
`
`35
`
`40
`
`45
`
`55
`
`4
`associated with the certificate. A public key associated with
`another of the digital certificates may be obtained and the
`decryption and comparison repeated utilizing the obtained
`public key associated with anotherofthe digital certificates.
`This process may be repeated until a public key associated
`with a last of the digital certificates is obtained and the
`signature of the last digital certificate decrypted and com-
`pared.
`In additional embodimentsof the present invention, appli-
`cation rules information may be obtained from an extension
`of at least one certificate associated with the update. The
`rules information obtained from a certificate may be evalu-
`ated and the programmable memory selectively updated
`based on the evaluation of the rules information obtained
`
`from the certificate. In particular, the rules information may
`be rules information associated with a manufacturer of the
`device, rules information associated with a brand of the
`device, rules information associated with a software version
`of the device, rules information associated with a license
`authorization of the device or rules associated with the
`individual device.
`
`In still further embodiments of the present invention, a
`system for controlling access to a programmable memory of
`a device may be provided. The system mayincludea latch
`and a memory controller configured to control read and
`write operations to the programmable memory and operably
`associated with the latch so as to allow write operations to
`the programmable memory whenthelatch is in a first state
`and to prevent write operations to the programmable
`memory whenthe latch is in a secondstate. A latch enable
`circuit may be configured to set the latch to the first state
`upon detecting a hardware reset of the device and set the
`latch to the second state upon completion of a memory
`update window.
`In particular embodiments of the present invention, the
`latch enable circuit may include a hardware reset circuit
`which generates a hardware reset of the device, a processor,
`and a read only memory operably associated with the
`processor and containing a program utilized to update the
`programmable memory, wherein the program is configured
`to set the latch to the second state. Furthermore, the pro-
`cessor may be configured to execute the program contained
`in the read only memory upon generation of the hardware
`reset of the device. In still further embodiments of the
`present invention, the program is configured to set the latch
`to the second state upon completion of execution of the
`program.
`In particular embodiments of the present invention, the
`processor comprises a digital signal processor.
`In still further embodiments of the present invention, the
`memory controller is further configured to allow read opera-
`tions of the read only memory whenthe latch is in the first
`state and prevent read operations of the memory when the
`latch is in the secondstate.
`
`In additional embodiments, a plurality of devices having
`differing functionality may be provided by providing a
`plurality of generic processing devices having hardware
`suitable to perform at least a portion of the differing func-
`tionality of the plurality of devices, wherein the generic
`processing devices also have a programmable memory and
`aread only memory. Updates to the programmable memory
`define the functionality of the generic processing devices so
`as to provide the plurality of devices having differing
`functionality. The programmable memories of the generic
`processing devices may be selectively updated utilizing an
`update program provided in the read only memories of the
`generic processing devices which verifies the authorization
`
`

`

`US 7,069,452 Bl
`
`5
`of an update and selectively updates the programmable
`memory based on the verificd authorization. Furthermore,
`updates of the programmable memories of the generic
`processing devices other than by the update program may be
`prevented.
`In still further embodiments, access to the read only
`memory containing the update program may be prevented
`other than when an update of the programmable memory of
`the generic processing device is being performed. Further-
`more, the generic processing devices may include a digital
`signal processor. In such embodiments, the updates of the
`programmable memory may provide microcodefor control-
`ling the operation of the digital signal processor.
`While the invention has been described above primarily
`with respect to method aspects ofthe invention, both sys-
`tems and/or computer program products are also provided.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`FIG. 1 is a block diagram of a firmware update system
`according to embodiments of the present invention;
`FIG. 2 is a block diagram of a data processing system
`suitable for use with the present invention;
`FIG.3 is a more detailed block diagram of data processing
`systems according to embodiments of the present invention;
`FIG. 4A is a flowchart illustrating operations according to
`embodiments of the present invention;
`FIG.4B is a flowchart illustrating operations according to
`further embodiments of the present invention;
`FIG. 5 is a flowchart illustrating operations for perform-
`ing a firmware update according to embodiments of the
`present invention;
`FIG. 6 is a flowchart illustrating operations according to
`embodiments of the present
`invention utilizing crypto-
`graphic techniques to provide secure firmware updates;
`FIG. 7 is a block diagram of a certificate structure
`according to embodiments of the present invention;
`FIG. 8 is a flowchart illustrating operations for creating a
`firmware update according to embodiments of the present
`invention;
`FIG. 9 is a flowchart illustrating operations for perform-
`ing a firmware update utilizing a certificate structure such as
`described in FIG.7;
`FIG. 10 is a block diagram of a firmware distribution
`system according to embodiments of the present invention;
`and
`
`FIG. 11 is a flowchart illustrating operations according to
`further embodiments of the present invention which may
`provide for methods of doing business according to embodi-
`ments of the present invention.
`
`DETAILED DESCRIPTION OF PREFERRED
`EMBODIMENTS
`
`The present invention now will be described more fully
`hereinafter with reference to the accompanying drawings, in
`which preferred embodiments of the invention are shown.
`This invention may, however, be embodied in manydifferent
`forms and should not be construedas limited to the embodi-
`
`ments set forth herein; rather, these embodiments are pro-
`vided so that this disclosure will be thorough and complete,
`and will fully convey the scope of the invention to those
`skilled in theart.
`
`the
`As will be appreciated by one of skill in the art,
`present
`invention may be embodied as a method, data
`processing system, or computer program product. Accord-
`ingly, the present invention maytake the form ofan entirely
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`6
`hardware embodiment, an entirely software embodiment or
`an embodiment combining software and hardware aspects.
`Furthermore, the present invention may take the form of a
`computer program product on a computer-usable storage
`medium having computer-usable program code means
`embodied in the medium. Any suitable computer readable
`medium may be utilized including hard disks, CD-ROMs,
`optical storage devices, or magnetic storage devices.
`The computer-usable or computer-readable medium may
`be, for example but not limited to, an electronic, magnetic,
`optical, electromagnetic, infrared, or semiconductor system,
`apparatus, device, or propagation medium. Morespecific
`examples (a nonexhaustive list) of the computer-readable
`medium would include the following: an electrical connec-
`tion having one or more wires, a portable computerdiskette,
`a random access memory (RAM), a read-only memory
`(ROM), an erasable programmable read-only memory
`(EPROMor Flash memory), an optical fiber, and a portable
`compact disc read-only memory (CD-ROM). Notethat the
`computer-usable or computer-readable medium could even
`be paper or another suitable medium upon which the pro-
`gram is printed, as the program can be electronically cap-
`tured, via, for instance, optical scanning of the paper or other
`medium, then compiled, interpreted or otherwise processed
`in a suitable manner if necessary, and then stored in a
`computer memory.
`Computer program code for carrying out operations of the
`present
`invention may be written in an object oriented
`programming language such as Java®, Smalltalk or C++.
`However,
`the computer program code for carrying out
`operations of the present invention may also be written in
`conventional procedural programming languages, such as
`the “C” programming language or even assembly language.
`The program code may execute entirely on the user’s
`computer, partly on the user’s computer, as a stand-alone
`software package, partly on the user’s computer and partly
`on a remote computeror entirely on the remote computer. In
`the latter scenario, the remote computer may be connected
`to the user’s computer through a local area network (LAN)
`or a wide area network (WAN), or the connection may be
`made to an external computer (for example, through the
`Internet using an Internet Service Provider).
`The present invention is described below with reference
`to flowchart illustrations and/or block diagrams of methods,
`apparatus (systems) and computer program products accord-
`ing to embodiments of the invention. It will be understood
`that each block of the flowchart illustrations and/or block
`diagrams, and combinations of blocks in the flowchart
`illustrations and/or block diagrams, can be implemented by
`computer program instructions. These computer program
`instructions may be provided to a processor of a general
`purpose computer, special purpose computer, embedded
`processor or other programmable data processing apparatus
`to produce a machine, such that the instructions, which
`execute via the processor of the computer or other program-
`mable data processing apparatus, create means for imple-
`menting the functions specified in the flowchart and/or block
`diagram block or blocks.
`These computer program instructions may also be stored
`in a computer-readable memory that can direct a computer
`or other programmable data processing apparatus to function
`in a particular manner, such that the instructions stored in the
`computer-readable memory produceanarticle of manufac-
`ture including instruction means which implementthe func-
`tion specified in the flowchart and/or block diagram block or
`blocks.
`
`

`

`US 7,069,452 Bl
`
`7
`The computer program instructions may also be loaded
`onto a computer or other programmable data processing
`apparatus to cause a series of operational steps to be per-
`formed on the computer or other programmable apparatus to
`produce a computer implemented process such that
`the
`instructions which execute on the computer or other pro-
`grammable apparatus provide steps for implementing the
`functions specified in the flowchart and/or block diagram
`block or blocks.
`
`Asis described in more detail below, embodiments of the
`present invention may provide secure firmware updates by
`providing a windowin which firmware updates may be
`provided. Such a window maybe provided by a latch or
`other such device which may beset to allow update access
`to the programmable memory device(s) where the firmware
`to be updated resides and which maybeset to prevent update
`access to the programmable memory device(s). Further-
`more, some or all of the program which performs the
`firmware update may be stored in a Read Only Memory
`(ROM)of the processing system and the program may set
`the latch to prevent updates of the programmable memory
`device(s) upon completion of the update program. Update
`systems according to embodiments may, for example, be
`incorporated into a boot sequence of a processing device to
`provide secure firmware update capabilities. Additional
`embodiments of the present invention may utilize crypto-
`graphic techniques to further increase the security of the
`firmware update. Various embodiments of the present inven-
`tion will now be described with reference to FIGS. 1 through
`11.
`
`Referring now to FIG. 1, a firmware update system
`according to embodiments of the present invention is illus-
`trated. As is seen in FIG. 1, a processor 10, such as a general
`purpose microprocessor, a digital signal processor or a
`specific purpose processor has associated with it a latch 18
`which defines a state of access permissions to a program-
`mable memory 14 and/or a read only memory (ROM) 16.
`Such access may be controlled by a memory controller 12 or
`other such device which allows the processor 10 to access
`the programmable memory 14 andthe read only memory 16.
`In particular, the programmable memory 14 maybeflash
`RAMorother programmable memory which may contain
`firmware, such as a BIOS program or other such firmware,
`which may provide the basic functionality of the device
`incorporating the processor 10. The processor 10 may access
`the programmable memory 14 through the memory control-
`ler 12 to execute instructions stored in the programmable
`memory 14 or to update the contents of the programmable
`memory 14. The processor 10 may also access the ROM 16
`to execute a firmware update program stored in the ROM 16.
`In operation, the processor 10 receives a hardware reset
`signal, such as the power onreset signal illustrated in FIG.
`1, which causes the processor 10 to reset its registers and
`being execution of a program from a predefined memory
`location. Thus, the latch 18 can besetinto an initial state by
`a hardware reset, which is the meansto return the processor
`10 to a known non-debug state executing a specific instruc-
`tion stream (e.g. the instruction stream stored in the ROM
`16). In particular embodiments of the present invention, the
`predefined memory location corresponds to a memory loca-
`tion in the ROM 16. In additionto resetting the processor 10,
`the reset signal also sets the latch 18 to a state which
`instructs the memory controller 12 to allow access to the
`ROM 16 (1e., read operations) and to allow updates (i.e.
`write operations) to the programmable memory 14. Thus, for
`example, when the “Q”of the latch 18 is a logical “1” the
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`8
`memory controller 12 may allow reads of the ROM 16 and
`writes to the programmable memory 14.
`As is further illustrated in FIG. 1, an output of the
`processor 10 mayalso be provided to reset the latch 18 so
`as to prevent updates of the programmable memory 14 and
`optionally prevent read operations to the ROM 16. Thus,
`whenthe firmware update program executed from the ROM
`16 is concluding it may activate the access latch reset output
`of the processor 10 to reset
`latch 18.
`In the example
`described above, the access latch reset output would reset
`latch 18 so that the “Q”output wasset to a logical “0” so as
`to prevent write operations to the programmable memory 14
`and prevent read operations to the ROM 16. Thus, the latc