26-12-2012, 02:04 PM
Basic Input/Output System
1Basic InputOutput.pdf (Size: 323.18 KB / Downloads: 32)
BIOS
In IBM PC compatible computers, the Basic Input/Output System
(BIOS), also known as the system BIOS or ROM BIOS
( /ˈbaɪ.oʊs/), is a de facto standard defining a firmware interface.[1]
The name originated from the Basic Input Output System used in the
CP/M operating system (released in 1976), where the BIOS was
loaded from disk, with only a small boot loader program stored in
read-only memory.
The BIOS software is built into the PC, and is the first code run by a
PC when powered on ('boot firmware'). When the PC starts up, the
first job for the BIOS is the power-on self-test, which initializes and
identifies system devices such as the CPU, RAM, video display card,
keyboard and mouse, hard disk drive, optical disc drive and other hardware. The BIOS then locates boot
loader software held on a peripheral device (designated as a 'boot device'), such as a hard disk or a CD/DVD,
and loads and executes that software, giving it control of the PC.[2] This process is known as booting, or
booting up, which is short for bootstrapping.
BIOS software is stored on a non-volatile ROM chip on the motherboard. It is specifically designed to work
with each particular model of computer, interfacing with various devices that make up the complementary
chipset of the system. In modern computer systems, the BIOS chip's contents can be rewritten without
removing it from the motherboard, allowing BIOS software to be upgraded in place.
Terminology
The term BIOS (Basic Input/Output System) was invented by Gary Kildall and first appeared in the CP/M
operating system in 1975, describing the machine-specific part of CP/M loaded during boot time that
interfaces directly with the hardware (a CP/M machine usually has only a simple boot loader in its ROM).
Later versions of CP/M (as well as Concurrent CP/M, Concurrent DOS, DOS Plus, Multiuser DOS, System
Manager and REAL/32) come with an XIOS (Extended Input/Output System) instead of the BIOS. Most
versions of DOS have a file called "IO.SYS", "IBMBIO.COM", "IBMBIO.SYS", or "DRBIOS.SYS"; this file
is known as the "DOS BIOS", which is analogous to the "CP/M BIOS".
Among other classes of computers, the generic terms boot monitor, boot loader, and boot ROM have been
commonly used. Some Sun and PowerPC-based computers use Open Firmware for this purpose. There are a
few alternatives for "Legacy BIOS" in the x86 world: Extensible Firmware Interface, Open Firmware (used
on the OLPC XO-1), and coreboot.
IBM PC-compatible BIOS chips
In principle, a BIOS in ROM is customized to the particular manufacturer's hardware, allowing low-level
services (such as reading a keystroke or writing a sector of data to diskette) to be provided in a standardized
way to an operating system. For example, an IBM PC might have either a monochrome or a color display
adapter (using different display memory addresses and hardware), but a single, standard, BIOS system call
may be invoked to display a character at a specified position on the screen in text mode.
Prior to the early 1990s, BIOSes were stored in ROM or PROM chips, which could not be
altered by users. As its complexity and need for updates grew, and re-programmable parts
became more available, BIOS firmware was most commonly stored on EEPROM or flash
memory devices.
Flashing the BIOS
In modern PCs the BIOS is stored in rewritable memory, allowing the contents to be replaced or 'rewritten'.
This rewriting of the contents is sometimes termed flashing. This can be done by a special program, usually
provided by the system's manufacturer, or at POST, with a BIOS image in a hard drive or USB flash drive. A
file containing such contents is sometimes termed 'a BIOS image'. A BIOS might be reflashed in order to
upgrade to a newer version to fix bugs or provide improved performance or to support newer hardware, or a
reflashing operation might be needed to fix a damaged BIOS. A BIOS may also be "flashed" by putting the
file on the root of a USB drive and booting.
BIOS chip vulnerabilities
EEPROM chips are advantageous because they can be easily
updated by the user; hardware manufacturers frequently issue BIOS
updates to upgrade their products, improve compatibility and remove
bugs. However, this advantage had the risk that an improperly
executed or aborted BIOS update could render the computer or
device unusable. To avoid these situations, more recent BIOSes use a
"boot block"; a portion of the BIOS which runs first and must be
updated separately. This code verifies if the rest of the BIOS is intact
(using hash checksums or other methods) before transferring control
to it.
Persistent BIOS infection
The third BIOS virus was a technique called "Persistent BIOS infection." It appeared in 2009 at the
CanSecWest Security Conference in Vancouver, and at the SyScan Security Conference in Singapore.
Researchers Anibal Sacco[9] and Alfredo Ortega, from Core Security Technologies, demonstrated how to
insert malicious code into the decompression routines in the BIOS, allowing for nearly full control of the PC
at start-up, even before the operating system is booted.
The proof-of-concept does not exploit a flaw in the BIOS implementation, but only involves the normal
BIOS flashing procedures. Thus, it requires physical access to the machine, or for the user to be root. Despite
these requirements, Ortega underlined the profound implications of his and Sacco's discovery: “We can
patch a driver to drop a fully working rootkit. We even have a little code that can remove or disable
antivirus.”[10]
Mebromi
Mebromi is a trojan which targets computers with AwardBIOS, Microsoft Windows, and antivirus software
from two Chinese companies: Rising Antivirus and Jiangmin KV Antivirus.[11] [12] [13] Mebromi installs a
rootkit which infects the master boot record.
Firmware on adapter cards
A computer system can contain several BIOS firmware chips. The motherboard BIOS typically contains
code to access hardware components absolutely necessary for bootstrapping the system, such as the
keyboard (either PS/2 or on a USB human interface device), and storage (floppy drives, if available, and
PATA or SATA hard disk controllers). In addition, plug-in adapter cards such as SCSI, RAID, network
interface cards, and video boards often include their own BIOS (e.g. Video BIOS), complementing or
replacing the system BIOS code for the given component. (This code is generally referred to as an option
ROM). Even devices built into the motherboard can behave in this way; their option ROMs can be stored as
separate code on the main BIOS flash chip, and upgraded either in tandem with, or separately from, the main
BIOS.
BIOS boot specification
If the expansion ROM wishes to change the way the system boots (such as from a network device or a SCSI
adapter for which the BIOS has no driver code), it can use the BIOS Boot Specification (BBS) API to
register its ability to do so. Once the expansion ROMs have registered using the BBS APIs, the user can
select among the available boot options from within the BIOS's user interface. This is why most BBS
compliant PC BIOS implementations will not allow the user to enter the BIOS's user interface until the
expansion ROMs have finished executing and registering themselves with the BBS API.[citation needed]
The specification can be downloaded from the ACPICA website. The official title is BIOS Boot
Specification (Version 1.01, 11 January 1996) and is available here: [14]
Changing role of the BIOS
Some operating systems, for example MS-DOS, rely on the BIOS to carry out most input/output tasks within
the PC.[15] Because the BIOS still relies on a legacy 16-bit real mode runtime interface, invoking the BIOS
directly is inefficient for some recent operating systems (such as Linux and Microsoft Windows) that are
written for CPUs with a word length of 32-bits or more. A number of larger, more powerful servers and
workstations use a platform-independent Open Firmware (IEEE-1275) based on the Forth programming
language; it is included with Sun's SPARC computers, IBM's RS/6000 line, and other PowerPC systems such
as the CHRP motherboards. Later x86-based personal computer operating systems, like Windows NT, use
their own, native drivers; this makes it much easier to extend support to new hardware.