Flashing the BIOS

Where the BIOS is stored in rewritable memory, flashing the BIOS is overwriting the BIOS contents with a BIOS image. This is done to update the BIOS to a newer version either to fix specific bugs, support newer hardware, or fix a damaged BIOS. However, care must be taken when doing this because if it is not done correctly it may render the system inoperable.

BIOS chip vulnerabilities

An American Megatrends BIOS registering the “IntelPOST, most likely a problem with the POST. CPU uCode Error” while doing

EEPROM chips are advantageous because they can be easily updated by the user; hardware manufacturers frequently issue BIOS updates to upgrade their products, improve compatibility and remove bugs. However, this advantage had the risk that an improperly executed or aborted BIOS update could render the computer or device unusable. To avoid these situations, more recent BIOSes use a "boot block"; a portion of the BIOS which runs first and must be updated separately. This code verifies if the rest of the BIOS is intact (using hash checksums or other methods) before transferring control to it. If the boot block detects any corruption in the main BIOS, it will typically warn the user that a recovery process must be initiated by booting from removable media (floppy, CD or USB memory) so the user can try flashing the BIOS again. Some motherboards have a backup BIOS (sometimes referred to as DualBIOS boards) to recover from BIOS corruptions.

Virus attacks

There was at least one computer virus which was able to erase Flash ROM BIOS content, rendering computer systems unusable. CIH, also known as "Chernobyl Virus", appeared the first time in Mid 1998 and became active in April 1999. It affected systems BIOS and often they could not be fixed on their own since they were no longer able to boot at all. To repair this, Flash ROM IC had to be ejected from the motherboard to be reprogrammed somewhere else. Damage from CIH was possible since the Virus was specifically targetted at the then wide-spread Intel i430TX motherboard chipset, and the most common operating systems of the time were based on the Windows 9x family allowing direct hardware access to all programs.

Modern systems are not vulnerable to CIH because of a variety of chipsets being used which are incompatible with the Intel i430TX chipset, and also other Flash ROM IC types. There is also extra protection from accidental BIOS rewrites in the form of boot blocks which are protected from accidental overwrite or dual and quad BIOS equipped systems which may, in the event of a crash, use a backup BIOS. Also, all modern operating systems like Linux, Mac OS X, Windows NT-based Windows OS like Windows 2000, Windows XP and newer, do not allow user mode programs to have direct hardware access. However, many Windows users run all programs in administrative mode, which does allow direct hardware access. Nonetheless, as of year 2008, CIH has become almost harmless and usually just bothers users by infecting executable files without being able to cause any real harm, only triggering numerous virus alerts from antivirus software. Other BIOS viruses remain possible, however.[1]

Firmware on adapter cards

A computer system can contain several BIOS firmware chips. The motherboard BIOS typically contains code to access fundamental hardware components such as the keyboard, floppy drives, ATA (IDE) hard disk controllers, USB human interface devices, and storage devices. In addition, plug-in adapter cards such as SCSI, RAID, Network interface cards, and video boards often include their own BIOS, complementing or replacing the system BIOS code for the given component.

In some devices that can be used by add-in adapters and actually directly integrated on the motherboard, the add-in ROM may also be stored as separate code on the main BIOS flash chip. It may then be possible to upgrade this "add-in" BIOS (sometimes called an option ROM) separately from the main BIOS code.

Add-in cards usually only require such an add-in BIOS if they:

• Need to be used prior to the time that the operating system loads (e.g. they may be used as part of the process which loads (bootstraps) the operating system), and:
• Are not sufficiently simple, or generic in operation to be handled by the main BIOS directly

PC operating systems such as DOS, including all DOS-based versions of MS Windows, as well as bootloaders, may continue to use the BIOS for input and output. However, other operating systems will use device drivers to directly access the hardware. Occasionally these add-in BIOSs are still called by these operating systems, in order to carry out specific tasks such as preliminary device initialization.

To find these memory mapped expansion ROMs during the boot process, PC BIOS implementations scan real memory from 0xC0000 to 0xF0000 on 2 kilobyte boundaries looking for the ROM signature bytes of 55h followed by AAh (0xAA55). For a valid expansion ROM, its signature is immediately followed by a single byte indicating the number of 512-byte blocks it occupies in real memory. The BIOS then jumps to the offset located immediately after this size byte; at which point the expansion ROM code takes over, using the BIOS services to register interrupt vectors for use by post-boot applications and provide a user configuration interface, or display diagnostic information.

There are many methods and utilities for examining the contents of various motherboard BIOS and expansion ROMs, such as Microsoft DEBUG or the UNIX dd.

BIOS boot specification

If the expansion ROM wishes to change the way the system boots (such as from a network device or a SCSI adapter for which the BIOS has no driver code), it can use the BIOS Boot Specification (BBS) API to register its ability to do so. Once the expansion ROMs have registered using the BBS APIs, the user can select among the available boot options from within the BIOSes user interface. This is why most BBS compliant PC BIOS implementations will not allow the user to enter the BIOS's user interface until the expansion ROMs have finished executing and registering themselves with the BBS API.^{[citation needed]}

Changing role of the BIOS

Some operating systems, for example MS-DOS, rely on the BIOS to carry out most input/output tasks within the PC.^[7] A variety of technical reasons makes it inefficient for some recent operating systems written for 32-bit CPUs such as Linux and Microsoft Windows to invoke the BIOS directly. Larger, more powerful, servers and workstations using PowerPC or SPARC CPUs by several manufacturers developed a platform-independent Open Firmware (IEEE-1275), based on the Forth programming language. It is included with Sun's SPARC computers, IBM's RS/6000 line, and other PowerPC CHRP motherboards. Later x86-based personal computer operating systems, like Windows NT, use their own, native drivers which also makes it much easier to extend support to new hardware, while the BIOS still relies on a legacy 16-bit runtime interface.

There was a similar transition for the Apple Macintosh, where the system software originally relied heavily on the ToolBox—a set of drivers and other useful routines stored in ROM based on Motorola's 680x0 CPUs. These Apple ROMs were replaced by Open Firmware in the PowerPC Macintosh, then EFI in Intel Macintosh computers.

Later BIOS took on more complex functions, by way of interfaces such as ACPI; these functions include power management, hot swapping and thermal management. However BIOS limitations (16-bit processor mode, only 1 MiB addressable space, PC AT hardware dependencies, etc.) were seen as clearly unacceptable for the newer computer platforms. Extensible Firmware Interface (EFI) is a specification which replaces the runtime interface of the legacy BIOS. Initially written for the Itanium architecture, EFI is now available for x86 and x86-64 platforms; the specification development is driven by The Unified EFI Forum, an industry Special Interest Group.

Linux has supported EFI via the elilo boot loader. The Open Source community increased their effort to develop a replacement for proprietary BIOSes and their future incarnations with an open sourced counterpart through the coreboot and OpenBIOS/Open FirmwareAMD provided product specifications for some chipsets, and Google is sponsoring the project. Motherboard manufacturer Tyan offers coreboot next to the standard BIOS with their Opteron line of motherboards. MSI and Gigabyte Technology have followed suit with the MSI K9ND MS-9282 and MSI K9SD MS-9185 resp. the M57SLI-S4 models. projects.

Some BIOSes contain a "tattoo", a digital signature placed inside the BIOS by the manufacturer, for example Dell. Computer manufacturers that distribute OEM versions of Microsoft Windows and Microsoft application software can use the tattoo to authenticate licensing to the OEM Windows Installation disk and/or system recovery disc containing Windows software. Dell systems having tattoos do not require entry of the Product Key (the Product Key on the label in fact being invalid^{[citation needed]}), and they bypass Windows Product Activation (a convenience to the user and to Microsoft).

The BIOS business

The vast majority of PC motherboard suppliers license a BIOS "core" and toolkit from a commercial third-party, known as an "independent BIOS vendor" or IBV. The motherboard manufacturer then customizes this BIOS to suit its own hardware. For this reason, updated BIOSes are normally obtained directly from the motherboard manufacturer.

Major BIOS vendors include American Megatrends (AMI), Insyde Software, Phoenix Technologies. Former vendors include Award Software which was acquired by Phoenix Technologies in 1998 and has now phased out the Award Brand name.