HP Sure Start Automatic Firmware Intrusion Detection and Repair System - White Paper
May 2016
902696-002
HP Sure Start Technical White Paper
© Copyright 2016 HP Development Company, L.P.
4 HP Sure Start user experience 12
4 HP Sure Start user experience
Customers see no noticeable experience degradation when HP Sure Start operates. Recovery operations are automatic
using the default settings, with no end-user interaction or IT involvement for the recovery to occur in the case of HP Sure
Start identifying a problem. Additionally, HP Sure Start is enabled “Out of the Box”, so there is no need for a customer to set
up or configure the platform to take advantage of the feature!
4.1 Specific to the HP Sure Start Embedded Controller
HP Sure Start hardware is active from the moment power is applied to the system. Since the system is in the Off state at
this point and it is not possible to display messages to the user, the HP Sure Start Embedded Controller uses one of the
mechanisms defined in Table 6 to indicate HP Sure Start activity.
In a normal scenario where HP Sure Start examines the System Flash code and data that it monitors and finds no issues, the
HP Sure Start activity indicator will only be active for a few seconds. In a scenario where HP Sure Start finds an integrity
issue with any of the code or data monitored by Sure Start (and the recovery policy is set to the default; Automatic), the
activity indicator will be active for approximately 10-20 seconds indicating HP Sure Start is making repairs.
As soon as HP Sure Start activity is complete, the system is ready to be powered up by the user. Attempts to power up the
system while Sure Start is active will be ignored.
As previously mentioned, the HP Sure Start Embedded Controller will also check the integrity of the code and data
monitored by Sure Start each time the system is turned Off, put into a Hibernate, or Sleep mode. If the Sure Start activity
indicator is watched closely, the user will notice the HP Sure Start activity indication for a few seconds upon entry into those
states which indicates that the code and data monitored by Sure Start was successfully verified.
The Sure Start Embedded Controller will update the recovery BIOS Boot Block image in the Sure Start Embedded Controller
Non-Volatile Memory store to match the copy in the System Flash in the cases a valid update is detected. In this scenario,
the user will perform a normal BIOS update which includes progress status displayed on the system display. To complete
the final steps of the update, the system will reboot and the HP Sure Start activity indicator will be displayed for
approximately 10-20 seconds as the HP Sure Start Embedded Controller first validates the update and then replaces the
BIOS Boot Block recovery copy in the Sure Start Embedded Controller Non-Volatile Memory store.
NOTE:
BIOS Boot Block code will not always be updated as part of a BIOS update. In practice, the BIOS Boot Block code is rarely
changed in production platforms and therefore the majority of BIOS updates do not update the BIOS Boot Block code.
In the event HP Sure Start Embedded Controller finds a problem with the contents of BIOS Boot Block in the System Flash,
the user experience would be much the same as the “Update” scenario described above. In this case, the HP Sure Start
Embedded Controller is replacing the BIOS Boot Block in System Flash with the backup copy in the Sure Start Embedded
Controller Non-Volatile Memory Store.
This will happen automatically with the default setting, but there is a policy option to modify HP Sure Start Embedded
Controller Firmware behavior such that it waits for end user input before repairing the Boot Block portion of the System
Flash (Manual Recovery). With this policy option set, the HP Sure Start Embedded Controller firmware will halt the system
and wait for the recovery sequence action from the local user. In a scenario where the recovery policy has been changed to
Manual and the System Flash Boot Block is compromised, the system will refuse to power up and the user will see the “BIOS
Manual Recovery Required” indication as shown in table 6 until the local user takes the “BIOS Manual Recovery Sequence”
action shown in Table 7.