BIOS Protection Guidelines - Recommendations of the National Institute of Standards and Technology
BIOS PROTECTION GUIDELINES
update image and ensure that it matches a hash which appears in the key store before using the provided
public key to verify the signature on the BIOS update image.
BIOS images shall be signed in conformance with NIST SP 800-89, Recommendation for Obtaining
Assurances for Digital Signature Applications [SP800-89], using an approved digital signature algorithm
as specified in NIST FIPS 186-3, Digital Signature Standard [FIPS186-3], that provides at least 112 bits
of security strength, in accordance with NIST SP 800-131A, Transitions: Recommendation for
Transitioning the Use of Cryptographic Algorithms and Key Lengths [SP800-131A].
The update mechanism shall ensure that the BIOS update image has been digitally signed and that the
digital signature can be verified using a key in the RTU before updating the BIOS. Recovery mechanisms
shall also use the authenticated update mechanism unless the recovery process meets the guidelines for a
secure local update. The authenticated update mechanism should prevent the unauthorized rollback of the
BIOS to an earlier authentic version that has a known security weakness. This limitation of the rollback
mechanism may be accomplished, for example, by verifying that the version number of the BIOS image
is larger than the currently installed BIOS image’s version number.
Some organizations may wish to assert greater control over BIOS updates in high-security environments.
The authenticated update mechanism may be designed to permit organizational control over the update
process, where updates to the BIOS or rollbacks of the BIOS to an earlier version are permitted only if the
update or rollback has been authorized by the organization. For example, specific BIOS images could be
authorized by an organization by countersigning them with an organization-controlled key, which would
be verified during the update process.
3.1.2 Secure Local Update
BIOS implementations may optionally include a secure local update mechanism that updates the system
BIOS without using the authenticated update mechanism. The secure local update mechanism, if it is
implemented, should be used only to load the first BIOS image or to recover from a corruption of a
system BIOS that cannot be fixed using the authenticated update mechanism described in Section 3.1.1.
A secure local update mechanism shall ensure the authenticity and integrity of the BIOS update image by
requiring physical presence. Further protections may be implemented in the secure local update
mechanism by requiring the entry of an administrator password or the unlocking of a physical lock (e.g., a
motherboard jumper) before permitting the system BIOS to be updated.
3.1.3 Integrity Protection
To prevent unintended or malicious modification of the system BIOS outside the authenticated BIOS
update process, the RTU and the system BIOS (excluding configuration data used by the system BIOS
that is stored in non-volatile memory) shall be protected from unintended or malicious modification with
a mechanism that cannot be overridden outside of an authenticated BIOS update. The protection
mechanism shall itself be protected from unauthorized modification.
The authenticated BIOS update mechanism shall be protected from unintended or malicious modification
by a mechanism that is at least as strong as that protecting the RTU and the system BIOS.
The protection mechanism shall protect relevant regions of the system flash memory containing the
system BIOS prior to executing firmware or software that can be modified without using an authenticated
update mechanism or a secure local update mechanism. Protections should be enforced by hardware
mechanisms that are not alterable except by an authorized mechanism.
3-2