BIOS or the Basic Input Output System, designed by IBM for its Personal Computers has been with us for more than thirty years now. Whenever a computer is switched on, it conducts a self-check to see if it has a keyboard, a display and memories. Then it proceeds to look for a suitable Operating System. A small program, the BIOS, resident on a flash memory on the motherboard accomplishes all the above tasks. Once it has found a satisfactory operating system, it hands over the control of the computer. Those who are into programming of micro-controllers will recognize BIOS as the Monitor program.
However, the humble PC has come a long way in these thirty years. From a paltry 4/8 bit system with hardly 256bytes of RAM, PCs now work typically at 64 bits and 8/16GBytes of RAM. The evolution of Operating Systems and external threats to PCs has led to a demand for an overhauling of the BIOS. Introduction of Intel’s Itanium processors in 1998 put the final nail in the coffin of BIOS and a new Intel Boot Initiative was born. This initiative went on to become the EFI, or the Extensible Firmware Interface. In 2005, a new forum was born, UEFI, a consortium of AMD, IBM, Apple, Microsoft, Intel, and so on.
UEFI, or the Unified Extensible Firmware Interface, is a complete re-imaging of the computer’s boot environment and has almost no similarities to the BIOS that it replaces. While BIOS is basically a solid piece of firmware, UEFI is more or a programmable software interface that sits on top of the BIOS. This BIOS is shorn off most of its boot code, and the UEFI handles that while sitting in a part of the non-volatile memory, either on the motherboard, on the hard drive or possibly on a network share.
In essence, UEFI resembles more of a lightweight operating system. When switched on, the computer boots into UEFI, carries out a set of arbitrary actions and then triggers the loading of an operating system. As part of its specifications, the UEFI defines the boot and runtime services, device drivers, protocols for communication between services and extensions. There is even an EFI shell that allows execution of EFI applications.
As UEFI is a pseudo-operating system, it is able to access all the hardware on the computer, allowing you to surf the internet from the UEFI interface or backup you hard drive. There is even a full, mouse-driven GUI. With the boot data now stored on NAND flash or on a hard drive, a lot more space is available for language localization, boot-time diagnostics and various utilities.
UEFI enables secure boot in that it can sense if a malware is trying to take over your computer even before it has had a chance to boot into its OS. This no-compromise approach to security offers unparalleled capabilities to the customers while at the same time offering full and complete control over the PC. UEFI can validate firmware images before allowing them to execute, based on the PKI process. This secure boot helps to reduce the risk of boot loader attacks.