presented by

Converged Firmware Infrastructure Drives Innovation

The 10‐in‐10 Computing Conference –October 28, 2011

Presented by Dong Wei (VP, UEFI Forum)

www.uefi.org 1

Updated 2011‐06‐01

Agenda

• The Firmware Convergence• Basis for Innovations• UEFI Forum Status• Questions 

www.uefi.org 2

The Firmware Convergence

• UEFI is processor architecture agnostic– Provides a converged firmware boot infrastructure for x86, x64, ARM and Itanium

• Modularity & Extensibility– Enables reuse and value‐add– Optimizes code size (code only as needed)– Improves boot performance

• Ecosystem benefits– Enabled code sharing opportunities among business entities and with partners/vendors

www.uefi.org 3

UEFI View

Firmware

Platform Specific UEFI Firmware

OS

System Hardware

UEFI Boot Services

UEFI OS Loader OS APIs

UEFI Mode 

UEFI Runtime Services

Pla

tform

Initi

aliz

atio

n

PI Modular components

Hardware

UEFI-enabled

OS

UEFI Shell Legacy

OS

OptionROMs

CPU PEIModules

C/S PEI Modules

UEFI

• • •

UE

FI Driver

DX

E D

river

Com

patibility S

upport Module

UE

FI Driver

BDS

UE

FI Driver

Example: UEFI Deployment @ HP

Microsoft Windows 7

Embedded Systems PC Clients

Printers and ScannersScanjet Enterprise 7000n*, Color Laserjet CM4540 MFP*, Color LaserJet CP5525*, LaserJet M4555MFP*.

Storage

Network

Notebook PCs and TabletsCommercial group has shipped Class 2 systems since 2008Consumer group is shipping Class 1 systems

Desktops and WorkstationsAdopted a common UEFI codebaseShipped Class 2 systems since 2H’2010

Enterprise Servers

Integrity ServersAlways Class 3 systemsHP-UX, VMS, Integrity VM Operating Environment

• Collaborate on HP UEFI features provided enhanced manageability, security and ease of code with shared UEFI-based diagnostics

Basis for Innovations

• Secure boot• Network stack• User interface and seamless boot • Fast boot• Legacy removal• System Management

www.uefi.org 6

Why Secure Boot

• Growing class of malware targets the boot path–http://www.theregister.co.uk/2011/09/14/bios_rootkit_discovered/

www.uefi.org 7

It should be no surprise that a TDL Gang botnet climbed into the number one position in the Damballa Threat Report – Top 10 Botnets of 2010.   “RudeWarlockMob”  … applied 

effective behaviors of old viruses and kits. It combined techniques that have been effective since the days of 16‐bit operating systems, like Master Boot Record (MBR) infection … with 

newer malware techniques. (from http://blog.damballa.com)

Secure Boot

• All firmware and software in the boot process must be signed by a trusted Certificate Authority (CA) 

• Based on UEFI Driver Signing and Authenticated Variable Service

• Global defined variables–Platform Key (PK)–Key Exchange Key (KEK)

www.uefi.org 8

Network Stack

• Rich network capability at pre‐OS time– Supports IPv4 and IPv6– Supports iSCSI Boot– Supports PXE network boot– Enables system management

www.uefi.org 9

User Experience

• Graphics Output Protocol (GOP) enables high‐resolution graphics during pre‐Boot– Seamless graphics experience at POST, OS launch, OS crash

–Graphical BIOS Setup interface• Absolute Pointer Protocol enables the mouse and touch experience during Pre‐OS

www.uefi.org 10

Example: Windows 8 Seamless Boot 

www.uefi.org 11

POST Explorer Init.

Device Init.Hiber Resume

OEM Logo

OEM Logo

Clean, high-resolution branding elements persist through OS boot

Post with highest supported native resolution

Seamless single graphics transition from firmware to native OS driver

Example:ASUS GUI Setup

www.uefi.org 12

Example:HP DayStarter

60s

<5s

POST Microsoft Windows† VistaHWMicrosoft Windows†

7

A Typical Boot Sequence to Windows†

Boot Sequence Improvements

Microsoft Windows 7 <

2s

60 s

POST Microsoft Windows† VistaHW

HP DayStarter

Microsoft Windows†

7

HP DayStarter

The New HP Innovative Boot with DayStarter

A Better User Experience

• Customer benefit: • Instant-on User Experience• displays user’s info

• calendar• to-do list• customizable info

• before Windows† is booting.

CalendarCustomizable information

Non authenticate

Data

HP DayStarter

Info

Slot 0

HPPI Feature1

Slot 1

HP_Tools\Hewlett-Packard\HPDayStarter

Non authenticate

Data

Non authenticateData

Auth DataUser 1User 2User N

Auth DataUser 1User 2User N

Auth DataUser 1User 2User N

HPPI Feature2

Slot 2

Non authenticate

Data

Auth DataUser 1User 2User N

HPPI Feature N

Slot N

Non authenticate

Data

Auth DataUser 1User 2User N

Extensible Architecture

Innovative TechnologyThe main technology behind the HP DayStarter is for UEFI BIOS to locate the proper JPEG image and use the System Management Mode (SMM) to update the frame buffer content until Windows† is ready for system login. At runtime, the HP DayStarter implements an Microsoft Outlook plug-in to capture the calendar information.

To-do List

An HP Platform Innovation enabled by UEFI

Fast Boot

• OS’s compression of time needed for its initialization exposes POST time length

• Hardware choices impact boot time• UEFI enables many optimization opportunities– Collaborate with OS to avoid repetition–Only perform functions needed to boot– Use GOP rather than vBIOS– Class 3 boot does not need CSM

www.uefi.org 14

System Management

• Build on the UEFI Foundation • Potential for future standardization

www.uefi.org 15

Example:IBMThe IBM® BladeCenter HS22 offers flexible options to support a broad range of workloads, 

including virtualization and enterprise applications. Along with intuitive UEFI‐based tools, the HS22 can be customized and deployed quickly while best‐in‐class reliability features help keep you up and running

IBM System x Server Firmware has many features that go well beyond the basic requirements of UEFI‐compliant firmware, including the following key features:

• Ability to boot UEFI‐compliant operating systems and existing legacy master boot record operating systems without requiring that boot modes or settings be changed 

• Active Energy Manager • Memory predictive failure technology • Fatal memory error recovery and DIMM isolation • Enhanced light path diagnostics • Simplified hierarchical POST and UEFI diagnostic codes • Out‐of‐band configuration and deployment capabilities

www.uefi.org 16

17

Industry BIOS Transition

Pre‐2000 All Platforms BIOS were proprietary

2000

Intel invented the Extensible Firmware Interface (EFI) and provided sample implementation under free BSD terms

tianocore.org, open source EFI community launched

2004

Unified EFI (UEFI)Industry forum, with 11 promoters, was formed to standardize EFI

2005

185 members and growing! Major MNCs shipping ‐ UEFI platforms crossed 50% of IA worldwide units ‐Microsoft* UEFI x64 support  in Server 2008, Vista* and Win7* ‐ RedHat* and Novell* OS support

2011

www.uefi.org

Source: Various – UEFI Industry Communication Working Group data through 2010; Intel customers platform UEFI adoption projection data for 2011-2015

UEFI Firmware DeploymentsOver 50% of worldwide IA units in 2010 and expected to reach 90% by 2015

IA Mobile PlatformsUEFI Transition Complete;

MNCs UEFIServers shipping

IA DesktopsUEFI Transition

to complete

Full IA Industry Native UEFI

Transition Expected

UEFI System Classes Based on Firmware I/F

Class0

Class1

Class2

Class3

LegacyBIOS

UEFI CSM1

only UEFI Switch: CSM & UEFI

UEFI only

Limited Benefits:OEMs/ODMs internal

Development Optimization& Code Organization

Full Benefits:UEFI Innovation

PerformanceExtensibility

Advanced Usability

Inte

rfac

eEx

pose

d

FutureToday

1Compatibility Support Module

19www.uefi.org

UEFI Specification Roadmap

www.uefi.org 20

UEFI Plugfest (Taipei)

• Insyde hosted. AMD, AMI, Insyde, Intel, Microsoft and Phoenix sponsored

• ~170 people from ~30 vendors present• Test results• Ready for Win8?

www.uefi.org 21