CN115794240A - Computer BIOS (basic input output System) starting measurement method based on CPLD (Complex programmable logic device) - Google Patents
Computer BIOS (basic input output System) starting measurement method based on CPLD (Complex programmable logic device) Download PDFInfo
- Publication number
- CN115794240A CN115794240A CN202211598272.7A CN202211598272A CN115794240A CN 115794240 A CN115794240 A CN 115794240A CN 202211598272 A CN202211598272 A CN 202211598272A CN 115794240 A CN115794240 A CN 115794240A
- Authority
- CN
- China
- Prior art keywords
- bios
- cpld
- computer
- chip
- value
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a computer BIOS (basic input output System) starting measurement method based on a CPLD (Complex programmable logic device), relating to the technical field of computer security; according to a starting signal of a computer, an alternative chip of a mainboard is controlled by a CPLD chip to select an intercommunication mode of a BIOS and the CPLD, a key sensitive field in an internal program of the BIOS is actively read, MD5 value calculation is carried out according to the key sensitive field, whether an MD5 value obtained by calculation is consistent with an MD5 value of the BIOS stored in the CPLD chip is verified, if the MD5 value is consistent with the MD5 value of the BIOS stored in the CPLD chip, the alternative chip is controlled by the CPLD chip to be converted into the intercommunication mode of the BIOS and the CPU, the mainboard is controlled to be powered on and started, and if the CPLD chip is not, the computer is controlled to alarm.
Description
Technical Field
The invention discloses a method, relates to the technical field of computer security, and particularly relates to a computer BIOS (basic input output System) starting measurement method based on a CPLD (complex programmable logic device).
Background
With the continuous development of information technology, the problem of information security is becoming more and more prominent, and how to ensure the security of information systems has become a focus of much attention in society. At present, the demand for data protection on computers is increasingly wide, and the importance of the BIOS as a basic input and output system of computer equipment is self-evident. In the market, a method for actively measuring the BIOS through a PCIE SOC card and an onboard TCM chip is provided, but the cost is high, and the realization and the use are complex.
Disclosure of Invention
Aiming at the problems in the prior art, the invention provides a computer BIOS starting measurement method based on a CPLD, which realizes simple and effective protection of BIOS safety.
The specific scheme provided by the invention is as follows:
the invention provides a computer BIOS starting measurement method based on CPLD, according to the starting signal of the computer, the alternative chip of the CPLD chip control mainboard is used to select the intercommunication mode of BIOS and CPLD, actively read the key sensitive field in the BIOS internal program, calculate the MD5 value according to the key sensitive field,
and verifying whether the MD5 value obtained by calculation is consistent with the MD5 value of the BIOS stored in the CPLD chip, if so, controlling the alternative chip to be converted into an intercommunication mode of the BIOS and the CPU through the CPLD chip, and controlling the mainboard to be powered on and started, otherwise, controlling the computer to alarm through the CPLD chip.
Further, in the computer BIOS power-on measurement method based on the CPLD, if the MD5 value obtained by verification calculation is consistent with the MD5 value of the BIOS stored in the CPLD chip, the CPLD chip controls the alternative chip to switch to the intercommunication mode of the BIOS and the CPU, the CPLD chip controls the CPU to be powered on, and the CPU reads the BIOS and normally starts the computer.
Further, in the computer BIOS power-on measurement method based on the CPLD, if the MD5 value obtained by verification calculation is inconsistent with the MD5 value of the BIOS stored in the CPLD chip, the CPU is stopped from being powered on by the CPLD chip, and the buzzer is controlled to give an alarm.
Further, in the computer BIOS power-on measurement method based on the CPLD, the MD5 value written in the BIOS is fixed in the CPLD chip according to the BIOS of the computer.
The invention also provides a computer BIOS starting measurement system based on CPLD, which comprises a control module, a calculation module and a measurement module,
the control module selects the intercommunication mode of BIOS and CPLD through the alternative chip of CPLD chip control mainboard according to the startup signal of computer, actively reads the key sensitive field in BIOS internal program, the calculation module calculates MD5 value according to the key sensitive field,
the measuring module verifies whether the MD5 value obtained by calculation is consistent with the MD5 value of the BIOS stored in the CPLD chip, if so, the control module controls the alternative chip to be converted into the intercommunication mode of the BIOS and the CPU through the CPLD chip and controls the mainboard to be powered on and started, otherwise, the control module controls the computer to alarm through the CPLD chip.
Further, the measuring module in the computer BIOS startup measuring system based on the CPLD verifies that the MD5 value obtained by calculation is consistent with the MD5 value of the BIOS stored in the CPLD chip, then the control module controls the alternative chip to switch to the intercommunication mode of the BIOS and the CPU through the CPLD chip, controls the CPU to be powered on through the CPLD chip, reads the BIOS through the CPU, and normally starts the computer.
Further, if the MD5 value obtained by verification calculation of the metrology module in the computer BIOS power-on metrology system based on the CPLD is not consistent with the MD5 value of the BIOS stored in the CPLD chip, the control module stops the CPU from being powered on through the CPLD chip and controls the buzzer to alarm.
The present invention further provides a computer readable medium, which has computer instructions stored thereon, and when the computer instructions are executed by a processor, the computer instructions cause the processor to execute the computer BIOS boot-up measurement method based on CPLD.
The invention has the advantages that:
the invention provides a computer BIOS (basic input output System) starting measurement method based on a CPLD (complex programmable logic device), which can adopt a CPLD chip originally used for controlling power-on a computer mainboard to realize the measurement function of key sensitive information of the BIOS of the mainboard, ensure that the key sensitive information of the BIOS on the computer is not distorted, and have good popularization and use values in the security field.
Drawings
In order to more clearly illustrate the embodiments or technical solutions of the present invention, the drawings used in the embodiments or technical solutions in the prior art are briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to these drawings without creative efforts.
FIG. 1 is a schematic flow diagram of the process of the present invention.
Fig. 2 is a schematic layout diagram of a computer motherboard according to the present invention.
Detailed Description
The present invention is further described below in conjunction with the following figures and specific examples so that those skilled in the art may better understand the present invention and practice it, but the examples are not intended to limit the present invention.
The invention provides a computer BIOS starting measurement method based on CPLD, according to the starting signal of the computer, through the alternative chip of the CPLD chip control mainboard, the intercommunication mode of BIOS and CPLD is selected, the key sensitive field in the BIOS internal program is actively read, the MD5 value calculation is carried out according to the key sensitive field,
and verifying whether the MD5 value obtained by calculation is consistent with the MD5 value of the BIOS stored in the CPLD chip, if so, controlling the alternative chip to be converted into an intercommunication mode of the BIOS and the CPU through the CPLD chip, and controlling the mainboard to be powered on and started up, otherwise, controlling the computer to alarm through the CPLD chip.
The method adopts the CPLD chip to realize the measurement of the key sensitive information of the BIOS of the mainboard, and ensures that the key sensitive information of the BIOS on the computer is not tampered.
In specific application, in some embodiments of the method of the present invention, according to a startup signal of a computer, an alternative chip of a control mainboard of a CPLD chip selects an intercommunication mode of a BIOS and the CPLD, actively reads a key sensitive field in an internal program of the BIOS, performs MD5 value calculation according to the key sensitive field,
verifying whether the MD5 value obtained by calculation is consistent with the MD5 value of BIOS stored in the CPLD chip, wherein the MD5 value written in the BIOS is solidified in the CPLD chip according to the BIOS of the computer,
if the MD5 value obtained by verification calculation is consistent with the MD5 value of the BIOS stored in the CPLD chip, the CPLD chip controls the alternative chip to be converted into an intercommunication mode of the BIOS and the CPU, the CPLD chip controls the CPU to be electrified, and the CPU reads the BIOS and normally starts the computer.
And if the MD5 value obtained by verification calculation is inconsistent with the MD5 value of the BIOS stored in the CPLD chip, stopping the CPU from being powered on through the CPLD chip, and controlling the buzzer to buzz and alarm.
The invention also provides a computer BIOS starting measurement system based on CPLD, which comprises a control module, a calculation module and a measurement module,
the control module selects the intercommunication mode of BIOS and CPLD through the alternative chip of CPLD chip control mainboard according to the startup signal of computer, actively reads the key sensitive field in BIOS internal program, the calculation module calculates MD5 value according to the key sensitive field,
the measuring module verifies whether the MD5 value obtained by calculation is consistent with the MD5 value of the BIOS stored in the CPLD chip, if so, the control module controls the alternative chip to be converted into the intercommunication mode of the BIOS and the CPU through the CPLD chip and controls the mainboard to be powered on and started, otherwise, the control module controls the computer to alarm through the CPLD chip.
For the information interaction, execution process and other contents between the modules in the system, the specific contents can refer to the description in the embodiment of the method of the present invention because the same conception is based on, and are not described herein again.
Similarly, the system can utilize the CPLD chip originally used for controlling power-on the computer mainboard to realize the function of measuring the key sensitive information of the BIOS of the mainboard, ensure that the key sensitive information of the BIOS on the computer is not falsified and has good popularization and use values in the security field.
The present invention also provides a computer readable medium having stored thereon computer instructions, which, when executed by a processor, cause the processor to execute the method for measuring the BIOS power-on of a computer based on CPLD. Specifically, a system or an apparatus equipped with a storage medium on which software program codes that realize the functions of any of the embodiments described above are stored may be provided, and a computer (or a CPU or MPU) of the system or the apparatus is caused to read out and execute the program codes stored in the storage medium.
In this case, the program code itself read from the storage medium can realize the functions of any of the above-described embodiments, and thus the program code and the storage medium storing the program code constitute a part of the present invention.
Examples of the storage medium for supplying the program code include a floppy disk, a hard disk, a magneto-optical disk, an optical disk (e.g., CD-ROM, CD-R, CD-RW, DVD-ROM, DVD-RAM, DVD-RW, DVD + RW), a magnetic tape, a nonvolatile memory card, and a ROM. Alternatively, the program code may be downloaded from a server computer by a communications network.
Further, it should be clear that the functions of any one of the above-described embodiments may be implemented not only by executing the program code read out by the computer, but also by causing an operating system or the like operating on the computer to perform a part or all of the actual operations based on instructions of the program code.
Further, it is to be understood that the program code read out from the storage medium is written to a memory provided in an expansion board inserted into the computer or to a memory provided in an expansion unit connected to the computer, and then causes a CPU or the like mounted on the expansion board or the expansion unit to perform part or all of the actual operations based on instructions of the program code, thereby realizing the functions of any of the above-described embodiments.
It should be noted that not all steps and modules in the above flows and system structures are necessary, and some steps or modules may be omitted according to actual needs. The execution order of the steps is not fixed and can be adjusted as required. The system structure described in the above embodiments may be a physical structure or a logical structure, that is, some modules may be implemented by the same physical entity, or some modules may be implemented by a plurality of physical entities, or some components in a plurality of independent devices may be implemented together.
The above-mentioned embodiments are merely preferred embodiments for fully illustrating the present invention, and the scope of the present invention is not limited thereto. The equivalent substitutions or changes made by the person skilled in the art on the basis of the present invention are all within the protection scope of the present invention. The protection scope of the invention is subject to the claims.
Claims (8)
1. A BIOS starting-up measuring method for computer based on CPLD is characterized by that according to the starting-up signal of computer, the alternative chip of CPLD chip control main board can be used to select the intercommunicating mode of BIOS and CPLD, and can actively read the key sensitive field in BIOS internal program, and according to the described key sensitive field can make MD5 value calculation,
and verifying whether the MD5 value obtained by calculation is consistent with the MD5 value of the BIOS stored in the CPLD chip, if so, controlling the alternative chip to be converted into an intercommunication mode of the BIOS and the CPU through the CPLD chip, and controlling the mainboard to be powered on and started, otherwise, controlling the computer to alarm through the CPLD chip.
2. The method according to claim 1, wherein the verification shows that the MD5 value obtained by the calculation is consistent with the MD5 value of the BIOS stored in the CPLD chip, the CPLD chip controls the alternative chip to switch to the intercommunication mode between the BIOS and the CPU, the CPLD chip controls the CPU to be powered on, and the CPU reads the BIOS and normally starts the computer.
3. The computer BIOS power-on measurement method based on CPLD of claim 1, wherein if the MD5 value obtained by verification calculation is inconsistent with the MD5 value of the BIOS stored in the CPLD chip, the CPU is stopped to power on by the CPLD chip, and the buzzer is controlled to alarm.
4. The method according to claim 1, wherein the MD5 value written into the BIOS is fixed in the CPLD chip according to the BIOS of the computer.
5. A computer BIOS starting measurement system based on CPLD is characterized by comprising a control module, a calculation module and a measurement module,
the control module selects the intercommunication mode of BIOS and CPLD through the alternative chip of CPLD chip control mainboard according to the startup signal of computer, actively reads the key sensitive field in BIOS internal program, the calculation module calculates MD5 value according to the key sensitive field,
the measuring module verifies whether the MD5 value obtained by calculation is consistent with the MD5 value of the BIOS stored in the CPLD chip, if so, the control module controls the alternative chip to be converted into the intercommunication mode of the BIOS and the CPU through the CPLD chip and controls the mainboard to be powered on and started, otherwise, the control module controls the computer to alarm through the CPLD chip.
6. The computer BIOS boot measurement system based on CPLD according to claim 5, wherein the measurement module verifies that the MD5 value obtained by calculation is consistent with the MD5 value of BIOS stored in the CPLD chip, the control module controls the alternative chip to switch to the intercommunication mode of BIOS and CPU through the CPLD chip, controls the CPU to be powered on through the CPLD chip, reads BIOS through the CPU and normally starts the computer.
7. The computer BIOS startup measurement system based on CPLD according to claim 5, wherein the measurement module verifies that the MD5 value obtained by calculation is inconsistent with the MD5 value of BIOS stored in the CPLD chip, and the control module stops CPU power-on through the CPLD chip and controls buzzer alarm.
8. Computer readable medium characterized in that said computer readable medium has stored thereon computer instructions which, when executed by a processor, cause said processor to execute a CPLD based computer BIOS boot measurement method as claimed in any one of claims 1 to 4.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211598272.7A CN115794240A (en) | 2022-12-14 | 2022-12-14 | Computer BIOS (basic input output System) starting measurement method based on CPLD (Complex programmable logic device) |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211598272.7A CN115794240A (en) | 2022-12-14 | 2022-12-14 | Computer BIOS (basic input output System) starting measurement method based on CPLD (Complex programmable logic device) |
Publications (1)
Publication Number | Publication Date |
---|---|
CN115794240A true CN115794240A (en) | 2023-03-14 |
Family
ID=85419729
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202211598272.7A Pending CN115794240A (en) | 2022-12-14 | 2022-12-14 | Computer BIOS (basic input output System) starting measurement method based on CPLD (Complex programmable logic device) |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115794240A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116881928A (en) * | 2023-09-06 | 2023-10-13 | 联想长风科技(北京)有限公司 | Trusted rapid measurement method and trusted computer |
-
2022
- 2022-12-14 CN CN202211598272.7A patent/CN115794240A/en active Pending
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116881928A (en) * | 2023-09-06 | 2023-10-13 | 联想长风科技(北京)有限公司 | Trusted rapid measurement method and trusted computer |
CN116881928B (en) * | 2023-09-06 | 2023-11-17 | 联想长风科技(北京)有限公司 | Trusted rapid measurement method and trusted computer |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105144185B (en) | Access control device code and system start code | |
US8863109B2 (en) | Updating secure pre-boot firmware in a computing system in real-time | |
CN107526665B (en) | Case management system and case management method | |
CN103080904B (en) | Multistage lock-step integrity report mechanism is provided | |
US11579893B2 (en) | Systems and methods for separate storage and use of system BIOS components | |
US7929706B2 (en) | Encryption key restoring method, information processing apparatus, and encryption key restoring program | |
CN101221509B (en) | Bus arbitration starting method of reliable embedded system | |
US10869176B1 (en) | Near field communication (NFC) enhanced computing systems | |
CN1323354C (en) | Detecting modifications made to code placed in memory by the POST BIOS | |
CN107665308B (en) | TPCM system for building and maintaining trusted operating environment and corresponding method | |
CN110472421B (en) | Mainboard and firmware safety detection method and terminal equipment | |
US20210303691A1 (en) | Ip independent secure firmware load | |
US10212272B1 (en) | Near field communication enhanced computing systems | |
US20090132798A1 (en) | Electronic device and method for resuming from suspend-to-memory state thereof | |
CN115794240A (en) | Computer BIOS (basic input output System) starting measurement method based on CPLD (Complex programmable logic device) | |
US8375198B2 (en) | Boot system and method having a BIOS that reads an operating system from first storage device via an input/output chip based on detecting a temperature of a second storage device | |
CN117992311B (en) | Server and hard disk monitoring method, device, equipment and medium thereof | |
CN113420297A (en) | Credibility verification system, credibility verification method, mainboard, miniature board card and storage medium | |
CA2658634A1 (en) | Controlled frequency core processor and method for starting-up said core processor in a programmed manner | |
CN114579971A (en) | Starting method of safety control module and related device | |
CN113064610A (en) | Method, device and medium for updating BIOS | |
CN111444515A (en) | Credibility measurement method based on PCIE interface | |
CN114510751A (en) | Hardware replacement prevention device and method based on processor security kernel | |
CN113741985A (en) | Method, device and equipment for cold start of system after BIOS (basic input output System) upgrade and readable medium | |
CN115129384A (en) | Electronic equipment and running method of starting program of electronic equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |