Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Release of NIST SP 800-147B, BIOS Protection Guidelines for Servers

Published

Author(s)

Andrew R. Regenscheid, Larry Feldman, Gregory A. Witte

Abstract

Modern computers rely on fundamental system firmware, commonly known as the Basic Input/Output System (BIOS), to enable system components to communicate and work together. The BIOS is typically developed by both original equipment manufacturers (OEMs) and independent BIOS vendors. Manufacturers frequently update system firmware to fix bugs, patch vulnerabilities, and support new hardware, but an unauthorized update constitutes a significant threat because of the BIOS’s unique and privileged position within the computing architecture
Citation
ITL Bulletin -

Keywords

Basic Input/Output System (BIOS), information security, patch management, server security, firmware, root of trust, root of trust for update

Citation

Regenscheid, A. , Feldman, L. and Witte, G. (2014), Release of NIST SP 800-147B, BIOS Protection Guidelines for Servers, ITL Bulletin, National Institute of Standards and Technology, Gaithersburg, MD, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=917478 (Accessed June 17, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created October 29, 2014, Updated February 19, 2017