SecureDNA™ is the center of General Micro System’s continuing commitment to product security and is detailed in separate GMS documentation (GMS document #003-0006, available under NDA). An important part of the GMS SecureDNA™ suite is our SourceSafe™ BIOS.
This Application Brief provides a high-level overview of SourceSafeTM BIOS’s capabilities and why it sets GMS apart.
What is SourceSafe™ BIOS?
SourceSafe is the term used for the BIOS which is owned by GMS.
GMS partners with AMI (American Megatrends International), the world’s leading BIOS vendor. GMS starts with a licensed BIOS image from AMI and then directly customizes it for performance, security, longevity and other special features.
Why SourceSafe™ BIOS?
SourceSafe BIOS provides four main benefits to customers: Security, Optimization, Longevity and Support.
The system BIOS contains the code executed by the CPU to initialize important hardware components and load the operating system. It is a critical security component because any malicious software that runs at the BIOS level would exert great control over the entire system. For this reason, the BIOS is also an attractive target for malicious code.
By having complete control of the SourceSafe BIOS, GMS can attest to the BIOS’s integrity. We can also choose if and when to implement core function changes into the BIOS as a result of exploits appearing in the wild. GMS closely collaborates with Intel Corporation to realize Intel’s suggested and required updates to BIOS for x86 processors and peripherals.
SourceSafe BIOS allows GMS to carefully tune each system for maximum performance and stability. For example, we have dramatically shortened boot times, in some cases by as much as half. System default values can be implemented according to customer requirements, including hiding or disabling any combination of settings or controls.
Since GMS owns the image, we can maintain all versions of SourceSafe BIOS indefinitely. This is essential for long-life programs, to support pre-planned product improvements (P3I), technology refresh, or to add new features to legacy GMS hardware and systems years after they first ship to a customer.
SourceSafe BIOS is version-controlled and is assigned a customer-specific part number. Locking the part number ensures that future purchases contain the exact same BIOS. As well, any security patches can be distributed quickly to affected customers.
Additionally, GMS’s technology strategy incorporates design activities to reduce DMSMS impact throughout the product life cycle. As components change or age-out in the market, GMS can make changes to the BIOS as needed to work with replacement components while still assuring backwards compatible hardware functionality. In short: SourceSafe BIOS can make a refreshed system work similarly to an original, older legacy system.
SourceSafeTM BIOS is an ideal way to support customer requirements: GMS having full control over the BIOS is an important non‑trivial security feature of all GMS systems. Moreover, SourceSafe BIOS protects long-running military programs and hardware by offering technology refresh features and protection against DMSMS (end of life) problems.