DARPA releases plan for 'breakthrough' defense tech
March 26, 2015
The Defense Advanced Research Projects Agency unveiled its vision this week of America's future high-tech military superiority.
David Stegon was a staff reporter for FedScoop and StateScoop from 2011-2014.
The National Institute of Standards and Technology is seeking comments on new draft guidelines for securing basic input/output systems on servers, otherwise known as BIOS systems.
The draft publication, "BIOS Protections Guidelines for Servers" (NIST Special Publication 800-147B), addresses BIOS security in the varied architectures used by servers.
"While laptop and desktop computers have largely converged on a single architecture for system BIOS, server class systems have a more diverse set of architectures, and more mechanisms for updating or modifying the system BIOS," said NIST’s Andrew Regenscheid.
Server manufacturers routinely update BIOS to fix bugs, patch vulnerabilities or support new hardware. However, while authorized updates to BIOS can improve functionality or security, unauthorized or malicious changes could be part of a sophisticated, targeted attack on an organization, allowing an attacker to infiltrate an organization's systems or disrupt their operations.
Comments on the draft must be emailed to email@example.com by September 14.