Abstract: A data processing system comprising a processor having a working memory and processing logic, a boot system configured to load one or more algorithms for initializing a basic input output system (BIOS) of the processor into the working memory and an error correction system configured to start a watchdog timer and to monitor initialization of the processor, the error correction system further configured to implement a corrective process if the watchdog timer times out prior to initialization of the BIOS of the processor.

Abstract: An information handling system may include a processor and a basic input/output system communicatively coupled to the processor and embodied by executable instructions embodied in non-transitory computer readable media, the instructions configured to, when executed by the processor: extract from a boot manifest a list of files associated with operating system applications of the information handling system and respective signatures for each of the files; locate the files listed in the boot manifest on a partition of a storage resource accessible to the processor; attempt to verify signatures for each of the files as stored on the storage resource against their respective signatures set forth in the boot manifest; enable execution of a boot loader for the operating system and the operating system applications in response to successful verification of the signatures; and abort a boot process of the information handling system in response to unsuccessful verification of the signatures.

Abstract: An information handling system may include a processor and a basic input/output system communicatively coupled to the processor and embodied by executable instructions embodied in non-transitory computer readable media, the instructions configured to, when executed by the processor: extract from a boot manifest a list of files associated with operating system applications of the information handling system and respective signatures for each of the files; locate the files listed in the boot manifest on a partition of a storage resource accessible to the processor; attempt to verify signatures for each of the files as stored on the storage resource against their respective signatures set forth in the boot manifest; enable execution of a boot loader for the operating system and the operating system applications in response to successful verification of the signatures; and abort a boot process of the information handling system in response to unsuccessful verification of the signatures.

Abstract: A method allocates a dynamic memory disk located in a pre-boot environment and accessible in the pre-boot environment and in an OS runtime environment. The method may transmit a request to a distribution system for an OS base image and a device driver that includes an identifier of the information handling system. The method receives a response including instructions on how to download the OS base image and the device driver associated with the identifier of the information handling system. The OS base image is modified to include a virtual device driver and an OS deployment agent. The method stores the OS base image and the device driver at the dynamic memory disk. The method loads the OS base image that includes installing an OS in the runtime environment. Then the dynamic memory disk may be mounted by the virtual device driver that may be installed by the OS.

Abstract: Systems and methods to build a trusted HTTPS session on a limited pre-boot BIOS environment in an information handling system. The information handling system may include a BIOS that may be stored in a secure read-only region of a flash storage. The BIOS may download signed certification authority (CA) information from a server based on a target location that may be stored at the secure read-only region. The BIOS may authenticate the signed CA information based on a public key that may be stored at the secure read-only region. The BIOS may, when the signed CA information is authenticated, download a root CA chain from the server and authenticate the root CA chain. The BIOS may, when the root CA chain is authenticated, establish a secure encrypted transport layer security (TLS) session with the server based the root CA chain.

Abstract: Systems and methods to build a trusted HTTPS session on a limited pre-boot BIOS environment in an information handling system. The information handling system may include a BIOS that may be stored in a secure read-only region of a flash storage. The BIOS may download signed certification authority (CA) information from a server based on a target location that may be stored at the secure read-only region. The BIOS may authenticate the signed CA information based on a public key that may be stored at the secure read-only region. The BIOS may, when the signed CA information is authenticated, download a root CA chain from the server and authenticate the root CA chain. The BIOS may, when the root CA chain is authenticated, establish a secure encrypted transport layer security (TLS) session with the server based the root CA chain.