Abstract: A method for returning to a basic input/output system (BIOS) setup utility while in a shell environment during a booting process of a computing system includes: upon execution of an update Unified Extensible Firmware Interface (UEFI) (BIOS) firmware file, storing a dynamic command in a command storage; storing a back protocol in the storage module, the back protocol being linked to a back function that, when executed, causes the CPU to call a program file that, when executed by the CPU, causes the CPU to enter a BIOS setup utility, the dynamic command being linked to accessing a memory location in which the back protocol is stored; and in response to receipt of the dynamic command while in the shell environment, locating the back protocol, performing the back function and calling the specific program file, which causes the CPU to enter the BIOS setup utility.

Abstract: Methods, systems, and devices for error information storage for boot-up procedures are described. A memory system may detect an error associated with performing the boot-up procedure of the memory system and may store error information associated with the detected error in a persistent register at the memory system. In some cases, the memory system may additionally store the error information in a cache at the memory system. After storing the error information, the memory system may reset and, after resetting, may transfer the error information from the persistent register to a non-volatile memory device at the memory system. In cases that the memory system stores error information in the cache prior to the reset, the memory system may additionally transfer the error information from the cache to the non-volatile memory device.

Abstract: In some implementations, a computing device may configure a new device based on a current state of an old device, including settings, preferences, and other user data. The data may be transferred from the old device to the new device, and then relocated according to a manifest that details positions of the data on the old device. The destination device may be rebooted into a configuration mode to allow for the relocation of the transferred data, and then rebooted again to configure the destination device to provide access to the data in its respective relative locations on the destination device.

Abstract: A storage device that includes a nonvolatile memory device is described. The storage device includes areas and a controller. The controller receives a write command and data from an external host device. The controller then preferentially writes the data in an area associated with a turbo write based on a turbo write policy, or in an area not associated with a turbo write based on a normal write policy. The controller also receives a move command from the external host device and moves data stored in the area to a different area based on the move command.

Abstract: Multi-socket computing system employing a parallelized boot architecture with partially-concurrent processor boot-up operations. In a boot of the multi-socket computing system, a first, master CPU in a master CPU socket is configured to receive a master reset signal indicating a boot-up state. In response, the first, master CPU is configured to execute a first boot program code to perform a first CPU boot-up operation. To parallelize the boot operation of a second, slave CPU in a slave CPU socket, the execution of the first boot program code by the first, master CPU includes communicating a slave boot-up synchronization signal indicating the boot-up state to the second CPU to execute a second boot program code to perform a second CPU boot-up operation. The second CPU starts to perform its CPU boot-up operation partially concurrent with the performance of the CPU boot-up operation to reduce overall boot-up time.

Abstract: A data storage device and method for device-initiated hibernation are provided. In one embodiment, the data storage device comprises a non-volatile memory and a controller. The controller is configured to: receive, from a host during a set-up phase of a hibernation process, a plurality of write commands with a current state of a volatile memory in the host; store the plurality of write commands in a queue, wherein the plurality of write commands are not executed during the set-up phase of the hibernation process; receive a trigger from the host to perform an execution phase of the hibernation process; and in response to receiving the trigger, execute the plurality of write commands to store the current state of the host's volatile memory in the non-volatile memory of the data storage device. Other embodiments are possible, and each of the embodiments can be used alone or together in combination.

Abstract: Facilitation of transfer of pre-operating system (pre-OS) data to a persistent store is enabled relative to an operation performed external to the OS. A system can comprise a processor, and a memory that stores computer executable instructions that, when executed by the processor, can facilitate performance of operations. The operations can comprise writing data relative to a pre-OS environment to a partition external to an operating system (OS) partition, and, in response to a reboot operation, booting an OS and transferring the data or a copy of the data to the OS partition. Alternatively, the operations can comprise, writing data relative to an updating operation to a log accessible by an OS of the system, assigning a variable value to the log, automatically searching, while operating the OS, for the variable value, and copying or transferring the data relative to the OS via identifying the variable value upon the identification.

Abstract: A method is disclosed for operating an electronic data processing system (10) operable under an operating system. The electronic data processing system has a boot system (13) for selectively loading an operating system from one of a plurality of storage media (12, 30). The boot system is accessible to an external user after the user executes an identification protocol with the boot system. The identification protocol is a challenge-response protocol based on a challenge generated by the boot system. More particularly, the challenge is randomly generated by the boot system and communicated to the user in an outgoing message and the user generates a response to the challenge as an incoming message to the boot system. A specific application is related to an electronic data processing system, and to a weighing scale (1), where the authentication system includes the electronic data processing system.

Abstract: A memory sub-system, such as a solid state drive (SSD), having host interface configured to receive at least read commands and write commands from an external host system. The SSD has memory cells formed on at least one integrated circuit die, and a processing device configured to control executions of the read commands to retrieve data from the memory cells and executions the write commands to store data into the memory cells. During a burn-in operation of the memory sub-system in a manufacturing facility, the memory sub-system is configured to perform read/write operations for the generation of a proof of space plot. After the burn-in operation, the memory sub-system is provided as a product of the manufacturing facility; and the proof of space plot stored in the memory sub-system is provided as a by-product of the burn-in operation.

Abstract: A server system to customize firmware of an endpoint via an online firmware store in connection with validating authenticity of the endpoint. For example, a customized version of firmware can be ordered for the endpoint prior to the use of the endpoint. After receiving a request having identity data generated by a memory device configured in the endpoint, the server system can determine, based on a secret of the memory device, the authenticity of the endpoint having the current firmware. An update to firmware stored in the memory device and executed in the endpoint to generate the request is identified. The server system generates a verification code for a command executable in the memory device to perform the update. After receiving the command and the verification code, the memory device validates the verification code to determine whether to execute the command for firmware update.

Abstract: An apparatus is provided for use by a network agent element or function to conduct link layer information related processing. The apparatus is caused to receive first link layer related information from a neighboring network element or function, forward second link layer related information to a communication network control element or function, receive third link layer related information from a communication network control element or function, and forward fourth link layer related information to a neighboring network element or function. The second and fourth link layer related information are generated using first and third link layer related information, respectively. The second and third link layer related information is received and forwarded via a wireless connection path of a wireless communication network. The apparatus is connected to or part of the/or communication element or function, a communication network control element or function and a communication network data element or function.

Abstract: A control system for a vehicle includes: a power source; a first power line; a second power line; a first relay; a second relay; at least one first control device; and at least one second control device. The first control device is configured to transmit a trigger signal to the second control device on condition that the first control device has detected that the first relay has been turned from off to on, and enable a first update program after transmitting the trigger signal. The first update program is an updated version of the first current program. The second control device is configured to enable a second update program on condition that the second control device has received the trigger signal from the first control device. The second update program is an updated version of the second current program.

Abstract: The disclosure proposes a method for remote upgrade and rollback of Unmanned Aerial Vehicle (UAV) software. The UAV includes a storage area and a UAV software upgrade module; and the storage area is divided into a main storage area, a backup storage area and a data area.

Abstract: An information handling system includes a memory, a basic input/output system (BIOS), and a baseboard memory controller (BMC). The memory stores a current BMC reliability, availability, and serviceability (RAS) driver. The BIOS receives a firmware update release. The firmware update release includes a first BMC RAS driver. The BIOS stores the first BMC RAS driver in a predetermined location of the memory. The BMC reads the first BMC RAS driver from the memory. The BMC also determines whether a first version of the first BMC RAS driver is different than a second version of a second BMC RAS version loaded in the BMC. In response to the first and second versions being different, the BMC loads the first BMC RAS driver.

Abstract: Systems, methods, and devices authenticate operations for secured execution environments. Methods include performing, using one or more processing elements of a secured execution environment, a first cryptographic computation on a portion of code to generate a result. Methods also include determining, using the one or more processing elements, an authenticated version of a cryptographic value, the authenticated version of the cryptographic value being determined based on a signature computation and a second cryptographic computation that is an asymmetric cryptographic computation. Methods further include determining, using the one or more processing elements, if the result of the first cryptographic computation is verified based, at least in part, on a comparison with the authenticated version of the cryptographic value.

Abstract: A method of operating a user device includes: receiving a command from a user to power on the user device, wherein the user device includes information on a restricted zone associated with the user device; detecting, by a monitoring entity of the user device without involvement of any device external to the user device, whether the user device is located within the restricted zone in response to the user device being powered on and before an operating system of the user device is executed; and granting access of the user to the user device by the monitoring entity in response to detecting the user device as being within the restricted zone.

Abstract: Mechanisms are disclosed for applying one or more heuristics to collected server configurations to detect anomalous configurations. A collection system requests configuration data, including one or more configuration values, from a plurality of configuration agents running on a plurality of hosted servers. The one or more configuration values are received from the plurality of configuration agents at the collection system. The one or more configuration values are stored in one or more databases, organized based on one or more server identifiers. The one or more configuration values are accessed, by an analysis system, from the one or more databases. One or more heuristics are applied to the one or more configuration values based on the one or more server identifiers. In response to detecting the presence of one or more anomalous server configurations, a notification of one or more server configuration issues is provided.

Abstract: An information handling system includes a basic input/output system (BIOS), multiple graphics processing units (GPUs), and an advanced graphics synchronization node (AGN). The BIOS initiates boot operations for the information handling system. During a pre-extensible firmware interface phase of the boot operations, the BIOS initializes a video memory associated with the GPUs. During the boot operations, the AGN generates a firmware override table based on data in the video memory, and a redirection override table based on the data in the video memory. During operating system runtime operations, the AGN utilizes the firmware override table to synchronize outputs from the GPUs, and utilizes the redirection override table to enable a firmware update for one of the GPUs without a reboot of the information handling system.

Abstract: There is provided a control chip including a microcontroller unit (MCU), a bus arbiter, a first bus, a second bus, a void hardware, a cache controller, a flash controller and a flash memory, wherein the flash memory is recorded with a firmware. When the MCU does not receive an update instruction, the bus arbiter reads, according to a function command of the MCU, a function return value associated with the function command from the flash memory via the first bus, the cache controller and the flash controller. When the MCU receives the update instruction, the bus arbiter updates the firmware in the flash memory via the second bus and the flash controller, and the void hardware actively replies a void return value associated with the function command to the MCU to replace the function return value.

Abstract: A method of updating a desired state of a virtualization software for a cluster of hosts includes: in response to a notification of a change associated with the cluster, determining versions of a base image of the virtualization software that are compatible with the cluster; for each compatible version of the base image, determining versions of an add-on image of the virtualization software that are compatible with the compatible version of the base image and the cluster; presenting as a recommended image a complete image of the virtualization software, the complete image containing a first version of the base image that is compatible with the cluster and a first version of the add-on image that is compatible with the first version of the base image and the cluster; and upon acceptance of the recommended image, updating a software specification to include the recommended image.

Abstract: A computing system includes: a command fetch block configured to determine a host profile for representing a requesting host corresponding to a processing request; and a credit checker block, coupled to the command fetch block, configured to calculate an instance budget at a communication endpoint from an overall resource of the communication endpoint for controlling the processing request at the communication endpoint.

Abstract: In one implementation, a universal translator device for translating protocols, the device includes one or more peripheral device interfaces through which communication from one or more peripheral devices is received using any of a plurality of protocols; a protocol translator that is (i) preconfigured with translation mappings to translate between each possible permutation of the plurality of protocols and (ii) programmed to translate, using the translation mappings, signals received from the peripheral devices into at least one target protocol; and a wireless interface that is configured to transmit wireless signals in the target protocol, the wireless signals having been translated into the target protocol by the protocol translator.

Abstract: An information handling system may include a host information handling system that is configured to execute a host operating system (OS), a management controller configured to provide out-of-band management of the information handling system, a cryptoprocessor, and a dual-port random-access memory (RAM). The information handling system may be configured to: generate, at the cryptoprocessor, a cryptographic key pair comprising a public key and a private key; transmit a token from the cryptoprocessor to the host information handling system, wherein the token is signed with the private key; transmit the public key from the cryptoprocessor to the dual-port RAM; transmit the public key from the dual-port RAM to the management controller; and based on a verification of the token with the public key, grant access to the management controller from the host OS.

Abstract: An apparatus comprises a processing device configured to determine, utilizing a firmware-based agent running in firmware, a boot flag status during a boot process of the processing device. The processing device is also configured to execute, responsive to the boot flag status being a first value, a system update handler of the firmware-based agent configured for provisioning of a secured runtime operating system on the processing device, wherein the provisioning comprises digitally signing an image of the secured runtime operating system utilizing a hardware-based root of trust key. The processing device is further configured to execute, responsive to the boot flag status being a second value, a secured operating system boot handler of the firmware-based agent configured for validating and loading secured runtime operating system, wherein the validation comprises performing attestation of a signature of the image of the secured runtime operating system utilizing the hardware-based root of trust key.

Abstract: A system and method for facilitating management of edge computing nodes of an edge computing network is disclosed is disclosed. The method includes registering one or more second edge nodes with an edge computing network, reading a MAC address of a network card associated with the one or more second edge nodes, and obtaining installation topic and the MAC address. Also, the method includes publishing a message on the installation topic associated with one or more parameters, performing one or more operations on the set of first edge nodes based on the installation topic, and executing the set of install instructions on the one or more second edge nodes. Further, the method includes publishing a result of the execution of the set of install instructions on the installation topic and the MAC address and updating a state of the edge computing network.

Abstract: Methods, systems, and devices for hardware reset management for universal flash storage (UFS) are described. A UFS device may initiate a boot-up procedure that includes multiple phases. The UFS device may perform a first reset operation to reset one or more circuits based on receiving a first reset command during a first phase. The UFS device perform a second phase and may initiate a portion of a second reset operation to reset the one or more circuits during the second phase based on a likelihood that a second reset command is to be received. The UFS device may receive the second reset command during the second phase after initiating the portion of the second reset operation. The UFS device may initiate a second portion of the second reset operation based on receiving the second reset command and initiating the portion of the second reset operation.

Abstract: Aspects of the disclosure relate to monitoring a computing network to determine data exfiltration. A computing platform may use time-series modeling to determine anomalous network activity with respect to outgoing data. Additional aspects of this disclosure relate to analysis of web activities associated with a user to determine compromised user accounts/devices. The computing platform may use domain categorization to determine if web activity associated with a user is anomalous.

Abstract: A distributed computing system is described that leverages a nearline storage layer to minimize the downtime required for bootstrapping a new computing cluster in the distributed computing system. The system executes a computing cluster comprising a set of computing nodes and determines a set of one or more data segments to be written to a nearline storage system. The system writes the data segments to the nearline storage system. In certain examples, the system receives a request to create a second computing cluster and responsive to the request, bootstraps the second computing cluster using the set of data segments stored on the nearline storage system. The system additionally leverages the nearline storage layer to accelerate query processing by the computing nodes of a computing cluster.

Abstract: An enterprise security system is improved by managing network flows based on an application type. When a network message having an unknown application type is received at a gateway, firewall, or other network device/service from an endpoint, the endpoint that originated the network message may be queried for identifying information for the source of the network message and the application type may be determined, or the endpoint may periodically communicate application type information to the network device in a heartbeat or other periodic communication or the like. The network message may be managed along with other network traffic according to the application type.

Abstract: Embodiments include apparatuses for rebooting an electronic device. In an embodiment, an apparatus includes a data interface, a first power port, a second power port, a switch, and a processor. The data interface is configured to connect to the electronic device. The first power port is configured to receive power from a power source and the second power port is configured to deliver power to the electronic device. The switch is configured to connect the first power port to the second power port. The processor conducts data communications monitoring of the electronic device via the data interface and reboots the electronic device responsive to the data communications monitoring.

Abstract: A Platform Environment Control Interface (PECI) signal interconnection method and system for a server, a computer device and a readable storage medium are provided. The method includes: acquiring a partition mode of the server; sending a corresponding first control signal and a corresponding second control signal to each computing node according to the partition mode; controlling a channel selection of a first switch on the corresponding computing node by the corresponding first control signal and controlling a channel selection of a second switch on the corresponding computing node by the corresponding second control signal; and transmitting PECI signals of the corresponding computing node through channels connected by the first switch and channels connected by the second switch. According to the described solution, interconnection routing of the PECI signals in a single-partition mode and a dual-partition mode may be achieved by using only one backplate.

Abstract: A first flag is set on a backup file to which data to be backed up is written. The first flag indicates that the backup file should be automatically retention locked after a cooling off period is over. Before the cooling off period is over, a request is received to open the backup file for writes. The request is allowed and upon allowing the request, the first flag is cleared and a second flag is set on the backup file indicating that writes are in progress. The clearing of the first flag excludes the backup file from being automatically retention locked after the cooling off period is over.

Abstract: A method includes protecting a boot sequence of a processing device by incrementing a counting value generated by a monotonic counter, then a first time period after the beginning of the boot sequence, comparing, by the protection circuit, the counting value with a first reference value, and, if the counting value is smaller than the first reference value, changing, by the protection circuit, the counting value to the first reference value.

Abstract: A system for securely and reliably transferring startup script files over a network may include a unified extensible firmware interface (UEFI) network stack on a client server wherein the client server requests startup script over the network upon startup of the client server using a secure transfer network protocol and receives over the network the startup script. A computing device may comprise a unified extensible firmware interface (UEFI) shell to request a download of startup script, over a network, upon startup of the client server wherein the startup script is staged in a provisioned storage device within the client server to be mounted as local file systems in the client server. The UEFI shell.

Abstract: A memory device can be operated with a set of refresh control features. A host can access the memory device to discover the set of refresh control features. The host can command the memory device to change at least one of the set of refresh control features. The memory device can be operated with the original and/or changed set of refresh control features.

Abstract: An Information Handling System (IHS) includes multiple hardware devices, and a baseboard Management Controller (BMC) in communication with the plurality of hardware devices. The BMC includes a first processor configured to execute a custom BMC firmware stack, and a second processor including executable instructions for receiving a request to perform a test on the first processor in which the request is received through a secure communication session established with a remote IHS. The instructions further perform the acts of controlling the first processor to perform the test according to the request, the first processor generating test results associated with the test, and transmitting the test results to the remote IHS through the secure communication session.

Abstract: Example implementations relate to system and method of signing a boot information file by a manageability controller, and interlocking host computing system to signed boot information file. The boot information file may include a boot loader file and/or an OS kernel file of the host computing system. The manageability controller receives the boot information file from a processor of a computing device. Further, the manageability controller signs the boot information file with a hashed data of a unique identifier, to generate and communicate the signed boot information file to the processor. Later, the manageability controller updates a boot database stored in non-volatile random-access memory of a firmware engine of the host computing system with a thumbprint data of the signed boot information file to interlock the host computing system to the signed boot information file, in response to successful download of the signed boot information file by the processor.

Abstract: A basic input output system (BIOS) of an information handling system may access a first list indicating one or more activation statuses of one or more BIOS firmware modules. The BIOS may determine a BIOS firmware module of the one or more BIOS firmware modules to load based, at least in part, on the first list. The BIOS may load the determined BIOS firmware module during booting of the information handling system.

Abstract: A system and method for storing data associated with a system management interrupt (SMI) in a computer system. Notification of a system management interrupt is received on a central processing unit. The central processing unit enters a system management mode. A system management handler of a basic input output system (BIOS) is executed by a bootstrap processor of the central processing unit. The system management interrupt is initiated via the bootstrap processor. The system management interrupt data is stored in a register of the bootstrap processor. The SMI data is converted to an accessible format. The converted SMI data is stored in a memory.

Abstract: A system includes a memory programmed with multiple firmware images each having a distinct entry point, a processor, a writable hardware register initially seeded with an initial firmware image entry point address. A controller external to the processor, prior to an initial processor reset, reads the hardware register and causes the processor to begin fetching instructions at the initial firmware image entry point read from the hardware register. Prior to a subsequent reset, the external controller facilitates at least one transition to at least one of the multiple firmware images other than the initial firmware image by reading the entry point of the other firmware images from the hardware register and causing the processor to begin fetching instructions at the entry point of the other firmware images read from the hardware register.

Abstract: A native restart controller restarts services in a controlled manner. The services run in a cloud computing environment comprising a plurality of computing devices executing a plurality of Kubernetes pods comprising one or more containers. An indication is received of a deployment defining a service to be implemented in the cloud computing environment, the deployment including a desired number of instances of the service. An API is instantiated that is operable to provide a first state indicative of whether restarts are to be controlled by the restart controller and a second state indicating that a restart is required. In response to receiving an indication that restarts for the cluster are to be controlled by the restart controller and that a restart is required, the instances are restarted in a sequence in accordance with restart criteria associated with the service.

Abstract: Embodiments described herein are directed to transferring the ownership of a computing device from one entity to another entity. For example, a security processor is utilized to boot the computing device. During a boot session, the security processor loads and executes boot code, which determines whether specialized firmware authorized by the current owner indicates whether a transfer of ownership is to occur. In response to determining that the specialized firmware indicates that a transfer of ownership is to occur, the secure processor loads and executes the specialized firmware. The specialized firmware, when executed, causes the security processor to program a set of fuses with the public key of the new owner. Execution of the specialized firmware also causes the security processor to invalidate the public key of the original owner, which is stored in another set of fuses.

Abstract: An operating method of an electronic device including controllers includes updating, by a first-level controller of the controllers, a first-level firmware of the the first-level controller, writing, by the first-level controller, a second-level firmware to one of second-level controllers of the controllers having a lower level than the first-level controller, booting, by the one of the second-level controllers, by performing a reset operation, verifying, by the first-level controller or the booted second-level controller, whether there is a target second-level controller with out-of-date firmware, and writing, by the first-level controller or the booted second-level controller in response to a result of the verifying, the second-level firmware to the target second-level controller.

Abstract: The invention is directed to an autonomous, self-authenticating and self-contained secure boot-up system and methods for field programmable gate arrays (FPGAs) that leverages physical unclonable functions (PUFs).

Abstract: An electronic apparatus and a secure firmware update method thereof are provided. The electronic apparatus includes a first integrated circuit chip, a first non-volatile memory chip, a second integrated circuit chip and a second non-volatile memory chip. The first integrated circuit chip includes a secure firmware update console, and the first non-volatile memory chip includes a spare data storage space. The first non-volatile memory chip and the second non-volatile memory chip store a first firmware code of the first integrated circuit chip and a second firmware code of the second integrated circuit chip, respectively. Firmware code update data are transferred to and stored in the spare data storage space. The secure firmware update console performs a firmware update procedure by writing the firmware code update data into the second non-volatile memory chip to overwrite the second firmware code after passing a verification procedure on the firmware code update data.

Abstract: A new approach is proposed that contemplates systems and methods to support post reset fuse reload for latency reduction. First, values of fuses are read once and stored into one or more load registers on an electronic device, wherein the load registers are protected. Once the values of the fuse are loaded into the load registers, a valid indicator of the load registers is set indicating that the values have been successfully loaded into the load registers. When other components of the electronic device need to access these values, the other components will check the load registers first. If it is determined that the valid indicator of the load registers is set, the stored values are read from the load registers instead of from the fuses. If the valid indicator of the load registers is not set, the values are loaded again from the fuses into the load registers.

Abstract: Described herein is a framework for secure boot process. In accordance with one aspect, in response to detecting a power signal, a first boot software component according to a boot sequence is loaded. In response to determining no event has occurred, at least one additional boot software component is successively loaded according to the boot sequence in an uninterrupted boot process. In response to determining the end of the boot sequence is reached, the operating system may then be loaded.

Abstract: A boot method for an embedded system is provided. The embedded system includes two mainboards each provided with a baseboard management controller (BMC), a non-volatile memory unit and a network adapter. When the embedded system is turned on, each of the BMCs performs a boot procedure, and then loads an operating system (OS) image file from a corresponding non-volatile memory unit to execute an operating system. When one BMC fails to load the OS image file or to execute the operating system, the BMC causes the corresponding network adapter to communicate with the other network adapter to acquire the OS image file from the non-volatile memory unit on the other mainboard, so as to replace the OS image file in the corresponding non-volatile memory unit, and directly loads the OS image thus acquired to execute the operating system.

Abstract: A new approach is proposed to support hardware-based PCIe link up based on post silicon characterization of an electronic device. A non-volatile storage medium of a bootup unit on the electronic device maintains an initialization sequence for the physical layer of a PCIe link, and a non-volatile storage medium allows flexible programming. During operation, the bootup unit reads from the non-volatile storage medium instructions to program/override one or more PCIe physical layer settings and controller registers for the PCIe link based on the post silicon characterization of the electronic device. The bootup unit is limited to access and override only to the one or more physical layer settings and controller registers of the PCIe link. The entire process of reading the initialization sequence and programming the one or more PCIe physical layer settings and the controller registers happens within time limit constraints of the PCIe specification for latency reduction.

Abstract: A method of remotely modifying a basic input/output system (BIOS) configuration setting includes steps of: transmitting, by a remote computer, a modification instruction to a cloud server; transmitting, by the cloud server to a POS system, a new configuration value of the BIOS configuration setting contained in the modification instruction; determining, by an embedded controller of the POS system, whether the new configuration value is identical to an original configuration value of the BIOS configuration setting; and by the embedded controller when a result of the determination is negative, updating the BIOS configuration setting and transmitting a response instruction to the remote computer.