What Is Firmware? Firmware Definition, Types and Examples | Fortinet (2024)

Firmware is a form of microcode or program embedded into hardware devices to help them operate effectively. Hardware like cameras, mobile phones, network cards, optical drives, printers, routers, scanners, and television remotes rely on firmware built into their memory to function smoothly.

Firmware is often referred to as “software for hardware.” However, there is a difference between firmware and software. Firmware provides instructions to help hardware start up, communicate with other devices, and perform basic input/output tasks. Software, on the other hand, is installed onto a device and used for interaction, such as browsing the internet, word processing, listening to music, and videoconferencing.

Hardware manufacturers regularly release firmware updates so their devices remain secure and compatible with new media. For example, Android and iOS devices periodically get firmware updates that enhance their performance, add new features, and protect them against security threats and vulnerabilities. Updates for firmware for devices like game consoles and televisions are typically done by accepting prompts to download and install the latest patch.

When a device switches on, the firmware instructs the processor to initiate the startup process. Computers, mobile phones, and tablets operate multiple forms of firmware to perform actions like loading their operating systems.Firmware operates in a similar way to device drivers. However, firmware is stored directly on the hardware device, whereas drivers are installed in the device’s operating system. Firmware can also start up by itself, while drivers remain reliant on the operating system.

There are typically three levels of firmware:

1. Low-level firmware:This firmware is usually stored in non-volatile memory chips like read-only memory (ROM) and one-time programmable (OTP) memory. These chips cannot be rewritten or updated, and the firmware is intrinsic to the hardware, such as a computer.
2. High-level firmware:This firmware is deployed within flash memory chips and comes with more complex instructions that allow updates to be made.
3. Subsystems:These are semi-independent devices that are part of a more extensive system. Firmware at this level is embedded within central processing units (CPUs), flash chips, and liquid crystal display (LCD) units.

Common types of firmware include:

The Basic Input/Output System (BIOS) has been a critical component of computers since the very early days. The BIOS sits on a chip in a computer’s motherboard and issues a set of instructions that enables the device’s operating system to load. It is also responsible for looking after a device’s hardware components and ensuring they function correctly upon startup.

When a computer is turned on, the BIOS launches instructions that check the machine’s startup process for potential errors. It starts by checking the random access memory (RAM) and processor for faults, then checks connected devices, such as a keyboard and mouse, for any problems. Itthen checks for a boot sequence, such as Boot from Compact Disc Read-Only Memory (CD-ROM) and Boot from Hard Drive. Finally, the BIOS connects to the bootloader program, which wakes up the computer’s operating system and loads it in the RAM.

Aside from the device startup process, the BIOS is responsible for checking the Complementary Metal Oxide Semiconductor (CMOS), which is a piece of memory that stores BIOS settings, and other chips on a device. It also checks signals that are sent to the RAM, such as when a user presses a key, to help the operating system understand what action to take.

Extensible Firmware Interface (EFI) is a new generation of firmware that issues the instructions that a device’s CPU uses to start the hardware and initiate the bootloader. EFI is a replacement for BIOS and is used in new computers. It offers advantages like ensuring a device only boots trusted software and other cybersecurity benefits.

The original EFI firmware is used in Macs and can only support Intel processors. Unified EFI (UEFI) is a piece of firmware designed to replace the BIOS in new Windows computers and supports AMD and Intel processors. UEFI is used to load and start up operating systems in devices that run Windows 8 and beyond.

Understanding what firmware a device has is crucial to keeping the machine updated. The firmware version of a Windows device can be accessed through the command prompt using an upgrade assistant.

The firmware version of a hardware device can be discovered by opening the Devices Manager folder, selecting the hardware, and clicking Properties. Within the Details tab, navigate to the Property menu, open the Hardware IDs option, and the firmware version will be listed in the Value table.

Firmware updates enable hardware devices to continue operating efficiently and securely. These updates typically involve some form of program alteration that fixes a known bug or patches against specific vulnerabilities.

Enterprises must constantly update their devices with the latest firmware version. Reasons for doing so include:

1. Upgrade devices without upgrading the hardware: Firmware updates upgrade devices with additional operational instructions without needing to upgrade the hardware itself.
2. Enjoy the latest features: Firmware updates enable users to enjoy the latest features that have been added to a device, thereby improving the user experience.
3. Improve firmware performance: Firmware updates optimize the performance of the firmware, which in turn helps the device’s processor perform as expected.
4. Boost execution times: Keeping firmware updated can significantly improve execution and instruction times, which enables a device to run smoothly.
5. Fix issues: A firmware update may be issued to fix issues that have developed due to multiple software updates.
6. Install new features and functions: Firmware updates are commonly issued to install new capabilities and functionalities.
7. Save on repair and maintenance costs: Regularly updating device firmware reduces the need for expensive bug fixes and significant device repairs or upgrades.
8. Ensure all components work as they should: Firmware updates allow all peripheral components to work in harmony, which eliminates delays and enables the deviceto perform better.

Hardware devices are vulnerable to firmwareattacks, which can lead to hackers embeddingmalwareinto the firmware. The BIOS has proven to be particularly insecure because different devices often share the same code, enabling attackers to discover and exploit common vulnerabilities.

Furthermore, devices like laptops are packed with firmware that powers hardware like batteries, sound cards, and webcams. This introduces a security risk, as producers of these components may not design the firmware with cybersecurity top of mind. As a result, they could be vulnerable to firmware hacking, which leads to malware attaching itself to the firmware and remaining hidden without being detected by antivirus and other security tools.

A lack of firmware security can lead to attackers spying on users’ devices, intercepting their online activity, stealing their data, and gaining remote control of their machine. The highly corruptible state of firmware makes it most vulnerable to bricking, which renders the machine inoperable or unbootable. A recent example was a cyberattack on theUkrainian power grid, which began with attackers bricking serial-to-ethernet converters.

Firmware attacks can come through variousvectors, from malware androotkitsto infected hard drives, corrupted drives, and insecure firmware products. Hackers do not have to physically touch a device to carry out an attack. They can do so through remote connections like Bluetooth and Wi-Fi. This means that the growing market of connected devices, such as game consoles, mobile phones, and television, is increasingly becoming vulnerable to firmware hacking.

Enterprises must prioritize firmware security and be aware of the threats they face to prevent hackers from accessing and taking control of their machines. Firmware security is mainly reliant on hardware manufacturers to keep their devices current and safe. As a result, manufacturers create measures that ensure their firmware withstands attacks, as well as release regular patches and updates.

However, the onus remains on enterprises to prevent firmware attacks by instilling best practices, including:

1. Constantly update firmware:Manufacturers release updates either to prevent known vulnerabilities or keep their firmware current. Enterprises must turn on automatic firmware updates and regularly search for the latest firmware versions by monitoring manufacturers’ websites or relevant social media pages. Regular firmware updates help close any security gaps as quickly as possible, enabling hardware to function correctly.
2. Avoid untrusted storage devices:Attackers typically use external storage devices like Universal Serial Bus (USB) drives to launch malware that instantly attaches itself to a computer. Users must avoid using unknown or untrusted USBs, and many organizations have already banned the use of these storage devices.
3. Protect against malicious firmware:One of the best defenses against firmware attacks is purchasing hardware with built-in firmware security. Many vendors now provide devices that constantly update to prevent firmware vulnerabilities, such as Dell’s Enhanced BIOS Verification, Intel’s Hardware Shield, and Microsoft’s OS Protection, which are installed on their devices as default.
4. Register hardware devices:To get the latest firmware updates, enterprises should register all hardware purchases. Manufacturers alert registered owners every time they make an update available for a device.

Internet-of-Things (IoT)devices are especially vulnerable to cyberattacks because they often lack the security measures that are built into laptops, mobile phones, and tablets. As a result, IoT devices have become popular targets for attackers to embed malware and malicious code in an attempt to compromise systems.

Device manufacturers increasingly address IoT securityby deploying over-the-air (OTA) updates to firmware, a process that reduces disruption and increases the extensibility, reliability, and security of IoT firmware. The updates also patch any bugs that could pose a threat.

Organizations must implementIoT best practicesto help users avoidIoT device vulnerabilities.