Computer Hardware

Essentials II

Prepared by ​Pradeep Kumar P ​Dept. of ICTS, Amrita School

of Engineering, Amrita Vishwa Vidyapeetham , ​Coimbatore -
641112
2 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112

BIOS and UEFI

❑ ​The basic input-output system (BIOS) is the first
thing you see when you turn on
your computer.
❑ The BIOS is special software that interfaces the major
hardware components of your
computer with the operating system.

❑ It is usually stored on a Flash memory chip on the

motherboard (which has its own
battery), but sometimes the chip is another type of ROM.

❑ The BIOS also determines the compatibility of the

computer and its flexibility in use.
Although all BIOSs have the same function; all are not the
same.

Users using the BIOS user interface can perform functions

such as:

3 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa

Vidyapeetham, Coimbatore - 641112

BIOS
▪ Setting the system clock
▪ Enabling and disabling certain system components
▪ Hardware configuration
▪ Selecting boot drives
▪ Set password prompts for secured access to BIOS user
interface function
❑ It is a firmware embedded on the chip on the
computer's motherboard. BIOS firmware
is pre-installed on the motherboard of a PC. It is a
non-volatile firmware which means ​its settings won’t
disappear or change even after power off.
❑ The BIOS software has a number of different roles, but
its most important role is to
load the operating system​. When you turn on your
computer and the microprocessor ​tries to execute its first
instruction, it has to get that instruction from somewhere.

❑ It cannot get it from the operating system because the

operating system is located on
a hard disk, and the microprocessor cannot get to it
without some instructions that tell ​it how. The BIOS
provides those ​instructions​.

❑ In many PCs, this firmware also governs how the

system board components interact, ​the chipset features
that are used, even the amount of the microprocessor’s
time ​devoted to keeping memory working. The setup
procedures in most new PCs are also ​held in the BIOS.

❑ The BIOS is both hardware and software. Like

software, the BIOS is a set of instructions
to the computer’s microprocessor. Like hardware,
however, these instructions are not ​evanescent; rather
they are coded into the hard, worldly silicon of PROM,
EPROM ​chips.
4 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
❑ The distinct parts of the BIOS operate separately and
distinctly although the code for ​each is contained inside
the same silicon chip. The BIOS operates like a set of
small ​terminate and stay-resident programs t​ hat are
always in memory. In this case, they are ​always in
memory because we cannot get them out.

❑ IBM had envisioned that programs would never have to

directly address hardware.
Instead they would call up a software routine in the BIOS
that has the addressing part of the instruction permanently
set in its code.

❑ If a different hardware arrangement is used then, the

address inside the routines
would be changed to match the updated hardware.

❑ The same software could thus work with a wide variety

of hardware designs, giving the
designer and the manufacturer the flexibility to upgrade
the entirety of the system hardware should the need arise.

❑ Modern PCs have BIOS stored in rewritable memory,

permitting contents to be
rewritten or replaced. Such content rewriting is called
flashing and is executed through ​a special program
provided by system manufacturers.

5 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa

Vidyapeetham, Coimbatore - 641112

❑ The design of any computer requires that many of the

hardware elements of the
machine be located at specific addresses within the range
of input/output ports of the ​computer.

❑ Other computer components may have registers of

their own that are used in their
control. Because of the number of separate components
inside any computer, the ​potential number of possible
variations is limitless.

❑ Software that attempts to control any of this hardware

must correctly reach out to
these registers. As long as all computers are crafted
exactly the same, with the same ​port used for exactly the
same hardware with exactly the same registers, there
should ​be no problem.
6 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112

BIOS Purpose
7 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112

Usual sequence of BIOS

❑ Check the CMOS Setup for custom settings

❑ Load the interrupt handlers and device drivers

❑ Initialize registers and power management

❑ Perform the power-on self-test (POST)

❑ Display system settings

❑ Determine which devices are bootable

❑ Initiate the bootstrap sequence

BIOS Manufacturers​:
▪ American Mega Trends Inc. (AMI),
▪ Phoenix Technologies,
▪ Ali,
▪ Winbond.
▪ Award

BIOS Booting
❑ A PC cannot do anything useful unless it is running its
operating system ​– software
that acts as a supervisor for all its software applications. It
sets the rules for using ​memory, drives, and other
hardware devices on the computer.

❑ Before a PC can run the operating system, it needs

some way to load it from disk into
RAM. The way to do this is with the ​bootstrap ​– a small
amount of code that is ​executed on startup or system
boot. The bootstrap is aptly named because it lets the ​PC
do something entirely on its own 5, without any outside
operating system.

8 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa

Vidyapeetham, Coimbatore - 641112
Boot-Up Process

❑ The computer loads the ​basic input/output system

(BIOS) from ROM. The BIOS
provides the most basic information about storage
devices, boot sequence, security, ​Plug and Play (auto
device recognition) capability and a few other items.

❑ The BIOS triggers a test called a ​power-on self-test

(POST) to make sure all the major components are
functioning properly. You may hear your drives spin and
see some ​LEDs flash, but the screen, at first, remains
black.

❑ The BIOS has the CPU send signals over the system
bus to be sure all of the basic
components are functioning. The bus includes the
electrical circuits printed on and into the motherboard,
connecting all the components with each other.

❑ The POST tests the memory contained on the display

adapter and the video signals
that control the display. This is the first point you’ll see
something appear on your PC’s ​monitor.
9 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112

Boot-Up Sequence
❑ During a ​cold boot ​the ​memory controller ​checks all
of the memory addresses with a ​quick read/write operation
to ensure that there are no errors in the memory chips.
Read/write means that data is written to a bit and then
read back from that bit. You ​should see some output to
your screen - on some PCs you may see a running
account ​of the amount of memory being checked.

❑ The computer ​loads the operating system ​(OS) from

the hard drive into the system’s RAM. That ends the
POST and the BIOS transfers control to the operating
system. ​Generally, the critical parts of the operating
system - the ​kernel ​- are maintained in ​RAM as long as
the computer is on. This allows the CPU to have
immediate access to ​the operating system, which
enhances the performance and functionality of the ​overall
system.
10 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
11 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112

POST-Power On Self Test

❑ In many cases, with IBM-compatible or PC computers,
the POST is run by a computer's
basic input/output system (BIOS).

❑ The initial tests, which are executed by the read-only

memory (ROM) BIOS startup
program, include reading configuration information stored
in the complementary ​metal-oxide-semiconductor (CMOS)
chip, dual inline package (DIP) switches and jumpers.

❑ This information is then compared to hardware devices,

such as the CPU, memory,
hard drive, disc drives and video card.

❑ Then, ROM BIOS assigns system resources as

needed.

❑ These set up the environment required by the operating

system (OS). After completion ​of these tests, POST
generally alerts the OS with one or more beeps,
depending on the ​system.
12 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112

POST Sequence
❑ The BIOS issues an error message if hardware is not
working properly or if it is not
identified. The error message consists of text on the
display screen or a series of coded beep sounds. Because
POST is initiated prior to activating the video card, a
display ​screen message is not typical.

❑ There are a variety of beep codes that are properly

descriptive for troubleshooting the ​error. A beep code may
indicate a parity error, base memory read/write (R/W)
error, memory refresh timer error, display memory error,
motherboard timer not ​functioning, cache memory failed or
numerous other errors.

❑ Sometimes, an error stops the boot process until the

error is corrected, and a device
with an error is not allowed to run, ensuring safety. An
error message can be basic. Sometimes a POST error
can be drastic, such as when the motherboard does not
detect a RAM component.

❑ POST is part of a devices pre-boot sequence. When

POST is successfully finalized,
bootstrapping is enabled. Bootstrapping starts the
initialization of the OS.

❑ If a problem is found, it is reported with a code number

on the monitor or as a coded series of beeps if an
insufficient portion of the PC is functional to display
anything on ​the monitor
13 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
❑ POST is the key to successful booting of the operating
system. If the BIOS finds
anything faulty on the computer, it will stop the booting
and the message will be displayed on the screen.

❑ If there is a problem before the display is activated,

POST will notify you about the ​problem by giving a beep
or a combination of beeps. These audio beeps are BIOS-
dependent.

❑ Every BIOS manufacturer has its own set of beeps to

convey the problem. The most
common of all BIOS standards is the IBM BIOS and you
can know the cause of the ​problem from Audio Beeps
from your PC when it turns On and troubleshoot the
computer accordingly.

Signal Possible Cause ​Continuous Beep Keyboard Stuck

Repeating Short Beep Power Supply Faulty ​1 Long Beep
followed by 1 short beep Motherboard error ​1 Long Beep ,
2 short beeps Display Card Faulty ​1 short Beep, Blank
screen Check Display Cable or Display Card

14 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa

Vidyapeetham, Coimbatore - 641112

15 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa

Vidyapeetham, Coimbatore - 641112

UEFI - (Unified Extensible Firmware Interface)

❑ The UEFI (Unified Extensible Firmware Interface)

specification defines an interface
between operating systems and platform firmware. The
interface consists of data ​tables that contain
platform-related information, plus boot and runtime service
calls that are available to the operating system and its
loader. Together, these provide a ​standard, modern
environment for securely booting an operating system and
running ​pre-boot applications.

Note: ​Some computer users use UEFI boot but still refer to it as
the “BIOS”, which may confuse some people. Even if your PC
uses the term “BIOS”, most modern PCs you buy today use UEFI
firmware ​instead of a BIOS. To distinguish UEFI and BIOS, some
also call UEFI firmware as UEFI BIOS, and BIOS ​is called
Legacy BIOS or traditional BIOS.
❑ In addition to the services UEFI defines, there are
various protocols/APIs to access ​various hardware and
the boot devices in the system. The UEFI spec also
defines a generic framework and can be adapted to any
type of bus or device, knowing that ​computer hardware is
constantly evolving
❑ There are 3 types of entities that can execute under
UEFI environment

❑ ​Applications​:

▪ Some examples of common UEFI applications include

the UEFI shell, UEFI shell ​commands, flash utilities, and
diagnostic utilities.

▪ It is perfectly acceptable to invoke UEFI applications

from inside other UEFI applications. .

▪ Applications can reside inside firmware shipped on a

system, or can be ​located/installed on storage media,
such as a SSD/HDD, PCI card internal memory, ​or USB
Key.

16 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa

Vidyapeetham, Coimbatore - 641112
OS Loader:

❑ A special type of UEFI application, called an OS boot

loader, provides the necessary
initialization routines until the OS loader has set up
enough of the OS infrastructure to be ready to assume
complete ownership of the platform resources.

❑ OS Loaders, usually installed as part of the Operating

System and usually located on ​the same storage media
the Operating System is stored on, have the vital role of
transitioning the system into Runtime mode, including
coordinating virtual memory mapping to firmware
code/data that will continue to be utilized during/after the
OS has booted. ​Drivers:

❑ UEFI drivers differ from UEFI applications in that the

driver stays resident in memory ​unless an error is returned
from the driver's entry point. The UEFI core firmware, the
boot manager, or other UEFI applications may load
drivers.

❑ The PCI spec refers to code on an external card or

add-in device as an “Option ROM” ​or “oprom”, and
therefore a UEFI driver may also be referred to as a “UEFI
Option ​ROM” or “UEFI oprom” by some in the industry.
UEFI drivers, like UEFI applications, ​can be found inside
the system’s firmware, or on storage media, such as a
SSD/HDD, PCI card internal memory, or USB Key.
17 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112

18 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa

Vidyapeetham, Coimbatore - 641112

UEFI have to offer over traditional BIOS

The primary goal of UEFI is to define an architecture that
can scale with time, and offer a ​structured coding
environment that allows easy enablement of newer
technologies. Some ​of the distinguishing characteristics of
UEFI, when compared to a traditional BIOS, are:

❑ ​Abstraction for the OS. ​The UEFI specification

provides the interface between the
platform firmware and the OS. The
interfaces/API/protocols mark a clear boundary ​between
the firmware and the OS.

❑ ​Abstraction for devices and related code​. UEFI

abstracts interfaces that make it
possible to build code that works on a range of underlying
hardware devices without ​having explicit knowledge of the
specifics for each device in the range. This ​specification
defines interfaces to platform capabilities including
standard bus types ​such as PCI, USB, and SCSI. The list
of supported bus types may grow over time, allowing code
to utilize newer hardware through standard protocols
without being rewritten.

❑ ​Scalable platform environment. ​The specification

defines a complete solution for the ​firmware to describe all
platform features and surface platform capabilities to the
OS ​during the boot process. These definitions cover a
range of the contemporary platform ​designs and the
simple enough to be able to extend in the future.
❑ ​OS Agnostic Rich Pre-Boot environment. ​The UEFI
spec defines extensible interfaces ​that enable creation of
platform drivers. The UEFI drivers, analogous to OS
drivers, provide support for new devices and may provide
enhanced platform capabilities, such ​as firmware update,
platform configuration, diagnostics and deployment
services. The ​existence of networking, USB and file
system capabilities adds to the richness of the ​pre-boot
environment.

❑ ​Consistent Configuration Infrastructure. ​The UEFI

spec defines a methodology of
describing the platform configuring data in a standard way.
The rendering of the data is ​left to the platform vendor.
This allows UEFI to bring all the platform configurations
like ​BIOS, Storage and Network options under a single
setup application with a consistent ​navigation and
look/feel.

❑ ​GUID Partition Table. ​The UEFI defines a new

standard layout for the partition table
known as GUID Partition Table (GPT). GPT provides a
more flexible mechanism for ​partitioning disks than the
older Master Boot Record (MBR) partitioning scheme that
has been common to PCs. MBR disks support only four
partition table entries and the ​partition size is limited to
2TB (2.20 × 1012 bytes). GPT scheme allows up to 128
primary partitions and can support partitions up to 9.4
Zettabytes (9.4 × 1021 bytes).

19 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa

Vidyapeetham, Coimbatore - 641112
▪ There are some near-term limitations to 2 terabyte
support due to device ​support, but once devices fully
support GPT/UEFI, this will no longer be an issue
(explained in more detail in the “Limitations” section).

❑ ​Secure Boot. ​The UEFI 2.2 (or later) specification

brings security to the boot process by
only loading the driver or OS loaders that are signed by a
known/trusted digital ​signature. Secure boot keys are
managed by the BIOS and OS. Secure boot can also be
placed in a "Custom" mode, where additional public keys
can be added by the ​platform administrator to allow
execution of custom code or restriction of code that may
be trusted by some, but not by the platform’s owner.

UEFI Booting
20 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
21 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112

Distinguish between UEFI and Legacy

Legacy BIOS UEFI Firmware

Programming Language Assembly C

Processors Supported Intel Architecture Intel Architecture,
Itanium, and ARM
officially supported by UEFI Spec

Processor Mode Used Mostly Expansion Card ​Firmware

16-bit, Legacy Option ROMs UEFI
Single CPU, Single Threaded Drivers or
Native (64-bit or32-bit), ​Single UEFI Option ROMs
CPU, Single Threaded

Provided Services Interrupts Protocols

Video Support Int10h & VBIOS Graphics Output Protocol (GOP)

Legacy BIOS UEFI Firmware
Storage Support Int13h,
Master Boot Record (MBR) Partitioning
Block IO Protocol, GUID Partition Table (GPT) and Master Boot
Record (MBR) Partitioning ​Peripheral & Feature ​Setup
F2 Setup, Ctrl-M, Ctrl-A ​No Industry Standard
UEFI Human Interface Infrastructure ​(HII) Protocol as
Industry Standard
OS Boot Loader Int19h loads 16-bit boot
sector in MBR One boot loader per device
UEFI loads boot loader executable ​file(s) per
priority/ordering defined by UEFI Spec. ​Multiple boot
loader files, unique ​names/paths, can co-exist on the
same partition/device.
OS Handoff No clear definition Exit BootServices()
function defined
by UEFI Spec.
22 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112

23 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa

Vidyapeetham, Coimbatore - 641112
UEFI Platform Classification
❑ For better understanding the technology context and
UEFI adaption progression the
platforms can be classified in 4 classes.

24 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa

Vidyapeetham, Coimbatore - 641112
❑ ​Class 0: ​Non UEFI platforms, the set of platforms
based on traditional legacy BIOS.
These platforms are not UEFI aware.

❑ ​Class 1: ​In the earlier days of EFI/UEFI when all the

leading OSs were not EFI/UEFI ​aware a special
Compatibility Support Module (CSM) was used to present
the ​traditional BIOS like interface. These platforms only
booted to traditional, legacy OSs,

❑ ​Class 2: ​These platforms came about when EFI was

adapted as UEFI industry standard ​and OS started adding
support for UEFI. These platforms support booting using
the ​traditional method of int19h, where in BIOS loads the
boot sector and hands of ​execution to the boot loader, as
well as loading a UEFI boot loader application. ​Majority of
platforms shipping today are Class 2 platforms.

❑ ​Class 3: ​These platforms support booting only using

the UEFI defined method of
loading the boot loader application from a specific location.
Class 3 platforms do not ​sport a Compatibility Support
Module. In fact any class 2 platform with CSM turned off
functions like a Class 3 platform.
UEFI Platform Classification
25 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
The Memory Factor: ​BIOS can boot up from drives
having memory of 2.1TB or less and with 3TB drives
becoming very common a computer with traditional BIOS
won’t be able to boot up. This is because of how the
Master Boot Record(MBR) of legacy BIOS functions as
MBR uses 32-bit entries and limits you to maximum of 4
memory partitions.

UEFI on the other side uses GUID partition table (GPT)

which uses 64-bit entries and can ​have infinite partitions
however Windows limits to ‘128’ partitions. Also it supports
drives ​having memory greater than 2TB with theoretical
value of maximum support of 9.4 zettabytes.

Performance: ​As UEFI has more addressable space than

BIOS it allows the system to boot ​faster with faster
initializing of hardware for your operating system.

Security: ​The biggest advantage of using UEFI over BIOS

is that it has security which is not ​provided by the BIOS.
Secure Boot is a characteristic feature of UEFI which
ensures that ​no malware tampers with the boot process
and ensuring that the operating system is ​clean as a
whistle. In Windows this system ensures that no pirated
copies of boot loaders ​have been used.
UEFI Boot vs Traditional BIOS
26 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112

Booting- BIOS UEFI PXE

27 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112

Legacy BIOS Boot Mode and UEFI Boot Mode

❑ Your system is equipped with UEFI BIOS, which is

based on the Unified Extensible
Firmware Interface (UEFI) specification.
❑ UEFI BIOS offers advantages over legacy versions of
BIOS, but the way it boots is not
compatible with some operating systems, and it might not
be the best choice for some ​configurations. For this
reason, the system can be configured to boot in ​Legacy
BIOS Boot Mode ​or ​UEFI Boot Mode​. ​Legacy BIOS
Boot Mode is the default.

❑ Normally, you set the boot mode only once, before

installing the operating system. ​Once you have installed
the operating system, if you change the boot mode, you
cannot boot the operating system.

When the option is available to choose between Legacy

BIOS Boot Mode or UEFI Boot Mode, the advantages of
UEFI Boot Mode include:

❑ Boots faster. ​❑ Avoids legacy option ROM address

constraints. ​❑ Supports operating system boot partitions
greater than 2 terabytes (2 TB). For
more information about limitations for supported operating
systems, refer to ​your server product notes. ❑ Integrates
PCIe device configuration utilities with BIOS Setup Utility
menus. ​❑ Displays bootable operating system images in
the boot list as labeled entities. For
example, it displays Windows boot manager labels instead
of raw device labels. ​❑ Provides efficient power and
system management. ​❑ Includes robust reliability and
fault management. ❑ Uses UEFI drivers.

Choose Legacy BIOS Boot Mode:

❑ If your operating system does not support booting in

UEFI Boot Mode ​❑ To allow HBAs and Express Module
devices to use option ROM

28 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa

Vidyapeetham, Coimbatore - 641112

When to Select Legacy or UEFI BIOS Boot Mode

29 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112

Legacy Boot

❑ Legacy Boot is the boot process used by BIOS

firmware.

❑ The firmware maintains a list of installed storage

devices that may be bootable (Floppy
Disk Drives, Hard Disk Drives, Optical Disk Drives, Tape
Drives, etc...) and enumerates ​them in a configurable
order of priority.

❑ One the POST procedure has completed, the firmware

loads the first sector of each of ​the storage targets into
memory and scans it for a valid Master Boot Record
(MBR).

❑ If a valid MBR is found, the firmware passes execution

to the boot loader code found
in the MBR which allows the user to select a partition to
boot from.

❑ If one is not found, it proceeds to the next device in the

boot order.
30 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
❑ UEFI boot is the boot process used by UEFI firmware.

❑ The firmware maintains a list of valid boot volumes

called EFI Service Partitions. During the POST procedure
the UEFI firmware scans all of the bootable storage
devices that are connected to the system for a valid GUID
Partition Table (GPT).

❑ Unlike a MBR, a GPT does not contain a boot loader.

❑ The firmware itself scans the GPTs to find an EFI

Service Partition to boot from.

❑ If no EFI bootable partition is found, the firmware can

fall back on the Legacy Boot
method.
UEFI Boot

Note: UEFI boot is more desirable.

31 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112

Secure Boot
❑ UEFI has a firmware validation process, called secure
boot. Secure boot defines how
platform firmware manages security certificates, validation
of firmware, and a ​definition of the interface (protocol)
between firmware and the operating system.

❑ Microsoft’s platform integrity architecture creates a root

of trust with platform
firmware using UEFI secure boot and certificates stored in
firmware.

❑ A growing trend in the evolution of malware exploits is

targeting the boot path as a ​preferred attack vector. This
class of attack has been difficult to guard against, since
antimalware products can be disabled by malicious
software that prevents them from ​loading entirely.

❑ With Windows 8’s secured boot architecture and its

establishment of a root of trust,
the customer is protected from malicious code executing
in the boot path by ensuring ​that only signed, certified
“known good” code and boot loaders can execute before
the operating system itself loads.

❑ In most PCs today, the pre-operating system

environment is vulnerable to attacks by
redirecting the boot loader handoff to possible malicious
loaders. These loaders would ​remain undetected to
operating system security measures and antimalware
software.

32 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa

Vidyapeetham, Coimbatore - 641112

Legacy BIOS boot path

Windows 8 addresses this vulnerability with UEFI secure
boot, and using policy present in ​firmware along with
certificates to ensure that only properly signed and
authenticated ​components are allowed to execute.

Secure boot path with UEFI

33 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112

Preboot Execution Environment (PXE)

❑ Preboot execution environment (PXE), pronounced as

"pixie," allows computers to
boot up remotely through a network interface. PXE
enables a client machine to boot ​from a server
independent of the hard disks and installed operating
system.

❑ PXE was introduced as a component in the Wired for

Management (WfM) framework
by Intel in 1999. Intel’s WfM has now been superseded by
Active Management Technology, but PXE is still a
valuable tool for many network administrators around the
world.

❑ This term is also known as pre-execution environment.

❑ Network booting is generally applied in a diskless

environment using routers and ​centrally managed
computers, also known as thin clients. Centralized
computing ​environments provide reduced maintenance
costs, enhanced security and enhanced ​control over the
system's workstations.
❑ PXE code is generally delivered with computer
machines on a ROM chip or a boot disk
to enable remote boot and configuration. The process
makes use of network protocols ​such as User Datagram
Protocol (UDP), Trivial File Transfer Protocol (TFTP),
Internet ​Protocol (IP) and Dynamic Host Configuration
Protocol (DHCP).
❑ These protocols have been selected because they are
easily implemented in the
client's NIC firmware, resulting in standardized
small-footprint PXE ROMs.

❑ Standardization, small size of PXE firmware images

and their low use of resources are
some of the primary design goals, allowing the client side
of the PXE standard to be identically implemented on a
wide variety of systems, ranging from powerful client
computers to resource-limited single-board computers
(SBC) and system on a chip ​(SoC) computers.

❑ Some of the key advantages of PXE are:

▪ The client machine or workstation does not require a
storage device or operating system.
▪ Network extension and the addition of new client
computers is made easier ​because PXE is
vendor-independent.
▪ Maintenance is simplified because most tasks are
performed remotely.
▪ Centralized data storage provides information security.

34 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa

Vidyapeetham, Coimbatore - 641112

When the client initiates a PXE boot (by traditionally

pressing F12) however the process is changed slightly:

❑ The client sends out a DHCP broadcast and states that

it needs to PXE boot

❑ The DHCP server picks up this broadcast and replies

with a suggested IP address to
use. If the server has the information on how to PXE boot,
that information is included ​in it's reply

❑ The client then replies to the server and uses the

provided address

❑ Then the client contacts the PXE boot server

(traditional a WDS server or SCCM server)
and requests the bootfile that it received from the DHCP
server

❑ The file is then loaded and launched on the client

Typically Option 66 or Option 67 are
set within your DHCP scope options or DHCP Helpers are
configured within your router ​for the above process to
work. Option 66 specifics which server to contact and 67 is
the name of the file to request.

35 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa

Vidyapeetham, Coimbatore - 641112

PXE Boot Process

36 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa

Vidyapeetham, Coimbatore - 641112

Basic PXE Boot

Another method of providing the boot information to a
client is to have a service listen for the DHCP request.
Configuration Manager provides dynamic PXE boot using
the Windows Deployment Service (WDS).

❑ The client connects to the network and sends out a

DHCP broadcast

❑ The DHCP server picks up this broadcast and replies

with a suggested IP address to
use.

❑ The WDS service also replies back to the client with the
necessary information it needs
to PXE boot

❑ The client replies to the DHCP server and uses the

suggested address

❑ The client also contacts the PXE boot server and

requests the bootfile specified in the
boot information it was sent
37 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112

Dynamic PXE Boot

38 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa

Vidyapeetham, Coimbatore - 641112
Dynamic PXE Boot

39 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa

Vidyapeetham, Coimbatore - 641112
Step 1 ​Power on or restart your computer. Press the
hotkey to enter the BIOS. Common keys are ​"F2" and
"Del." ​Step 2 ​Navigate to the network card settings with
the keyboard. This is usually located under "Integrated
Peripherals," though it may have its own separate section,
depending on the ​motherboard. ​Step 3 ​Toggle the "LAN
BOOT ROM" option to "Enabled." Your motherboard may
refer to this ​simply as "PXE." ​Step 4 ​Navigate to the boot
settings with they keyboard. Change the boot order so that
the ​network is placed ahead of the internal hard drive.
Most motherboards feature this ​setting under the
"Advanced BIOS Features" or "Boot Settings." The boot
devices are ​listed in preferred order. Use the arrow keys to
navigate to the first boot device; then press the "Enter" key
to change the device to "Network" or "LAN." ​Press "F10"
to save the settings and exit the BIOS. The computer
restarts and boots from ​the network if a PXE server is
present on the LAN.
PXE-Booting Steps

Hard Disk Drive Partitioning

40 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
Partition

The ​partitioning ​of a hard drive occurs after the drive has
been Physically formatted but ​before it is logically
formatted. It involves creating areas on the disk where
data will not be ​mixed.

To install different Operating Systems that do not use the

same file system. There will, ​therefore, be at least as
many partitions as there are operating systems using
different file ​systems.

If you are using just one operating system, a single

partition of the full size of the disk is sufficient. That is
unless you want create several partitions so as to have,
for example, several drives on which data is kept
separate.

There are three types of partitions:

Primary partitions​, ​extended partitions ​and ​logical

drives​.

▪ A disk may contain up to four primary partitions (only one

of which can be active), or ​three primary partitions and
one extended partition.

▪ In the extended partition, the user can create logical

drives

41 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa

Vidyapeetham, Coimbatore - 641112
The disk contains one primary partition and one extended
partition made up of three ​logical drives:

Primary Partition Extended Partition

C: ​D: E: ​F: ​G:

Logical Partition

For DOS systems (DOS, Windows 9x), only the primary

partition is bootable and is, therefore, the only one on
which the operating system can be started.

42 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa

Vidyapeetham, Coimbatore - 641112
Using Multiple Partitions

❑ There are three types of partitions:

primary partitions, extended partitions ​and ​logical

drives.

▪ A disk may contain up to four primary partitions or three

primary partitions and one extended partition.
▪ In the extended partition, the user can create logical
drives.
43 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
Primary Partition

❑ A primary partition must be logically formatted and have

a file system appropriate to
the operating system installed on it.

❑ If you have several primary partitions on your disk, only

one will be active and visible
at a time, depending on the operating system with which
you started the computer.

❑ By choosing which operating to load at start-up, you

determine which partition will be
visible.

❑ The ​active partition ​is the partition from which one of

the operating systems was
loaded when the computer was started up.

❑ The partitions, other than the one from which you

started, will then be hidden, which
will prevent their data from being accessible.

❑ The data on a primary partition are therefore only

accessible from the operating
system installed on that partition.

44 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa

Vidyapeetham, Coimbatore - 641112
Extended Partition

❑ Extended partitions were developed to overcome the

limit of four primary partitions,
as you can create as many logical drives as you want in
them.
❑ At least one logical drive is required in an extended
partition, as you cannot store data
in them directly.

❑ Many machines are formatted with one large partition

using up all available space on
the drive.

❑ This is not, however, the most advantageous solution in

terms of performance and
capacity.

❑ The solution is to create several partitions, which will

allow you to install several
operating systems on your disk, save disk space, increase
file security, and organize ​your data more easily

45 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa

Vidyapeetham, Coimbatore - 641112
Master Boot Record
❑ The ​boot sector ​(called the ​Master Boot Record ​or
MBR​) is the first sector of a hard
drive (cylinder 0, head 0, sector 1). It contains the ​main
partition table ​and the code, ​called the ​boot loader​,
which, when loaded into memory, will allow the system to
boot ​up. ​❑ After it is loaded into memory, this program will
determine from which system
partition to boot, and will start the program (called the
bootstrap​), which will start up the operating system
present on that partition.

❑ This disk sector also contains all of the information

concerning the hard drive .This
sector is, therefore, the most important one on the hard
drive and is also used by the ​BIOS setup to recognize the
hard drive. In other words, without it, your hard drive is
useless, which makes it a favorite target for viruses.
46 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
File Systems

❑ It is important to differentiate between the ​FAT file

system ​and the ​file allocation
table (FAT)​.

Operating System Associated File System ​Dos FAT16

Windows 95 FAT16 Windows 98 FAT32 ​Windows NT
NTFS Windows XP NTFS/FAT32 ​Windows 2000
NTFS/FAT32 Windows 7 NTFS Windows 8 NTFS
Windows 10 NTFS ​OS/2 HPFS Linux Linux ext2,ext3,ext4

47 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa

Vidyapeetham, Coimbatore - 641112
FAT (File Allocation Table​)

❑ FAT file systems are characterized by the use of a file

allocation table and clusters (or
blocks).

❑ Clusters are the smallest unit of storage in a FAT file

system. A cluster actually
represents a fixed number of disk sectors.

❑ The FAT (​File Allocation Table​) is the heart of the file

system. It is located in sector 2 of
cylinder 0, head 1 (and is duplicated in another sector as a
precaution in the event of an accident). This table records
the numbers of the clusters that are used and where ​the
files are located in the clusters.

❑ The FAT file system supports disks or partitions up to a

maximum size of 2 GB but only ​allows at most 65,536
clusters. So, whatever the size of the partition or disk,
there must be enough sectors per cluster so that the entire
disk space can be contained in ​these 65,525 clusters. As
a result, the larger the disk (or partition), the greater the
number of sectors per cluster.

48 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa

Vidyapeetham, Coimbatore - 641112
FAT (File Allocation Table) Cont..

❑ The FAT file system uses a ​root directory

(represented on the operating systems that
use this type of file system by the symbol C:\ ) , which
must be located at a specific ​location on the hard drive.

❑ This root directory stores information on the

sub-directories and files that it contains. For a file, it will
store the file name, the file size, the date and time the file
was last ​modified, the file attributes, and the cluster
number at which the file starts.

49 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa

Vidyapeetham, Coimbatore - 641112
OS Installation Windows 7

50 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa

Vidyapeetham, Coimbatore - 641112
Step 1: Boot From the Windows 7 DVD or USB Device

To begin the Windows 7 clean install process, you'll need

to boot from the Windows 7 ​USB or DVD if you're using a
Windows 7 DVD, or boot from a USB device if your
Windows 7 installation files are located on a flash drive or
other external USB drive.

Tip: See my Windows Installation FAQ if you have

Windows 7 as an ISO image that you need on a flash
drive or disc, or a Windows 7 DVD you need on a flash
drive.

Restart your computer with the Windows 7 DVD in your

optical drive, or with the ​properly configured Windows 7
USB flash drive plugged in.

Watch for a Press any key to boot from CD or DVD...

message similar to the one shown in the screenshot
above. If you're booting from a flash drive, the message
may be phrased differently, like Press any key to boot
from external device....

Press a key to force the computer to boot from the

Windows 7 DVD or USB storage ​device. If you do not
press a key, your computer will attempt to boot to the next
device ​in the boot order, which is probably your hard drive.
If this happens, chances are your current operating
system will boot.

51 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa

Vidyapeetham, Coimbatore - 641112
Step 1: Contd..,

52 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa

Vidyapeetham, Coimbatore - 641112
53 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
Step 2: Wait for Windows 7 Installation Files to Load
54 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
Step 3: Wait for Windows 7 Setup to Finish Loading
Step 4: Choose Language and Other Preferences
55 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
Step 5: Select the Install Now Button
56 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
57 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
Step 6: Wait for Windows 7 Setup to Begin
Step 7: Accept the Windows 7 License Terms
58 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
Step 8: Click on the Custom (advanced) button.
59 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
Step 9: Show the Windows 7 Advanced Drive Options
60 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
Step 10: Delete the Partition Windows is Installed On
61 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
62 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
Step 11: Confirm the Partition Deletion
63 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
Step 12: Delete Other Operating System Related
Partitions
Step 13: Confirm Delete Other Operating System
Related Partitions
64 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
Step 14: Choose a Physical Location to Install
Windows 7 On
65 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
Step 15: Wait While Windows 7 is Installed ( the
machine will restart several times )
66 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
67 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
Step 16: After Completing the Installation Restart the
System (First Time)
68 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
Step 17: Wait for Windows 7 Setup to Begin Again
69 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
Step 18: Wait for Windows 7 Setup to Update Registry
Settings
70 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
Step 19:Wait for Windows 7 Setup to Start Services
Step 20: Wait for Windows 7 Setup to Complete
71 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
72 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
Step 21:Wait for Your PC to Automatically Restart
73 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
Step 22:Wait for Windows 7 to Start
74 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
Step 23: Wait for Windows 7 to Prepare Your PC for
First Use
75 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
Step 24: Wait for Windows 7 to Check Your PC's Video
Performance
Step 25: After Completing the Installation Enter
Username and Computer Name
76 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
77 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
Step 26: Choose a Password to Access Windows 7
Step 27: Enter the Windows 7 Product Key
78 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
79 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112
Step 28:Choose a Windows Update Option
Step 29: Choose the Correct Time Zone, Date, and
Time
80 Pradeep Kumar P, Dept. of ICTS, Amrita School of Engineering, Amrita Vishwa
Vidyapeetham, Coimbatore - 641112