ISO/IEC INTERNATIONAL STANDARD 19678 First edition 2015-05-01 Information Technology - BIOS Protection Guidelines Technologies de I'information - Lignes directrices de protection BIOS Reference number ISO/IEC 19678:2015(E) IEC International Organization for Standardization nstituteof Standardization5956617 @IS0/IEC2015 vided by IHS under Not for Resale, 2015/6/29 09:24:32 ted without license from IHS IS0/IEC 19678:2015(E) COPYRIGHTPROTECTEDDOCUMENT IS0/IEC 2015, Published in Switzerland All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form written permission. Permission can be requested from either ISO at the address below or ISO's member body in the country of the requester. ISO copyright office Ch. de Blandonnet 8 . CP 401 CH-1214 Vernier, Geneva, Switzerland Tel.+41 22 749 01 11 Fax +41227490947 copyright@iso.org www.iso.org icene-zZhejang nsite f StandareRalS S6JEC 2015 - All rights reserved Not for Resale, 2015/6/29 09:24:32 netiworking permtted without license from IHS ISO/IEC19678:2015(E) Contents Page Foreword. Introduction.. ..vi Scope.. Conformance Normativereferences. 4 Termsanddefinitions. 2 5 Symbols (and abbreviated terms) . 6 Background. 6.1System BIOS.. 6.2 Role of System BioS in the Boot Process 6.3 Updating the System BIOS..... 6.4 Importance of BIOS Integrity 6.5 Threats to the System BIOS. Threat Mitigation. 10 Bibliography.. International Organization for Standardization nited without license from IHS Not for Resale, 2015/6/29 09:24:32