In
computing
Computing is any goal-oriented activity requiring, benefiting from, or creating computing machinery. It includes the study and experimentation of algorithmic processes, and development of both hardware and software. Computing has scientific, e ...
, firmware is a specific class of
computer software
Software is a set of computer programs and associated documentation and data. This is in contrast to hardware, from which the system is built and which actually performs the work.
At the lowest programming level, executable code consists ...
that provides the
low-level control for a device's specific
hardware. Firmware, such as the
BIOS
In computing, BIOS (, ; Basic Input/Output System, also known as the System BIOS, ROM BIOS, BIOS ROM or PC BIOS) is firmware used to provide runtime services for operating systems and programs and to perform hardware initialization during the ...
of a personal computer, may contain basic functions of a device, and may provide
hardware abstraction
Hardware abstractions are sets of routines in software that provide programs with access to hardware resources through programming interfaces. The programming interface allows all devices in a particular class ''C'' of hardware devices to be acce ...
services to higher-level software such as
operating system
An operating system (OS) is system software that manages computer hardware, software resources, and provides common services for computer programs.
Time-sharing operating systems schedule tasks for efficient use of the system and may also in ...
s. For less complex devices, firmware may act as the device's complete
operating system
An operating system (OS) is system software that manages computer hardware, software resources, and provides common services for computer programs.
Time-sharing operating systems schedule tasks for efficient use of the system and may also in ...
, performing all control, monitoring and data manipulation functions. Typical examples of devices containing firmware are
embedded systems
An embedded system is a computer system—a combination of a computer processor, computer memory, and input/output peripheral devices—that has a dedicated function within a larger mechanical or electronic system. It is ''embedded'' as ...
(running
embedded software
Embedded software is computer software, written to control machines or devices that are not typically thought of as computers, commonly known as embedded systems. It is typically specialized for the particular hardware that it runs on and has time ...
), home and personal-use appliances, computers, and
computer peripheral
A peripheral or peripheral device is an auxiliary device used to put information into and get information out of a computer. The term ''peripheral device'' refers to all hardware components that are attached to a computer and are controlled by the ...
s.
Firmware is held in
non-volatile memory
Non-volatile memory (NVM) or non-volatile storage is a type of computer memory that can retain stored information even after power is removed. In contrast, volatile memory needs constant power in order to retain data.
Non-volatile memory typic ...
devices such as
ROM
Rom, or ROM may refer to:
Biomechanics and medicine
* Risk of mortality, a medical classification to estimate the likelihood of death for a patient
* Rupture of membranes, a term used during pregnancy to describe a rupture of the amniotic sac
* R ...
,
EPROM
An EPROM (rarely EROM), or erasable programmable read-only memory, is a type of programmable read-only memory (PROM) chip that retains its data when its power supply is switched off. Computer memory that can retrieve stored data after a power s ...
,
EEPROM
EEPROM (also called E2PROM) stands for electrically erasable programmable read-only memory and is a type of non-volatile memory used in computers, usually integrated in microcontrollers such as smart cards and remote keyless systems, or as a ...
, and
flash memory
Flash memory is an electronic non-volatile computer memory storage medium that can be electrically erased and reprogrammed. The two main types of flash memory, NOR flash and NAND flash, are named for the NOR and NAND logic gates. Both us ...
. Updating firmware requires ROM
integrated circuit
An integrated circuit or monolithic integrated circuit (also referred to as an IC, a chip, or a microchip) is a set of electronic circuits on one small flat piece (or "chip") of semiconductor material, usually silicon. Large numbers of tiny ...
s to be physically replaced, or EPROM or flash memory to be reprogrammed through a special procedure. Some firmware memory devices are permanently installed and cannot be changed after manufacture. Common reasons for updating firmware include fixing bugs or adding features.
History and etymology
Ascher Opler coined the term ''firmware'' in a 1967 ''
Datamation
''Datamation'' is a computer magazine that was published in print form in the United States between 1957 and 1998, '' article,
[
] as an intermediary term between "hardware" and "software".
In this article, Opler was referring to a new kind of computer program that had a different practical and psychological purpose from traditional programs from the user's perspective.
As computers began to increase in complexity, it became clear that various programs needed to first be initiated and run to provide a consistent environment necessary for running more complex programs at the user's discretion. This required programming the computer to run those programs automatically. Furthermore, as companies, universities, and marketers wanted to sell computers to laypeople with little technical knowledge, greater automation became necessary to allow a lay-user to easily run programs for practical purposes. This gave rise to a kind of software that a user would not consciously run, and it led to software that a lay user wouldn't even know about.
Originally, it meant the contents of a writable
control store A control store is the part of a CPU's control unit that stores the CPU's microprogram. It is usually accessed by a microsequencer. A control store implementation whose contents are unalterable is known as a Read Only Memory (ROM) or Read Only Sto ...
(a small specialized high-speed memory), containing
microcode
In processor design, microcode (μcode) is a technique that interposes a layer of computer organization between the central processing unit (CPU) hardware and the programmer-visible instruction set architecture of a computer. Microcode is a laye ...
that defined and implemented the computer's
instruction set
In computer science, an instruction set architecture (ISA), also called computer architecture, is an abstract model of a computer. A device that executes instructions described by that ISA, such as a central processing unit (CPU), is called an ' ...
, and that could be reloaded to specialize or modify the instructions that the
central processing unit
A central processing unit (CPU), also called a central processor, main processor or just processor, is the electronic circuitry that executes instructions comprising a computer program. The CPU performs basic arithmetic, logic, controlling, an ...
(CPU) could execute. As originally used, firmware contrasted with hardware (the CPU itself) and software (normal instructions executing on a CPU). It was not composed of CPU machine instructions, but of lower-level microcode involved in the implementation of machine instructions. It existed on the boundary between hardware and software; thus the name ''firmware''. Over time, popular usage extended the word ''firmware'' to denote any computer program that is tightly linked to hardware, including
BIOS
In computing, BIOS (, ; Basic Input/Output System, also known as the System BIOS, ROM BIOS, BIOS ROM or PC BIOS) is firmware used to provide runtime services for operating systems and programs and to perform hardware initialization during the ...
on PCs,
boot firmware
In computing, booting is the process of starting a computer as initiated via hardware such as a button or by a software command. After it is switched on, a computer's central processing unit (CPU) has no software in its main memory, so some ...
on smartphones,
computer peripheral
A peripheral or peripheral device is an auxiliary device used to put information into and get information out of a computer. The term ''peripheral device'' refers to all hardware components that are attached to a computer and are controlled by the ...
s, or the control systems on simple
consumer electronic devices
Consumer electronics or home electronics are electronic (analog or digital) equipment intended for everyday use, typically in private homes. Consumer electronics include devices used for entertainment, communications and recreation. Usually re ...
such as
microwave oven
A microwave oven (commonly referred to as a microwave) is an electric oven that heats and cooks food by exposing it to electromagnetic radiation in the microwave frequency range. This induces polar molecules in the food to rotate and produce t ...
s,
remote control
In electronics, a remote control (also known as a remote or clicker) is an electronic device used to operate another device from a distance, usually wirelessly. In consumer electronics, a remote control can be used to operate devices such as ...
s.
Applications
Computers
In some respects, the various firmware components are as important as the
operating system
An operating system (OS) is system software that manages computer hardware, software resources, and provides common services for computer programs.
Time-sharing operating systems schedule tasks for efficient use of the system and may also in ...
in a working computer. However, unlike most modern operating systems, firmware rarely has a well-evolved automatic mechanism of updating itself to fix any functionality issues detected after shipping the unit.
The BIOS may be manually updated by a user via a small utility program. In contrast, firmware in mass storage devices (hard-disk drives, optical disc drives, flash memory storage e.g. solid state drive) is less frequently updated, even when flash memory (rather than ROM, EEPROM) storage is used for the firmware.
Most computer peripherals are themselves special-purpose computers. Devices such as printers, scanners, webcams, and
USB flash drive
A USB flash drive (also called a thumb drive) is a data storage device that includes flash memory with an integrated USB interface. It is typically removable, rewritable and much smaller than an optical disc. Most weigh less than . Since firs ...
s have internally-stored firmware; some devices may also permit field upgrading of their firmware.
Other instances of computer firmware include:
* The
(U)EFI-compliant firmware used on
Itanium
Itanium ( ) is a discontinued family of 64-bit Intel microprocessors that implement the Intel Itanium architecture (formerly called IA-64). Launched in June 2001, Intel marketed the processors for enterprise servers and high-performance computin ...
systems, Intel-based
Macs, and many newer PCs
*
Hard disk drive
A hard disk drive (HDD), hard disk, hard drive, or fixed disk is an electro-mechanical data storage device that stores and retrieves digital data using magnetic storage with one or more rigid rapidly rotating platters coated with magnet ...
,
solid-state drive
A solid-state drive (SSD) is a solid-state storage device that uses integrated circuit assemblies to store data persistently, typically using flash memory, and functioning as secondary storage in the hierarchy of computer storage. It is ...
or
optical disc drive
In computing, an optical disc drive is a disc drive that uses laser light or electromagnetic waves within or near the visible light spectrum as part of the process of reading or writing data to or from optical discs. Some drives can only r ...
firmware
*
Video BIOS
Video BIOS is the BIOS of a graphics card in a (usually IBM PC-derived) computer. It initializes the graphics card at the computer's boot time. It also implements INT 10h interrupt and VESA BIOS Extensions (VBE) for basic text and videomode output ...
of a
graphics card
A graphics card (also called a video card, display card, graphics adapter, VGA card/VGA, video adapter, display adapter, or mistakenly GPU) is an expansion card which generates a feed of output images to a display device, such as a computer moni ...
*
Open Firmware
Open Firmware is a standard defining the interfaces of a computer firmware system, formerly endorsed by the Institute of Electrical and Electronics Engineers (IEEE). It originated at Sun Microsystems, where it was known as OpenBoot, and has bee ...
, used in
SPARC
SPARC (Scalable Processor Architecture) is a reduced instruction set computer (RISC) instruction set architecture originally developed by Sun Microsystems. Its design was strongly influenced by the experimental Berkeley RISC system developed ...
-based computers from
Sun Microsystems
Sun Microsystems, Inc. (Sun for short) was an American technology company that sold computers, computer components, software, and information technology services and created the Java programming language, the Solaris operating system, ZFS, the ...
and
Oracle Corporation
Oracle Corporation is an American multinational computer technology corporation headquartered in Austin, Texas. In 2020, Oracle was the third-largest software company in the world by revenue and market capitalization. The company sells da ...
,
PowerPC
PowerPC (with the backronym Performance Optimization With Enhanced RISC – Performance Computing, sometimes abbreviated as PPC) is a reduced instruction set computer (RISC) instruction set architecture (ISA) created by the 1991 Apple Inc., App ...
-based computers from Apple, and computers from
Genesi
Genesi is an international group of technology and consulting companies in the United States, Mexico and Germany. It is most widely known for designing and manufacturing ARM architecture and Power ISA-based computing devices. The Genesi Group cons ...
*
ARCS, used in computers from
Silicon Graphics
Silicon Graphics, Inc. (stylized as SiliconGraphics before 1999, later rebranded SGI, historically known as Silicon Graphics Computer Systems or SGCS) was an American high-performance computing manufacturer, producing computer hardware and soft ...
*
Kickstart, used in the
Amiga
Amiga is a family of personal computers introduced by Commodore in 1985. The original model is one of a number of mid-1980s computers with 16- or 32-bit processors, 256 KB or more of RAM, mouse-based GUIs, and significantly improved graphi ...
line of computers (
POST
Post or POST commonly refers to:
*Mail, the postal system, especially in Commonwealth of Nations countries
**An Post, the Irish national postal service
**Canada Post, Canadian postal service
**Deutsche Post, German postal service
**Iraqi Post, Ira ...
, hardware init +
Plug and Play
In computing, a plug and play (PnP) device or computer bus is one with a specification that facilitates the recognition of a hardware component in a system without the need for physical device configuration or user intervention in resolving resou ...
auto-configuration
Auto-configuration is the automatic configuration of devices without manual intervention, without any need for software configuration programs or jumpers. Ideally, auto-configuring devices should just "plug and play". Auto-configuration has been m ...
of peripherals,
kernel
Kernel may refer to:
Computing
* Kernel (operating system), the central component of most operating systems
* Kernel (image processing), a matrix used for image convolution
* Compute kernel, in GPGPU programming
* Kernel method, in machine learnin ...
, etc.)
*
RTAS (Run-Time Abstraction Services), used in computers from
IBM
* The
Common Firmware Environment
Common Firmware Environment (CFE), sometimes pronounced as 'cafe', is a firmware interface and bootloader developed by Broadcom for 32-bit and 64-bit system-on-a-chip systems. It is intended to be a flexible toolkit of CPU initialization and bootst ...
(CFE)
Home and personal-use products
, most
portable music player
A portable audio player is a personal mobile device that allows the user to listen to recorded audio while mobile. Sometimes a distinction is made between a ''portable'' player, battery-powered and with one or more small loudspeakers, and a ''pers ...
s support firmware upgrades. Some companies use firmware updates to add new playable file formats (
codecs
A codec is a device or computer program that encodes or decodes a data stream or signal. ''Codec'' is a portmanteau of coder/decoder.
In electronic communications, an endec is a device that acts as both an encoder and a decoder on a signal or da ...
). Other features that may change with firmware updates include the GUI or even the battery life. Most
mobile phone
A mobile phone, cellular phone, cell phone, cellphone, handphone, hand phone or pocket phone, sometimes shortened to simply mobile, cell, or just phone, is a portable telephone that can make and receive calls over a radio frequency link whil ...
s have a
firmware over the air
Over-the-air programming (OTA programming) refers to various methods of distributing new software, configuration settings, and even updating encryption keys to devices like mobile phones, set-top boxes, electric cars or secure voice communication ...
firmware upgrade capability for much the same reasons; some may even be upgraded to enhance reception or sound quality.
Automobiles
Since 1996, most
automobile
A car or automobile is a motor vehicle with Wheel, wheels. Most definitions of ''cars'' say that they run primarily on roads, Car seat, seat one to eight people, have four wheels, and mainly transport private transport#Personal transport, pe ...
s have employed an on-board computer and various sensors to detect mechanical problems. , modern vehicles also employ computer-controlled
anti-lock braking system
An anti-lock braking system (ABS) is a safety anti-skid braking system used on aircraft and on land vehicles, such as cars, motorcycles, trucks, and buses. ABS operates by preventing the wheels from locking up during braking, thereby maintaini ...
s (ABS) and computer-operated
transmission control units (TCUs). The driver can also get in-dash information while driving in this manner, such as real-time fuel economy and tire pressure readings. Local dealers can update most vehicle firmware.
Other examples
Other firmware applications include:
* In home and personal-use products:
** Timing and control systems for
washing machine
A washing machine (laundry machine, clothes washer, washer, or simply wash) is a home appliance used to wash laundry. The term is mostly applied to machines that use water as opposed to dry cleaning (which uses alternative cleaning fluids and ...
s
** Controlling sound and video attributes, as well as the channel list, in modern
television
Television, sometimes shortened to TV, is a telecommunication medium for transmitting moving images and sound. The term can refer to a television set, or the medium of television transmission. Television is a mass medium for advertisin ...
s
* In
routers,
switches
In electrical engineering, a switch is an electrical component that can disconnect or connect the conducting path in an electrical circuit, interrupting the electric current or diverting it from one conductor to another. The most common type of ...
, and
firewalls:
**
LibreCMC
LibreCMC is a Linux-libre distribution for computers with minimal resources, such as the Ben NanoNote, ath9k-based Wi-Fi routers, and other hardware with emphasis on free software. Based on OpenWrt, the project's goal is to aim for compliance wit ...
a 100%
free software
Free software or libre software is computer software distributed under terms that allow users to run the software for any purpose as well as to study, change, and distribute it and any adapted versions. Free software is a matter of liberty, no ...
router distribution based on the
Linux-libre
Linux-libre is a modified version of the Linux kernel that contains no binary blobs, obfuscated code, or code released under proprietary licenses. In the Linux kernel, they are mostly used for proprietary firmware images. While generally redis ...
kernel
**
IPFire
IPFire is a hardened open source Linux distribution that primarily performs as a router and a firewall; a standalone firewall system with a web-based management console for configuration.
IPFire originally started as a fork of IPCop and has bee ...
an
open-source
Open source is source code that is made freely available for possible modification and redistribution. Products include permission to use the source code, design documents, or content of the product. The open-source model is a decentralized sof ...
firewall/router distribution based on the
Linux kernel
The Linux kernel is a free and open-source, monolithic, modular, multitasking, Unix-like operating system kernel. It was originally authored in 1991 by Linus Torvalds for his i386-based PC, and it was soon adopted as the kernel for the GNU ope ...
**
fli4l
fli4l (flexible internet router for linux; previously: floppy isdn for linux) is a Linux distribution, actively developed by German developers since 2000. The projects main task is to provide a small Linux system that turns almost every machine in ...
an open-source firewall/router distribution based on the Linux kernel
**
OpenWrt
OpenWrt (from ''open wireless router'') is an open-source project for embedded operating systems based on Linux, primarily used on embedded devices to route network traffic. The main components are Linux, util-linux, musl, and BusyBox. All com ...
an open-source firewall/router distribution based on the Linux kernel
**
m0n0wall
m0n0wall was an embedded firewall distribution of FreeBSD, one of the BSD operating system descendants. It provides a small image which can be put on Compact Flash cards as well as on CD-ROMs and hard disks. It runs on a number of embedded plat ...
an embedded firewall distribution of
FreeBSD
FreeBSD is a free and open-source Unix-like operating system descended from the Berkeley Software Distribution (BSD), which was based on Research Unix. The first version of FreeBSD was released in 1993. In 2005, FreeBSD was the most popular ...
**
Proprietary firmware Proprietary firmware is any firmware on which is not free (libre). Examples of proprietary works include ones upon which the author has placed restrictions on use, private modification, copying, or republishing.
Proprietors may enforce restrict ...
* In
NAS
Nas (born 1973) is the stage name of American rapper Nasir Jones.
Nas, NaS, or NAS may also refer to:
Aviation
* Nasair, a low-cost airline carrier and subsidiary based in Eritrea
* National Air Services, an airline in Saudi Arabia
** Nas Air ( ...
systems:
**
NAS4Free
XigmaNAS is network-attached storage (NAS) server software with a dedicated management web interface (written in PHP). It is free software under the terms of the Simplified BSD license.
XigmaNAS is a continuation of the original FreeNAS code, ...
an open-source NAS operating system based on FreeBSD
**
Openfiler
Openfiler is an operating system that provides file-based network-attached storage and block-based storage area network. It was created by Xinit Systems, and is based on the CentOS Linux distribution. It is free software licensed under the GN ...
an open-source NAS operating system based on the Linux kernel
**
Proprietary firmware Proprietary firmware is any firmware on which is not free (libre). Examples of proprietary works include ones upon which the author has placed restrictions on use, private modification, copying, or republishing.
Proprietors may enforce restrict ...
*
Field-Programmable Gate Array
A field-programmable gate array (FPGA) is an integrated circuit designed to be configured by a customer or a designer after manufacturinghence the term '' field-programmable''. The FPGA configuration is generally specified using a hardware d ...
(FPGA) code may be referred to as firmware
Flashing
''Flashing''
involves the overwriting of existing firmware or data, contained in
EEPROM
EEPROM (also called E2PROM) stands for electrically erasable programmable read-only memory and is a type of non-volatile memory used in computers, usually integrated in microcontrollers such as smart cards and remote keyless systems, or as a ...
or
flash memory
Flash memory is an electronic non-volatile computer memory storage medium that can be electrically erased and reprogrammed. The two main types of flash memory, NOR flash and NAND flash, are named for the NOR and NAND logic gates. Both us ...
module present in an electronic device, with new data.
This can be done to upgrade a device or to change the provider of a service associated with the function of the device, such as changing from one mobile phone service provider to another or installing a new operating system. If firmware is upgradable, it is often done via a program from the provider, and will often allow the old firmware to be saved before upgrading so it can be reverted to if the process fails, or if the newer version performs worse. Free software replacements for vendor flashing tools have been developed, such as
Flashrom.
Firmware hacking
Sometimes, third parties develop an unofficial new or modified ("aftermarket") version of firmware to provide new features or to unlock hidden functionality; this is referred to as
custom firmware Custom firmware, also known as aftermarket firmware, is an unofficial new or modified version of firmware created by third parties on devices such as video game consoles and various embedded device types to provide new features or to unlock hidden f ...
. An example is
Rockbox
Rockbox is a free and open-source software replacement for the OEM firmware in various forms of digital audio players (DAPs) with an original kernel. It offers an alternative to the player's operating system, in many cases without removing the or ...
as a firmware replacement for
portable media players
A portable media player (PMP) (also including the related digital audio player (DAP)) is a portable consumer electronics device capable of storing and playing digital media such as audio, images, and video files. The data is typically stored o ...
. There are many
homebrew projects for various devices, which often unlock general-purpose computing functionality in previously limited devices (e.g., running
Doom
Doom is another name for damnation.
Doom may also refer to:
People
* Doom (professional wrestling), the tag team of Ron Simmons and Butch Reed
* Daniel Doom (born 1934), Belgian cyclist
* Debbie Doom (born 1963), American softball pitcher
* L ...
on
iPod
The iPod is a discontinued series of portable media players and multi-purpose mobile devices designed and marketed by Apple Inc. The first version was released on October 23, 2001, about months after the Macintosh version of iTunes ...
s).
Firmware hacks usually take advantage of the firmware update facility on many devices to install or run themselves. Some, however, must resort to
exploit
Exploit means to take advantage of something (a person, situation, etc.) for one's own end, especially unethically or unjustifiably.
Exploit can mean:
*Exploitation of natural resources
*Exploit (computer security)
* Video game exploit
*Exploitat ...
s to run, because the manufacturer has attempted to lock the hardware to stop it from running
unlicensed code.
Most firmware hacks are
free software
Free software or libre software is computer software distributed under terms that allow users to run the software for any purpose as well as to study, change, and distribute it and any adapted versions. Free software is a matter of liberty, no ...
.
HDD firmware hacks
The Moscow-based
Kaspersky Lab
Kaspersky Lab (; Russian: Лаборатория Касперского, tr. ''Laboratoriya Kasperskogo'') is a Russian multinational cybersecurity and anti-virus provider headquartered in Moscow, Russia, and operated by a holding company in th ...
discovered that a group of developers it refers to as the "
Equation Group
The Equation Group, classified as an advanced persistent threat, is a highly sophisticated threat actor suspected of being tied to the Tailored Access Operations (TAO) unit of the United States National Security Agency (NSA). Kaspersky Labs descr ...
" has developed
hard disk drive
A hard disk drive (HDD), hard disk, hard drive, or fixed disk is an electro-mechanical data storage device that stores and retrieves digital data using magnetic storage with one or more rigid rapidly rotating platters coated with magnet ...
firmware modifications for various drive models, containing a
trojan horse
The Trojan Horse was a wooden horse said to have been used by the Greeks during the Trojan War to enter the city of Troy and win the war. The Trojan Horse is not mentioned in Homer's ''Iliad'', with the poem ending before the war is concluded, ...
that allows data to be stored on the drive in locations that will not be erased even if the drive is formatted or wiped. Although the Kaspersky Lab report did not explicitly claim that this group is part of the United States
National Security Agency
The National Security Agency (NSA) is a national-level intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence (DNI). The NSA is responsible for global monitoring, collecti ...
(NSA), evidence obtained from the code of various Equation Group software suggests that they are part of the NSA.
Researchers from the Kaspersky Lab categorized the undertakings by Equation Group as the most advanced hacking operation ever uncovered, also documenting around 500 infections caused by the Equation Group in at least 42 countries.
Security risks
Mark Shuttleworth
Mark Richard Shuttleworth (born 18 September 1973) is a South African and British entrepreneur who is the founder and CEO of Canonical, the company behind the development of the Linux-based Ubuntu operating system. In 2002, Shuttleworth became ...
, the founder of the company
Canonical
The adjective canonical is applied in many contexts to mean "according to the canon" the standard, rule or primary source that is accepted as authoritative for the body of knowledge or literature in that context. In mathematics, "canonical example ...
, which maintains the
Ubuntu Linux
Ubuntu ( ) is a Linux distribution based on Debian and composed mostly of free and open-source software. Ubuntu is officially released in three editions: ''Desktop'', '' Server'', and ''Core'' for Internet of things devices and robots. All ...
distribution, has described