Read the original article here.

---

Understanding Firmware: The Essential Foundation for Building Your Computer

When you embark on the journey of building a computer from scratch, you naturally focus on the physical components: the CPU, motherboard, RAM, storage drives, etc. You also think about the software you'll install, like the operating system (OS) and applications. However, there's a crucial layer of software that bridges the gap between the raw hardware you've assembled and the OS you want to run. This layer is called firmware.

Without firmware, your meticulously chosen and connected hardware components would be inert – just silicon, metal, and plastic. Firmware provides the initial spark, the fundamental instructions that tell the hardware how to wake up, communicate, and prepare itself to load more complex software.

What is Firmware?

At its core, firmware is software that is very closely tied to specific hardware. It's often described as sitting between hardware and higher-level software like an operating system.

Firmware: Software that provides low-level control of computing device hardware. For simple devices, it might handle all functionality; for complex devices, it provides low-level control and hardware abstraction services for higher-level software.

Think of firmware as the conscience or the basic operating instructions embedded directly within the hardware component itself. It's not something you typically install or remove like a standard application; it's foundational.

Why is Firmware Indispensable? The Bootstrapping Problem

Imagine powering on a computer. What happens immediately? The CPU doesn't magically know how to read from a hard drive, display graphics, or listen to keyboard input. The hardware needs instructions right away, before any operating system is loaded. This is where firmware comes in.

In the context of building a computer, firmware performs several critical roles:

1. Initial Hardware Setup and Testing: When the power button is pressed, the very first instructions executed come from firmware. This firmware initiates the Power-On Self-Test (POST), checking that essential components like the CPU, RAM, and graphics card are present and functional.
2. Hardware Initialization: Firmware configures the hardware components. This involves setting up memory controllers, initializing communication buses (like USB or PCIe), configuring storage interfaces (SATA, NVMe), and getting basic input/output devices ready.
3. Providing a Consistent Environment: Different motherboards and hardware configurations exist. Firmware provides a layer of abstraction, presenting a more standardized view of the hardware to the software that loads next (typically a bootloader or the OS installer). This prevents the OS from needing to know the intricate, exact details of every possible hardware component.
4. Loading the Next Stage (Bootloader): Once the hardware is initialized, the firmware's primary task on a PC is to locate and load the bootloader (which might be part of the OS or a separate utility) from a designated boot device (like a hard drive, SSD, or USB stick). This bootloader then takes over the process of loading the full operating system.

Bootloader: A small program that resides in firmware (or is loaded by firmware) whose primary job is to load the operating system kernel into memory and start its execution.

For someone building a computer, understanding that firmware is the crucial first step after assembly is key. If the firmware doesn't run correctly or can't initialize your specific components, the computer simply won't boot or even display anything on the screen.

Where Firmware Resides: Non-Volatile Memory

Because firmware needs to be available the instant the device powers on, it cannot be stored on a volatile medium like RAM (which loses its contents when power is removed). Instead, firmware is stored in non-volatile memory.

Non-Volatile Memory: A type of computer memory that can retain stored information even when not powered.

Historically, firmware was often stored in Read-Only Memory (ROM). Changing ROM required physically replacing the chip, which was impractical. Over time, more flexible non-volatile memory types were developed:

• EPROM (Erasable Programmable Read-Only Memory): Could be erased using strong ultraviolet light and then reprogrammed. Still required physical removal from the board.
• EEPROM (Electrically Erasable Programmable Read-Only Memory): Could be erased and reprogrammed electrically while still on the board, but usually byte by byte or in small blocks, making it slower for large updates.
• Flash Memory: A modern type of EEPROM that allows large blocks (or the entire chip) to be erased and reprogrammed electrically much faster than traditional EEPROM. This is the most common type of non-volatile memory used for firmware storage today.

Most modern computer motherboards and peripherals store their firmware in flash memory chips. This is essential because it allows the firmware to be updated without physically replacing chips.

Getting Firmware onto the Chip: Manufacturing and Flashing

When a hardware component is manufactured (like a motherboard or a graphics card), the initial version of its firmware is programmed onto the non-volatile memory chip during the factory process.

However, firmware isn't static. Manufacturers often release updated versions to fix bugs, add support for new hardware (like newer CPUs on an older motherboard), improve performance, or address security vulnerabilities. The process of replacing the existing firmware on a programmable memory chip with a new version is called flashing.

Flashing: The process of overwriting the existing firmware stored in programmable non-volatile memory (like EEPROM or flash memory) with new data, typically to update or change the firmware version.

Flashing is a critical procedure for anyone building and maintaining a computer. It's usually performed using a utility program provided by the hardware manufacturer. Because flashing involves overwriting the fundamental instructions the device needs to operate, it's a potentially risky process. If interrupted or if the wrong firmware is used, the device can become non-functional (often referred to as "bricking"). Many modern flashing utilities include safeguards or the ability to revert to an older version if problems occur.

Firmware in Practice: Key Examples for PC Building

When you assemble a PC, you encounter firmware in multiple places:

1. Motherboard Firmware (BIOS/UEFI): This is arguably the most critical firmware.

   • BIOS (Basic Input/Output System): The traditional firmware interface on PCs. It performs POST, initializes core hardware, and loads the boot sector from a drive. The BIOS setup utility (accessed by pressing a key like F2 or Del during boot) allows you to configure system settings like boot order, hardware parameters, and overclocking.
   • UEFI (Unified Extensible Firmware Interface): The modern successor to BIOS. UEFI offers significant advantages, including faster boot times, support for larger storage drives (over 2TB), more flexible booting options (like network boot), and features like Secure Boot (which helps prevent malware from loading before the OS). UEFI interfaces are often graphical and mouse-supported, a departure from the text-based BIOS menus. Most modern motherboards use UEFI. Understanding how to navigate and configure the UEFI/BIOS settings is fundamental to setting up your built system.

2. Graphics Card Firmware (Video BIOS): Graphics cards have their own firmware that initializes the GPU and video memory during boot and provides basic video output before the main graphics drivers are loaded by the OS. Updating this firmware (often called "flashing the VBIOS") can sometimes fix display issues or add support for new standards, though it's less common for typical users than flashing the motherboard firmware.

3. Storage Drive Firmware: Hard drives (HDDs) and Solid State Drives (SSDs) contain sophisticated firmware that manages data storage, retrieval, wear leveling (for SSDs), error correction, and communication with the system. Drive firmware is crucial for performance and reliability. While less frequently updated by the user, manufacturers occasionally release updates to address bugs or improve compatibility/performance.

4. Peripheral Firmware: Many other devices you connect to your computer, from network cards and sound cards to keyboards, mice, printers, and webcams, contain their own internal firmware. For simpler devices like USB keyboards or mice, this firmware is often embedded directly into a microcontroller chip. This allows the device to perform its basic function and communicate with the computer using standard protocols (like USB HID) before any specific drivers are loaded by the OS.

Historical Context

The term "firmware" was coined by Ascher Opler in a 1967 article to describe a new type of software that fell between "hardware" (the physical components) and "software" (programs running on the CPU). Initially, firmware specifically referred to microcode, which was a lower layer of programming used to implement the CPU's machine instructions themselves on some architectures. It allowed CPU instruction sets to be customized.

Microcode: A layer of programming below the level of machine code, used in some CPU designs to implement the instruction set architecture. It is a form of firmware internal to the CPU.

As computers grew more complex and aimed at non-technical users, there became a greater need for automated initial setup routines that ran before the user-facing software. This led to the broader use of the term "firmware" to include any software that is tightly bound to hardware and necessary for its basic operation and initialization, such as the BIOS on PCs or the control systems in embedded devices. While the original focus was on microcode, the popular definition expanded to cover this essential boot-up and hardware control software found in nearly all computing devices today.

Going Deeper: Custom Firmware and Security Considerations

The fact that firmware can be updated (flashed) opens possibilities beyond simply installing manufacturer updates.

Custom Firmware (Firmware Hacking): Enthusiasts and developers sometimes create unofficial, modified, or entirely new versions of firmware, known as custom firmware.

Custom Firmware: Unofficial or modified versions of firmware developed by third parties, often to add new features, unlock hidden functionality, or improve performance beyond what the original manufacturer provided.

Examples include projects like Rockbox for portable music players (adding codec support, games, etc.) or various "homebrew" projects that enable general-purpose computing on devices originally designed for a single function (like running Linux on a Wi-Fi router). Installing custom firmware usually involves using the standard flashing process or, in some cases, exploiting vulnerabilities if the manufacturer attempts to prevent unofficial code.

Security Risks: Firmware's fundamental role also makes it a significant security concern. Because firmware runs before the operating system, it has a high level of privilege and is often less scrutinized by standard security software (like anti-virus, which runs within the OS).

Concerns include:

• Proprietary Nature: Most firmware is closed-source, meaning its code cannot be easily reviewed for vulnerabilities or malicious implants by independent security researchers or the end-user building the system.
• Vulnerabilities: Bugs in firmware can be exploited by attackers.
• Persistence: Malware embedded in firmware is very difficult to detect and remove, as it can survive operating system reinstallation or even drive formatting.
• Sophisticated Attacks: Examples like the Equation Group modifying HDD firmware show that attackers can target this deep level to install persistent backdoors or spy on users, even making data survive drive wipes. The BadUSB exploit demonstrated how the microcontroller firmware in a seemingly innocent USB device could be reprogrammed to act as a keyboard (injecting commands), network card (redirecting traffic), or storage device to compromise a system.

For those building systems, being aware of firmware security is important. Choosing hardware from manufacturers with a good security track record, keeping firmware updated (from trusted sources), and considering hardware with open-source firmware options (like Coreboot or Libreboot for motherboards) are ways to mitigate some of these risks. The call for more open and auditable firmware reflects a desire for greater transparency and security at this fundamental level.

Conclusion

Firmware is not just a technical detail; it's the fundamental layer of software that brings hardware to life. For anyone building a computer from scratch, understanding firmware – what it is, where it lives, why it's needed for bootstrapping, and how it's updated – is crucial. It's the invisible bridge that allows the physical components you've assembled to become a functional machine capable of running complex operating systems and applications. Being aware of the different types, the process of flashing, and the security implications equips the builder with a more complete understanding of their system from the ground up.