WO2026029486A1 - Dispositif électronique et procédé de récupération de csme à l'aide de bios dans un dispositif électronique - Google Patents

Dispositif électronique et procédé de récupération de csme à l'aide de bios dans un dispositif électronique

Info

Publication number
WO2026029486A1
WO2026029486A1 PCT/KR2025/011016 KR2025011016W WO2026029486A1 WO 2026029486 A1 WO2026029486 A1 WO 2026029486A1 KR 2025011016 W KR2025011016 W KR 2025011016W WO 2026029486 A1 WO2026029486 A1 WO 2026029486A1
Authority
WO
WIPO (PCT)
Prior art keywords
csme
electronic device
firmware
memory
bios
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
PCT/KR2025/011016
Other languages
English (en)
Korean (ko)
Inventor
김승환
정중천
신채원
이민광
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Samsung Electronics Co Ltd
Original Assignee
Samsung Electronics Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from KR1020240108557A external-priority patent/KR20260019342A/ko
Application filed by Samsung Electronics Co Ltd filed Critical Samsung Electronics Co Ltd
Publication of WO2026029486A1 publication Critical patent/WO2026029486A1/fr
Pending legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/14Error detection or correction of the data by redundancy in operations
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/61Installation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/4401Bootstrapping

Definitions

  • Embodiments of the present disclosure relate to a method for restoring CSME in an electronic device.
  • Electronic devices can refer to devices that perform specific functions based on installed programs, such as home appliances, electronic notebooks, portable multimedia players, mobile communication terminals, tablet PCs, audio/video devices, desktop/laptop computers, and vehicle navigation systems.
  • An electronic device includes a main processor (e.g., a central processing unit (CPU) or an application processor (AP)) and memory, and can execute programs (e.g., software) stored in the memory through the main processor.
  • main processor e.g., a central processing unit (CPU) or an application processor (AP)
  • programs e.g., software stored in the memory through the main processor.
  • These electronic devices may further include a security management processor that operates separately from the main processor and provides security and management functions for the electronic device.
  • a security and management processor e.g., a converged security and management engine (CSME) or CSME processor
  • CSME converged security and management engine
  • CSME processor a converged security and management engine
  • the electronic device can execute security and management firmware (e.g., CSME firmware) stored in memory through the CSME processor independently from the main processor and perform operations by the CSME firmware.
  • the CSME processor of an electronic device may detect abnormal behavior due to a combination of reasons, such as an update error of the CSME firmware, a one-time operation error of the CSME firmware, or a hardware defect of the electronic device, during operation by the CSME firmware (e.g., CSME normal operation mode).
  • the CSME firmware of an electronic device may not provide a function to return to the normal operation mode, but may provide a self-recovery function that restores only some functions (e.g., the minimum (or basic functions) required for booting the electronic device) out of the total functions of the CSME firmware in the abnormal operation mode when it is not in the CSME normal operation mode (or when it is in the abnormal operation mode).
  • the CSME processor of an electronic device may operate in the CSME abnormal mode, where it performs only some basic functions without returning to the CSME normal mode, even though it cannot perform security functions in the CSME abnormal mode.
  • the electronic device may not be able to provide information to the user even when the CSME processor is operating in the CSME abnormal mode, and the user may need to manually reinstall the CSME firmware to return the CSME abnormal mode to the CSME normal mode.
  • an electronic device can store a backup image in a CSME normal mode through a main processor using a BIOS (basic input output system), and when a CSME abnormal mode is detected, restore the CSME abnormal mode to the CSME normal mode using the stored backup image, and a method for restoring CSME using BIOS in the electronic device can be provided.
  • BIOS basic input output system
  • an electronic device may include at least one memory storing commands, and at least one processor operatively connected to the at least one memory.
  • the commands when individually or collectively executed by the at least one processor, may cause the electronic device to execute BIOS firmware and CSME firmware stored in the at least one memory based on a power-on of the electronic device.
  • the commands when individually or collectively executed by the at least one processor, may cause the electronic device to identify whether a CSME operation mode by execution of the CSME firmware is a normal mode based on execution of the BIOS firmware.
  • the commands when individually or collectively executed by the at least one processor, may cause the electronic device to acquire a first backup image corresponding to the normal mode if the CSME operation mode is the normal mode, and to store the first backup image in a designated storage area of the at least one memory.
  • the above commands when executed individually or collectively by the at least one processor, may cause the electronic device to obtain a second backup image stored in the designated storage area if the CSME operation mode is not the normal mode and perform a restoration using the second backup image so that the CSME operation mode becomes the normal mode.
  • a method for restoring CSME using BIOS in an electronic device may include an operation of executing BIOS firmware and CSME firmware stored in at least one memory based on power-on of the electronic device.
  • the method may include an operation of identifying whether a CSME operation mode by execution of the CSME firmware is a normal mode based on execution of the BIOS firmware. If the CSME operation mode is the normal mode, the method may include an operation of acquiring a first backup image corresponding to the normal mode and storing the first backup image in a designated storage area of the at least one memory. If the CSME operation mode is not the normal mode, the method may include an operation of acquiring a second backup image stored in the designated storage area and performing restoration using the second backup image so that the CSME operation mode becomes the normal mode.
  • the commands are configured to cause the electronic device to perform at least one operation when executed by the electronic device, wherein the at least one operation may include: executing BIOS firmware and CSME firmware stored in the at least one memory based on power-on of the electronic device; identifying whether a CSME operation mode by execution of the CSME firmware is a normal mode based on execution of the BIOS firmware; acquiring a first backup image corresponding to the normal mode if the CSME operation mode is the normal mode and storing the first backup image in a designated storage area of the at least one memory if the CSME operation mode is not the normal mode; and acquiring a second backup image stored in the designated storage area if the CSME operation mode is not the normal mode and performing a restoration using the second backup image so that the CSME operation mode becomes the normal mode.
  • FIG. 1 is a block diagram of an electronic device within a network environment according to one embodiment.
  • Figure 2 is a block diagram of an electronic device according to one embodiment.
  • FIG. 3 is a diagram showing a storage area of a first memory according to one embodiment.
  • FIG. 4 is a diagram illustrating a UEFI BIOS-CSME Recovery Solution according to one embodiment.
  • FIG. 5a is a diagram for explaining a backup operation when the CSME operation mode is a normal operation mode and the BIOS operation mode is not an update mode according to one embodiment.
  • FIG. 5b is a diagram for explaining a backup operation when the CSME operation mode is a normal operation mode and the BIOS operation mode is an update mode according to one embodiment.
  • FIG. 5c is a diagram for explaining a restoration operation when the CSME operation mode according to one embodiment is not a normal operation mode.
  • FIG. 6 is a flowchart illustrating a CSME operation mode restoration operation using BIOS in an electronic device according to one embodiment.
  • FIG. 7a is a flowchart illustrating a backup operation when the BIOS operation mode is an update mode and when the CSME operation mode is a normal operation mode in an electronic device according to one embodiment.
  • FIG. 7b is a flowchart illustrating a restoration operation when the CSME operation mode is not a normal operation mode in an electronic device according to one embodiment.
  • FIG. 8 is a diagram showing an example of a boot screen when restoring the CSME operation mode from an abnormal mode to a normal mode according to one embodiment.
  • FIG. 1 is a block diagram of an electronic device (101) within a network environment (100) according to one embodiment.
  • an electronic device (101) may communicate with an electronic device (102) via a first network (198) (e.g., a short-range wireless communication network), or may communicate with at least one of an electronic device (104) or a server (108) via a second network (199) (e.g., a long-range wireless communication network).
  • the electronic device (101) may communicate with the electronic device (104) via the server (108).
  • the electronic device (101) may include a processor (120), a memory (130), an input module (150), an audio output module (155), a display module (160), an audio module (170), a sensor module (176), an interface (177), a connection terminal (178), a haptic module (179), a camera module (180), a power management module (188), a battery (189), a communication module (190), a subscriber identification module (196), or an antenna module (197).
  • the electronic device (101) may omit at least one of these components (e.g., the connection terminal (178)), or may have one or more other components added.
  • some of these components e.g., the sensor module (176), the camera module (180), or the antenna module (197) may be integrated into one component (e.g., the display module (160)).
  • the processor (120) may control at least one other component (e.g., a hardware or software component) of the electronic device (101) connected to the processor (120) by executing, for example, software (e.g., a program (140)), and may perform various data processing or calculations.
  • the processor (120) may store a command or data received from another component (e.g., a sensor module (176) or a communication module (190)) in a volatile memory (132), process the command or data stored in the volatile memory (132), and store the resulting data in a non-volatile memory (134).
  • the processor (120) may include a main processor (121) (e.g., a central processing unit or an application processor) or a secondary processor (123) (e.g., a graphics processing unit, a neural processing unit (NPU), an image signal processor, a sensor hub processor, or a communication processor) that can operate independently or together therewith.
  • a main processor (121) e.g., a central processing unit or an application processor
  • a secondary processor (123) e.g., a graphics processing unit, a neural processing unit (NPU), an image signal processor, a sensor hub processor, or a communication processor
  • the secondary processor (123) may be configured to use less power than the main processor (121) or to be specialized for a specified function.
  • the secondary processor (123) may be implemented separately from the main processor (121) or as a part thereof.
  • the auxiliary processor (123) may control at least a part of functions or states associated with at least one component (e.g., a display module (160), a sensor module (176), or a communication module (190)) of the electronic device (101), for example, on behalf of the main processor (121) while the main processor (121) is in an inactive (e.g., sleep) state, or together with the main processor (121) while the main processor (121) is in an active (e.g., application execution) state.
  • the auxiliary processor (123) e.g., an image signal processor or a communication processor
  • the auxiliary processor (123) may include a hardware structure specialized for processing artificial intelligence models.
  • the artificial intelligence models may be generated through machine learning. This learning can be performed, for example, in the electronic device (101) itself where the artificial intelligence model is executed, or can be performed through a separate server (e.g., server (108)).
  • the learning algorithm can include, for example, supervised learning, unsupervised learning, semi-supervised learning, or reinforcement learning, but is not limited to the examples described above.
  • the artificial intelligence model can include a plurality of artificial neural network layers.
  • the artificial neural network can be one of a deep neural network (DNN), a convolutional neural network (CNN), a recurrent neural network (RNN), a restricted Boltzmann machine (RBM), a deep belief network (DBN), a bidirectional recurrent deep neural network (BRDNN), deep Q-networks, or a combination of two or more of the above, but is not limited to the examples described above.
  • the artificial intelligence model can additionally or alternatively include a software structure.
  • the memory (130) can store various data used by at least one component (e.g., processor (120) or sensor module (176)) of the electronic device (101).
  • the data can include, for example, software (e.g., program (140)) and input data or output data for commands related thereto.
  • the memory (130) can include volatile memory (132) or non-volatile memory (134).
  • the program (140) may be stored as software in the memory (130) and may include, for example, an operating system (142), middleware (144), or an application (146).
  • the input module (150) can receive commands or data to be used in a component of the electronic device (101) (e.g., a processor (120)) from an external source (e.g., a user) of the electronic device (101).
  • the input module (150) can include, for example, a microphone, a mouse, a keyboard, a key (e.g., a button), or a digital pen (e.g., a stylus pen).
  • the audio output module (155) can output audio signals to the outside of the electronic device (101).
  • the audio output module (155) can include, for example, a speaker or a receiver.
  • the speaker can be used for general purposes, such as multimedia playback or recording playback.
  • the receiver can be used to receive incoming calls. According to one embodiment, the receiver can be implemented separately from the speaker or as part of the speaker.
  • the display module (160) can visually provide information to an external party (e.g., a user) of the electronic device (101).
  • the display module (160) may include, for example, a display, a holographic device, or a projector and a control circuit for controlling the device.
  • the display module (160) may include a touch sensor configured to detect a touch, or a pressure sensor configured to measure the intensity of a force generated by the touch.
  • the audio module (170) can convert sound into an electrical signal, or vice versa, convert an electrical signal into sound. According to one embodiment, the audio module (170) can acquire sound through the input module (150), output sound through the sound output module (155), or an external electronic device (e.g., electronic device (102)) (e.g., speaker or headphone) directly or wirelessly connected to the electronic device (101).
  • an external electronic device e.g., electronic device (102)
  • speaker or headphone directly or wirelessly connected to the electronic device (101).
  • the sensor module (176) can detect the operating status (e.g., power or temperature) of the electronic device (101) or the external environmental status (e.g., user status) and generate an electrical signal or data value corresponding to the detected status.
  • the sensor module (176) can include, for example, a gesture sensor, a gyro sensor, a barometric pressure sensor, a magnetic sensor, an acceleration sensor, a grip sensor, a proximity sensor, a color sensor, an IR (infrared) sensor, a biometric sensor, a temperature sensor, a humidity sensor, or an illuminance sensor.
  • the interface (177) may support one or more designated protocols that may be used to directly or wirelessly connect the electronic device (101) with an external electronic device (e.g., the electronic device (102)).
  • the interface (177) may include, for example, a high definition multimedia interface (HDMI), a universal serial bus (USB) interface, an SD card interface, or an audio interface.
  • HDMI high definition multimedia interface
  • USB universal serial bus
  • SD card interface Secure Digital Card
  • connection terminal (178) may include a connector through which the electronic device (101) may be physically connected to an external electronic device (e.g., electronic device (102)).
  • the connection terminal (178) may include, for example, an HDMI connector, a USB connector, an SD card connector, or an audio connector (e.g., a headphone connector).
  • a haptic module (179) can convert electrical signals into mechanical stimuli (e.g., vibration or movement) or electrical stimuli that a user can perceive through tactile or kinesthetic sensations.
  • the haptic module (179) can include, for example, a motor, a piezoelectric element, or an electrical stimulation device.
  • the camera module (180) can capture still images and videos.
  • the camera module (180) may include one or more lenses, image sensors, image signal processors, or flashes.
  • the power management module (188) can manage power supplied to the electronic device (101).
  • the power management module (188) can be implemented as, for example, at least a part of a power management integrated circuit (PMIC).
  • PMIC power management integrated circuit
  • a battery (189) may power at least one component of the electronic device (101).
  • the battery (189) may include, for example, a non-rechargeable primary battery, a rechargeable secondary battery, or a fuel cell.
  • the communication module (190) may support the establishment of a direct (e.g., wired) communication channel or a wireless communication channel between the electronic device (101) and an external electronic device (e.g., electronic device (102), electronic device (104), or server (108)), and the performance of communication through the established communication channel.
  • the communication module (190) may operate independently from the processor (120) (e.g., application processor) and may include one or more communication processors that support direct (e.g., wired) communication or wireless communication.
  • the communication module (190) may include a wireless communication module (192) (e.g., a cellular communication module, a short-range wireless communication module, or a global navigation satellite system (GNSS) communication module) or a wired communication module (194) (e.g., a local area network (LAN) communication module, or a power line communication module).
  • a wireless communication module (192) e.g., a cellular communication module, a short-range wireless communication module, or a global navigation satellite system (GNSS) communication module
  • GNSS global navigation satellite system
  • wired communication module (194) e.g., a local area network (LAN) communication module, or a power line communication module.
  • the corresponding communication module can communicate with an external electronic device (104) via a first network (198) (e.g., a short-range communication network such as Bluetooth, wireless fidelity (WiFi) direct, or infrared data association (IrDA)) or a second network (199) (e.g., a long-range communication network such as a legacy cellular network, a 5G network, a next-generation communication network, the Internet, or a computer network (e.g., a LAN or WAN)).
  • a first network (198) e.g., a short-range communication network such as Bluetooth, wireless fidelity (WiFi) direct, or infrared data association (IrDA)
  • a second network (199) e.g., a long-range communication network such as a legacy cellular network, a 5G network, a next-generation communication network, the Internet, or a computer network (e.g., a LAN or WAN)
  • a computer network e.g., a
  • the wireless communication module (192) can verify or authenticate the electronic device (101) within a communication network such as the first network (198) or the second network (199) by using subscriber information (e.g., an international mobile subscriber identity (IMSI)) stored in the subscriber identification module (196).
  • subscriber information e.g., an international mobile subscriber identity (IMSI)
  • the wireless communication module (192) can support 5G networks and next-generation communication technologies following the 4G network, such as NR access technology (new radio access technology).
  • the NR access technology can support high-speed transmission of high-capacity data (eMBB (enhanced mobile broadband)), minimization of terminal power and connection of multiple terminals (mMTC (massive machine type communications)), or high reliability and low latency (URLLC (ultra-reliable and low-latency communications)).
  • eMBB enhanced mobile broadband
  • mMTC massive machine type communications
  • URLLC ultra-reliable and low-latency communications
  • the wireless communication module (192) can support, for example, a high-frequency band (e.g., mmWave band) to achieve a high data transmission rate.
  • a high-frequency band e.g., mmWave band
  • the wireless communication module (192) can support various technologies for securing performance in a high-frequency band, such as beamforming, massive multiple-input and multiple-output (MIMO), full dimensional MIMO (FD-MIMO), array antenna, analog beam-forming, or large scale antenna.
  • the wireless communication module (192) can support various requirements specified in the electronic device (101), an external electronic device (e.g., the electronic device (104)), or a network system (e.g., the second network (199)).
  • the wireless communication module (192) may support a peak data rate (e.g., 20 Gbps or more) for eMBB realization, a loss coverage (e.g., 164 dB or less) for mMTC realization, or a U-plane latency (e.g., 0.5 ms or less for downlink (DL) and uplink (UL), or 1 ms or less for round trip) for URLLC realization.
  • a peak data rate e.g., 20 Gbps or more
  • a loss coverage e.g., 164 dB or less
  • U-plane latency e.g., 0.5 ms or less for downlink (DL) and uplink (UL), or 1 ms or less for round trip
  • the antenna module (197) can transmit or receive signals or power to or from an external device (e.g., an external electronic device).
  • the antenna module (197) may include an antenna including a radiator formed of a conductor or a conductive pattern formed on a substrate (e.g., a PCB).
  • the antenna module (197) may include a plurality of antennas (e.g., an array antenna). In this case, at least one antenna suitable for a communication method used in a communication network, such as the first network (198) or the second network (199), may be selected from the plurality of antennas, for example, by the communication module (190). A signal or power may be transmitted or received between the communication module (190) and an external electronic device via the selected at least one antenna.
  • another component e.g., a radio frequency integrated circuit (RFIC)
  • RFIC radio frequency integrated circuit
  • the antenna module (197) may form a mmWave antenna module.
  • the mmWave antenna module may include a printed circuit board, an RFIC disposed on or adjacent to a first side (e.g., a bottom side) of the printed circuit board and capable of supporting a designated high-frequency band (e.g., a mmWave band), and a plurality of antennas (e.g., an array antenna) disposed on or adjacent to a second side (e.g., a top side or a side side) of the printed circuit board and capable of transmitting or receiving signals in the designated high-frequency band.
  • a first side e.g., a bottom side
  • a plurality of antennas e.g., an array antenna
  • At least some of the above components can be interconnected and exchange signals (e.g., commands or data) with each other via a communication method between peripheral devices (e.g., a bus, GPIO (general purpose input and output), SPI (serial peripheral interface), or MIPI (mobile industry processor interface)).
  • peripheral devices e.g., a bus, GPIO (general purpose input and output), SPI (serial peripheral interface), or MIPI (mobile industry processor interface)).
  • commands or data may be transmitted or received between the electronic device (101) and an external electronic device (104) via a server (108) connected to a second network (199).
  • Each of the external electronic devices (102 or 104) may be the same or a different type of device as the electronic device (101).
  • all or part of the operations executed in the electronic device (101) may be executed in one or more of the external electronic devices (102, 104, or 108). For example, when the electronic device (101) is to perform a certain function or service automatically or in response to a request from a user or another device, the electronic device (101) may, instead of or in addition to executing the function or service by itself, request one or more external electronic devices to perform the function or at least a part of the service.
  • One or more external electronic devices that receive the request may execute at least a portion of the requested function or service, or an additional function or service related to the request, and transmit the result of the execution to the electronic device (101).
  • the electronic device (101) may process the result as is or additionally and provide it as at least a portion of a response to the request.
  • cloud computing, distributed computing, mobile edge computing (MEC), or client-server computing technology may be used, for example.
  • the electronic device (101) may provide an ultra-low latency service by using distributed computing or mobile edge computing, for example.
  • the external electronic device (104) may include an Internet of Things (IoT) device.
  • the server (108) may be an intelligent server utilizing machine learning and/or a neural network.
  • the external electronic device (104) or the server (108) may be included in the second network (199).
  • the electronic device (101) can be applied to intelligent services (e.g., smart home, smart city, smart car, or healthcare) based on 5G communication technology and IoT-related technology.
  • Figure 2 is a block diagram of an electronic device according to one embodiment.
  • an electronic device (201) may include at least one processor (220) and at least one memory (230).
  • the electronic device (201) according to an embodiment is not limited thereto and may further include all or part of the electronic device (101) illustrated in FIG. 1.
  • At least one processor (220) may include a main processor (221) (e.g., a first processor or a central processing unit (CPU) or an application processor (AP)) and a security and management processor (223) (e.g., a second processor or a converged security and management engine (CSME) or a CSME processor or a platform security processor (PSP).
  • main processor (221) e.g., a first processor or a central processing unit (CPU) or an application processor (AP)
  • a security and management processor e.g., a second processor or a converged security and management engine (CSME) or a CSME processor or a platform security processor (PSP).
  • CSME converged security and management engine
  • PSP platform security processor
  • At least one memory (230) may store commands that are individually or collectively executed by at least one processor (220). At least one memory (230) according to an embodiment may store commands that, when individually or collectively executed by at least one processor (220), cause the electronic device (201) to execute BIOS firmware (22) and CSME firmware (24) stored in at least one memory (230) based on the power-on of the electronic device (201), identify whether the CSME operation mode by the execution of the CSME firmware (24) is a normal mode based on the execution of the BIOS firmware (22), and, if the CSME operation mode is a normal mode, perform a backup by acquiring a first backup image corresponding to the normal mode and storing it in a designated storage area of at least one memory (230), and, if the CSME operation mode is not a normal mode, perform a restoration by using the second backup image by acquiring a second backup image stored in the designated storage area so that the CSME operation mode becomes the normal mode.
  • At least one memory (230) may include a first memory (231), a second memory (232), and a third memory (236).
  • the first memory (231) may include a ROM (read only memory).
  • the first memory (231) may include a SPI (serial peripheral interface bus) ROM.
  • the first memory (231) may store BIOS firmware (22) and CSME firmware (24).
  • the first memory (231) may store the BIOS firmware (22) in a first storage area of the first memory (231) and store the CSME firmware (24) in a second storage area independent of the first storage area of the first memory (231).
  • the BIOS firmware (22) and the CSME firmware (24) may each be stored in separate memories.
  • the second memory (232) may include a random access memory (RAM).
  • the second memory (232) may include a main memory primarily used by the main processor (221).
  • the second memory (232) according to one embodiment may provide a storage area where BIOS firmware (22) can be loaded and executed and a storage area where OS execution and user data can be loaded and used.
  • the third memory (236) may include a hard drive disk (HDD) memory or a solid state drive (SSD) memory.
  • the third memory (236) may store an OS and user data.
  • the third memory (236) according to one embodiment may provide a storage area for storing backup data acquired in a normal mode of CSME operation by execution of the CSME firmware (24) of the security and management processor (223).
  • the main processor (221) may load and execute BIOS (basic input output system) firmware (22) stored in the first memory (231) based on the power-on of the electronic device (201).
  • BIOS firmware (22) may be firmware for controlling all hardware and software mounted on the electronic device (201), and may control booting (e.g., booting method and order), overclocking, and/or power of the electronic device (201).
  • the BIOS firmware (22) according to one embodiment may define a booting method of the electronic device (201), a booting drive, a recognized peripheral device, and a frequency, and may be executed by the main processor (221) before booting of the operating system (OS) so that the main processor (221) may perform an operation by the BIOS firmware (22).
  • the BIOS firmware (22) may include legacy firmware or unified extensible firmware interface (UEFI) BIOS firmware.
  • UEFI BIOS firmware may be firmware that includes the functions of existing BIOS firmware (e.g., legacy BIOS firmware) but has enhanced functions.
  • UEFI BIOS firmware can display visual objects using graphics and icons, unlike legacy BIOS firmware that displays text, can support larger partitions and drives than legacy BIOS firmware, can include more useful detailed setup menus than legacy BIOS firmware, can support secure boot, and can have a faster boot process.
  • the security and management processor (223) can load and execute the CSME firmware (24) (or the security and management firmware or the PSP firmware) stored in the first memory (231) based on the power-on of the electronic device (201) independently from the main processor (221).
  • the CSME firmware (24) can provide the platform trust technology (PTT) of the electronic device (201), secure boot, Intel virtualization technology for directed I/O, anti-theft function, temperature, voltage, current, and/or fan control function, DRM function, network remote management function, and/or remote control function.
  • PTT platform trust technology
  • the main processor (221) can identify whether the CSME operation mode by the execution of the CSME firmware (24) of the security and management processor (223) is a normal mode while performing a BIOS function (e.g., booting) by executing the BIOS firmware (22).
  • the security and management processor (223) can detect an abnormal operation due to a combination of reasons such as an update error of the CSME firmware (24), a one-time operation error of the security and management processor (223), a defect in at least some hardware included in the electronic device (201), etc., during an operation by the CSME firmware (24) (e.g., the CSME normal operation mode).
  • the security and management processor (223) can operate in the CSME abnormal mode (or CSME abnormal mode) when an abnormal operation is detected. According to an embodiment, the security and management processor (223) may not be able to provide other functions except for a specified basic function (e.g., a secure boot function) when operating in the CSME abnormal mode.
  • a specified basic function e.g., a secure boot function
  • the main processor (221) may perform a backup by acquiring a first backup image corresponding to the CSME normal mode of the security and management processor (223) when the CSME operation mode of the security and management processor (223) is the normal mode and storing the first backup image in a designated storage area of at least one memory (230).
  • the main processor (221) may request the security and management processor (223) for a first backup image corresponding to the CSME normal mode when the CSME operation mode of the security and management processor (223) is the normal mode, and may acquire the first backup image corresponding to the CSME normal mode from the security and management processor (223) and store the first backup image in a designated storage area (e.g., a recovery path) of the third memory (236).
  • the recovery path may be designated to be located in a system partition of a storage area where an OS is installed.
  • the recovery path may be located in a system partition of a storage area where a Windows operating system is installed.
  • the recovery path may be differently specified for each model of the electronic device (201) or each version of the CSME firmware (24).
  • the recovery path may be differently specified for each model of the electronic device (201) or each version of the CSME firmware (24), so that when the third memory (236) used in the electronic device (201) is mounted and used in another electronic device (not shown), the backup image of the recovery path associated with the electronic device (201) may be prevented from being used in the other electronic device.
  • the recovery path may be specified as "/CSME_REC/A_10.0.0.1.bin”
  • the recovery path may be specified as "/CSME_REC/B_11.0.0.2.bin”.
  • the main processor (221) can identify whether the BIOS operation mode is the update mode if the CSME operation mode of the security and management processor (223) is the normal mode.
  • the main processor (221) can receive update data of the BIOS firmware (24) from an external server (e.g., 108) and store it in the third memory (236).
  • the update data of the BIOS firmware (24) can include data for updating the BIOS firmware (24), and when an update to a new version of the CSME firmware is required, the payload of the update data of the BIOS firmware (24) can include CSME update data for updating the CSME firmware (22) to the new version of the CSME firmware.
  • the main processor (221) may operate in a BIOS update mode (or update mode) if update data for the BIOS firmware (24) exists in the third memory (236) when executing the BIOS firmware (22).
  • the main processor (221) may operate in a mode other than the update mode (e.g., normal mode) when update data for the BIOS firmware (24) does not exist in the third memory (236) when executing the BIOS firmware (22) or when the update data for the BIOS firmware (24) is not new update data.
  • the main processor (221) may acquire a first backup image corresponding to the CSME normal mode and store it in a designated storage area of the third memory (236) when the CSME operation mode of the security and management processor (223) is the normal mode and the BIOS operation mode is not the update mode.
  • the main processor (221) can identify (or confirm) whether the payload of the update data of the BIOS firmware (24) includes CSME update data for updating the CSME firmware (22) to a new version of the CSME firmware if the CSME operation mode of the security and management processor (223) is the normal mode and the BIOS operation mode is the update mode.
  • the main processor (221) can obtain a first backup image corresponding to the CSME normal mode of the CSME firmware (22) and store it in a designated storage area of the third memory (236) if the CSME operation mode is the normal mode and the BIOS operation mode is the update mode and the update data of the BIOS firmware (24) does not include CSME update data.
  • the main processor (221) may use the CSME update data to update the CSME firmware (22) to a new version of the CSME firmware if the CSME operation mode is the normal mode and the BIOS operation mode is the update mode, and the update data of the BIOS firmware (24) includes CSME update data, and may obtain a backup image (e.g., a third backup image) corresponding to the CSME normal mode of the new version of the CSME firmware after the update and store it in another designated storage area of the third memory (236).
  • the main processor (221) may identify that the CSME operation mode is not the normal mode (e.g., a recovery mode or a restoration mode).
  • the main processor (221) may obtain a second backup image stored in a designated storage area of the third memory (236) when the security and management processor (223) operates in the normal mode if the CSME operation mode is not the normal mode (e.g., the recovery mode or the restoration mode). In one embodiment, the main processor (221) may provide the second backup image to the security and management processor (223) to control the security and management processor (223) to restore the CSME operation mode to the normal mode. In one embodiment, the main processor (221) may receive information indicating the performance status of the restoration (e.g., the current restoration data amount among the total restoration data amount) from the security and management processor (223) while the security and management processor (223) restores the CSME operation mode to the normal mode.
  • the performance status of the restoration e.g., the current restoration data amount among the total restoration data amount
  • An electronic device (201) may further include a display (e.g., the display module (160) of FIG. 1), although not shown in FIG. 2, and a main processor (221) according to one embodiment may visually provide information to an external party (e.g., a user) of the electronic device (201) through the display.
  • the main processor (221) may display information indicating the status of restoration on the display when the restoration execution time by the security and management processor (223) exceeds a specified time period.
  • An electronic device (e.g., an electronic device (101) of FIG. 1 or an electronic device (201) of FIG. 2) according to an embodiment of the present disclosure may include at least one memory (e.g., a memory (130) of FIG. 1 or a memory (230) of FIG. 2)) storing commands, and at least one processor (e.g., a processor (120) of FIG. 1 or a processor (220) of FIG. 2) operatively connected to the at least one memory.
  • the commands when individually or collectively executed by the at least one processor, may cause the electronic device to execute BIOS firmware and CSME firmware stored in the at least one memory based on power-on of the electronic device.
  • the commands when individually or collectively executed by the at least one processor, may cause the electronic device to identify whether a CSME operation mode by execution of the CSME firmware is a normal mode based on execution of the BIOS firmware.
  • the above commands when individually or collectively executed by the at least one processor, may cause the electronic device to, if the CSME operation mode is the normal mode, obtain a first backup image corresponding to the normal mode and store the first backup image in a designated storage area of the at least one memory.
  • the above commands when individually or collectively executed by the at least one processor, may cause the electronic device to, if the CSME operation mode is not the normal mode, obtain a second backup image stored in the designated storage area and perform restoration using the second backup image so that the CSME operation mode becomes the normal mode.
  • the at least one memory may include a first memory, a second memory, and a third memory.
  • the first memory may include the BIOS firmware and the CSME firmware
  • the second memory may provide a storage area for executing the BIOS firmware
  • the third memory may provide the designated storage area.
  • the at least one processor may include a main processor that loads the BIOS firmware from the first memory to the second memory based on the power-on of the electronic device and executes the BIOS firmware.
  • the at least one processor may include a security and management processor that loads the CSME firmware from the first memory and executes it based on the power-on of the electronic device.
  • the electronic device may further include a communication circuit.
  • the instructions according to one embodiment when individually or collectively executed by at least one processor, may cause the electronic device to receive BIOS update data from an external electronic device via the communication circuit and store the BIOS update data in the second memory.
  • the commands according to one embodiment when individually or collectively executed by the at least one processor, may cause the electronic device to obtain the first backup image corresponding to the normal mode and store the first backup image in the designated storage area, if the CSME operation mode is the normal operation mode and the BIOS operation mode by execution of the BIOS firmware is not an update mode.
  • the commands when individually or collectively executed by the at least one processor, may cause the electronic device to identify an update of the CSME firmware using CSME update data included in BIOS update data if the CSME operation mode is the normal operation mode and the BIOS operation mode by execution of the BIOS firmware is an update mode.
  • the commands when individually or collectively executed by the at least one processor, may cause the electronic device to obtain a third backup image corresponding to the normal mode of the updated CSME firmware and store the third backup image in another designated storage area of the at least one memory if the update of the CSME firmware is successful.
  • the BIOS firmware may include a function module for restoring the SME operation mode.
  • the functional module may include a CSME control module, a main control module, and a file system control module.
  • the commands according to one embodiment when individually or collectively executed by the at least one processor, may cause the electronic device to identify, through the CSME control module, whether the CSME operation mode by execution of the CSME firmware is the normal mode.
  • the commands, when individually or collectively executed by the at least one processor, may cause the electronic device to obtain, through the CSME control module, a first backup image corresponding to the normal mode if the CSME operation mode is the normal mode, transmit the first backup image to the file system control module through the main control module, and store the first backup image in the designated storage area through the file system control module.
  • the above commands when individually or collectively executed by the at least one processor, may cause the electronic device to obtain a second backup image stored in the designated storage area through the file system control module if the CSME operation mode is not the normal mode, transfer the second backup image to the CSME control module through the main control module, and perform restoration using the second backup image through the CSME control module.
  • the electronic device may further include a display.
  • the instructions when individually or collectively executed by the at least one processor, may cause the electronic device to display information indicating the status of the restoration on the display when the time period for performing the restoration exceeds a specified time period.
  • the BIOS firmware may include UEFI BIOS firmware.
  • FIG. 3 is a diagram illustrating a storage area of a first memory according to an embodiment.
  • the first memory (231) may include a flash descriptor region, a CSE region (CES region) (302), and a BIOS region (BIOS region) (304).
  • the flash descriptor region may include information indicating the CES region (302) and the BIOS region (304) of the first memory (231).
  • the CES region (302) and the BIOS region (304) according to an embodiment may be independent regions.
  • the CES region (302) according to an embodiment may include CSME firmware (22).
  • the BIOS region (304) according to an embodiment may include BIOS firmware (24).
  • the CES region (302) according to an embodiment may include a CSE layout table, boot partition1, an ME data partition, boot partition2, and boot partition3.
  • a security and management processor (223) may operate by loading data (e.g., CSE layout table, boot partition1, ME data partition, boot partition2, boot partition3) of a CES region (302) corresponding to the CSME firmware (24) of a first memory (231) based on power-on.
  • a security and management processor (223) may detect abnormal operation due to a complex reason such as an update error of the CSME firmware (24), a one-time operation error of the security and management processor (223), a defect in at least some hardware included in the electronic device (201), etc. during an operation (e.g., CSME normal operation mode) using data of the CES region (302).
  • the security and management processor (223) may perform backup functions (e.g., code resiliency function and/or data resiliency function) only for some functions (e.g., basic functions (boot partition1 and ME data partition)) when abnormal operation is detected, but may provide the main processor (221) with a first backup image for all functions operating in the normal mode of the CSME firmware (24) in the CSME normal mode so that the first backup image is stored in a designated storage area of the third memory (230).
  • the main processor (221) may identify whether the security and management processor (223) is in the CSME normal mode at each boot performed after the first backup image is stored in the designated storage area of the third memory (230).
  • the main processor (221) may provide the first backup image stored in the designated storage area of the third memory (230) to the security and management processor (223) if the operating mode of the security and management processor (223) is identified as not being the CSME normal mode after the first backup image is stored in the designated storage area of the third memory (230).
  • the security and management processor (223) may restore the CSME operating mode to the normal mode by using the first backup image received from the main processor (221) if the operating mode is not the CSME normal mode.
  • FIG. 4 is a diagram illustrating a UEFI BIOS-CSME Recovery Solution according to one embodiment.
  • the BIOS firmware (24) may include a UEFI BIOS-CSME Recovery Solution (400), which is a CSME operation mode recovery function module (or software module) as part of the BIOS firmware (24).
  • the UEFI BIOS-CSME Recovery Solution (400) may include commands (or software modules (e.g., 410, 420, 430)) that, when executed by the main processor (221), cause the electronic device (201) to identify whether the CSME operation mode by the execution of the CSME firmware (24) is the normal mode based on the execution of the BIOS firmware (22) based on the power-on of the electronic device (201), and, if the CSME operation mode is the normal mode, perform a backup by acquiring a first backup image corresponding to the normal mode and storing it in a designated storage area of at least one memory (230), and, if the CSME operation mode is not the normal mode, perform a restoration by using the second backup image by acquiring a second backup image stored
  • commands or software modules (e.g.,
  • the UEFI BIOS-CSME Recovery Solution (400) may include at least one control module.
  • the UEFI BIOS-CSME Recovery Solution (400) may include a main control module (410), a CSME control module (420), and a file system control module (430).
  • the main processor (221) may call the main module (410) during booting by the BIOS firmware (24), and may perform a main control operation for performing a CSME operation mode restoration function using the main module (410).
  • the main processor (221) may read a register of a chipset including at least one processor (230) using the CSME control module (420) to identify whether the CSME operation mode of the security and management (223) is a normal operation mode.
  • the main processor (221) may identify update data of the CSME firmware (24) using the CSME control module (420).
  • the main processor (221) may request the security and management processor (223) to update the CSME firmware (24) using the update data of the CSME firmware (24) through the CSME control module (420).
  • the main processor (221) may use the file system control module (430) to read a backup image stored in a designated storage area (e.g., recovery path) of the third memory (236) or store the backup image in a designated storage area (e.g., recovery path) of the third memory (236).
  • FIG. 5a is a diagram for explaining a backup operation when the CSME operation mode is a normal operation mode and the BIOS operation mode is not an update mode according to one embodiment.
  • the main processor (221) loads the BIOS firmware (22) stored in the first memory (231) into the second memory (232) based on the power-on of the electronic device (201), and may call the UEFI BIOS-CSME Recovery Solution (400) while performing a BIOS function (e.g., booting) by executing the BIOS firmware (22).
  • the main processor (221) may read the register of the chipset including at least one processor (230) using the CSME control module (420) of the UEFI BIOS-CSME Recovery Solution (400) to identify whether the CSME operation mode of the security and management processor (223) is a normal operation mode.
  • the main processor (221) can use the main control module (410) to identify whether update data of the BIOS firmware (24) exists when the CSME operation mode is the normal operation mode, and if the update data of the BIOS firmware (24) does not exist or the update data of the BIOS firmware (24) is not new update data, the main processor (221) can operate in a mode other than the update mode (e.g., normal mode).
  • the update mode e.g., normal mode
  • the main processor (221) may request the security and management processor (223) for a first backup image corresponding to the CSME normal mode using the CSME control module (420) when the CSME operation mode of the security and management processor (223) is the normal mode and the BIOS operation mode is not the update mode (1).
  • the main processor (221) may identify whether a backup image of the latest version exists in a designated storage area of the third memory (236) through the file system control module (430) when the CSME operation mode of the security and management processor (223) is the normal mode and the BIOS operation mode is not the update mode, and may request the security and management processor (223) for a first backup image corresponding to the CSME normal mode using the CSME control module (420) when the backup image of the latest version does not exist.
  • the CSME control module (420) can obtain a first backup image (510) corresponding to the CSME normal mode from the security and management processor (223) and transmit it to the main control module (410) (2).
  • the main processor (221) can transmit the first backup image (510) to the file system control module (430) via the main control module (410) (3).
  • the main processor (221) can store the first backup image (510) in a designated storage area (e.g., recovery path) of the third memory (236) using the file system control module (430) (4).
  • FIG. 5b is a diagram for explaining a backup operation when the CSME operation mode is a normal operation mode and the BIOS operation mode is an update mode according to one embodiment.
  • the main processor (221) may load the BIOS firmware (22) stored in the first memory (231) into the second memory (232) based on the power-on of the electronic device (201), and call the UEFI BIOS-CSME Recovery Solution (400) while performing a BIOS function (e.g., booting) by executing the BIOS firmware (22).
  • the main processor (221) may read the register of the chipset including at least one processor (230) using the CSME control module (420) of the UEFI BIOS-CSME Recovery Solution (400) to identify whether the CSME operation mode of the security and management processor (223) is a normal operation mode.
  • the main processor (221) can identify whether update data for the BIOS firmware (24) exists using the main control module (410) when the CSME operation mode is the normal operation mode, and can operate in the update mode if update data for the BIOS firmware (24) exists.
  • the main processor (221) can identify (or confirm) whether the payload (501) of the update data of the BIOS firmware (24) includes CSME update data (503) for updating the CSME firmware (22) to a new version of the CSME firmware by using the main control module (410) when the CSME operation mode of the security and management processor (223) is the normal mode and the BIOS operation mode is the update mode.
  • the main processor (221) can obtain the CSME update data (503) through the main control module (410) when the payload (501) of the update data of the BIOS firmware (24) includes the CSME update data (503) (1).
  • the main processor (221) may request the security and processor (223) to update the CSME firmware (22) to a new version of the CSME firmware using CSME update data through the CSME control module (420) (2).
  • the CSME control module (420) of the main processor (221) may identify the update result of the CSME firmware (22).
  • the CSME control module (420) of the main processor (221) may identify whether the update result of the CSME firmware (22) is an error.
  • the CSME control module (420) of the main processor (221) may acquire a backup image (e.g., a third backup image) corresponding to the CSME normal mode of the new version of the CSME firmware.
  • the main processor (221) can transmit a backup image (e.g., a third backup image) corresponding to the CSME normal mode of the new version of CSME firmware to the file system control module (430) through the main control module (410) (3).
  • a backup image e.g., a third backup image
  • the main processor (221) can store a third backup image (520) in a designated storage area (a storage area different from the storage area before the update) corresponding to the updated CSME firmware of the third memory (236) through the file system control module (430) (4).
  • FIG. 5c is a diagram for explaining a restoration operation when the CSME operation mode according to one embodiment is not a normal operation mode.
  • the main processor (221) loads the BIOS firmware (22) stored in the first memory (231) into the second memory (232) based on the power-on of the electronic device (201), and may call the UEFI BIOS-CSME Recovery Solution (400) while performing a BIOS function (e.g., booting) by executing the BIOS firmware (22).
  • the main processor (221) may read the register of the chipset including at least one processor (230) using the CSME control module (420) of the UEFI BIOS-CSME Recovery Solution (400) to identify whether the CSME operation mode of the security and management processor (223) is a normal operation mode (1).
  • the main processor (221) may identify the CSME operation mode as a recovery mode (or restoration mode) when the CSME operation mode is not a normal operation mode.
  • the main processor (221) can obtain the second backup image (530) stored in the designated storage area of the third memory (236) when the security and management processor (223) operates in the normal mode through the file system control module (430) if the CSME operation mode of the security and management processor (223) is not the normal mode (e.g., the recovery mode or the restoration mode) (2).
  • the main processor (221) can provide the second backup image (530) to the CSME control module (420) through the main control module (410) (3).
  • the main processor (221) may provide a second backup image (530) to the security and management processor (223) via the CSME control module (420) and request the security and management processor (223) to restore the CSME operation mode to the normal mode (4).
  • the security and management processor (223) may restore the CSME operation mode to the normal mode using the second backup image (530).
  • FIG. 6 is a flowchart illustrating a CSME operation mode restoration operation using BIOS in an electronic device according to one embodiment.
  • the operations may be performed sequentially, but are not necessarily performed sequentially.
  • the order of the operations may be changed, and at least two operations may be performed in parallel.
  • a main processor (221) of an electronic device (201) may perform at least one of operations 610 to 640.
  • the main processor (221) may load and execute BIOS (basic input output system) firmware (22) stored in the first memory (231) based on the power-on of the electronic device (201).
  • BIOS firmware (22) may be firmware for controlling all hardware and software mounted on the electronic device (201), and may control booting (e.g., booting method and order), overclocking, and/or power of the electronic device (201).
  • the BIOS firmware (22) according to an embodiment may define a booting method of the electronic device (201), a booting drive, a recognized peripheral device, and a frequency, and may be executed by the main processor (221) before booting of the operating system (OS) so that the main processor (221) may perform an operation by the BIOS firmware (22).
  • the BIOS firmware (22) may include legacy firmware or unified extensible firmware interface (UEFI) BIOS firmware.
  • UEFI BIOS firmware may be firmware that includes the functions of existing BIOS firmware (e.g., legacy BIOS firmware) but has enhanced functions.
  • UEFI BIOS firmware can display visual objects using graphics and icons, unlike legacy BIOS firmware that displays text, can support larger partitions and drives than legacy BIOS firmware, can include more useful detailed setup menus than legacy BIOS firmware, can support secure boot, and can have a faster boot process.
  • the main processor (221) can identify whether the CSME operation mode is a normal mode.
  • the main processor (221) can identify whether the CSME operation mode by the execution of the CSME firmware (24) of the security and management processor (223) is a normal mode while performing a BIOS function (e.g., booting) by executing the BIOS firmware (22).
  • a BIOS function e.g., booting
  • the security and management processor (223) can detect an abnormal operation due to a complex reason such as an update error of the CSME firmware (24), a one-time operation error of the security and management processor (223), a defect in at least some hardware included in the electronic device (201), etc., during an operation by the CSME firmware (24) (e.g., CSME normal operation mode).
  • the security and management processor (223) can operate in the CSME abnormal mode (or CSME abnormal mode) when an abnormal operation is detected.
  • the main processor (221) may perform a backup by obtaining a first backup image corresponding to the CSME normal mode of the security and management processor (223) when the CSME operation mode is the normal mode and storing the first backup image in a designated storage area of at least one memory (230).
  • the main processor (221) may request the security and management processor (223) for a first backup image corresponding to the CSME normal mode when the CSME operation mode of the security and management processor (223) is the normal mode, and may obtain the first backup image corresponding to the CSME normal mode from the security and management processor (223) and store the first backup image in a designated storage area (e.g., a recovery path) of the third memory (236).
  • the recovery path may be designated to be located in a system partition of a storage area where an OS is installed.
  • the recovery path may be located in a system partition of a storage area where a Windows operating system is installed.
  • the recovery path may be differently specified for each model of the electronic device (201) or each version of the CSME firmware (24).
  • the recovery path may be differently specified for each model of the electronic device (201) or each version of the CSME firmware (24), so that when the third memory (236) used in the electronic device (201) is mounted and used in another electronic device (not shown), the backup image of the recovery path associated with the electronic device (201) may be prevented from being used in the other electronic device.
  • the recovery path may be specified as "/CSME_REC/A_10.0.0.1.bin”
  • the recovery path may be specified as "/CSME_REC/B_11.0.0.2.bin”.
  • the main processor (221) can identify whether the BIOS operation mode is the update mode if the CSME operation mode of the security and management processor (223) is the normal mode.
  • the main processor (221) can receive update data of the BIOS firmware (24) from an external server (e.g., 108) and store it in the third memory (236).
  • the update data of the BIOS firmware (24) can include data for updating the BIOS firmware (24), and when an update to a new version of the CSME firmware is required, the payload of the update data of the BIOS firmware (24) can include CSME update data for updating the CSME firmware (22) to the new version of the CSME firmware.
  • the main processor (221) may operate in a BIOS update mode (or update mode) if update data for the BIOS firmware (24) exists in the third memory (236) when executing the BIOS firmware (22).
  • the main processor (221) may operate in a mode other than the update mode (e.g., normal mode) when update data for the BIOS firmware (24) does not exist in the third memory (236) when executing the BIOS firmware (22) or when the update data for the BIOS firmware (24) is not new update data.
  • the main processor (221) may acquire a first backup image corresponding to the CSME normal mode and store it in a designated storage area of the third memory (236) when the CSME operation mode of the security and management processor (223) is the normal mode and the BIOS operation mode is not the update mode.
  • the main processor (221) can identify (or confirm) whether the payload of the update data of the BIOS firmware (24) includes CSME update data for updating the CSME firmware (22) to a new version of the CSME firmware if the CSME operation mode of the security and management processor (223) is the normal mode and the BIOS operation mode is the update mode.
  • the main processor (221) can obtain a first backup image corresponding to the CSME normal mode of the CSME firmware (22) and store it in a designated storage area of the third memory (236) if the CSME operation mode is the normal mode and the BIOS operation mode is the update mode and the update data of the BIOS firmware (24) does not include CSME update data.
  • the main processor (221) may use the CSME update data to update the CSME firmware (22) to a new version of the CSME firmware if the CSME operation mode is the normal mode and the BIOS operation mode is the update mode, and the update data of the BIOS firmware (24) includes CSME update data, and may obtain a backup image (e.g., a third backup image) corresponding to the CSME normal mode of the new version of the CSME firmware after the update and store it in another designated storage area of the third memory (236).
  • the main processor (221) may identify that the CSME operation mode is not the normal mode (e.g., a recovery mode or a restoration mode).
  • the main processor (221) may, if the CSME operation mode is not the normal mode (e.g., if it is the recovery mode or the restoration mode), obtain the second backup image stored in the designated storage area of the third memory (236) when the security and management processor (223) operates in the normal mode, and restore the CSME operation mode to the normal mode using the second backup image.
  • the main processor (221) may receive information indicating the execution status of the restoration (e.g., the current amount of restoration data among the total amount of restoration data) from the security and management processor (223) while the security and management processor (223) restores the CSME operation mode to the normal mode.
  • the main processor (221) may display information indicating the execution status of the restoration on the display when the restoration execution time by the security and management processor (223) exceeds a designated time period.
  • a method for restoring CSME using BIOS in an electronic device may include an operation of executing BIOS firmware and CSME firmware stored in at least one memory based on power-on of the electronic device.
  • the method may include an operation of identifying whether a CSME operation mode by execution of the CSME firmware is a normal mode based on execution of the BIOS firmware. If the CSME operation mode is the normal mode, the method may include an operation of acquiring a first backup image corresponding to the normal mode and storing the first backup image in a designated storage area of the at least one memory. If the CSME operation mode is not the normal mode, the method may include an operation of acquiring a second backup image stored in the designated storage area and performing restoration using the second backup image so that the CSME operation mode becomes the normal mode.
  • the at least one memory may include a first memory, a second memory, and a third memory.
  • the first memory may include the BIOS firmware and the CSME firmware
  • the second memory may provide a storage area for executing the BIOS firmware
  • the third memory may provide the designated storage area.
  • the method may include loading the BIOS firmware from the first memory into the second memory and executing the BIOS firmware using a main processor based on the power-on of the electronic device.
  • the method may include loading the CSME firmware from the first memory and executing the CSME firmware using a security and management processor based on the power-on of the electronic device.
  • the method according to one embodiment may include receiving BIOS update data from an external electronic device via a communication circuit of the electronic device and storing the BIOS update data in the second memory.
  • the method according to one embodiment may include an operation of acquiring the first backup image corresponding to the normal mode and storing the first backup image in the designated storage area, if the CSME operation mode is the normal operation mode and the BIOS operation mode by execution of the BIOS firmware is not an update mode.
  • the method may include an operation of identifying an update of the CSME firmware using CSME update data included in BIOS update data when the CSME operation mode is the normal operation mode and the BIOS operation mode by execution of the BIOS firmware is an update mode.
  • the method may include an operation of acquiring a third backup image corresponding to the normal mode of the updated CSME firmware and storing the third backup image in another designated storage area of the at least one memory when the update of the CSME firmware is successful.
  • the BIOS firmware may include a functional module for restoring the SME operation mode.
  • the functional module may include a CSME control module, a main control module, and a file system control module.
  • the method may include an operation of identifying, through the CSME control module, whether the CSME operation mode by execution of the CSME firmware is the normal mode. If the CSME operation mode is the normal mode, the method may include an operation of obtaining a first backup image corresponding to the normal mode through the CSME control module, transmitting the first backup image to the file system control module through the main control module, and storing the first backup image in the designated storage area through the file system control module.
  • the method may include an operation of obtaining a second backup image stored in the designated storage area through the file system control module, transmitting the second backup image to the CSME control module through the main control module, and performing restoration using the second backup image through the CSME control module.
  • the method according to one embodiment may include an action of displaying information indicating a status of performing the restoration on a display of the electronic device when a time period for performing the restoration exceeds a specified time period.
  • FIG. 7a is a flowchart illustrating a backup operation in an electronic device according to an embodiment of the present invention when the CSME operation mode is the normal operation mode and the BIOS operation mode is the update mode.
  • FIG. 7b is a flowchart illustrating a restore operation in an electronic device according to an embodiment of the present invention when the CSME operation mode is not the normal operation mode.
  • the operations may be performed sequentially, but are not necessarily performed sequentially.
  • the order of the operations may be changed, and at least two operations may be performed in parallel.
  • a main processor (221) of an electronic device (201) may perform at least one of operations 710, 720, 730, 732, 734, 736, and 738.
  • the main processor (221) may load and execute BIOS (basic input output system) firmware (22) stored in the first memory (231) based on the power-on of the electronic device (201).
  • BIOS firmware (22) may be firmware for controlling all hardware and software mounted on the electronic device (201), and may control booting (e.g., booting method and order), overclocking, and/or power of the electronic device (201).
  • the BIOS firmware (22) according to one embodiment may define a booting method of the electronic device (201), a booting drive, a recognized peripheral device, and a frequency, and may be executed by the main processor (221) before booting of the operating system (OS) so that the main processor (221) performs an operation by the BIOS firmware (22).
  • the BIOS firmware (22) may include legacy firmware or unified extensible firmware interface (UEFI) BIOS firmware.
  • UEFI BIOS firmware may be firmware that includes the functions of existing BIOS firmware (e.g., legacy BIOS firmware) but has enhanced functions.
  • UEFI BIOS firmware can display visual objects using graphics and icons, unlike legacy BIOS firmware that displays text, can support larger partitions and drives than legacy BIOS firmware, can include more useful detailed setup menus than legacy BIOS firmware, can support secure boot, and can have a faster boot process.
  • the main processor (221) can identify whether the CSME operation mode is a normal mode.
  • the main processor (221) can identify whether the CSME operation mode by the execution of the CSME firmware (24) of the security and management processor (223) is a normal mode while performing a BIOS function (e.g., booting) by executing the BIOS firmware (22).
  • a BIOS function e.g., booting
  • the security and management processor (223) can detect an abnormal operation due to a complex reason such as an update error of the CSME firmware (24), a one-time operation error of the security and management processor (223), a defect in at least some hardware included in the electronic device (201), etc., during an operation by the CSME firmware (24) (e.g., the CSME normal operation mode).
  • the security and management processor (223) can operate in the CSME abnormal mode (or CSME abnormal mode) when an abnormal operation is detected.
  • the main processor (221) may perform operation 740 of FIG. 7B if the CSME operation mode of the security and management processor (223) is not the normal mode.
  • the main processor (221) may perform operation 730 if the CSME operation mode of the security and management processor (223) is the normal mode.
  • the main processor (221) can identify whether the BIOS operation mode is the update mode if the CSME operation mode of the security and management processor (223) is the normal mode.
  • the main processor (221) can receive update data of the BIOS firmware (24) from an external server (e.g., 108) and store it in the third memory (236) when an update of the BIOS firmware (24) is required during operation using the OS.
  • the update data of the BIOS firmware (24) can include data for updating the BIOS firmware (24), and when an update to a new version of the CSME firmware is required, the payload of the update data of the BIOS firmware (24) can include CSME update data for updating the CSME firmware (22) to the new version of the CSME firmware.
  • the main processor (221) may operate in a BIOS update mode (or update mode) if update data for the BIOS firmware (24) exists in the third memory (236) when executing the BIOS firmware (22).
  • the main processor (221) may operate in a mode other than the update mode (e.g., normal mode) when update data for the BIOS firmware (24) does not exist in the third memory (236) when executing the BIOS firmware (22) or when the update data for the BIOS firmware (24) is not new update data.
  • the update mode e.g., normal mode
  • the main processor (221) may identify whether a backup image corresponding to the CSME normal mode (e.g., the latest backup image) exists in the designated storage area when the CSME operation mode of the security and management processor (223) is the normal mode and the BIOS operation mode is not the update mode.
  • the main processor (221) may terminate the backup operation when a backup image corresponding to the CSME normal mode (e.g., the latest backup image) exists in the designated storage area when the CSME operation mode of the security and management processor (223) is the normal mode and the BIOS operation mode is not the update mode.
  • the main processor (221) may acquire a first backup image corresponding to the CSME normal mode and store the first backup image in a designated storage area (e.g., a recovery path) of the third memory (236) if the CSME operation mode of the security and management processor (223) is the normal mode and the BIOS operation mode is not the update mode and there is no backup image (e.g., the latest backup image) corresponding to the CSME normal mode in the designated storage area while the main processor (221) according to one embodiment is the security and management processor (223) in the normal mode and the BIOS operation mode is not the update mode.
  • a designated storage area e.g., a recovery path
  • the main processor (221) may acquire a first backup image corresponding to the CSME normal mode and store the first backup image in a designated storage area (e.g., a recovery path) of the third memory (236) while the backup image is not in the designated storage area (e.g., a recovery path) when the backup image is in the designated storage area (e.g., a recovery path) when the Windows operating system is installed.
  • the recovery path may be located in a system partition of the storage area where the Windows operating system is installed.
  • the recovery path according to one embodiment may be differently designated for each model of the electronic device (201) or each version of the CSME firmware (24).
  • the recovery path is designated differently for each model of the electronic device (201) or each version of the CSME firmware (24), when the third memory (236) used in the electronic device (201) is mounted and used in another electronic device (not shown), the backup image of the recovery path associated with the electronic device (201) can be prevented from being used in the other electronic device.
  • the recovery path can be designated as "/CSME_REC/A_10.0.0.1.bin”
  • the version of the CSME firmware of the electronic device of model B is "11.0.0.2”
  • the recovery path can be designated as "/CSME_REC/B_11.0.0.2.bin”.
  • the main processor (221) may identify CSME update data included in BIOS update data for updating the BIOS firmware (24) if the CSME operation mode of the security and management processor (223) is the normal mode and the BIOS operation mode is the update mode.
  • the main processor (221) may identify (or confirm) whether the payload of the update data of the BIOS firmware (24) includes CSME update data for updating the CSME firmware (22) to a new version of the CSME firmware.
  • the main processor (221) may obtain a first backup image corresponding to the CSME normal mode of the CSME firmware (22) and store it in a designated storage area of the third memory (236) if the CSME operation mode is the normal mode and the BIOS operation mode is the update mode and the update data of the BIOS firmware (24) does not include CSME update data.
  • the main processor (221) may obtain a backup image (e.g., a third backup image) corresponding to the CSME normal mode of the updated new version of the CSME firmware using the CSME update data if the CSME operation mode is the normal mode and the BIOS operation mode is the update mode and the update data of the BIOS firmware (24) includes CSME update data, and store the backup image in another designated storage area of the third memory (236).
  • a backup image e.g., a third backup image
  • the main processor (221) of an electronic device (201) may perform at least one of operations 740, 742, and 744.
  • the main processor (221) may identify whether a second backup image stored when the security and management processor (223) operates in the normal mode exists in the designated storage area of the third memory (236) if the CSME operation mode is not the normal mode (e.g., if it is the recovery mode or the restore mode).
  • the main processor (221) may terminate the restore operation and operate in the abnormal mode if the CSME operation mode is not the normal mode and the second backup image does not exist in the designated storage area of the third memory (236).
  • the main processor (221) may obtain a second backup image from a designated storage area of the third memory (236).
  • the main processor (221) may provide a second backup image obtained from a designated storage area of the third memory (236) to the security and management processor (223) and cause the security and management processor (223) to restore the CSME operation mode from an abnormal mode to a normal mode using the second backup image.
  • FIG. 8 is a diagram showing an example of a boot screen when restoring the CSME operation mode from an abnormal mode to a normal mode according to one embodiment.
  • the main processor (221) may receive information indicating the execution status of restoration (e.g., the current amount of restoration data among the total amount of restoration data) from the security and management processor (223) while the security and management processor (223) restores the CSME operation mode to the normal mode during booting using the BIOS firmware (22).
  • the main processor (221) may display an image or phrase (801) corresponding to the information indicating the execution status of restoration together with a boot logo (Samsung galaxy) on the boot screen (800) on a display (e.g., the display module (160)) when the execution time of restoration by the security and management processor (223) exceeds a specified time period.
  • the form and content of the image or phrase (801) corresponding to the information indicating the execution status of restoration may not be limited to the example illustrated in FIG. 8.
  • the main processor (221) checks whether the latest backup image corresponding to the CSME normal operation mode exists in a designated storage area when the security and management processor (223) is in the CSME normal operation mode at each boot using the BIOS firmware (22), and if the latest backup image corresponding to the CSME normal operation mode does not exist, the main processor (221) can store the latest backup image corresponding to the CSME normal operation mode.
  • the main processor (221) can provide convenience by reducing user intervention for recovery of the security and management processor (223) by restoring the CSME operation mode to the normal operation mode using a pre-stored backup image when the security and management processor (223) is not in the CSME normal operation mode at each boot using the BIOS firmware (22).
  • Electronic devices may take various forms. Electronic devices may include, for example, portable communication devices (e.g., smartphones), computer devices, portable multimedia devices, portable medical devices, cameras, wearable devices, or home appliances. Electronic devices according to embodiments of the present disclosure are not limited to the aforementioned devices.
  • first,” “second,” or “first” or “second” may be used merely to distinguish one component from another, and do not limit the components in any other respect (e.g., importance or order).
  • a component e.g., a first component
  • another e.g., a second component
  • functionally e.g., a third component
  • module may include a unit implemented in hardware, software, or firmware, and may be used interchangeably with terms such as logic, logic block, component, or circuit.
  • a module may be an integral component, or a minimum unit or part of such a component that performs one or more functions.
  • a module may be implemented in the form of an application-specific integrated circuit (ASIC).
  • ASIC application-specific integrated circuit
  • Various embodiments of the present disclosure may be implemented as software (e.g., a program (140)) including one or more commands stored in a storage medium (e.g., an internal memory (136) or an external memory (138)) readable by a machine (e.g., an electronic device (101)).
  • a processor e.g., a processor (120)
  • the machine e.g., an electronic device (101)
  • the one or more commands may include code generated by a compiler or code executable by an interpreter.
  • the machine-readable storage medium may be provided in the form of a non-transitory storage medium.
  • 'non-transitory' simply means that the storage medium is a tangible device and does not contain signals (e.g., electromagnetic waves), and the term does not distinguish between cases where data is stored semi-permanently or temporarily on the storage medium.
  • the method according to the various embodiments disclosed in the present document may be provided as included in a computer program product.
  • the computer program product may be traded as a product between a seller and a buyer.
  • the computer program product may be distributed in the form of a machine-readable storage medium (e.g., compact disc read only memory (CD-ROM)), or may be distributed online (e.g., downloaded or uploaded) via an application store (e.g., Play StoreTM) or directly between two user devices (e.g., smartphones).
  • an application store e.g., Play StoreTM
  • at least a portion of the computer program product may be temporarily stored or temporarily generated in a machine-readable storage medium, such as the memory of a manufacturer's server, an application store's server, or an intermediary server.
  • each component e.g., a module or a program of the above-described components may include one or more entities.
  • one or more components or operations of the aforementioned components may be omitted, or one or more other components or operations may be added.
  • a plurality of components e.g., a module or a program
  • the integrated component may perform one or more functions of each of the plurality of components identically or similarly to those performed by the corresponding component among the plurality of components prior to the integration.
  • the operations performed by a module, program, or other component may be executed sequentially, in parallel, iteratively, or heuristically, or one or more of the operations may be executed in a different order, omitted, or one or more other operations may be added.
  • a non-transitory storage medium storing commands
  • the commands are configured to cause the electronic device to perform at least one operation when executed by the electronic device, wherein the at least one operation may include: executing BIOS firmware and CSME firmware stored in the at least one memory based on power-on of the electronic device; identifying whether a CSME operation mode by execution of the CSME firmware is a normal mode based on execution of the BIOS firmware; acquiring a first backup image corresponding to the normal mode if the CSME operation mode is the normal mode and storing the first backup image in a designated storage area of the at least one memory if the CSME operation mode is not the normal mode; and acquiring a second backup image stored in the designated storage area if the CSME operation mode is not the normal mode and performing a restoration using the second backup image so that the CSME operation mode becomes the normal mode.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Quality & Reliability (AREA)
  • Stored Programmes (AREA)
  • Techniques For Improving Reliability Of Storages (AREA)

Abstract

Un dispositif électronique selon divers modes de réalisation de la présente divulgation peut comprendre au moins une mémoire pour stocker des instructions et au moins un processeur connecté fonctionnellement à la ou aux mémoires. Les instructions, lorsqu'elles sont exécutées individuellement ou collectivement par le ou les processeurs, peuvent amener le dispositif électronique à : exécuter un micrologiciel BIOS et un micrologiciel CSME stockés dans la ou les mémoires sur la base de la mise sous tension du dispositif électronique ; identifier si un mode de fonctionnement CSME par exécution du micrologiciel CSME est un mode normal sur la base de l'exécution du micrologiciel BIOS ; si le mode de fonctionnement CSME est le mode normal, acquérir une première image de sauvegarde correspondant au mode normal et stocker la première image de sauvegarde dans une zone de stockage désignée de la ou des mémoires ; et si le mode de fonctionnement CSME n'est pas le mode normal, acquérir une seconde image de sauvegarde stockée dans la zone de stockage désignée et effectuer une restauration à l'aide de la seconde image de sauvegarde de telle sorte que le mode de fonctionnement CSME devient le mode normal. L'invention peut également concerner d'autres modes de réalisation.
PCT/KR2025/011016 2024-08-01 2025-07-24 Dispositif électronique et procédé de récupération de csme à l'aide de bios dans un dispositif électronique Pending WO2026029486A1 (fr)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
KR20240102689 2024-08-01
KR10-2024-0102689 2024-08-01
KR1020240108557A KR20260019342A (ko) 2024-08-01 2024-08-13 전자 장치 및 전자 장치에서 bios를 이용한 csme 복원 방법
KR10-2024-0108557 2024-08-13

Publications (1)

Publication Number Publication Date
WO2026029486A1 true WO2026029486A1 (fr) 2026-02-05

Family

ID=98607361

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2025/011016 Pending WO2026029486A1 (fr) 2024-08-01 2025-07-24 Dispositif électronique et procédé de récupération de csme à l'aide de bios dans un dispositif électronique

Country Status (1)

Country Link
WO (1) WO2026029486A1 (fr)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20160113693A (ko) * 2014-03-28 2016-09-30 인텔 코포레이션 하드웨어 플랫폼에 대한 펌웨어의 인-시스템 프로비저닝
US9824219B2 (en) * 2014-05-23 2017-11-21 Insyde Software Corp. Electronic device having wake up verification and electronic system having the electronic device
US10795595B2 (en) * 2016-11-29 2020-10-06 Intel Corporation Technologies for lifecycle management with remote firmware
US20220091853A1 (en) * 2020-09-23 2022-03-24 Intel Corporation Technology to measure boot activity before a processor enters a working state
CN115904809A (zh) * 2022-11-29 2023-04-04 联想(北京)有限公司 一种数据恢复方法及电子设备

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20160113693A (ko) * 2014-03-28 2016-09-30 인텔 코포레이션 하드웨어 플랫폼에 대한 펌웨어의 인-시스템 프로비저닝
US9824219B2 (en) * 2014-05-23 2017-11-21 Insyde Software Corp. Electronic device having wake up verification and electronic system having the electronic device
US10795595B2 (en) * 2016-11-29 2020-10-06 Intel Corporation Technologies for lifecycle management with remote firmware
US20220091853A1 (en) * 2020-09-23 2022-03-24 Intel Corporation Technology to measure boot activity before a processor enters a working state
CN115904809A (zh) * 2022-11-29 2023-04-04 联想(北京)有限公司 一种数据恢复方法及电子设备

Similar Documents

Publication Publication Date Title
WO2022154414A1 (fr) Dispositif électronique et procédé de fonctionnement de stockage de dispositif électronique
WO2021060722A1 (fr) Dispositif électronique et procédé de commande de réinitialisation d'un circuit intégré (ic) de commande
WO2022177061A1 (fr) Dispositif électronique préchargeant une application anormale en arrière-plan, et son procédé de fonctionnement
WO2023182725A1 (fr) Appareil électronique comprenant un contrôleur pour le démarrage du système et son procédé de fonctionnement
WO2026029486A1 (fr) Dispositif électronique et procédé de récupération de csme à l'aide de bios dans un dispositif électronique
WO2023058860A1 (fr) Dispositif électronique pour le traitement d'un fichier apk à signatures multiples, et son procédé de fonctionnement
WO2022154383A1 (fr) Dispositif électronique et procédé de chargement de module de noyau du dispositif électronique
WO2022211285A1 (fr) Dispositif électronique de gestion de mémoire et procédé de fonctionnement associé
WO2022154271A1 (fr) Dispositif électronique pour effectuer un test pour détecter une défaillance d'un dispositif électronique et procédé par lequel un dispositif électronique effectue un test pour détecter une défaillance d'un dispositif électronique
WO2026029367A1 (fr) Dispositif de stockage pour stocker des informations relatives à une erreur, son procédé de fonctionnement et support de stockage
WO2025154939A1 (fr) Procédé de transmission de données et dispositif électronique pour sa mise en œuvre
WO2024186049A1 (fr) Dispositif électronique et procédé d'acquisition de données en cas de fonctionnement anormal d'un dispositif électronique
WO2025174028A1 (fr) Dispositif électronique de commande de vitesse de démarrage, procédé de fonctionnement associé et support de stockage
WO2023085589A1 (fr) Procédé de conservation de données dans une situation d'initialisation d'un dispositif électronique et dispositif électronique associé
KR20260019342A (ko) 전자 장치 및 전자 장치에서 bios를 이용한 csme 복원 방법
WO2026054335A1 (fr) Dispositif électronique, procédé et processeur pour exécuter un hyperviseur
WO2024228485A2 (fr) Dispositif électronique, procédé de garantie d'intégrité de logiciel de communication dans un dispositif électronique, et support d'enregistrement
WO2024071861A1 (fr) Procédé de mise à jour et dispositif électronique associé
WO2024071927A1 (fr) Dispositif électronique et procédé de protection de données l'utilisant
WO2024219801A2 (fr) Dispositif électronique et procédé de suppression de fichier de données d'application dans un dispositif électronique
WO2025258849A1 (fr) Dispositif électronique pour commander les performances d'un processeur sur la base d'un courant déchargé d'une batterie, et procédé mis en œuvre par celui-ci
WO2024232610A1 (fr) Dispositif électronique et procédé de commande de la luminosité d'un écran
WO2023013886A1 (fr) Dispositif électronique utilisant une autorité de séparation et son procédé de fonctionnement
WO2025110490A1 (fr) Dispositif d'utilisateur et procédé d'exécution d'application l'utilisant
WO2025147007A1 (fr) Dispositif électronique et procédé de vérification de l'intégrité de données par un dispositif électronique

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 25848827

Country of ref document: EP

Kind code of ref document: A1