An electronic apparatus includes: a memory; a storage configured to store a first operating system; and a processor configured to: perform booting by loading the first operating system stored in the storage to the memory, and store data, obtained based on the first operating system running, in the storage, load an obtained second operating system and the data stored in the storage to the memory, identify operation compatibility between the second operating system and the data loaded to the memory, perform booting by loading the second operating system to the memory, based on identification of normal operation compatibility, and perform booting by loading the first operating system to the memory, based on identification of abnormal operation compatibility.

A bare metal server, or other computing device, may be represented as a JSON file (extending the concept to infrastructure as code) containing hardware, firmware and software versions with links to a kickstarter file depending on the needs of an application, SKU type or some other criteria. Rather than a management node in an L2 network which has a DHCP server to IP lease and facilitate OS installation, a workflow then generates a bootstrap kernel which initializes the bare metal server with an IP address, VLAN, and network gateway which is used to reach out to the network to download and install a kernel, upgrade firmware for various hardware components like BIOS, BMC, NIC, RAID, SSD, NVME, FPGA, etc. The bootstrap kernel may further configure RAID and JBOD, flash custom images on hardware components and may further instruct the server to incrementally download and install an operating system.

A method for securely starting device software is provided, in particular an operating system, of an electronic device, wherein a plurality of successive software modules which contain software code are run by the device. The method has the steps of: a) running the first software module, b) loading the subsequent software module using the preceding software module, c) checking the software code of the subsequent software module and identifying security features using an identification scheme, d) evaluating the identified security features using a security, e) running the subsequent software module if the evaluation results in a value of trustworthiness that lies above a specified threshold, and f) running steps b) to e) for each of the subsequent software modules.

Embodiments described herein are directed to firmware policy enforcement of a computing device. For example, a security processor of the computing device is utilized to boot the computing device. During a boot session, the security processor loads and executes specialized firmware. The specialized firmware, when executed, causes the security processor to determine whether other types of firmware to be executed on the computing device is in compliance with a policy specified by the specialized firmware. Based at least on a determination that the other firmware is in compliance with the policy, the security processor executes the other firmware. Based at least on a determination that the other firmware is not in compliance with the policy, the security processor performs a mitigation with respect to the other firmware.

A method for displaying an animation by a display chip of an electronic device, which includes a non-volatile memory and a random-access memory. The display chip includes a video output register and a display register. The method includes a first static programming phase including configuring the video output register; writing n images in the memory, n being an integer higher than or equal to two; writing into the memory of a plurality of nodes, such that each node includes the address in the memory of at least one portion of an image, as well as the address of the following node in the memory, the last node including the address in the random-access memory of the first node; and configuring the display register. The method also includes a second phase in which the n images are read by the display chip by the display register, to display the animation.

For each respective virtual machine (VM) of a plurality of VMs, a distributed computing system generates a unique Application Binary Interface (ABI) for an operating system for the respective VM, compiles a software application to use the unique ABI, and installs the operating system and the compiled software application on the respective VM. A dispatcher node dispatches, to one or more VMs of the plurality of VMs that provide a service and are in the active mode, request messages for the service. Furthermore, a first host device may determine, in response to software in the first VM invoking a system call in a manner inconsistent with the unique ABI for the operating system of the first VM, that a failover event has occurred. Responsive to the failover event, the distributed computing system fails over from the first VM to a second VM.

Computer operating systems are provided that allow for applications compatibility with different OS generations. Example operating systems are designed using an adapted COM (ACOM) component architecture with immutable interfaces and their specifications within same generation, allowing freedom of components programming code implementation. That includes: modular microkernel itself comprising an interface bus component, possibility for OS concurrently run microkernels of various generations, create new components by reusing (comprising/delegating or aggregating) other binary components; special marshalling mechanism reduces header size by allowing executable file to have a single system interface instance' address pointer for dynamic functions importing without need to recompile applications earlier executables in accordance with the latest versions of OS system libraries.

A storage device for booting a host computing device includes a first storage memory region having a first storage memory controller, a second storage memory region having a second storage memory controller, and a resilient boot controller. The resilient boot controller is configured to store boot code in the first storage memory region, prevent write access by the host computing device through the first storage memory controller to the first storage memory region, detect a reset of the host computing device through the input/output interface, copy at least a portion of the boot code from the first storage memory region to the second storage memory region, responsive to detection of the reset of the host computing device, and enable read access of the copied boot code by the host computing device through the second storage memory controller of the second storage memory region, responsive to the copy operation.

In some examples, a method for performing an out-of-band security inspection of a device comprises generating a snapshot of the state of the device, storing data representing the snapshot to a non-volatile storage of the device, and storing a hash of the snapshot in a device BIOS, transitioning the power state of the device, triggering boot of a trusted diskless operating system image, providing the data representing the snapshot and the hash of the snapshot to the trusted diskless operating system image, and executing a script selected on the basis of a trigger event and the hash of the snapshot to analyse at least a portion of the non-volatile storage of the device.

The information processing apparatus includes a nonvolatile memory which is not directly accessible from an OS (Operating System) and stores a count value which indicates a remaining period of a use period, a processor which executes a process which is based on a BIOS (Basic Input Output System), and to prohibit activation of the OS in a case where the count value that the nonvolatile memory stores is a predetermined value and to execute an OS-based activation process in a case where the count value is other than the predetermined value and a count value change section which operates independently of the OS and counts and changes the count value that the nonvolatile memory stores every predetermined unit period in a case where the information processing apparatus is in a working state and the count value is other than the predetermined value.