The National Institute of Standards and Technology wants public input on a draft version of guidelines for securing servers.
The agency said the servers run Basic Input/Output System software, which it says the first major program to run when one of its computers starts up.
Areas NIST wants input on include securing BIOS update processes, unauthorized updates, developing digital signatures and integrity protection.
“While laptop and desktop computers have largely converged on a single architecture for system BIOS, server class systems have a more diverse set of architectures, and more mechanisms for updating or modifying the system BIOS,” author Andrew Regenscheid said in a release.
NIST said it also wants help in developing features where no mechanisms can get around protections.
Similar to the first guideline, released in April 2011, the new version was written for server developers and information system security professionals.
Comments on the new guidelines are due to NIST Sept. 14.
The agency recently updated its draft guidelines for a cryptographic key management system, part of a larger effort to help agencies update their cryptographic algorithms.