Firmware
All modern computer systems are defined by a combination of true hardware and special software that closely interacts with the hardware. This special software is called firmware.
The firmware is shipped with the hardware and typically considered part of the hardware. Because of its software nature, firmware is replaceable. Sometimes system management requires a replacement, for example, to enable new devices. Loading compromised firmware into your system might undo all security of that system. It has the potential to eliminate the anchor of trust on which all security assumptions are built. IBM® implements strict procedures for loading firmware into an IBM Z® or LinuxONE system: a LinuxONE system: all firmware loaded must be signed by IBM manufacturing and an IBM Z or LinuxONE system a LinuxONE system only starts if the loaded firmware is signed by IBM. That way the IBM Z and LinuxONE systems are reliable roots of trust for customer workloads.