"Bypass the ROM" would be a custom chip, albeit a small variation. So that's not going to happen. However the boot ROM isn't actually a secret, it's right there in the memory map for the processor and as Bunnie says you can just read it out.
Given that it's a ROM and not reprogrammable, and not used after it transfers control to the user bootloader, I think it's fair to treat it more as part of the silicon than as a piece of software. It might be worth auditing for bugs in the boot assurance crypto though.
(If the hardware is malicious, it would be far simpler and less detectable to do it as a silent peripheral, possibly even a whole other processor, than in the boot ROM)
This is purely speculation, but I wouldn't be at all surprised if there was a pin-strapping method that disabled the boot ROM and caused it to be read off the EIM interface, which is probably how the ROM was debugged in the first place.
Given that it's a ROM and not reprogrammable, and not used after it transfers control to the user bootloader, I think it's fair to treat it more as part of the silicon than as a piece of software. It might be worth auditing for bugs in the boot assurance crypto though.
(If the hardware is malicious, it would be far simpler and less detectable to do it as a silent peripheral, possibly even a whole other processor, than in the boot ROM)