KEMBAR78
What Is Secure Boot | PDF | Booting | Security
Scribd
Upload
4 views9 pages

What Is Secure Boot

Uploaded by

theunstoppablephenomenan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
4 views9 pages

What Is Secure Boot

Uploaded by

theunstoppablephenomenan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 9

Secure Boot for Microcontrollers

Swipe >

Fahad Bhatti
Founder Oxeltech (Embedded Development Service)
What is Secure Boot?
• A security feature in microcontrollers that ensures
the device only runs firmware that comes from a
trusted source and hasn’t been changed.

• It works by checking a digital signature before


running the firmware.

• If the firmware was tampered with or not signed


by the right key, the device won’t run it.

• Establishes a root of trust at power-up

Image Credit : www.bcallebaut.github.io


How Secure Boot Works

1. Firmware is signed during development


using a private key

2. The microcontroller stores a public key in


secure memory (unchangeable)

3. At boot, the primary bootloader verifies the


signature

4. If valid, it continues to load and run the


firmware

5. If the signature check fails, the device halts


or enters fail-safe mode
How Secure Boot Works

Image Credit : www.solcept.ch


What Secure Boot Does Not Do

• It does not prevent firmware from being read


(unless combined with encryption)

• It does not stop downgrade attacks without


rollback protection

• It does not ensure correctness of the


firmware logic
When Do I Need Secure Boot?

• To comply with IEC 62443, RED Cyber DA


(for CE certification), and similar
regulations

• To prevent unauthorized firmware updates


or malware injection

• To protect brand reputation by securing


deployed devices

• To ensure only validated software controls


critical functions
Common Weaknesses to Avoid
• Leaving debug ports (JTAG, SWD) unlocked in
production

• Allowing unsigned firmware updates via


bootloader

• Failing to protect the bootloader if it is


updatable

• Storing keys insecurely or reusing keys across


products
Organizational Measures for Secure Boot
• Keep your signing keys in a safe place (not on
shared drives)

• Only trusted people should be able to sign


firmware

• Set up clear rules for when and how to sign


new firmware

• Make sure the public key is loaded safely into


each device
We help embedded teams

• Add Secure Boot the right way


• Meet RED Cyber DA (for CE)

www.oxeltech.de

Fahad Bhatti
Founder Oxeltech
(Embedded Development Service)

You might also like