Abstract

Security continues to be an increasingly important concern in the design of modern systems. This white paper is based on secure boot which provides a foundation for the security architecture of a device. The paper attempts to introduce this concept and lists the processes involved, challenges faced, and best practices recommended.

 

Introduction

Connected IoT devices can be found in every aspect of modern digital life, from autonomous and connected vehicles to medical devices, smart meters, and smartwatches.

While exposing a device to the external world, trust needs to be established in the system. Hence, security is fundamental to successful adoption of connectivity. Connected devices operate in an environment where attacks The first step to ensure security at the device level is through secure boot in an IoT-embedded system. can originate from anywhere. Devices must be capable of adapting to an evolving threat landscape. With the exponential increase in connected devices and the value of data stored in them, security has to be multifaceted, “baked-in” from the lowest levels of system-onchip (SoC) design through to the applications that run on them and in communications between devices and services.

Secure Boot in an iot embedded system

The first step to ensure security at the device level is through secure boot in an IoT-embedded system

 

What is Secure Boot?

Secure boot is a process where your OS boot images and code are authenticated against a trusted hardware before they are allowed to be used in the boot process.

The hardware is set up beforehand such that it only authenticates code generated using security credentials you trust.

Secure boot is applicable for any single-use device, something that is not intended to be a general-purpose computing.

What is Secure Boot and its process

Secure Boot Digital

 

Why Is Secure Boot Important?

Secure boot is a key component of protection against physical and remote attacks and hardware and software failures.

The proliferation of IoT devices embedded into business-critical systems makes the use of secure boot an important factor in securing these devices and safeguarding their reliable operation. Any malicious code inserted into the device could make this device part of a botnet or be used as a launching pad for attacks targeting other, more sensitive systems.

Secure boot ensures a root of trust that is accomplished using a hardware state machine. The goal of a hardware root of trust is to verify that the software installed in every component of the hardware is the intended software. This way you can verify and know without a doubt whether a machine's hardware or software has been hacked or overwritten by an adversary. Thus, it helps prevent supply chain attacks, physical attacks, cloud provider vulnerabilities in hardware components, and other attack vectors by ensuring hardware and software integrity.

Why Is Secure Boot Important?

How Does It Work?

Verifying the authenticity of a bootloader is crucial for assuring and executing the rest of the boot process. Verification of the bootloader executable file is done using public/private keys. During secure development, the bootloader is digitally signed with the manufacturer’s private key.

When the bootloader firmware is installed on the device, it is checked against the embedded public key on the device to confirm that it is genuine. The same process is repeated whenever the device boots or installs an update.

Once the bootloader file is checked successfully for authenticity, the secure boot process checks the validity of the operating system and other functional applications. The signed application code is verified against the embedded public key to ensure it is genuine. If the operating system and the applications are assured, they can start running.

The series of steps involved in the secure boot process is depicted below.

secure boot process or work flow

 

To summarize, the device start-up process is initiated by a trusted bootloader file and every phase is run only after the previous phase is verified for authenticity and started successfully.

Secure boot is based on the hardware root of trust offered by OEMs.

Key chip component to accomplish the root of trust

 

Key Programming and Signing Process:

The two major implementation steps in building the secure boot process and are outlined below.

Key Programming

  • The keys are programmed into the onetime programmable eFuse region of the chip. Care must be taken to ensure that the right key is programmed as the same key will be used for the signing process. A single error in key programming will make the chip unusable for any future task.

Image Signing

  • The starting point for a trusted platform is the creation (by the developer) of a bug-free and malwarefree code base.
  • Once the developer “trusts” the code, the developer digitally signs the code so that accidental or deliberate modifications to the code base will be detected during the secure boot cycle.

Secure Boot Challenges


  • Every processor has a different mechanism to achieve root of trust. Understanding this domain is complex and involves hardware, software, and cryptography skills.
  • The key programming must be performed with zero mistakes at one shot as this is onetime programmable memory and an error may ruin the board.
  • Maintenance of keys is critical as the imagesigning process needs these keys for any firmware upgrade process.
  • There is a possibility of keys getting compromised outside the company
Secure boot challenges

Recommendations and Best Practices


Secure boot Best Practice

 

Conclusion

When properly configured, secure boot lays the foundation for a root of trust and is a requisite for system security. We believe security is an integral part of IOT adoption and connected systems. Secure boot implementation requires specific hardware capabilities. Therefore, it is critical this be factored into the early-stage design phase. Cyient offers a comprehensive range of services and solutions for securing embedded IOT devices across multiple industry verticals.

 

About Cyient

Cyient (Estd: 1991, NSE: CYIENT) is a leading global engineering and technology solutions company. We are a Design, Build, and Maintain partner for leading organizations worldwide. We leverage digital technologies, advanced analytics capabilities, and our domain knowledge and technical expertise, to solve complex business problems.

We partner with customers to operate as part of their extended team in ways that best suit their organization’s culture and requirements. Our industry focus includes aerospace and defense, healthcare, telecommunications, rail transportation, semiconductor, geospatial, industrial, and energy. We are committed to designing tomorrow together with our stakeholders and being a culturally inclusive, socially responsible, and environmentally sustainable organization.

For more information, please visit Cyient

© Cyient 2024. All Rights Reserved.

Imprint/Legal Information

Disclaimer

Privacy Policy

Cookies

Cookie settings