In this, the second of Curtiss-Wright's series of papers on the use of commercial-off-the-shelf (COTS) technologies to address Trusted Computing requirements, we take a look at Trusted Boot, a key strategy for ensuring that the trustworthiness of an embedded system begins with the very first software instruction at system startup in order to protect against attacks.
What does “trust” mean in an embedded module or system? Trust means no more and no less than ensuring that the system operates exactly as intended. In the context of the boot process, trust means that an embedded module only executes the boot code, operating system, and application code that it is intended to run. No more and no less. The only way to guarantee trust in this chain is to ensure that all code, from the very first instruction that a processor executes, is authentic. In other words, that the code is specifically intended by the OEM or system integrator to execute on that processor. This paper focuses particularly on establishing initial trust in the boot process and various means to do that, although many of these same techniques are also useful for extending trust to the operating system and application code.
Download the 'Trusted Boot' white paper to learn more about:
- Trusted Boot
- Intel Trusted Execution Technology (TXT) and Boot Guard
- NXP Trust Architecture for Power Architecture and Arm processors
Read more White Papers in the Trusted Computing series