Secure Boot


The objective was to secure the boot process by adding verification of the boot images at each stage. Hence providing boot access only to the verified image.


Signing the images with PKI keys at  build stage

Re-partitioning the NOR flash to accommodate the keys and securing the Root of trust at the NOR flash

Verifying the signatures at each stage of the boot process

Identifying fall back mechanisms in case of image verification failure


Benison team was able to bring the secure boot verification up and enable the upgrade of the signed images over network as well fresh install.


Public Key Infrastructure, Board bring-up, OpenSSL. Linux device driver, Coreboot, UBoot,