The Boot Protection Pack is a solution provided by Secure-IC to ensure a Secure Boot function. The Boot Protection Pack provides a secure root-of-trust with a high level of resistance against malevolent attacks. It ensures integrity of the SoC security features, guarantees that the firmware is genuine and ensures a secure firmware update.
Boot Protection Pack ensures secure boot functionality. The boot sequence is started when the system is turned on, the processor loads and executes a first set of instructions from an internal NVM. This first set of instructions is called bootloader and it is used to initialize Intellectual Property (IP) cores and peripherals of Securyzr sub-system and to enable the transfer of the software which is held in an external NVM to an internal Volatile Memory (VM). To prevent the system from malwares, which are mainly injected through a modification of the Operating System (OS) and the application code, the Boot Protection Pack must verify the integrity of the code fetched from the external NVM. Moreover, the binary code of some part or the whole application must remain secret to prevent from cloning or software code analysis.
Boot Protection Pack ensures secure firmware update. Indeed, the firmware update is a risky step which must respect a strict procedure to avoid the modifications of firmware by an attacker to inject malicious functions. To ensure a safe transfer from a server to the device during an update phase, the following measures must be applied:
Authenticate the device and the firmware before starting the transfer.
Verify the firmware integrity after the transfer.
Encrypt the Firmware during the transfer.
Backup the current firmware version during the transfer and the integrity verification steps.
Avoid rollback attack by verifying that the version used at the boot is the last version.