Modern device trust issues

November 5, 2015 ~ hucktech ~ Leave a comment

Altaf Hussain of Freescale has a nicely-written article on device trust in Axiom:

https://twitter.com/AvnetDesignWire/status/661974412296630272

Not too long ago, a factory could close its gates and guard its doors to ensure security and safety inside. However, to get the same level of security in today’s interconnected world, a factory must also carefully protect electronic communication in and out of the factory. This type of “information security” is already happening everyday on the web – conduct a simple Google search for “trust” and you’ll notice that Hypertext Transfer Protocol Secure (HTTPS) is used to provide secure, encrypted communication. However, securing electronic communication is not enough. Factories must also guard against potential threats from unsecured information entering the physical environment (such as a USB pen drive carrying a Trojan horse brought from outside the factory). To begin evaluating who or what can be trusted, system builders and buyers of industrial networking applications must consider the following questions:

* Are the devices real or clones?
* Is the device manufactured using my components and software?
* Is this my application code and third party code I bought?
* Is this my data?
* Is this an authorized operator?

To ensure that all the answers are “YES”, there has to be a root of trust all the way from the component, through the application, to the communication link. Now the question is: how is this root of trust achieved? […]

Full article below. Also see end of article for URL to PDF edition:
http://design.avnet.com/axiom/who-can-you-trust/?UTM_Campaign=na-frs-axm-twt-aug2015

FreeScale, High Availability Boot, and U-Boot secure boot

October 10, 2015 ~ hucktech ~ Leave a comment

Freescale Semiconductor, Inc. has a few Application Notes on their implementations of a U-Boot-based Secure Boot. One of these app notes is only a few days old. Excerpt:

Secure Boot on i.MX50, i.MX53, and i.MX 6 Series using HABv4

Executing trusted and authentic code on an applications processor starts with securely booting the device. The i.MX family of applications processors provides this capability with the High Availability Boot (HAB) component of the on-chip ROM. The ROM is responsible for loading the initial program image from the boot medium. HAB enables the ROM to authenticate the program image by using digital signatures. This initial program image is usually a bootloader. HAB provides a mechanism to establish a root of trust for the remaining software components and establishes a secure state on the i.MX IC’s secure state machine in hardware. The purpose of this application note is to provide a secure boot reference for i.MX applications processors that include HABv4. It demonstrates an example for generating a signed U-Boot image and configuring the IC to run securely. It is assumed that the reader is familiar with the basics of digital signatures and public key certificates.

This document covers secure boot using i.MX6. HABv4 is present on the following i.MX processors: i.MX50, i.MX53, and i.MX 6 Series. This document applies to all HABv4 processors. Secure boot features for other processors, such as i.MX25, i.MX35, and i.MX51, which use HABv3, are documented in Secure Boot on i.MX25, i.MX35, and i.MX51 using HAB3 application note (document AN4547). Secure boot features for i.MX28 are documented in Secure Boot with i.MX28 HAB v4 application note (document AN4555). i.MX28 supports HABv4, but its boot architecture is significantly different from other processors in the i.MX family.

More information:

Click to access AN4581.pdf

Click to access AN4547.pdf

Click to access AN4555.pdf