Zephyr Project: MCUboot Security Part 1

MCUboot Security Part 1
By Zephyr Project
November 28, 2018

Zephyr Project member David Brown, a Senior Engineer with Linaro Ltd., shares the best practices for security in this blog post, which first ran on Brownian Motion.

This is the first in what I hope to be a series of posts about the MCUboot bootloader from a security perspective. Please note that although I work in security, I am by no means a cryptographer. I appreciate any feedback on any and all flaws in my analysis. The MCUboot Project is a secure bootloader for 32-bit MCUs. The goal of MCUboot is to define a common infrastructure for the bootloader, system flash layout on microcontroller systems, and to provide a secure bootloader that enables easy software upgrade. The essential problem that MCUboot seeks to solve is how to allow firmware updates, while still maintaining some kind of integrity and control over what firmware can be run on the device. The easiest way to prevent unauthorized firmware from running on a device is to configure the flash to be immutable. Unfortunately, this prevents potential security updates (as well as functionality improvements). MCUboot solves this by itself being a small amount of code that can be placed in an immutable section of flash. It then can verify the main code before allowing it to execute, as well as control updates to that code. MCUboot is configurable, and these configuration choices affect the security promises that MCUboot is able to make.[…]

https://www.zephyrproject.org/mcuboot-security-part-1/

https://www.davidb.org/post/mcuboot-security-1/

https://mcuboot.com/

 

MCUBoot: secure bootloader for 32-bit MCUs

MCUBoot is a secure bootloader for 32-bit MCUs. The goal of MCUBoot is to define a common infrastructure for the bootloader, system flash layout on microcontroller systems, and to provide a secure bootloader that enables easy software upgrade. MCUboot is operating system and hardware independent, and relies on hardware porting layers from the operating system it works with. Currently mcuboot works with both the Apache Mynewt, and Zephyr operating systems, but more ports are planned in the future. RIOT is currently supported as a boot target with a complete port planned.[…]

https://github.com/runtimeco/mcuboot

http://lists.runtime.co/pipermail/dev-mcuboot_lists.runtime.co/2018-January/000261.html

 

mcuboot

MCUBoot is a secure bootloader for 32-bit MCUs. The goal of MCUBoot is to define a common infrastructure for the bootloader, system flash layout on microcontroller systems, and to provide a secure bootloader that enables easy software upgrade. MCUboot is operating system and hardware independent, and relies on hardware porting layers from the operating system it works with. Currently mcuboot works with both the Apache Mynewt, and Zephyr operating systems, but more ports are planned in the future. The MCUBoot project was originally taken from the Apache Mynewt operating system, which had secure boot and software upgrade functionality instrinsic to it. Currently development is heads down on a first release of MCUboot that works across both the Zephyr operating system and Apache Mynewt operating system.[…]

https://github.com/runtimeco/mcuboot

http://connect.linaro.org/resource/bud17/bud17-100/