Secure boot is essential for secure embedded devices to prevent malicious actors from obtaining persistent runtime control, whether implemented on Internet of Things (IoT) or Electronic Control Units (ECUs) found in modern cars. Numerous public attacks on secure boot have shown, some of which by ourselves, that secure boot can be bypassed using a wide range of attack methods. Whether these attacks leverage software vulnerabilities or hardware attacks like hardware fault injection, there is a clear need across industries to harden secure boot properly.
In this talk we focus on hardening secure boot against software and hardware attacks. We leverage our decade long experience reviewing and attacking secure boot on embedded devices from different industries. We start by providing the audience with a description of the attack surface of secure boot. Then, we present our vision on secure boot design, which can be used as a starting point for a complete hardened secure boot solution. To be realistic, next to our security relevant requirements, we’ll take into account engineering costs, functional requirements and other non-security relevant requirements of secure boot. Attendees will take away a better understanding of what it takes to design secure boot securely, hopefully resulting in more secure products at reduced costs.
Download slides from the presentation here or watch the video below.