Secure Boot#
Secure Boot focuses on assuring the integrity, authenticity and confidentiality of firmware during device boot, with the goal of enforcing control over what software may execute on the device. This prevents unauthorized malware from compromising the system, providing a safe and secure environment in which application software may run.
This section describes how DriveOS implements secure boot, and how manufacturers should configure their devices to enable DriveOS secure boot features:
Secure boot architecture overview
Signing code for release
Embedding keys at manufacturing
Revoking signing keys
Safely bypassing secure boot for diagnostics