Secure boot is an important link in the chain of security for PCs. But embedded devices based on a Linux® operating environment are equally compromised if a rogue Linux image is permitted to run on them. It might seem surprising, then, that the secure boot function is not today universally implemented in Linux-based embedded devices.

Perhaps this is partly because many embedded developers continue to nurse various assumptions about secure boot – assumptions which in some cases are misleading or even downright false. In the course of MontaVista’s many conversations about security with embedded developers, five of these preconceived ideas about secure boot recur time and again.

Now a detailed examination of the five assumptions listed above is the subject of this article, in which the risks and costs associated with a breach of boot security are described, as well as the resources and tools available to help with secure boot implementation.

Authors

Iisko Lappalainen
Senior Manager Technical Pre-Sales & Solutions, MontaVista Software, LLC.

Sachin Kaushik
Senior Technical Marketing Specialist, MontaVista Software, LLC.