Secure Boot in Embedded Systems

There is no surprise that the percentage of breaches involving end-user devices has doubled each year or that bad actors are shifting focus from desktop to mobile users and the internet of things (IoT). A bad actor that can alter, inject, or replace code on an IoT device might gain control of the system and access sensitive data. As a result, the need to prioritize embedded security in embedded systems has never been more urgent and the secure boot of every embedded system is a key part of any security strategy.

What is Secure Boot in Embedded Systems?

When you switch on an IoT device it begins a boot process. The boot code executes on the device chip and, either in sequence or in parallel, it also launches additional code and applications. After the boot process, the device is ready for use.

Why is Secure Boot in Embedded Systems Important?

When deployed with secure boot, embedded systems on IoT devices are safer and guaranteed free from injected, unofficial code. For manufacturers and vendors of IoT devices, this means that secure boot is a means of protecting their investment, brand, and the networks of their end-users.

• Protect an investment: Manufacturers and vendors invest significant corporate capital in developing, marketing, and supporting IoT devices. Should a device be hacked, or some code injected that impacts the safe running of the device, much of that investment may be wasted or even lost entirely. Secure boot ensures the protection of investments that a vendor makes in the device from bad actors.
• Protect a brand: The costs of any hack are measured in both the immediate impacts on revenue directly linked to the attack (developing patches, deploying OTA updates) and impacts on the reputation of the vendor as a supplier of quality, trusted IoT devices. The reputational costs of hacks can be severe and measured in terms of existing customer churn, future customer refusals, business interruption, and the development of marketing and management strategies to rebuild a damaged reputation.
• Protect a network: Many IoT devices connect to other IoT devices in addition to connecting to a private or public cloud. Should unauthorized code be allowed to execute on even one device, it could potentially impact all the devices on the network. What’s more, it could put at risk all the data that the network gathers, transfers, shares, and stores. In a world where data is invaluable, the potential impact of an insecure boot process is enormous.

Witekio’s Secure Boot in Embedded Systems Expertise

Witekio has developed deep expertise in the secure boot of embedded systems. With a two-decade track record in helping vendors secure their IoT devices across all industries, Witekio engineers understand what is required and how to deliver it to ensure that every boot on every device is secure every time.

Among the ways that Witekio adds value to IoT vendors and manufacturers are:

• Expert consultant for both client and manufacturer: Clients have a vision for their device and charge manufacturers with delivering on that vision. Getting the right secure boot package to the factory for commissioning or provisioning a unit is essential. Witekio engineers provide code that fulfills the client vision and allows the manufacturer to flash the key to the device that enables the secure boot.
• Advisors on best practices for key security: With deep expertise gained from many successfully completed projects, Witekio engineers can help clients understand and implement best practices for securing the keys that sign their embedded software. These keys, should they fall into the hands of a bad actor, can undermine all the efforts invested in securing the boot of the embedded system as a bad actor can inject correctly signed code that executes as if it is safe. Air-gapped computers are a start, but there is much more that can and should be done to secure all-important keys.
• Efficiency in moving from prototype to factory production: The experience that Witekio engineers have gained after years of working with dozens of different IoT device boards means that they can efficiently deploy secure boot packages rapidly no matter the hardware in front of them. In practice, this means that engineers ‘brick’ far fewer devices in development and accelerate the device’s time to market.

Engineers at Witekio have experience configuring secure boots for our customer’s products on system-on-chips which include NXP i.MX6/7/8, STMicro STM32MP1, Rockchip RK36xx, and Nvidia Jetson.

The secure boot of an embedded system on an IoT device is one of the key steps a vendor or manufacturer can take to safeguard their device, network, and systems from bad actors. By ensuring that only the intended code to run on the device executes, and by building a chain of trust that assures end-users that every layer of software is secure, we diminish and limit a vendor’s exposure to risk.

Witekio engineers have deep experience in developing and customizing the secure boot software of IoT devices in a range of industries. With applications in fields as diverse as medical technology, vending machines, and consumer kitchen equipment. Whether developing the code, acting as a consultant to advise on best practices for securely managing signing keys, delivering the secure boot package and key combination that will be flashed to the device by the factory, this expertise runs deep ensures that security is never an afterthought for Witekio clients.