From 981e9b9c4a40e248733d45cfedc6a512bdf95f5e Mon Sep 17 00:00:00 2001 From: mudcam Date: Thu, 7 Dec 2017 10:31:22 +0100 Subject: Add proposal for new security blueprint --- security-blueprint/part-2/0_Abstract.md | 58 +++++++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+) create mode 100644 security-blueprint/part-2/0_Abstract.md (limited to 'security-blueprint/part-2/0_Abstract.md') diff --git a/security-blueprint/part-2/0_Abstract.md b/security-blueprint/part-2/0_Abstract.md new file mode 100644 index 0000000..5ebb750 --- /dev/null +++ b/security-blueprint/part-2/0_Abstract.md @@ -0,0 +1,58 @@ +# Part 2 - Secure boot + +## Abstract + + + +Domain | Improvement +--------------- | ---------------------------------------------------- +Boot-Abstract-1 | More generic and add examples (The chain of trust). + + + +**Boot Hardening**: Steps/requirements to configure the boot sequence, in order +to restrict the device from executing anything other than the approved software +image. + +In this part, we will see a series of settings that will allow us to improve +security during boot phase. For the purposes of reference and explanation, we +are providing guidance on how to configure an embedded device that runs with a +3.10.17 Linux kernel. If the integrity is not checked or if a critical error +occurs, the system must boot on a very stable backup image. + +**Requirements**: These requirements must be met even if an alternative version +of the Linux kernel is chosen. + +**Recommendations**: Detailed best practices that should be applied in order to +secure a device. Although they are not currently listed as hard requirements, +they may be upgraded to requirements status in the future. In addition, specific +operators may change some of these recommendations into requirements based on +their specific needs and objectives. + + + +Domain | Improvement +--------------- | ------------------------------------------- +Boot-Abstract-1 | Review the definition of the "boot loader". + + + +**Boot loader**: The boot loader consists of the Primary boot loader residing +in **OTP** memory, sboot, U-Boot and Secure loader residing in external flash +(NAND or SPI/NOR flash memory). The CPU on power on or reset executes the +primary boot loader. The **OTP** primary boot loader makes the necessary initial +system configuration and then loads the secondary boot loader sboot from +external flash memory to ram memory. The sboot then loads the U-Boot along with +the Secure loader. U-Boot then verifies the Kernel/system image integrity, then +loads the Kernel/system image before passing control to it. + +-------------------------------------------------------------------------------- + +## Acronyms and Abbreviations + +The following table lists the terms utilized within this part of the document. + +Acronyms or Abbreviations | Description +------------------------- | --------------------------------- +_FUSE_ | **F**ilesystem in **U**ser**S**pac**E** +_OTP_ | **O**ne-**T**ime-**P**rogrammable -- cgit 1.2.3-korg