The availability of increasingly powerful systems-on-chips (“SoCs”) has led to growth of embedded computing. Embedded devices, popular because they facilitate mobility, are more vulnerable than enterprise devices. With the increased capability of embedded devices, the value of the information in such embedded systems has grown, and so too has the need to protect such information. Threats to embedded devices include device loss/theft, data loss/theft, cloning, reverse engineering, and denial of service.
For example, an end user, who might own only a single embedded device, is most affected by loss or theft of the device. End users may also be concerned with privacy and integrity of information stored in embedded devices. A manufacturer of an embedded system, or a software vendor that produces applications for embedded devices, may be concerned whether their source code can be stolen. If the adversary cannot steal such code, the embedded device may still be cloned by stealing the object code. An adversary can steal compiled code when an embedded device is booted (i.e., powered on) or running by inserting malware when images are initially loaded into an SoC. As an example attack, inserted malware can write loaded object code to an external port for capture to clone the embedded device. Furthermore, for example, in a denial of service attack, malware can cause an embedded device to become inoperable or unavailable.
Thus, generally two security-related tasks in embedded devices are secure boot and maintaining security during device operation. With respect to the former security-related task, it would be useful to provide security for an embedded device in order to protect against one or more of the above-mentioned threats.