The term ‘boot’ is used to describe a start-up process when power is applied to a device. A processing system has a boot process that describes a configuration sequence to start up a processing system at power-on. The most common boot techniques require the processor to wake up first, initialize itself and then initialize the rest of the system as part of a pre-determined boot sequence. Once the processor wakes up, the processor sets up initial values in the I/O and memory control registers—before access to memory or I/O can begin. The start sequence usually starts with the processor sensing some boot configuration pins during a power-on-reset to select one of the supported boot methods. In most systems, the processor boot configuration pins are hard wired to power or ground to indicate the boot method. Once the boot method is chosen, the processor will look for its initial set of configuration parameters on a pre-defined set of pins or a signal bus. In all these known techniques, the low level initial configuration values and initial boot parameters that set up the processor in the initial stages of power-on do not get validated for conformance to security rules—a key concern for secure systems.
There has been a long felt need in Secure Processing Systems for a secured boot technique that provides for validation of low level processor configuration and boot parameters. The issue of secure boot gets compounded in multicore processors where more than one processor tries to wake up in a secured state—all at the same time.
In a secure system, every piece of data must be validated.