2.2.1.4 Secure Boot

The SecureBoot command is enabled for the ATECC608B-TFLXTLS. This allows the system to cryptographically validate its firmware via a boot loader before performing a full boot. This functionality can also be used to validate new firmware images before they are loaded.

The secure boot feature requires establishing a P-256 firmware signing key before it can be used. The private key will be held by the firmware developers for signing the firmware image. The public key needs to be written to the secure boot public key slot and the slot needs to be locked to make it permanent.

For the ATECC608B-TFLXTLS, it also possible to force the primary private key to require a valid secure boot prior to being authorized for use.

To implement the SecureBoot, several data slots are required.

Secure Boot Digest

The Secure Boot Digest is a 32-byte SHA-256 digest calculated over the firmware application code. This digest needs to be updated every time the firmware is updated. For the ATECC608B-TFLXTLS, the digest is stored in Slot #7.

Secure Boot Public Key

The Secure Boot public key is used to perform a verify function to validate the Secure Boot Digest and signature. The Secure Boot public key is stored in Slot #15.