The boot process on an embedded microcontroller or processor represents the first opportunity for an attacker to compromise the security of the system. Securing the boot process is therefore critical to establishing a root of trust for the runtime operation of the system. With the cryptographic keys and certificates that have been securely programmed into the device using the provisioning process, the device hardware and on-chip firmware can verify the integrity of application code, security configuration settings and other data programmed into device Flash memory before commencing execution of the application code. For this process to securely establish a root of trust, all elements used to perform the secure boot operation must be immutable, including the on-chip firmware. Additionally, the chip architecture must be designed such that the secure boot process always happens at every startup or chip reset.

At chip startup, the device first securely loads cryptographic keys and certificates from the non-volatile secure storage medium into protected memory. Then, execution of on-chip boot code commences within an isolated, trusted secure environment that is inaccessible and uninterruptible by any external element, such as a debugger. This boot code decrypts and verifies the integrity of the code certificate, and then uses the certificate to authenticate application code and run-time security settings. The successful verification of code integrity establishes the root-of-trust, and control can be passed to the application to begin executing. The application can in turn perform further diagnostic and integrity checks, or use on-chip cryptographic services to authenticate debug and external communications interfaces using challenge-response schemes.