摘要 |
A system and methods are disclosed for securely booting a processing system using a three step secure booting process. Several embodiments are presented, wherein upon power-on-reset, the first boot step uses a secure boot device comprising of a programmable device or an FPGA which boots up first, validates its configuration file and then validates the processor(s) configuration data before presenting the configuration data to the processor(s). This enables validation of ‘pre-boot’ information, such as the Reset Control Word and pre-boot processor configuration data. The second and third boot steps validate the internal secure boot code and external boot code respectively using one or more of secure validation techniques, such as encryption/decryption, Key mechanisms, privilege checking, pointer hashing or signature correlation schemes. This results in an end-to-end secure boot process for a variety of architectures, such as single processor systems, synchronous and asynchronous multiprocessing systems, single core systems and multi-core processing systems. |