Accelerated Secure Boot for Real-Time Embedded Safety Systems

Secure boot is a fundamental security primitive for establishing trust in computer systems. For real-time safety applications, the time taken to perform the boot measurement conflicts with the need for near instant availability. To speed up the boot measurement while establishing an acceptable degree of trust, we propose a dual-phase secure boot algorithm that balances the strong requirement for data tamper detection with the strong requirement for real-time availability. A probabilistic boot measurement is executed in the first phase to allow the system to be quickly booted. This is followed by a full boot measurement to verify the first-phase results and generate the new sampled space for the next boot cycle. The dual-phase approach allows the system to be operational within a fraction of the time needed for a full boot measurement while producing a high detection probability of data tampering. We propose two efficient schemes of the dual-phase approach along with calibratable parameters to achieve the desired tamper detection probability. We evaluate the tampering detection accuracy within a simulation environment. Then we build a real system to evaluate the real-time performance using an automotive embedded microcontroller with a built-in Hardware Security Module (HSM).