Difference between revisions of "AIMLinux/AddOn/Security"
Yanwei.cao (talk | contribs) |
Yanwei.cao (talk | contribs) |
||
| Line 7: | Line 7: | ||
<span style="font-size: 15.6px;">'''Signature'''</span> | <span style="font-size: 15.6px;">'''Signature'''</span> | ||
| + | #Setup CST enviroment | ||
| + | #Build secure images | ||
| + | #Sign images | ||
| + | <span style="font-size: 15.6px;"></span> | ||
Revision as of 10:36, 13 March 2020
Security is becoming a growing concern, especially when these devices connecte to the Internet,how to protect data from tampering, how to protect FW from malicious damage, how to ensure that the device can start safely... these are security considerations. This topic mainly introduces the Security Boot mechanism.
Security Boot[edit]
For security consideration, it is necessary that the hardware have some mechanism to ensure that the software it is running can be trusted. NXP i.MX6 series chip provides High Assurance Boot (HAB) feature which meets such a requirement. OEM can utilize it to make their product reject any system image which is not authorized for running. You can refer the " i.MX_6_Linux_High_Assurance_Boot_(HAB)_User's_Guide.pdf" file to learn more about HAB introduction,in this topic,we mainly introduce how to implement and test security boot.
Signature
- Setup CST enviroment
- Build secure images
- Sign images
Burn
Test