Hi,
I have a few questions about HAB, assuming that we will generate an encrypted image for our iMX6UL board. I have the feeling that I do not clearly identify the limits of this security functionnality.
1) Our application needs PIN code implementation, so we will need to store these codes and keep them secret. I guess that HAB is not a solution for that, do you confirm it ?
2) For a given SOM, does HAB protect against module replacement ?
3) Does HAB protect our SW (the "useful" ELF application that should run on the board) against :
- reverse engineering ?
- modification ?
- replacement ?
4) Does HAB protect against a spy SW installation ? (we must avoid audio signal acquisition by a spy SW)
For the 4 needs listed above, if HAB is not relevant, what security components would be ? (SNVS ? Any other component of TrustZone architecture ?)
Thank you for your help... :smileyhappy:
Julien
Hello,
I think it would be better to discuss such topics in non-public request / ticket.
Regards,
Yuri.
At this point, I'm not looking for confidential information. I have read "HAB Code Signing Tool User's Guide", which is a public NXP document. :smileyhappy: But I'm not sure that it will be a relevant solution for the 4 needs listed above. That's what I would like to understand.
Anyway, I initiate a non-public request as suggested...