FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

HABv4: Authenticated image running XIP from serial flash

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED
Jump to solution

HABv4: Authenticated image running XIP from serial flash

Jump to solution
‎02-24-2023 10:17 AM
961 Views
spiderman
Contributor III

Suppose I am using a processor with HAB (High Assurance Boot) v4. It is i.MX RT1062, but the same can be considered for other processors with HAB as well.

Let's say I execute in place (XIP) from serial flash a signed (but not encrypted) bootable image. Therefore the HAB code in ROM should check the signature before running the application.

However, is there some mechanism preventing that someone implements spoofing on the serial bus from the flash, and thus injecting a "jump" to some malware firmware on some other area of the flash? Or even substitute instructions from inside my bootable image area?

 

0 Kudos
Reply
1 Solution

Jump to solution
‎03-03-2023 02:11 AM
920 Views
jingpan
NXP TechSupport
NXP TechSupport

Hi @spiderman ,

There are three security boot level, HAB boot, HAB encrypted boot and OTFAD encrypted boot.

If it is only HAB boot, it can't prevent this kind of attack. HAB boot only verify the image is authentic. But after that, the right of control is pass to application. To prevent this attack, you can run in internal SRAM instead of XIP. HAB encrypted boot doesn't support XIP because the image is encrypted.

OTFAD is a hardware which can decrypt on-the-fly. So, the data on the SPI bus is encrypted. It can prevent such attack when XIP.

 

Regards,

Jing 

View solution in original post

0 Kudos
Reply
1 Reply

Jump to solution
‎03-03-2023 02:11 AM
921 Views
jingpan
NXP TechSupport
NXP TechSupport

Hi @spiderman ,

There are three security boot level, HAB boot, HAB encrypted boot and OTFAD encrypted boot.

If it is only HAB boot, it can't prevent this kind of attack. HAB boot only verify the image is authentic. But after that, the right of control is pass to application. To prevent this attack, you can run in internal SRAM instead of XIP. HAB encrypted boot doesn't support XIP because the image is encrypted.

OTFAD is a hardware which can decrypt on-the-fly. So, the data on the SPI bus is encrypted. It can prevent such attack when XIP.

 

Regards,

Jing 

0 Kudos
Reply