I have a few questions about HAB, assuming that we will generate an encrypted image for our iMX6UL board. I have the feeling that I do not clearly identify the limits of this security functionnality.
1) Our application needs PIN code implementation, so we will need to store these codes and keep them secret. I guess that HAB is not a solution for that, do you confirm it ?
2) For a given SOM, does HAB protect against module replacement ?
3) Does HAB protect our SW (the "useful" ELF application that should run on the board) against :
- reverse engineering ?
- modification ?
- replacement ?
4) Does HAB protect against a spy SW installation ? (we must avoid audio signal acquisition by a spy SW)
For the 4 needs listed above, if HAB is not relevant, what security components would be ? (SNVS ? Any other component of TrustZone architecture ?)
Thank you for your help...