working at mpc data
TRANSCRIPT
![Page 1: Working at MPC Data](https://reader030.vdocuments.net/reader030/viewer/2022032805/56649ee05503460f94bf0288/html5/thumbnails/1.jpg)
Working at MPC Data
http://tstableford.co.uk/downloads/workingatmpc.pptx
![Page 2: Working at MPC Data](https://reader030.vdocuments.net/reader030/viewer/2022032805/56649ee05503460f94bf0288/html5/thumbnails/2.jpg)
Introduction
2
• Working in a team is different to at university• Based in Trowbridge near Bath• Tea and Coffee is free and infinite (well
nearly)• Company events a few times a year• Flexible work hours• 22 days holiday
© 2013 BSQUARE Corporation. All rights reserved. BSQUARE is a registered trademark of BSQUARE Corporation. All other names, product names and trade names are trademarks or registered trademarks of their respective holders.
![Page 3: Working at MPC Data](https://reader030.vdocuments.net/reader030/viewer/2022032805/56649ee05503460f94bf0288/html5/thumbnails/3.jpg)
Projects
3
• Linux – Radio gateway system• Linux – BSP support for a defence
contractor• More on the next slides
© 2013 BSQUARE Corporation. All rights reserved. BSQUARE is a registered trademark of BSQUARE Corporation. All other names, product names and trade names are trademarks or registered trademarks of their respective holders.
![Page 4: Working at MPC Data](https://reader030.vdocuments.net/reader030/viewer/2022032805/56649ee05503460f94bf0288/html5/thumbnails/4.jpg)
UI Reskin For An Industrial Control System
4© 2013 BSQUARE Corporation. All rights reserved. BSQUARE is a registered trademark of BSQUARE Corporation. All other names, product names and trade names are trademarks or registered trademarks of their respective holders.
![Page 5: Working at MPC Data](https://reader030.vdocuments.net/reader030/viewer/2022032805/56649ee05503460f94bf0288/html5/thumbnails/5.jpg)
Secure Boot
5
• Boot only authorized code on i.MX6• Chain of trust to kernel
© 2013 BSQUARE Corporation. All rights reserved. BSQUARE is a registered trademark of BSQUARE Corporation. All other names, product names and trade names are trademarks or registered trademarks of their respective holders.
![Page 6: Working at MPC Data](https://reader030.vdocuments.net/reader030/viewer/2022032805/56649ee05503460f94bf0288/html5/thumbnails/6.jpg)
Problem Breakdown
6
1. Create a working base2. Burn the keys to the board, sign and verify U-Boot in non-secure mode3. Go to closed configuration
• Burn the closed configuration fuse• Boot U-Boot
4. Sign the kernel• Sign the kernel image• Modify U-Boot to authenticate the kernel• Make sure the kernel boots
5. Lock down other code execution methods• Disable U-Boot commands• Secure JTAG• Burn the fuse to stop keys being overwritten
© 2013 BSQUARE Corporation. All rights reserved. BSQUARE is a registered trademark of BSQUARE Corporation. All other names, product names and trade names are trademarks or registered trademarks of their respective holders.
![Page 7: Working at MPC Data](https://reader030.vdocuments.net/reader030/viewer/2022032805/56649ee05503460f94bf0288/html5/thumbnails/7.jpg)
Signed U-Boot
7© 2013 BSQUARE Corporation. All rights reserved. BSQUARE is a registered trademark of BSQUARE Corporation. All other names, product names and trade names are trademarks or registered trademarks of their respective holders.
![Page 8: Working at MPC Data](https://reader030.vdocuments.net/reader030/viewer/2022032805/56649ee05503460f94bf0288/html5/thumbnails/8.jpg)
Secure Boot Process
8© 2013 BSQUARE Corporation. All rights reserved. BSQUARE is a registered trademark of BSQUARE Corporation. All other names, product names and trade names are trademarks or registered trademarks of their respective holders.
Copy U-Boot IVT to Internal RAM
Valid IVT?
Load U-Boot into SDRAM
Yes
Attempt secure serialboot
No
Process CSF(Authenticate U-Boot)
Fail
Load Kernel to SDRAM
Authenticate Kernel Boot
HaltSuccess
Fail
Success
![Page 9: Working at MPC Data](https://reader030.vdocuments.net/reader030/viewer/2022032805/56649ee05503460f94bf0288/html5/thumbnails/9.jpg)
Summary
9
• Chain of trust to kernel• More lock-down for a full chain of trust
© 2013 BSQUARE Corporation. All rights reserved. BSQUARE is a registered trademark of BSQUARE Corporation. All other names, product names and trade names are trademarks or registered trademarks of their respective holders.