Sliced Secure Boot: An Accelerated Secure Boot Concept Compatible
with Automotive Safety Controllers 12-06-03-0024
This also appears in
SAE International Journal of Connected and Automated Vehicles-V132-12EJ
Secure boot has successfully protected systems from executing untrusted software
(SW), but low-power controllers lack sufficient time to check every memory cell
while satisfying real-time functional safety requirements. Automotive
controllers need to maintain security through multiple cycles of remote,
unsupervised operation and safely reach a secure state when an anomaly is
detected. To accelerate the boot time, we propose Sliced Secure Boot: build
fingerprints by slicing orthogonally through memory blocks, protect each cell
with a reusable fingerprint using a reproducible pattern with sufficient
entropy, and randomly check one fingerprint pattern during boot. We do not claim
that sampling offers equivalent protection to exhaustive checks but demonstrate
that careful sampling can provide a sufficient level of detection while
maintaining compatibility with both startup time and functional safety
requirements.