Configurable/Programmable secure boot in TK1

I’m planning to develop a high-assurance application and I want to make sure that my application is correctly loaded by the bootloader. So I’m considering to use Jetson TK1 for the development but I want to make sure that it has a way to do the secure boot.
Does Jetson TK1 provide a programmable or configurable secure boot? If so, can you give me a pointer to the document?

Thanks,

Hi norrathe,

There will be the doc which included these information for your design reference, and it should be published soon, please stay tuned.

Thanks

Any update on this?

Norrathe,
Tegra secure boot is to ensure Tegra chip has trust of chain passing down to BCT and bootloader. However, your application won’t depend on secure boot. What is the security requirement for your application in your system?

Hi chijen, thanks for your reply.

Ideally, we want to implement a ROM bootloader that verifies authenticity and integrity of the first loaded software (in our case, a microkernel). Thus, our security requirement is before executing the first software, its integrity and authenticity needs to be checked at hardware level. Any feature in TK1 supports this?

norrathe,

"before executing the first software
=> are you referring to your own application running in the system after kernel boot-up? The first piece of software is loaded and ran at TK1 boot flow is bootloader which is part of our secure boot flow.

Can ROM bootloader be configured to support integrity check of the first software loaded into RAM?
My goal is to make sure that the first software (after bootloader) is authentic and has not been tampered with.