I can’t answer much on Secure OS, but can probably help reduce some of the confusion.
When you have Secure OS, then your boot environment will refuse to boot if it has been modified. This in no way (by itself) helps in stopping copy of rootfs. Further down there is some explanation of why you don’t want the boot environment to be allowed modification.
You can encrypt the rootfs partition (or at least partitions your software uses) and prevent meaningful copy of the unmounted partition. This would for example require a key or password to mount. If you didn’t use Secure OS to protect the boot environment, then someone could easily modify boot to publish the password or key content, and so the encryption would not matter (the modifications could just echo the steps to mount for anyone to see). Secure OS can protect any partition encryption’s key/password. The partition encryption bypasses the ability to use cloning or dd methods to extract content.
Unfortunately, even if your partition is encrypted, then once it is mounted the content itself becomes unencrypted. You’d need to then think about how to deal with that, and this is the hardest part.
Now imagine you enabled SElinux (and this is not used normally on L4T, but the Linux kernel can easily support this). It might be possible to add an SElinux context which is accessible only by some particular special user (or some special circumstance to read). Someone with root access could normally change the context. On the other hand, if the context rules were themselves somehow protected and read-only for that partition, then even a root user could not change the SElinux context. This is beyond me to say how to do this, but what I am trying to point out is that saving data from theft requires several combined steps. The ability to protect the boot environment is first because it can protect any special methods you provide for boot, e.g., protect how an encrypted partition is granted access. SElinux is quite complicated, but I suspect you would benefit by studying how it works and what you can do with it.
Right now one of the biggest problems I see is that I have not successfully seen a way to build a useful initrd, and if you want your rootfs to be something like FuseFS or encrypted, then you might need an initrd. The easy workaround would be that your content of the rootfs be quite minimal, and after Linux runs, mount something else over the top of some subset of rootfs (e.g., once booted mount an encrypted smaller partition over “/lib/modules/$(uname -r)/”). By doing this the bootloader does not need to understand an encrypted partition. Assuming not everything needs to be encrypted simplifies some of the boot issues while complicating the overall scheme. The boot scheme could in fact demand a checksum of the unencrypted “simple” initial rootfs before allowing boot…this wouldn’t stop someone from modifying the unencrypted parts, but it could prevent modified code from becoming part of boot (in which case Secure OS would require the checksum test to not be modified or viewed for checksum value or algorithm).
Consider the “/boot/Image” file…it can’t be encrypted because U-Boot needs to load it. You could modify the boot environment to demand Image has a particular checksum.