nRF54L Series Express

Feedback
Feedback

If you are having issues with the exercises, please create a ticket on DevZone: devzone.nordicsemi.com
Drag & Drop Files, Choose Files to Upload You can upload up to 2 files.
Register

Secure boot and secure attestation

As mentioned in the previous section, the first link in the chain of trust is to form the Root-of-Trust (RoT). To establish RoT, you must ensure that only authorized software can run on the device. This is achieved with secure boot, which verifies the firmware integrity and authenticity stage by stage during the boot process.

Secure boot

Secure boot ensures that only authorized software runs on a device by verifying firmware integrity and authenticity during the boot process.

Nordic Semiconductor recommends using an immutable boot loader as the first stage bootloader, and an updatable second stage bootloader. The bootloaders include anti-rollback, preventing the loading of unauthorized or outdated firmware. Nordic Semiconductor recommends using nRF Secure Immutable Bootloader (NSIB) as the first-stage, and MCUboot as the second-stage updateable bootloader.

Our devices implement secure boot in several stages, using a combination of hardware-enforced protections and bootloader configurations to establish and maintain security. Key stages of the implementation include:

  • Immutable boot code protection: The initial boot code must be immutable, stored in protected memory and designed to resist tampering. nRF54L Series features immutable boot code protection as a hardware feature, with a configurable size of the immutable region in the User Information Configuration Register (UICR). The configuration is applied by a hardware finite-state machine during boot, before the CPU is released from reset.
  • Debug access control: Device debug interfaces are configured to limit unauthorized access, securing sensitive assets and operations. nRF54L Series implements debug access port protection (APPROTECT) for blocking debug access and controlling TrustZone secure and non-secure attributes. More information on APPROTECT can be found here on the Enabling access port protection mechanism page.
  • Root of Trust configuration: The RoT components are set up to verify each stage in the boot process, maintaining a robust chain of trust.
  • NVM authentication: Non-volatile memory is verified to ensure data integrity, preventing the execution of tampered firmware.
  • Execution of next stage firmware: After successful verification, control is handed to the next secure stage, progressing the device boot sequence within a trusted environment.
  • Asset protection: As a new feature in the nRF54L Series, the attack surface is limited by making the keys handled by the Key Management Unit (KMU) inaccessible before the next stage firmware image is allowed to execute.

The nRF54L Series devices integrate Arm® TrustZone® alongside the Cryptographic Accelerator Engine (CRACEN) security subsystem. This layered approach ensures that each boot stage is trusted and protected, securing the device throughout its operational lifecycle. More details about TrustZone and CRACEN can be found in later sections of this lesson.

Secure attestation

Secure attestation is a security feature that ensures the unique device identity throughout the device lifecycle and is supported in the nRF54L Series through various mechanisms. Secure attestation uses the unique identifiers of each device to provide a verifiable proof of its properties, such as identity and security status. This process ensures the integrity and authenticity of the device, helping maintain trust between devices and services throughout their lifecycle.

The following lists the key benefits of secure attestation:

  • Verification of device identity: Secure attestation ensures that each device can be uniquely identified, preventing impersonation and fraud.
  • Assessment of device integrity: Attestation checks whether a device has been tampered with or compromised, allowing for timely responses to protect data and maintain device operations.
  • Security lifecycle management: It enables continuous monitoring and validation of a device’s security status from deployment through maintenance to decommissioning, ensuring that the security measures remain effective.

Nordic Semiconductor devices implement secure attestation through a combination of hardware features and cryptographic operations:

  • Cryptographic engines: On the nRF54L devices, the CRACEN security subsystem is used for performing secure cryptographic operations necessary for generating and managing attestation data.
  • Secure storage: Attestation keys and sensitive data are stored using the device’s secure storage capabilities, ensuring that the attestation process remains protected against both external threats and internal vulnerabilities.

Make sure to Log in or Register to save your progress

Back
Next

Switch language?

Progress is tracked separately for each language. Switching will continue from your progress in that language or start fresh if you haven't begun.

Your current progress is saved, and you can switch back anytime.

Register an account
Already have an account? Log in
(All fields are required unless specified optional)

  • 8 or more characters
  • Upper and lower case letters
  • At least one number or special character

Forgot your password?
Enter the email associated with your account, and we will send you a link to reset your password.