First-Stage Boot Loader (ROM)
After hardware system initialization is complete, the Intel® Arria® 10 SoC boot ROM firmware decrypts, authenticates, and executes the next boot stage. The boot ROM firmware is the root of trust: the trusted, inherently secure starting point for booting the Intel® Arria® 10 SoC.
- Determine which boot device contains the next boot stage image, the second-stage boot loader
- Discover the final code signing key (CSK) through a key chain service
- Use the CSK to authenticate the boot loader image
- If the boot loader image is encrypted, the boot ROM sends the image to the Configuration Subsystem (CSS) for decryption.
- If boot loader authentication and decryption is successful, load the boot loader into on-chip RAM and execute it
For details about secure system initialization, refer to "Secure Initialization Overview" in the SoC Security chapter of the Intel® Arria® 10 Hard Processor System Technical Reference Manual.
Did you find the information on this page useful?