The official Arduino development team have this week announced the rollout a new bootloader based on MCUboot to help them improve the range of security features and firmware available on Arduino products. For those of you unfamiliar with MCUboot it takes the form of a secure bootloader solution. Offering fail-safe firmware authentication and secure firmware update mechanism, together with many other functionalities such as update encryption, update rollback, and application bootstrap.
Arduino MCUboot secure boot
“In order to support Arduino OTA, the update file is written to memory and processed by the bootloader to update the application. With regards to Portenta products, the file is placed into the second partition of the board’s QSPI flash. This means that our SLOT 1 is placed into the QSPI flash. The default swap method it uses is swap scratch. “
“The scratch region, mapped to a file called scratch.bin, is placed into the QSPI flash. When encrypted images are chosen firmware copies between external memories are always encrypted; by default, MCUboot decrypts an update, taking care of the needed offsets, before writing it into the scratch area. To keep data safe an extra step is executed re-encrypting the whole scratch data before writing it. When images are rolled back data from unencrypted internal memory is encrypted before being written into SLOT 1.”
“By default, keys are not loaded in flash, and the bootloader will boot any sketch. Once the keys are loaded MCUboot will always verify the image signature and boot only valid sketches; if an encrypted update is detected by reading the TLVs, MCUboot will unwrap the encryption key and decrypt the image on-the-fly while moving it into the internal flash.”
For more information on the new Arduino secure boot feature based on MCUboot jump over to the official Arduino blog by following the link below.
Source : AB