Abstract

As we saw in Chapter 9, the PSA security model defines a two-stage “multisigner” boot process that bases the device security on a validated “chain of trust.” The first two links in this chain are the microcontroller Secure Boot, BL1 and the PSA Secure Bootloader, BL2. The second-stage bootloader BL2 is a standard part of the TF-M firmware and is derived from an open-source project called MCUBoot. During the development process, it is normal to design the application code without the BL2 bootloader fitted. This allows us to add code to the main application and download it using the debugger without having to continually recreate signed images. Once we are happy with the main application, it is ...