The consequences of an infection in firmware or the boot process can be drastic, and often times, hardware replacement is the only option for failure recovery.
Measuring the device boot process enables the validation of its integrity and asserts that a device has powered up in a known good state. Given that devices may not be rebooted for long periods of time in OT environments, both static and dynamic integrity assurance of the runtime need to be implemented. The boot process initializes the main hardware components and starts the operating system.
Trust must be established in the boot environment before trust in any other software or executable program can be claimed. So, the booted environment ...