Methods, systems, and apparatuses for unlocking a persistent region in memory are disclosed. An information handling apparatus includes a controller, a memory coupled to the controller, the memory having a persistent region that can either be locked or unlocked, and a firmware configured to determine whether the persistent region of the memory is locked, obtain a stored passphrase from a storage device if the persistent region is locked, and use the passphrase to unlock the persistent region of the memory.

Disclosed herein are a method for secure booting using a route switchover function for a boot memory bus and an apparatus using the same. The method includes maintaining a reset state in order to prevent a processor from being booted, interrupting the connection between the processor and boot memory, verifying the integrity of first boot firmware stored in the boot memory, determining whether hardware damage is detected, and releasing the reset state of the processor and the interrupted state of the connection between the processor and the boot memory in consideration of whether hardware damage is detected and verification of the integrity in order to allow the processor to be booted.

Systems, apparatuses and methods may provide for technology that assumes, by a root of trust located in a trusted region of a system on chip (SOC), control over a reset of the SOC and conducting, by the root of trust, an authentication of an update package in response to an update condition. The root of trust technology may also apply the update package to firmware located in non-volatile memory (NVM) associated with a microcontroller of the SOC if the authentication is successful.

The components of a firmware that are to be executed are identified, such as firmware device drivers and SMI interrupt handlers. Performance data is also obtained for the components. An inventory identifying the components and the performance data are provided to a BMC. The BMC provides the inventory and the performance data to a remote management client through an out-of-band (“OOB”) network connection. The BMC might also receive a blacklist instruction from the management client. The blacklist instruction provides an indication to the BMC that one or more of the components of the firmware are not to be executed by the computing system. The BMC provides the blacklist instruction to the firmware. The firmware adds the component, or components, identified in the blacklist instruction to a blacklist. The next time the computing system is booted, the firmware will not execute the components identified in the blacklist.

An autonomous driving controller includes a plurality of parallel processors operating on common input data. Each of the plurality of parallel processors includes a general processor, a security processor subsystem (SCS), and a safety subsystem (SMS). The general processors, the SCSs, and the SMSs of the plurality of parallel processors are configured to first, boot the plurality of SCSs from ROM second, boot the plurality of SMSs of the plurality of parallel processors from RAM or ROM, and, third, boot the plurality of general processors of the plurality of parallel processors from RAM. Between booting of the SCSs and the SMSs, at least one of the plurality of SCSs may load SMS boot code into the RAM that is dedicated to the plurality of SMSs.

A system for a cryptographic agile bootloader for upgradable secure computing environment, the cryptographic agile bootloader comprising a computing device associated with a first bootloader is presented. The computing device includes a secure root of trust, the secure root of trust configured to produce a first secret and a second secret and a processor. The processor is configured to load a second bootloader, wherein the second bootloader is configured to generate a secret-specific public datum as a function of the second secret, wherein the secret-specific public datum further comprises a bootloader measurement, load a first bootloader, wherein the first bootloader is configured to sign the secret-specific public datum as a function of the first secret, and replace the first bootloader with the second bootloader.

A method for device authentication comprises receiving, by processing hardware of a first device, a message from a second device to authenticate the first device. The processing hardware retrieves a secret value from secure storage hardware operatively coupled to the processing hardware. The processing hardware derives a validator from the secret value using a path through a key tree, wherein the path is based on the message, wherein deriving the validator using the path through the key tree comprises computing a plurality of successive intermediate keys starting with a value based on the secret value and leading to the validator, wherein each successive intermediate key is derived based on at least a portion of the message and a prior key. The first device then sends the validator to the second device.

A method for operating a computer unit having a processor on which a software application can run comprises the steps: upon invoking the software application or upon carrying out a transaction with the software application on the computer unit the step of checking whether the computer unit has been restarted since the last invoking of the software application; carrying out a first form of authentication for starting the software application or for carrying out the transaction with the software application if the computer unit has not been restarted since the last invoking of the software application; and carrying out a second form of authentication for starting the software application or for carrying out the transaction with the software application if the computer unit has been restarted since the last invoking of the software application. Further provided are a correspondingly designed software application as well as a correspondingly designed computer unit.

A method of securely resetting a first device comprising a UICC, the method comprising providing a secure reset control application to a secure element of the UICC of the first device wherein the secure reset control application is capable of commanding the UICC to provide notification indicative of a secure reset of the first device being requested if a corresponding signal is received from a remote management server; and/or communication between the secure reset control application and a remote management server cannot be established for a predetermined period of time and upon the next first device reset, determine whether a secure reset has been requested.

The techniques and systems described herein are directed to providing targeted, secure software deployment in a computing system. An identity of the computing device can be determined and verified using a trusted platform module (TPM) of the computing device, and a software update can be expressly configured to operate solely on the computing device. Further, a configuration of the computing device can be ascertained using platform configuration registers (PCRs) of the TPM to determine that the computing device has not been modified from a trusted configuration. For example, if malware or unauthorized software is operating on the computing device, the software update may be prevented from being installed. Further, the software update can be targeted for a particular computing device, such that when the software update is received at the computing device, the software update may not be duplicated and provided to an additional, unauthorized device.