Securing an embedded device starts with a secure boot—that is, booting into a trusted operating system. On an embedded Linux system, this means:
-
The CPU is booting a trusted bootloader,
-
the bootloader is loading a trusted Linux kernel, and
-
the Linux kernel is booting a trusted user space.
