Measured Boot and Integrity Measurement Architecture (IMA)
Measured Boot
Another security technique that comes into play is Measured Boot. Not to be confused with Secure Boot, Measured Boot can be described as a process during boot time in which a hash is calculated for each component that is loaded or started in the process.
These hashes, or measurements, are stored in a secure environment, usually a Trusted Platform Module or TPM. Later, the calculated hashes can be retrieved from the TPM by authorized code and they can be used to achieve a complete attestation system by ensuring that only trusted components were loaded or release certain keys only if the system is trusted. It is important to clarify that Measured Boot does not verify the obtained hashes, but only consists in the process of obtaining and storing is hash. This is the process of "measuring" each component. The following image shows the measuring process.
An example of the importance of Measured Boot is that, if a system becomes infected with a rootkit it will not be detected by traditional methods since it may become active before the client starts. In a situation like this, Measured Boot can detect the rootkit since the hashes will not match the expected results. The obtained hashes can be sent to a remote attestation server to verify them, there the server can detect if the system was infected and cut access to the network. This process is illustrated in the following figure.
In the world of embedded systems, Measured Boot is supported by platforms such as Nvidia Jetson, in this case through the fTPM implementation. The implementation in Jetson is based in the Platform Configuration Register (PCR), which is a component of the TPM which is basically a secure, tamper-resistant storage location for obtained hashes. The fTPM boot process in Jetson is illustrated in the following figure:
