Measured Boot and Integrity Measurement Architecture (IMA)
Measured Boot
Another security technique that comes into play is Measured Boot. Not to be confused with Secure Boot, Measured Boot can be described as a process during boot time in which a hash is calculated for each component that is loaded or started in the process.
These hashes, or measurements, are stored in a secure environment, usually a Trusted Platform Module or TPM. Later, the calculated hashes can be retrieved from the TPM by authorized code, and they can be used to achieve a complete attestation system by ensuring that only trusted components were loaded or releasing certain keys only if the system is trusted. It is important to clarify that Measured Boot does not verify the obtained hashes; it only consists of obtaining and storing the hash. This is the process of "measuring" each component. The following image shows the measuring process.
An example of the importance of Measured Boot is that if a system becomes infected with a rootkit, it will not be detected by traditional methods since it may become active before the client starts. Measured Boot can detect the rootkit in a situation like this since the hashes will not match the expected results. The obtained hashes can be sent to a remote attestation server to verify them. There, the server can detect if the system is infected and cut access to the network. This process is illustrated in the following figure.
In the world of embedded systems, Measured Boot is supported by platforms such as Nvidia Jetson, in this case through the fTPM implementation. The implementation in Jetson is based on the Platform Configuration Register (PCR), a TPM component, basically a secure, tamper-resistant storage location for obtained hashes. The fTPM boot process in Jetson is illustrated in the following figure:
