Support for Immutable Portions in the Secure Bootloader

The concept of updateable and immutable portions of a secure processing environment is introduced in Overview of PSA Compliance. RSL15 has the following support for the immutable portions of the secure processing environment:

  • A boot ROM that can handle a Secure Boot and Secure Debug process
  • Hardware isolation of cryptographic functions and the storage of security-related assets
  • Unique key storage and the concept of a hardware unique key
  • A managed security life cycle as described in the RSL15 Security User's Guide
  • Trusted subsystems providing a separation between the secure and non-secure environments, using TrustZone