Don’t miss out! Join us at the next Open Source Summit in Seoul, South Korea (November 4-5). Join us at the premier vendor-neutral open source conference, where developers and technologists come together to collaborate, share knowledge, and explore the latest innovations and advancements in open source technology. Learn more at https://events.linuxfoundation.org/
Hardening the Barebox Bootloader – Ahmad Fatoum, Pengutronix
Bootloaders are foundational to system security, yet their attack surface often remains under-scrutinized.
This talk presents ongoing efforts to harden the security posture of the barebox bootloader when used in verified boot chains.
Topics include defining the security-critical subset of the verified boot path, applying fuzzing to core logic, and highlighting the security implications of user configurations.
The session will also cover software hardening measures, mechanisms for secure runtime unlocking and the formalization of security issue handling.
Attendees will gain insight into both the technical challenges and the roadmap to help users deploy a verified boot chain into embedded products while minimizing potential risks.
