Secure Bootloader Signing Workflow for Arm®-Based Embedded Systems: Enabling Compliance and Integrity
Presenters
Abstract
Meeting the security requirements of the EU Cyber Resilience Act (CRA) and similar regulations requires protecting embedded devices from the bootloader onward. This presentation details a secure bootloader signing workflow for Arm®-based processors, with a case study implementation focusing on TI AM6x devices. The general approach is broadly applicable across embedded platforms.
On the server side, signing keys are safeguarded using FIPS-certified Hardware Security Modules (HSMs) and centralized lifecycle management is tightly integrated with the image build process. On the device side, cryptographic signatures are verified at each boot stage, maintaining an unbroken chain of trust from boot ROM through U-Boot and operating system to application code. Together, these measures ensure that only trusted software is executed.
The workflow further supports automated, cloud-accessible signing, strict role-based access controls, and comprehensive audit trails, enabling manufacturers to protect private keys while streamlining adoption within CI/CD pipelines. By removing the need for custom cryptographic infrastructure, the solution accelerates regulatory readiness, reduces development effort, and provides full traceability for audits. The talk will share practical integration steps, lessons learned, and guidance for deploying secure and efficient device production workflows in embedded systems.