This topic describes security features of NVIDIA® Jetson™ Linux. Below are the subtopics:
Secure Boot describes Secure Boot, a feature which ensures that the Jetson Linux boot process cannot be redirected or compromised.
OP-TEE describes the Open Portable Trusted Execution Environment, a TEE provided with Jetson Linux.
Disk Encryption describes the Jetson Linux implementation of Linux Unified Key Setup (LUKS), the Linux standard for disk encryption. This release does not support this feature.
Secure Storage describes Secure Storage, a feature that provides a solution to ensure the general-purpose data and key material can be stored securely.
- Secure Boot
- Overall Fusing and Signing Binaries Flow
- Installing the Secure Boot Package
- Fuses and Security
- Fuse Configuration File
- Generate An RSA Key Pair
- Prepare an SBK key
- Prepare K1/K2/KEK keys
- Prepare the Fuse Configuration file
- Burn Fuses with the Fuse Configuration file
- Sign and Flash Secured Images
- Legacy Support of Secure Boot for Xavier SoC
- Burning PKC, KEK, and SBK Fuses
- OP-TEE: Open Portable Trusted Execution Environment
- OP-TEE in Jetson Linux
- Trusted Application and Client Application Development
- Key Derivation Function of a Fuse Key and User-Defined Key
- Secure Samples
- Key Maintenance and EKBs
- AES-256 Hardware Key Derivation Function in jetson_user_key_pta
- Disk Encryption
- Setup Preparation
- Details of Operation
- The Threat Model
- Disk Encryption Implementation in Jetson Linux
- Manufacturing process
- Secure Storage