Search
en
2023.10.04

Hardware Security – Trusted Secure Boot

Share:

Hardware platforms are getting more and more complex, and as a side effect firmware have been given even more functionalities and controls even more things than before. Thus, it is absolutely crucial to maintain the integrity of the onboard firmware to ensure the security of the data passing through the system. AEWIN has leveraged the experiences from specialized sectors where tamper resistance and firmware recovery are required.

 

What is Hardware Root of Trust?
A hardware root of trust (HRoT) is a security feature that is built into the hardware of a computing device. It is the foundation on which all secure operations of a computing system depend. It contains the keys used for cryptographic functions and enables a secure boot process. These keys are used to verify the authenticity of the device’s firmware and software, and to protect the device from unauthorized access.

 

Advantages of Trusted Secure Boot
Trusted Secure Boot (TSB) is a security feature that uses HRoT to verify the authenticity of the device’s firmware before it is loaded. This helps to protect the device from malware and other threats that can be injected into the firmware during the boot process.

TSB offers a number of advantages, including:

  • Improved security: TSB helps to protect the device from malware and other threats that can be injected into the firmware during the boot process.
  • Reduced risk of unauthorized access: TSB helps to reduce the risk of unauthorized access to the device by ensuring that only trusted firmware and software is loaded.
  • Improved performance and reliability: TSB can help to prevent unauthorized changes to the device’s firmware, which can lead to performance problems and system crashes, hence improve the performance and reliability of computing devices. It can also help businesses to comply with various security regulations and standards.

 

AEWIN Trusted Secure Boot Family
AEWIN launches the OT004/OT006 family of Trusted Secure Boot Module for increased firmware resilience to guard against tampering and data corruption. This is part of AEWIN’s push for a hardware system root of trust for our network and edge computing systems. We have leveraged our experiences from specialized sectors where tamper resistance and firmware hardening are required.

Hardware-Security2-02-2048x988

OT004/OT006 modules are the first chain in the root of trust security system we’ve devised to increase the firmware resiliency. They are self-contained modules equipped with a FPGA with AEWIN Trusted Secure Boot firmware, and isolated from rest of the system to reduce possible attack surfaces. The onboard logics identify and authenticate firmware digital signatures inside the system. If an anomaly has been found, it can provide automated firmware recovery or hold the boot sequence and alerting the system admins. The default behavior is programmable and can be adjusted by the administrator during the setup of the module.

To prevent tampering, the golden image stored on-board is locked from changes. Without updating the module, any firmware updates or unauthorized changes will be overwritten and restoring it to the previously known good state. There are several layers of security and algorithms to prevent an attacker from brute-force attacks on the module to compromise the system. Likewise, there module protects itself from attacks and unauthorized updates with several layers of security.

OT004A, OT004B and OT004C is designed for BMC onboard systems, Intel and AMD systems respectively to provide root of trust function starting at the BIOS. The OT006 support is being integrated into many of our products, delivering BMC firmware as well as BIOS resiliency by protecting against data corruption and tampering.

 

Conclusion
Attacks that physically manipulate the firmware used for performing hardware initialization during the boot process can invalidate many of the common secure boot features that are considered industry standard. By implementing a trusted secure boot HRoT that is used for code signing critical boot entities, the AEWIN OT004/OT006 modules become a first line of defense ensuring overall system integrity. Please let us know if you have any questions or comments about integrating firmware security into your next AEWIN systems. Our friendly sales can help you secure your next AEWIN platforms.

Hardware-Security2-03-2048x930

 

Related News

Rack-Scale AI Infrastructure: Maximizing Performance, Efficiency, and Scalability for the AI Era
2026.06.30

Rack-Scale AI Infrastructure: Maximizing Performance, Efficiency, and Scalability for the AI Era

Driven by the explosion of Gen AI, Agentic AI, and the massive datasets behind them, computing infrastructure is evolving from standalone servers to rack-scale architectures. Modern AI workloads require a tightly integrated combination of computing, networking, storage, and cooling solutions to deliver maximum performance and efficiency. Future-Ready AI Infrastructure has become the foundation for the AI Era.

View More
Enhancing Network Resilience with AEWIN Gen4 LAN Bypass
2026.06.30

Enhancing Network Resilience with AEWIN Gen4 LAN Bypass

Traditional LAN bypass focuses on keeping traffic flowing when a system goes down, but modern deployments require greater flexibility to balance availability and security. AEWIN Gen4 LAN bypass builds on the Gen3 foundation by introducing enhanced traffic control mechanisms to enable network behavior to better align with real-world operational demands.

View More
Optimizing Thermal Design for High-Performance Network Appliances and Servers
2026.06.30

Optimizing Thermal Design for High-Performance Network Appliances and Servers

As modern data centers and network infrastructures continue to scale, the demand for higher computing performance is rapidly increasing. This trend drives CPU power consumption to new levels, especially with the latest server-grade processors. As a result, optimized thermal management has become a critical design factor that directly impacts system stability and performance. High-performance network appliances and servers require advanced cooling solutions to sustain performance under heavy workloads.

View More
Search
en
PRIVACY POLICY

© 2026 AEWIN Technologies

Inquiry Cart

total 0 items

Product Inquiry
Compare

total 0 items

Email Subscribe

Verification

Click the numbers from smallest to largest.

We use cookies to allow our website to work properly, personalize content and advertising, provide social media features and analyze traffic. We also share information about your use of our site with our social media, advertising and analytics partners

Manage Cookies

Privacy Settings

We use cookies to allow our website to work properly, personalize content and advertising, provide social media features and analyze traffic. We also share information about your use of our site with our social media, advertising and analytics partners

Privacy Policy

Manage Consent Settings

Essential Cookies

Accept All

The website cannot function without these cookies and you cannot switch them off on your system.

These cookies are typically set only in response to an action you perform (i.e. a service request), such as setting privacy preferences, logging in, or filling in a form.

You can set your browser to block or prompt you for these cookies, but this may prevent some site features from working.

Marketing Cookies

Marketing cookies are used to track visitors' journey through our website. The purpose is to display advertisements that are relevant or appealing to the individual user and are therefore more important to the publisher or third-party advertiser.

Targeting Cookies
These cookies are set through our site by advertising partners. These companies may use cookies to build a profile of your interests and show you relevant adverts on other sites. They only need to recognise your browser and device to work. If you do not allow these cookies, you will not experience targeted advertising across different websites.

Social Media Cookies
These cookies are set by a range of social media services that we have added to our site to enable you to share our content with your friends and networks. They can track your browser across other websites and build a profile of your interests. This may affect the content and messages you view when you visit other websites. If you do not allow these cookies, you may not be able to use or view these sharing tools.