Abstract: During an initial bootup in a bootloader of an SOC, a random number that is unique to the device is stored in secured storage. During a first bootup, a two-dimensional random key is stored in secure storage for encoding the ENV parameters. During a second (subsequent) bootup, the ENV parameters that are current in unsecured storage are compared against the ENV parameters that previously existed in order to identify a mismatch. A remediation security action can be taken responsive to a mismatch between the baseline digest and a dynamic digest.

Abstract: A substrate for the SoC includes one or more OTP modules within the substate and comprising memory that can only be programmed once. A BIOS module loads a special BIOS into flash memory in place of a normal BIOS prior to a reboot of the OTP hardware module. The special BIOS is programmed to identify a status bit to burn corresponding to a revoked key. A first key register stored in the OTP module and comprising a plurality of status bits. Each status bit maps to the individual key of the plurality of OTP keys. A key burn module to burn a status bit on the key register corresponding to the special BIOS after the reboot. The BIOS module reloads the normal BIOS into the flash memory in place of the special BIOS prior to a second reboot. The normal BIOS runs after the second reboot.

Abstract: Responsive to OTP device not being enabled for an SoC, the RAMBOOT bootup authenticated by the key or key hash of an OTP is precluded and a determination is made whether the RAMBOOT bootup has been authenticated by the key or key hash on the virtual OTP. Responsive to not being authenticated, authentication of the RAMBOOT bootup is initiated. Responsive to being authenticated, enablement of the OTP device is initiated by burning an enable bit. Content of the virtual OTP is verified. The verified content can then be transferred from the virtual OTP to the OTP hardware module. Finally, authenticated RAMBOOT bootup is enabled from the OTP hardware module using the verified content prior to enablement of the OTP hardware module. ROMBOOT is read-only.