IRIS: An embedded secure boot for IoT devices

This study proposes a hardware secure boot solution, an instant retrieval information system (IRIS) that is suitable for integrating Internet of Things (IoT) devices. IRIS can boot a Linux kernel image pre-stores in removable media and comprises a data verifier securing the authenticity, integrity, and confidentiality of the boot process. IRIS is fully developed as a hardware module and the results reveal short boot-up times and a small hardware footprint when implemented on field programmable gate array chips. In addition, IRIS is an open-source generic solution that can be adapted to multiple architectures and includes a crypto-core called E-LUKS that can be used outside the boot-loading process to add confidentiality, integrity, and authenticity to data stored on off-chip storage like a flash device.IRIS shows a reduction in lookup tables footprint when compared to other IoT solutions consuming from 90% to 750% less resources and only slightly greater, around 30%, with solutions that only cover authentication and integrity.

Automated summary

This study proposes IRIS, a hardware secure boot solution for integrating IoT devices. IRIS can boot a pre-stored Linux kernel image from removable media and ensures the authenticity, integrity, and confidentiality of the boot process. It offers short boot-up times and has a small hardware footprint when implemented on field programmable gate array chips. Furthermore, IRIS is an open-source solution that can be adapted to multiple architectures and includes a crypto-core for data protection.