Skip to content

Going to production

This section is a checklist of things to review before shipping your image within end products, focusing on cybersecurity.

Review the production image:

  • Passwords of root and regular users

  • Configuration of the firewall

  • If using Secure Storage:

    • Secure the loading of Trusted Applications (TA) from the non-secure world: either replace the development key used to authenticate the TAs with a production key, or prevent the loading of TAs from the non-secure world (build optee-os with CFG_REE_FS_TA=n).

    • Protect optee-os under secure boot

  • For Secure Boot:

    • Make sure you're using production keys
    • The production bootloader is used (ie: u-boot without interactive command prompt)

  • For Software Update authentication, make sure you're using production keys

On the manufacturing line:

  • Ship the production image, not the development image

  • For Secure Boot, fuse the key hash and close the CPU

  • Deactivate hardware interfaces that may be used to workaround security features (typically JTAG)

  • Test your manufactured products