March 14, 2025 - Hardware Security Session Support Session
a hardware security vendor Support Session #2 Summary
Date: March 14, 2025
Bootware Installation and Setup
Bob from a hardware security vendor walked the team through bootware installation on SCM (Secure Compute Module) devices. The session covered downloading bootware via curl, installing with zbcli, and understanding the boot process. The system creates encrypted partitions using a hardware security vendor hardware for LUKS key management.
Image Creation and Management
The team learned how to create full system images using the imager tool, which snapshots the entire disk and creates private/public key pairs. Images are compressed and can be stored on USB or HTTP servers for deployment. Bootware uses A/B partition strategy for safe updates.
Development vs Production Mode
Manitcor confirmed encrypted bootware instances can run without flipping devices out of dev mode. This allows development and testing in a secure environment before production configurations.
Next Steps
| Owner | Task |
|---|---|
| All developers | Complete bootware installation up to image creation |
| Manitcor | Prepare questions about operational pipeline |
| Team | Schedule follow-up session for next week |
Upcoming Milestones
- Follow-up Bootware Session: Week of March 17th
- Complete image creation walkthrough: Next session