Test 1-2

TEST 1

Test Case ID: BIS-1.8.1 Test Name: TC_VERIFY_BOOT_IMAGE_SIGNATURE_VALID

Objective

To verify, in the presence of the OEM team, that the device successfully boots using the documented secure boot process when provided with a valid boot image containing a proper cryptographic signature. This test confirms that the secure boot mechanism correctly validates the boot image’s authenticity and integrity before execution.

Tools Used

  • OEM-provided datasheet and secure boot technical specifications

  • Valid vendor-signed boot image

  • Device console or serial access for monitoring boot process

  • Firmware signing verification tools (e.g., OpenSSL, vendor-specific signing utility)

Test Execution Steps

  1. Documentation Review

    • Examine the SoC datasheet and device technical specifications for secure boot, including:

      • Key management lifecycle

      • Public/private key usage

      • Signature validation process

  2. Preparation

    • With the OEM team present, obtain a valid boot image signed with the correct vendor private key.

  3. Boot Process Execution

    • Load the valid boot image onto the DUT.

    • Power on or reset the DUT and monitor the boot sequence through the console/serial interface.

  4. Signature Validation Confirmation

    • Confirm that the boot loader verifies the image signature against the correct embedded public key.

    • Ensure all cryptographic checks complete successfully without errors.

Expected Results for Pass

  • The DUT boots successfully using the valid signed boot image.

  • The secure boot process operates as documented, including correct public key verification and cryptographic signature checks.

  • Boot logs confirm successful validation of the image signature.

Test Observations

(Insert findings here — e.g., "Boot completed successfully with vendor-signed image; boot log confirmed RSA signature validation and secure boot completion.")

Evidence Provided

  • Boot log excerpts showing signature verification success

  • Screenshot of firmware signing command and result

  • OEM confirmation of secure boot process adherence

Test Case Result

Pass – Device booted successfully and verified valid signed image ☐ Fail – Secure boot process failed or did not validate signature as expected

TEST 2

Test Case ID: BIS-1.8.2 Test Name: TC_VERIFY_BOOT_IMAGE_SIGNATURE_INVALID

Objective

To verify, in the presence of the OEM team, that the device fails to boot when provided with a tampered or invalid boot image (e.g., altered signature, missing signature), thereby confirming the secure boot process prevents unauthorized software execution.

Tools Used

  • OEM-provided firmware image (for tampering)

  • Hex editor or binary modification tools to alter/remove the signature

  • Device console or serial access for monitoring boot output

  • OEM-provided documentation of secure boot signature validation process

Test Execution Steps

  1. Tampered Image Preparation

    • In collaboration with the OEM team, create a boot image with one of the following modifications:

      • Altered signature (bit modification in signed portion)

      • Removed signature field entirely

  2. Boot Attempt

    • Load the tampered boot image onto the DUT.

    • Power on or reset the device while monitoring output via console or serial connection.

  3. Behavior Observation

    • Document any error messages, warnings, or halted boot sequences indicating signature verification failure.

Expected Results for Pass

  • The DUT fails to boot with the tampered or invalid boot image.

  • Boot logs or console output clearly indicate signature verification failure or image rejection.

  • Secure boot mechanism prevents execution of the tampered image, confirming protection against unauthorized software.

Test Observations

(Insert findings here — e.g., "Boot halted at signature verification stage; console output: 'ERROR – Boot image signature invalid; secure boot failed.'")

Evidence Provided

  • Boot log excerpts showing signature validation failure

  • Screenshot of tampered image generation/modification process

  • OEM-signed confirmation of test execution and results

Test Case Result

Pass – Tampered image rejected and boot process halted ☐ Fail – Device booted or did not correctly validate the image

Overall Test Result

(Summarize outcome of BIS-1.8.1 and BIS-1.8.2 — e.g., "Secure boot mechanism successfully validated signed image and rejected tampered image; requirement met.")

Previous1.8 – Verify Boot Image Signature ValidationNext1.9 – Check Cryptographic PRNG Utilization

Last updated

Was this helpful?