Bootware manages the complexity of binding together operating system, boot chain and bare metal—into a robust and maintainable compute platform.
Bootware binds software and hardware together into a robust, cryptographically linked compute platform—from secure boot to kernel to application and containerized work loads.
Bootware binds and anchors the chain of trust to bare metal security and supervisory functions within a device.
When used with Zymbit hardware, Bootware supports a layered trust model, with autonomous validation of physical device integrity, tamper sensors for environmental and power attacks.
Bootware manages the device from the moment it is powered on.
Starting very early in the boot process ensures that the system has successfully booted into user mode. Bootware is able to manage and recover the system without relying on a functional bootable Linux image.
Bootware supports Ubuntu and Raspberry Pi OS as standard. Contact Zymbit for support of other Linux distributions.
Zymbit A/B update schema is built upon Zymbit’s hardened boot chain, which ensures consistent integrity and reliability. Other A/B update schema rely on user mode functionality which can be compromised.
A/B image management works seamless with encrypted file systems, signed images and updates.
Fallback and recovery options.
Robust update schema backed by secure silicon.
Protects your data, IP and credentials from unauthorized access.
Minimize operational downtime when A/B updates inevitably fail.
Loss of network access, loss of power and incorrect signatures, are a few common failure modes. When updates fail it is essential that a device has the possibility to recover to some trusted operational state, and preferably without human intervention, remote or local.
Bootware supports three levels of trusted recovery.
Ensures that all update images come from a known and verified source, and have not been tampered with.
Reduces the risk of exposing cryptographic keys through physical access and sideband attacks.
Reduce the risk of compromised boot chains and bricked devices.
Develop and deploy using popular Ubuntu and Raspberry Pi OS tools.
Bootware services are available on a wide range of Zymbit professional components.
BOOTWARE 1 |
BASE BOARDS | SECURITY MODULES | SECURE COMPUTE MODULES | SECURE EDGE NODES |
---|---|---|---|---|
![]() |
![]() |
![]() |
![]() |
![]() |
BOOTWARE 1 - CORE SERVICES |
BASE BOARDS | SECURITY MODULES | SECURE COMPUTE MODULES | SECURE EDGE NODES |
Platform Resilience Level 1 =Secure silicon & cryptographic engine. 2+Safe recovery to trusted state. 3+Supervised filesystem and boot chain. 4+Baremetal recovery. |
||||
A/B updates | ||||
Security Contex Management | Host CPU | Zymbit HXM | Zymbit HXM | |
Encrypted filesystem | ||||
Encrypted kernel | ||||
A/B cryptographic isolation | ||||
Key storage in secure silicon | ||||
Supervised boot with multiple artifacts and policies | ||||
Automatic recovery from OS failure | ||||
Support for Ubuntu and Raspberry Pi OS, standard kernels | ||||
Support for Ubuntu and Raspberry Pi OS, custom kernels | ||||
BOOTWARE 2.0 - PREMIUM SERVICES |
BASE BOARDS | SECURITY MODULES | SECURE COMPUTE MODULES | SECURE EDGE NODES |
Baremetal recovery | ||||
Zero trust provisioning, updates, recovery | ||||
Managed power system integration | ||||
BOOTWARE 2.0 - ADD ONS |
BASE BOARDS | SECURITY MODULES | SECURE COMPUTE MODULES | SECURE EDGE NODES |
Local certificate authority on device | ||||
Integration with third party security and management tools | ||||
READY TO GET STARTED? |
BASE BOARDS | SECURITY MODULES | SECURE COMPUTE MODULES | SECURE EDGE NODES |
Learn more > | Learn more > | Learn more > | Learn more> | |
BUY NOW | BUY NOW | BUY NOW | BUY NOW | |
= available feature, dependent upon installed security module and compute module = standard feature = available feature, OEM support package required |
Bootware Core
Support
Bootware Core
Bootware Premium
Support
Bootware Core
Bootware Premium
Support
Bootware Core
Bootware Premium
Support