 It all starts with a root of trust. A root of trust in an embedded system is defined by these four basic building blocks. A T, which is your trusted execution environment, cryptographic functions, tamper protection, and simple secure user interface. Taking these four basic building blocks, we can now break down the basic components that put these blocks together. We have security perimeter, defining what needs to be protected and what can be implemented in many ways. Secure CPU. The security features enabled in a root of trust is defined by the software running on that CPU. The resources will facilitate the security and performance of the security functions. Protect runtime memory. Memory needs to be protected, especially global data, stack, and heap. Usually this type of data may contain plain text keys and sensitive information. Tamper resistance. It can be physical tamper, but mostly code from the outside needs to be validated before CPU execution. Cryptographic functions. These can be software, but hardware accelerators are used for faster performance and power savings. Good, validated, and certified libraries are required. T RNG, or the true random number generation. High levels of entropy are required in order to execute cryptographic functions. Make sure the T RNG is certified. Secure counter and clock. Applications can rely on this for managing counted rights, policies, and life cycle requirements. Secure storage. Secure persistent storage is required for state knowledge. For example, anti rollback, key storage, or legal data to protect against litigations, hardware physical attack risks should use a secure element. What are some of the basic functions of a root of trust? A root of trust can provide secure monitoring, which is available during power up and runtime. A malicious instruction results in a notification from the root of trust to the host. Secure validation and authentication. Validity and authentication code is cryptographically verified and run as an atomic operation during runtime. Secure storage. Take any plain text data and protect it using encryption and authentication. Secure communication. This starts with successfully completing an authentication and key exchange, usually using an HMAC key. These keys are generated inside the root of trust. Secure key management. This keeps key material a secret inside the root of trust. Any importing of keys must be authenticated and any exporting of keys must be wrapped to ensure protection. Common key management applications have PKCS11 interface to manage the key policies, key permissions, and key handling. The world of security all starts with something you know and trust. Within a product there must be a starting point of trust, an anchored point for the cryptographic functions like authentication, digital signing, and key processing. This is the root of trust. It may be embedded in the microcontroller or an external secure element. The root of trust performs stateful trusted cryptographic processes and is the first process to start after reset. Its code is often in ROM or locked flash as integrity is important. It may even be designed using Tampa resistant logic and involve memory protection units. The root of trust becomes the anchor point in the chain of trust.