- Written by Scarlett Gourley
- Posted on April 20, 2021
- Updated on November 20, 2023
- 14565 Views
This feature supports to upgrade Aboot firmware via an Aboot Update File (AUF). The aim is to be able to provide a signed
- Written by Can Sun
- Posted on June 19, 2025
- Updated on August 5, 2025
- 2271 Views
Measured boot is an anti-tamper mechanism. It calculates the cryptographic signatures for software system components and extends the signatures into the Trusted Platform Module (TPM) security chip. Upon startup, with the feature turned on, the Aboot bootloader and EOS calculate the hash of various system components and extend the hashes into the Platform Configuration Registers (PCRs), which is one of the resources of the Trusted Platform Module (TPM) security chip. The calculation and extension event is called the measured boot event, which is associated with a revision number to help the user identify changes to the event.
- Written by Can Sun
- Posted on August 12, 2025
- Updated on January 20, 2026
- 1997 Views
Measured boot is a tamper-detection mechanism that records a system's boot process. It calculates cryptographic hashes of system components and configurations, which are then securely stored in the Platform Configuration Registers (PCRs) of a Trusted Platform Module (TPM) chip. This process creates a secure "hash chain" of the boot sequence. After the system starts, the TPM Quote operation, along with the PCR extension records, can be used to verify the PCR values, confirming that the system components are unchanged and the software is trusted.
- Written by Can Sun
- Posted on March 2, 2026
- Updated on March 2, 2026
- 131 Views
Measured boot is a tamper-detection mechanism that records a system's boot process. It calculates cryptographic hashes of system components and configurations, which are then securely stored in the Platform Configuration Registers (PCRs) of a Trusted Platform Module (TPM) chip.
- Written by Baptiste Covolato
- Posted on June 17, 2019
- Updated on June 27, 2025
- 13855 Views
Secure boot is a security feature available in Aboot (Arista bootloader) that verifies the cryptographic signature of the EOS SWI (software image) before it is booted. Aboot embeds certificates that allow it to recognize and validate official EOS releases from Arista. If the signature verification is successful, the secure boot check passes and Aboot proceeds to boot the SWI. If the signature verification fails, the boot is aborted.
- Written by Baptiste Covolato
- Posted on January 13, 2026
- Updated on January 13, 2026
- 625 Views
Secure boot is a security feature available in Aboot (Arista bootloader) that verifies the cryptographic signature of the EOS SWI (software image) before it is booted. Aboot embeds certificates that allow it to recognize and validate official EOS releases from Arista. If the signature verification is successful, the secure boot check passes and Aboot proceeds to boot the SWI. If the signature verification fails, the boot is aborted.