Secure Updates for a Memory Constrained XIP System

Vitaly Wool, Konsulko Group, ELC San Diego August 2019

XIP stands for eXecute In Place – a technology that allows code to be executed directly from flash without copying the code to RAM first. Today, interest in XIP Linux has been revitalized due to the possibility of running Linux on memory-constrained IoT devices and the capabilities of some SoCs to execute Linux in place from QSPI flash. The memory footprint can be optimized very tightly and this opens up to a really low-power IoT Linux appliances. However, there is a big obstacle for the XIP approach to spread widely: no standard secure update process for such systems will work due to the nature of XIP – flash should always be ready to execute from, so how can it be updated? This talk answers this and provides some real world examples.