# Secure boot

Source: [https://docs.qualcomm.com/doc/80-Y8730-8/topic/secure_boot.html](https://docs.qualcomm.com/doc/80-Y8730-8/topic/secure_boot.html)

Secure boot refers to the bootup sequence that establishes a trusted platform for running authenticated applications. It starts as an immutable sequence that validates the origin of the code using cryptographic authentication so that only authorized software executes. The bootup sequence places the device in a known security state and detects binary manipulation of software and reflashing attacks.

	
A secure boot system adds cryptographic checks to each stage of the bootup process. This process verifies the authenticity of all secure software images before the device executes. This		additional check prevents any unauthorized or maliciously modified software from running on the device. Secure boot is enabled through a set of hardware fuses. For the code to be executed,		it must be signed by the trusted entity identified in the hardware fuses.

	
The bootup of a device comprises a multi‑stage process. Each image in the stage performs a specific function, and each image is verified by the previous image. For example, primary boot loader (PBL) → secondary boot loader (SBL) → APP image. For details, see the secure boot flowchart in [Image authentication at secure boot](https://docs.qualcomm.com/doc/80-Y8730-8/topic/secure_boot_key_features_on_qcc730.html#image_authentication_at_secure_boot).

	
The root of trust (the most trusted entity that kicks off this process) is the PBL, which is the ROM code and therefore already trusted. Before the next image in the bootup sequence is executed, that image is first authenticated to ensure that it contains authorized software. For example, control passes to the SBL only after the PBL successfully authenticates it. Since the SBL is now trusted, it can be trusted to authenticate the next image. The images further establish the security of the device through their functionality.

- **[Secure boot key features on QCC730](https://docs.qualcomm.com/doc/80-Y8730-8/topic/secure_boot_key_features_on_qcc730.html)**
- **[Anti‑rollback](https://docs.qualcomm.com/doc/80-Y8730-8/topic/anti_rollback.html)**
- **[Generate secure images](https://docs.qualcomm.com/doc/80-Y8730-8/topic/generate_secure_images.html)**
- **[Build and flash signed image](https://docs.qualcomm.com/doc/80-Y8730-8/topic/build_and_flash_signed_image.html)**

Last Published: Feb 10, 2026

[Previous Topic
About this document](https://docs.qualcomm.com/bundle/publicresource/80-Y8730-8/topics/about_this_document.md) [Next Topic
Secure boot key features on QCC730](https://docs.qualcomm.com/bundle/publicresource/80-Y8730-8/topics/secure_boot_key_features_on_qcc730.md)