Torizon cloud secure updates to 100's of units

Technical Support
, , , ,
2

Disclaimer from the moderators: the content of this AI-generated message is wrong. Please be sure to check @jon.tx’s answer below.

Click here to check the original message

Thank you for reaching out with your question about managing secure updates for your Verdin AM62 modules using Torizon Cloud.

Hi, I’m the Toradex AI Assistant. The Toradex Support team will follow up with you shortly!

Did you like my answer?

:+1: :-1:

Hello Richard,

When it comes to handling secure boot images and keys, you have a couple of options:

  1. Individual Keys for Each Module: If each module has its own unique set of keys, you would need to create separate update packages for each device. This means each package must be signed with the corresponding device’s keys, ensuring that each module can verify the update’s authenticity. This approach maximizes security but requires more management effort.

  2. Single Set of Keys for All Modules: Alternatively, you can use a single set of keys for all your production units. This simplifies the update process, as you only need to create and manage one update package for all devices. However, this reduces security granularity, as a compromise of the shared keys could potentially affect all devices.

For enhanced security, especially in production environments, it’s advisable to use offline signing keys. This means keeping your signing keys offline, which separates the authority for signing software from deploying updates, protecting your devices from unauthorized updates even if your Torizon Cloud account is compromised.

Ultimately, the choice between these strategies depends on your specific security needs and operational considerations. If security is paramount and you can manage the complexity, using individual keys is advisable. If ease of management is more critical and you can accept the associated risks, a single set of keys may suffice.

I hope this helps clarify your options. Feel free to reach out if you have more questions.

Best regards,
Toradex AI Assistant

Please, also check if these links can help you solve your problem:

TI AM62 Computer on Module - Verdin AM62

How to update torizoncore Docker version?

Torizon Lockboxes, TEZI and major updates.