Secure Boot vs. Measured Boot
flowchart TB
subgraph SB ["Secure Boot — ENFORCE"]
direction TB
SB0["Power On / CPU Reset Vector"]:::hw
SB1["Boot ROM
silicon root of trust"]:::hw SB2["Verify UEFI signature"]:::verify SBh1{{"FAIL → HALT"}}:::halt SB3["Verify bootloader signature"]:::verify SBh2{{"FAIL → HALT"}}:::halt SB4["Verify kernel signature"]:::verify SBh3{{"FAIL → HALT"}}:::halt SB5["Kernel runs"]:::run SB0 --> SB1 --> SB2 SB2 -- bad sig --> SBh1 SB2 -- ok --> SB3 SB3 -- bad sig --> SBh2 SB3 -- ok --> SB4 SB4 -- bad sig --> SBh3 SB4 -- ok --> SB5 end subgraph MB ["Measured Boot — RECORD"] direction TB MB0["Power On / CPU Reset Vector"]:::hw MB1["Boot ROM hashes UEFI
extend PCR 0"]:::measure MB2["UEFI hashes bootloader
extend PCR 4"]:::measure MB3["Bootloader hashes kernel
extend PCR 8 and 9"]:::measure MB4["Kernel runs
unconditionally"]:::run MB5["TPM holds PCR values
remote attester can read"]:::tpm MB0 --> MB1 --> MB2 --> MB3 --> MB4 --> MB5 end classDef hw fill:#455a64,stroke:#263238,stroke-width:2px,color:#ffffff,font-size:13px classDef verify fill:#1565c0,stroke:#0d47a1,stroke-width:2px,color:#ffffff,font-size:13px classDef measure fill:#1565c0,stroke:#0d47a1,stroke-width:2px,color:#ffffff,font-size:13px classDef run fill:#2e7d32,stroke:#1b5e20,stroke-width:2px,color:#ffffff,font-size:13px classDef tpm fill:#fff3d6,stroke:#ffa000,stroke-width:2px,color:#5a3d00,font-size:13px classDef halt fill:#ffebee,stroke:#c62828,stroke-width:2px,color:#b71c1c,font-size:12px
silicon root of trust"]:::hw SB2["Verify UEFI signature"]:::verify SBh1{{"FAIL → HALT"}}:::halt SB3["Verify bootloader signature"]:::verify SBh2{{"FAIL → HALT"}}:::halt SB4["Verify kernel signature"]:::verify SBh3{{"FAIL → HALT"}}:::halt SB5["Kernel runs"]:::run SB0 --> SB1 --> SB2 SB2 -- bad sig --> SBh1 SB2 -- ok --> SB3 SB3 -- bad sig --> SBh2 SB3 -- ok --> SB4 SB4 -- bad sig --> SBh3 SB4 -- ok --> SB5 end subgraph MB ["Measured Boot — RECORD"] direction TB MB0["Power On / CPU Reset Vector"]:::hw MB1["Boot ROM hashes UEFI
extend PCR 0"]:::measure MB2["UEFI hashes bootloader
extend PCR 4"]:::measure MB3["Bootloader hashes kernel
extend PCR 8 and 9"]:::measure MB4["Kernel runs
unconditionally"]:::run MB5["TPM holds PCR values
remote attester can read"]:::tpm MB0 --> MB1 --> MB2 --> MB3 --> MB4 --> MB5 end classDef hw fill:#455a64,stroke:#263238,stroke-width:2px,color:#ffffff,font-size:13px classDef verify fill:#1565c0,stroke:#0d47a1,stroke-width:2px,color:#ffffff,font-size:13px classDef measure fill:#1565c0,stroke:#0d47a1,stroke-width:2px,color:#ffffff,font-size:13px classDef run fill:#2e7d32,stroke:#1b5e20,stroke-width:2px,color:#ffffff,font-size:13px classDef tpm fill:#fff3d6,stroke:#ffa000,stroke-width:2px,color:#5a3d00,font-size:13px classDef halt fill:#ffebee,stroke:#c62828,stroke-width:2px,color:#b71c1c,font-size:12px
Legend
Hardware / firmware boundary
Verify (Secure) / hash & extend (Measured)
Code allowed to run
Halt on signature failure
TPM PCR state
PCRs are extend-only
A measurement never overwrites a register: PCR = hash(PCR ‖ new).
Each stage extends the value, so one tampered component permanently
changes the final PCRs. Nothing rewinds a PCR except a reboot.
Real systems use BOTH
Secure Boot prevents bad boots; Measured Boot proves what booted.
Enforcement stops an unsigned bootloader; attestation lets a remote verifier
decide whether to trust the machine.
Stage Details
Hover or tap a stage to see what it does.