Measured Boot is a startup security process that records measurements of boot components so the system can later prove what loaded during startup. It matters because it is useful not only to block bad startup code but also to prove what actually happened during the boot process.
What is Measured Boot?
Measured Boot creates integrity records of firmware, bootloaders, and other startup components, often using a hardware root of trust such as a TPM. Those measurements can then support attestation and stronger device-trust decisions later.
What Measured Boot Commonly Supports
Common uses include attestation, endpoint trust decisions, startup integrity evidence, and higher-confidence device health validation.
Measured Boot vs. Secure Boot
Measured Boot records what loaded for later proof. Secure Boot focuses on preventing untrusted startup code from loading in the first place.
Frequently Asked Questions
Why is Measured Boot helpful?
Because it gives security systems evidence about the startup state instead of relying only on assumptions.
Can a device use both measured boot and secure boot?
Yes. They often complement each other in modern platform trust designs.
