PowerMax uses digital signatures on firmware updates for all components and subcomponents to assure that only authentic firmware is running on the platform. Secure firmware upgrade uses cryptographic authentication of digital signatures applied to the firmware bootloader and images of the running firmware before running any update process.
Enhanced firmware authentication is embedded within many third-party devices that provide signature validation using their own Root of Trust mechanisms. This prevents the possible use of a compromised third-party update tool from being used to load malicious firmware into, for example, a NIC or storage drive (and bypassing the use of signed Dell update packages). Many of the third-party PCIe and storage devices shipped with PowerMax use a hardware Root of Trust to validate their respective firmware updates.
If any firmware in any device is suspected of malicious tampering, administrators can roll back the platform firmware images to an earlier trusted version stored in PowerMax.