SABLE is a trusted bootloader which uses a TPM chip to establish mutual trust between a user and his/her platform. SABLE can be thought of as a wrapper for a GRUB2 menuentry, which can be used to attest to the integrity of that specific GRUB2 menuentry. For example, if a trusted kernel is corrupted or replaced by a malicious entity, SABLE provides a mechanism to inform the user that the boot configuration has been corrupted. This can be done for the kernel, or any arbitrary file.

SABLE is a component of a bigger picture. In particular, the Distributed Attestation for Mobile, Multicast & Multiple Operator Networks (DAM3ON) project that CTI is working on. SABLE utilizes the TPM by storing system measurements in Platform Configuration Registers (PCR), which DAM3ON can then use for remote attestation - as well as anonymous remote attestation. An example flow of starting from layer 0, to remote attestation, is shown in the diagram below


  • Capability-based, Secure, and Trusted boot.
    • SABLE is trusted because it is (partially) formally verified and formally verifiable
    • SABLE uses the Trusted Platform Module to perform a trusted boot. That is, SABLE provides a trusted root of measurement, such that a SABLE-booted environment can attest its integrity to a remote third party.
    • SABLE can further provide secure boot by means of full disk encryption.
    • In conjunction with full disk encryption, SABLE will not be capable of decrypting the disk if the system has been tampered with
  • Dynamic Root of Trust Measurment (DRTM) - Secure boot relies on having a Root of Trust by means of measuring core components of a system, into the cryptographic co-processor (TPM)
  • Remote Attestation - SABLE allows the ability to remotely attest to arbitrary properties of a system. Since this is user configurable, you no longer need separate solutions for each entity that requests it.
  • Direct Anonymous Attestation (DAA) - Want to stay anonymous, but still attest to some properties of your system? You can, to the extent possible
  • Open Source
    • Have an idea how to make it better, or want to contribute? Please do!

The Team

SABLE Was made possible by the following entities

Critical Technologies Inc

Critical Technologies Inc. (CTI) is the principal investigator and primary developer behind SABLE

Syracuse University

Syracuse University (SU) is the principal researcher and developer of formal proofs behind SABLE


Read the papers, or check SABLE out on GitHub

Tech Reports & Notes

Or you can try out a pre-built image that incorporates SABLE for QEMU which can be found here


This project was sponsored in part by the Air Force Research Labratory and the Defense Advanced Research Projects Agency


This project was supported in part by the Center for Advanced Science and Engineering (CASE)