A boot process that cryptographically verifies firmware/software integrity before executing it, anchored in a hardware Root of Trust. Foundational control for tamper resistance.