One of the critical points during the lifetime of a secure system is at boot time. Many attackers attempt to break the software while the device is powered down, performing an attack that, for example, replaces the Secure world software image in flash with one that has been tampered with. If a system boots an image from flash, without first checking that is it authentic, the system is vulnerable.
One of the principles applied here is the generation of a chain of trust for all Secure world software, and potentially Normal world software, established from a root of trust that cannot easily be tampered with. This is known as a secure boot sequence. See Secure boot.