Explore how the Trusted Platform Module (TPM) NVRAM is utilized to protect secure boot keys in POWER9 OpenPOWER systems in this 41-minute conference talk. Delve into the importance of securing authorized keys in non-volatile memory for platform OS verification. Learn about the design and implementation aspects of using TPM's shielded NVRAM to safeguard secure boot keys stored in PNOR. Discover the OpenPOWER firmware and Linux Kernel layers involved in this process. Gain insights into the POWER9 boot flow, firmware secure boot, and OS secure boot architecture. Understand TPM2 NV authorization, atomic secure boot variable updates, and various TPM2 NV commands. Presented by Claudio Siqueira de Carvalho, an experienced Linux security expert and OpenPOWER firmware developer from IBM's Linux Technology Center.