Explore the intricacies of secure bootloaders and software update support in the Civil Infrastructure Platform (CIP) through this informative conference talk. Delve into the collaborative efforts of CIP's Security, Core, and Kernel workgroups to implement secure bootloaders and software updates. Gain insights into CIP's progress in meeting IEC-62443 security requirements, including the identification of necessary Debian packages and the creation of an IEC security layer. Learn about the importance of secure boot, its key components, and the dual copy mechanism for software updates. Discover the challenges and benefits of open-source solutions in industrial software development, and understand the threat model considerations for CIP implementations. Acquire valuable knowledge about CIP's overall Open Source Base Layer (OSBL) and its potential applications in long-lifespan industrial software.