What is Validated Boot for z/OS?

Validated Boot for z/OS® is a solution that uses digital signatures to provide an initial program load (IPL)-time check that validates that IPL data is intact, not tampered with, and originated from a trusted source. It also enables detection of unauthorized changes to software executables.

By using Validated Boot for z/OS, you have the ability to meet regulatory compliance standards, including National Information Assurance Partnership (NIAP) certification, that are required for certain secure software deployment scenarios. Additionally, you can detect both accidental and malicious IPL data changes earlier, thus reducing the impact of outages and stopping certain kinds of attacks.

Validated Boot for z/OS is implemented with updates to several elements, including MVS™, IPCS, Program Management (Binder), and RACF®.

Validated Boot for z/OS requires an IBM® z16, with z/OS 2.5 or later for the target system.