Building on the unique capabilities of Apple® hardware, system security is designed to maximize the security of the operating systems on Apple devices without compromising usability. System security encompasses the boot process, software updates, and the ongoing operation of the operating system.
Secure boot begins in hardware and builds a chain of trust through software, where each step ensures that the next is functioning properly before handing over control. This security model supports not only the default boot of Apple devices but also the various modes for recovery and updating iOS®, iPadOS®, and macOS® devices.
The most recent versions of iOS, iPadOS, and macOS are the most secure. The software update mechanism not only provides timely updates to Apple devices— it also delivers only trusted software from Apple. The update system can even prevent downgrade attacks, so devices can’t be rolled back to an earlier version of the operating system as a method of stealing user data.
Finally, Apple devices include boot and runtime protections so that they maintain their integrity during ongoing operation. These protections vary significantly between iOS, iPadOS, and macOS devices based on the very different sets of capabilities they support and the attacks they must therefore thwart.
To accomplish this level of protection, iOS and iPadOS use Kernel Integrity Protection, System Coprocessor Integrity, Pointer Authentication Codes, and Page Protection Layer, while macOS uses Unified Extensible Firmware Interface security, System Management Mode, Direct Memory Access protections, and peripheral firmware security.
Apple, the Apple logo, iPadOS and macOS are trademarks of Apple Inc., registered in the U.S. and other countries. IOS is a trademark or registered trademark of Cisco in the U.S. and other countries and is used under license.