diff --git a/configs/AM62AX/AM62AX_linux_toc.txt b/configs/AM62AX/AM62AX_linux_toc.txt
index 4d3f9ce8c..284ce3c48 100644
--- a/configs/AM62AX/AM62AX_linux_toc.txt
+++ b/configs/AM62AX/AM62AX_linux_toc.txt
@@ -98,6 +98,7 @@ linux/Foundational_Components/System_Security/Security_overview
 linux/Foundational_Components/System_Security/SELinux
 linux/Foundational_Components/System_Security/Auth_boot
 linux/Foundational_Components/System_Security/Memory_Firewalls
+linux/Foundational_Components_Secure_Boot
 
 linux/Foundational_Components_Kernel_Users_Guide
 linux/Foundational_Components_Kernel_LTP-DDT_Validation
diff --git a/configs/AM62PX/AM62PX_linux_toc.txt b/configs/AM62PX/AM62PX_linux_toc.txt
index eff335a52..8e4124b10 100644
--- a/configs/AM62PX/AM62PX_linux_toc.txt
+++ b/configs/AM62PX/AM62PX_linux_toc.txt
@@ -103,6 +103,7 @@ linux/Foundational_Components/System_Security/Security_overview
 linux/Foundational_Components/System_Security/SELinux
 linux/Foundational_Components/System_Security/Auth_boot
 linux/Foundational_Components/System_Security/Memory_Firewalls
+linux/Foundational_Components_Secure_Boot
 
 linux/Foundational_Components_Kernel_Users_Guide
 linux/Foundational_Components_Kernel_LTP-DDT_Validation
diff --git a/configs/AM62X/AM62X_linux_toc.txt b/configs/AM62X/AM62X_linux_toc.txt
index 96e533da1..73995e6df 100644
--- a/configs/AM62X/AM62X_linux_toc.txt
+++ b/configs/AM62X/AM62X_linux_toc.txt
@@ -100,6 +100,7 @@ linux/Foundational_Components/System_Security/Security_overview
 linux/Foundational_Components/System_Security/SELinux
 linux/Foundational_Components/System_Security/Auth_boot
 linux/Foundational_Components/System_Security/Memory_Firewalls
+linux/Foundational_Components_Secure_Boot
 
 linux/Foundational_Components_PRU_Subsystem
 linux/Foundational_Components/PRU-ICSS-Linux-Drivers
diff --git a/source/images/K3_KF.JPG b/source/images/K3_KF.JPG
deleted file mode 100644
index 3ab9593fc..000000000
Binary files a/source/images/K3_KF.JPG and /dev/null differ
diff --git a/source/images/K3_KF.png b/source/images/K3_KF.png
new file mode 100644
index 000000000..8b83325ec
Binary files /dev/null and b/source/images/K3_KF.png differ
diff --git a/source/linux/Foundational_Components/System_Security/Security_overview.rst b/source/linux/Foundational_Components/System_Security/Security_overview.rst
index 14867038f..f5c9fe4fd 100644
--- a/source/linux/Foundational_Components/System_Security/Security_overview.rst
+++ b/source/linux/Foundational_Components/System_Security/Security_overview.rst
@@ -71,8 +71,12 @@ The following table lists some of the key Security Features:
   +-------------------------+-----------------------------------------------------------+--------------------------------------+
   | Security Feature        | Description                                               | Links                                |
   +=========================+===========================================================+======================================+
-  | **Authenticated Boot**  | Verifies each boot component to ensure only authorized    | :ref:`auth_boot_guide`               |
-  |                         | code executes on the device                               |                                      |
+  | **Secure Boot**         | Verifies and decrypts each boot stage, establishing a     | :ref:`foundational-secure-boot`      |
+  |                         | hardware-backed chain of trust from ROM to Linux using    |                                      |
+  |                         | customer-programmable keys                                |                                      |
+  +-------------------------+-----------------------------------------------------------+--------------------------------------+
+  | **Authenticated Boot**  | Transparent disk encryption using the Linux kernel        | :ref:`auth_boot_guide`               |
+  |                         | device mapper (dm-crypt) for data confidentiality         |                                      |
   +-------------------------+-----------------------------------------------------------+--------------------------------------+
   | **Crypto Acceleration** | Hardware driver support for cryptographic algorithms      | :ref:`crypto-accelerator`            |
   +-------------------------+-----------------------------------------------------------+--------------------------------------+
diff --git a/source/linux/Foundational_Components_Secure_Boot.rst b/source/linux/Foundational_Components_Secure_Boot.rst
index f3433a43a..4f030eb27 100644
--- a/source/linux/Foundational_Components_Secure_Boot.rst
+++ b/source/linux/Foundational_Components_Secure_Boot.rst
@@ -1,3 +1,5 @@
+.. _foundational-secure-boot:
+
 **********************************
 Secure Boot
 **********************************
@@ -30,15 +32,14 @@ The following is an example list where Chain-of-Trust should be maintained.
 - Disable kernel debug options
 - Disable/remove userspace debug tools, devmem disable, etc..
 
-We provide methods for U-Boot's SPL loader to securely verify/decrypt the U-Boot proper, and this U-Boot proper to securely verify/decrypt the
-Kernel/DTB/initfamfs. This is accomplished by calling into TIFS via TI-SCI (Texas Instruments System controller Interface). This allows us to use
-the same signing/encrypting tools used to authenticate the first-stage image. For more infomation using TI_SCI methods refer to the
-`TISCI User Guide <https://software-dl.ti.com/tisci/esd/22_01_02/index.html>`__.
+We offer methods for U-Boot's SPL loader to securely verify the U-Boot proper. U-Boot calls TIFS through TI-SCI (Texas Instruments System Controller Interface)
+to accomplish this. For more information about using TI_SCI methods see the
+`TISCI User Guide <https://software-dl.ti.com/tisci/esd/22_01_02/index.html>`__. U-Boot proper then securely verifies and decrypts the kernel, DTB and initramfs.
 
-.. Image:: /images/K3_KF.JPG
+.. Image:: /images/K3_KF.png
         :scale: 70%
 
-Secure boot is like an onion, it has layers. Some layers are trusted more than others. Secure ROM has the highest trust and REE (Run-time Execution
+Secure boot has layers. Some layers are trusted more than others. Secure ROM has the highest trust and REE (Runtime Execution
 Environment) non-trustzone user-space applications have the least. If any higher trust code is to be loaded by a lower trust entity, it must be verified
 by an even higher trust entity and not allowed to be accessed by the lower trust entity after that point. Some such trust inversions are listed below:
 
@@ -70,14 +71,20 @@ The exact location is device dependent. More details can be found in the device
     * DMSC firmware: `Texas Instruments Foundational Security (TIFS)` + Device/Power Manager: After authentication/decryption, DMSC firmware replaces the Secure ROM as the authenticator entity executing on the DMSC core.
     * R5 SPL: The R5 SPL bootloader is executed on the R5 core.
 
-.. ifconfig:: CONFIG_part_variant in ('AM62x')
+.. ifconfig:: CONFIG_part_variant not in ('AM64X')
 
-    - `AM62x TRM <https://www.ti.com/lit/pdf/spruiv7>`_
+   .. ifconfig:: CONFIG_part_variant in ('AM62X')
 
-    The contents of this first stage image are authenticated and decrypted by the Secure ROM. Contents include:
+       - `AM62x TRM <https://www.ti.com/lit/pdf/spruiv7>`_
+
+   .. ifconfig:: CONFIG_part_variant in ('AM62PX')
+
+      - `AM62P TRM <https://www.ti.com/lit/pdf/spruj83>`_
+
+   The contents of this first stage image are authenticated and decrypted by the Secure ROM. Contents include:
 
-    * `Texas Instruments Foundational Security (TIFS)` firmware: After authentication/decryption, TIFS firmware replaces the Secure ROM as the authenticator entity executing on the TIFS core.
-    * R5 SPL`: The R5 SPL bootloader is executed on the R5 core.
+   * `Texas Instruments Foundational Security (TIFS)` firmware: After authentication/decryption, TIFS firmware replaces the Secure ROM as the authenticator entity executing on the TIFS core.
+   * R5 SPL`: The R5 SPL bootloader is executed on the R5 core.
 
 .. rubric:: R5 SPL
 
@@ -196,9 +203,9 @@ HS Boot Flow Tools
 
 U-boot:
 
-    The ti-u-boot source is a project used to create tiboot3.bin, tispl.bin, and u-boot.img. To create  tiboot3.bin for AM64x family devices, u-boot builds R5 SPL and
+    The ti-u-boot source is a project used to create tiboot3.bin, tispl.bin, and u-boot.img. To create  tiboot3.bin for K3 family devices, u-boot builds R5 SPL and
     binman packages it in a `tiboot3.bin` image. To build A53 SPL, binman takes ATF (bl31.bin), OPTEE (bl32.bin), A53 SPL, and A53 DTBs and packages
-    them in a `tispl.bin` image. The openssl library can then then be used to sign each component as specified in k3-am64x-binman.dtsi.
+    them in a `tispl.bin` image. U-Boot can then use the openssl library to sign each component as specified in k3-<soc>-binman.dtsi.
 
     .. code-block:: console
 
@@ -247,7 +254,7 @@ OPTEE:
 Ti-linux-firmware:
 
     The ti-linux-firmware is a TI repository where all firmware releases are stored. Firmwares for a device family can also be found in the pre-built SDK
-    under <path-to-tisdk>/board-support/prebuilt-images/am64xx-evm. Binman expects to find the device firmware with the following appended to u-boot build command:
+    under <path-to-tisdk>/board-support/prebuilt-images/<evm>. Binman expects to find the device firmware with the following appended to u-boot build command:
     BINMAN_INDIRS=<path-to-tisdk>/board-support/prebuilt-images, and expects to find a ti-sysfw directory in this path.
 
     .. code-block:: console