Disclosed herein are methods, computer readable media, and devices for performing software updates. In one embodiment, a method is disclosed comprising initializing a storage space of a secure storage device into a plurality of portions; copying an update program to a first portion in the portions and copying update data to a second portion of the portions; generating a first golden measurement for the first portion and a second golden measurement for the second portion; measuring the first portion; updating or rolling back an update to the secure device in response to determining that the measuring of the first portion does not match the first golden measurement of the first portion; and verifying an update operation upon determining that the measuring of the first portion matches the first golden measurement of the first portion.