A method is provided for authenticating firmware images in an embedded system. The method may include loading and executing a trusted firmware using a pre-existing Secure Boot on a baseboard management controller (BMC). The BMC is configured as a master for an embedded system including System On Chips (SOCs) configured as slaves, out-of-band interfaces between the BMC and the SOCs, and flash storages in electrical communication with the SOCs. The method may also include pushing or uploading, by the BMC, a secure SOC firmware image to one of the SOCs using one of the out-of-band interfaces, verifying a digital signature extracted from the SOC firmware image by using a hash code calculated from the SOC firmware image and decrypted using a public key stored on the BMC and notifying a user about verification of the digital signature.