Measured boot allows to verify the integrity of the installed firmware (which itself verifies the integrity of the Linux boot partition) by a separate Nitrokey. The idea is that you have your Nitrokey nearby and therefore safe against compromise, other than the laptop which may be left unattended.