In short - write the manufacturer public key in ROM and a fuse selects if signature check is enforce.