diff --git a/components/bootloader_support/src/bootloader_utility.c b/components/bootloader_support/src/bootloader_utility.c
index 129ad8e4db..ad56335253 100644
--- a/components/bootloader_support/src/bootloader_utility.c
+++ b/components/bootloader_support/src/bootloader_utility.c
@@ -78,6 +78,7 @@
 #include "bootloader_console.h"
 #include "bootloader_soc.h"
 #include "esp_efuse.h"
+#include "esp_fault.h"
 
 static const char *TAG = "boot";
 
@@ -269,9 +270,16 @@ static esp_err_t write_otadata(esp_ota_select_entry_t *otadata, uint32_t offset,
 static bool check_anti_rollback(const esp_partition_pos_t *partition)
 {
 #ifdef CONFIG_BOOTLOADER_APP_ANTI_ROLLBACK
-    esp_app_desc_t app_desc;
+    esp_app_desc_t app_desc = {};
     esp_err_t err = bootloader_common_get_partition_description(partition, &app_desc);
-    return err == ESP_OK && esp_efuse_check_secure_version(app_desc.secure_version) == true;
+    if (err != ESP_OK) {
+        ESP_LOGE(TAG, "Failed to get partition description %d", err);
+        return false;
+    }
+    bool sec_ver = esp_efuse_check_secure_version(app_desc.secure_version);
+    /* Anti FI check */
+    ESP_FAULT_ASSERT(sec_ver == esp_efuse_check_secure_version(app_desc.secure_version));
+    return sec_ver;
 #else
     return true;
 #endif
@@ -284,6 +292,8 @@ static void update_anti_rollback(const esp_partition_pos_t *partition)
     esp_err_t err = bootloader_common_get_partition_description(partition, &app_desc);
     if (err == ESP_OK) {
         esp_efuse_update_secure_version(app_desc.secure_version);
+    } else {
+        ESP_LOGE(TAG, "Failed to get partition description %d", err);
     }
 }
 
diff --git a/components/efuse/src/esp_efuse_fields.c b/components/efuse/src/esp_efuse_fields.c
index 5e27f936c2..6c1b508f9b 100644
--- a/components/efuse/src/esp_efuse_fields.c
+++ b/components/efuse/src/esp_efuse_fields.c
@@ -12,6 +12,7 @@
 #include "esp_types.h"
 #include "assert.h"
 #include "esp_err.h"
+#include "esp_fault.h"
 #include "esp_log.h"
 #include "soc/efuse_periph.h"
 #include "bootloader_random.h"
@@ -43,7 +44,16 @@ uint32_t esp_efuse_read_secure_version(void)
 bool esp_efuse_check_secure_version(uint32_t secure_version)
 {
     uint32_t sec_ver_hw = esp_efuse_read_secure_version();
-    return secure_version >= sec_ver_hw;
+    /* Additional copies for Anti FI check */
+    uint32_t sec_ver_hw_c1 = esp_efuse_read_secure_version();
+    uint32_t sec_ver_hw_c2 = esp_efuse_read_secure_version();
+    ESP_FAULT_ASSERT(sec_ver_hw == sec_ver_hw_c1);
+    ESP_FAULT_ASSERT(sec_ver_hw == sec_ver_hw_c2);
+
+    bool ret_status = (secure_version >= sec_ver_hw);
+    /* Anti FI check */
+    ESP_FAULT_ASSERT(ret_status == (secure_version >= sec_ver_hw));
+    return ret_status;
 }
 
 esp_err_t esp_efuse_update_secure_version(uint32_t secure_version)