diff --git a/public/bootstat.te b/public/bootstat.te
index b09e77fa5f67c7b1db3db320a58008fbc9b0dde1..b3cca401d6a62574842921e961e04cf5b4fda76b 100644
--- a/public/bootstat.te
+++ b/public/bootstat.te
@@ -14,5 +14,19 @@ r_dir_file(bootstat, proc)
 # Collect metrics on boot time created by init
 get_prop(bootstat, boottime_prop)
 
-# Read ro.boot.bootreason
-get_prop(bootstat, bootloader_boot_reason_prop)
+# Read/Write [persist.]sys.boot.reason and ro.boot.bootreason (write if empty)
+set_prop(bootstat, bootloader_boot_reason_prop)
+set_prop(bootstat, system_boot_reason_prop)
+set_prop(bootstat, last_boot_reason_prop)
+
+# ToDo: TBI move access for the following to a system health HAL
+
+# Allow access to /sys/fs/pstore/ and syslog
+allow bootstat pstorefs:dir search;
+allow bootstat pstorefs:file r_file_perms;
+allow bootstat kernel:system syslog_read;
+
+# Allow access to reading the logs to read aspects of system health
+read_logd(bootstat)
+
+# ToDo: end