SecureBoot feature has a custom signed signature feature. It for locking down only the custom image can be booted on the system. I don't know if that would work in reverse, per your case.
If you could put something in the firmware that can be checked before installing the .FFU / .WIM that might be a solution.
Philosophically, if the OS image is locked down such as it boots to an application and not explore desktop, then there is no reason for someone to steal the image.