• 中国计算机学会会刊
  • 中国科技核心期刊
  • 中文核心期刊

Computer Engineering & Science

Previous Articles     Next Articles

An SoC trusted startup framework based
on trusted cryptographic module

WANG Xiji,ZHANG Gongxuan,GUO Ziheng   

  1. (School of Computer Science and Technology,Nanjing University of Science and Technology,Nanjing 210094,China)
  • Received:2018-10-13 Revised:2018-12-11 Online:2019-04-25 Published:2019-04-25

Abstract:

We design an SoC trusted startup framework based on trusted cryptographic module to satisfy the requirement for information security on embedded terminals. This framework can partition the boot program Uboot functionally and store them in different nonvolatile memories. In addition, we add communication modules to enable the Uboot to transmit and receive files before OS stratup. Trusted entities including the parts of the Uboot and OS core files are transmitted to the trusted cryptographic module to measure integrity. If they pass the integrity measurement, then a signal for starting the next phase is sent back by the trusted cryptographic module and the trusted entities are stored in local memory on the trusted cryptographic module. Otherwise initialization signals are not sent. Experimental results show that the proposed framework is feasible and effective, and it can satisfy the requirement for information security on embedded terminals.

 

 

Key words: embedded terminal, system-level chip, trusted cryptographic module, non-volatile memory