Abstract: NAND Flash memory is widely used as storage device in embedded systems, because of its advantages on capacity, cost and speed. However, due to the inherent device characteristics of NAND Flash, complex driver is required to read and write it, and the code stored on it cannot be ex- ecuted directly. Therefore, NAND Flash is not suitable for boot code storage. Generally, boot code is stored on NOR Flash and executed on it directly. The boot code on NOR Flash will boot the operating system stored in NAND Flash, which increases the system cost and power consumption. This paper designs and implements a CPU secure boot method based on NAND Flash. The structure of block mapping table is added in NAND Flash controller, and the code stored in the first block of NAND Flash is used to search and fill in the block mapping table. Using this method, part of NAND Flash storage blocks can be directly mapped to memory space, so that the boot code stored on NAND Flash can be executed directly without drivers. Besides, an extended BootRom scheme is proposed. Combining with the structure of NAND Flash address mapping, part of on-chip BootRom is extended to the first block of NAND Flash. Hash comparison is used to verify the extended BootROM, which effectively reduces the design complexity and code amount of on-chip BootRom. Our method can effectively implement the secure boot of single NAND Flash system, thus reducing the system cost and improving the system security.

Key words: secure boot, NAND Flash, microprocessor, embedded system, root of trust