{"title":"嵌入式系统可信引导的实现","authors":"Obaid Khalid, C. Rolfes, A. Ibing","doi":"10.1109/HST.2013.6581569","DOIUrl":null,"url":null,"abstract":"This paper presents an implementation of trusted boot for embedded systems. While in PCs the trusted computing hardware functionality is spread over CPU, memory controller hub (MCH), IO controller hub (ICH) and Trusted Platform Module (TPM), for embedded systems it is desirable to integrate the whole functionality in one system on chip. Our implementation is a two-processor design with LEON3 open source soft cores (SPARC V8 instruction set), coupled over an AHB interface. One of the processors acts as application processor, the other one as `secure' coprocessor. The application processor is synthesized with a boot ROM as static root of trust for measurement. The `secure' coprocessor runs TPM frmware and enables the application processor to boot and run different software while sealing corresponding keys and other secrets to the respective software identity (computed as hash value). We evaluate the design in a Virtex5 FPGA with respect to different measures like resource consumption, code sizes and start times. The `trusted boot' functionality is realised with a boot time increase of around 25% for a Linux system.","PeriodicalId":6337,"journal":{"name":"2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST)","volume":"1970 1","pages":"75-80"},"PeriodicalIF":0.0000,"publicationDate":"2013-06-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"24","resultStr":"{\"title\":\"On implementing trusted boot for embedded systems\",\"authors\":\"Obaid Khalid, C. Rolfes, A. Ibing\",\"doi\":\"10.1109/HST.2013.6581569\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper presents an implementation of trusted boot for embedded systems. While in PCs the trusted computing hardware functionality is spread over CPU, memory controller hub (MCH), IO controller hub (ICH) and Trusted Platform Module (TPM), for embedded systems it is desirable to integrate the whole functionality in one system on chip. Our implementation is a two-processor design with LEON3 open source soft cores (SPARC V8 instruction set), coupled over an AHB interface. One of the processors acts as application processor, the other one as `secure' coprocessor. The application processor is synthesized with a boot ROM as static root of trust for measurement. The `secure' coprocessor runs TPM frmware and enables the application processor to boot and run different software while sealing corresponding keys and other secrets to the respective software identity (computed as hash value). We evaluate the design in a Virtex5 FPGA with respect to different measures like resource consumption, code sizes and start times. The `trusted boot' functionality is realised with a boot time increase of around 25% for a Linux system.\",\"PeriodicalId\":6337,\"journal\":{\"name\":\"2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST)\",\"volume\":\"1970 1\",\"pages\":\"75-80\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-06-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"24\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/HST.2013.6581569\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/HST.2013.6581569","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
This paper presents an implementation of trusted boot for embedded systems. While in PCs the trusted computing hardware functionality is spread over CPU, memory controller hub (MCH), IO controller hub (ICH) and Trusted Platform Module (TPM), for embedded systems it is desirable to integrate the whole functionality in one system on chip. Our implementation is a two-processor design with LEON3 open source soft cores (SPARC V8 instruction set), coupled over an AHB interface. One of the processors acts as application processor, the other one as `secure' coprocessor. The application processor is synthesized with a boot ROM as static root of trust for measurement. The `secure' coprocessor runs TPM frmware and enables the application processor to boot and run different software while sealing corresponding keys and other secrets to the respective software identity (computed as hash value). We evaluate the design in a Virtex5 FPGA with respect to different measures like resource consumption, code sizes and start times. The `trusted boot' functionality is realised with a boot time increase of around 25% for a Linux system.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
