基于可信密码模块的SoC可信启动框架模型

为满足嵌入式终端对信息安全的要求，设计了基于可信密码模块的SoC可信启动框架。该框架的特点在于对引导程序U-boot做功能上的分割，且存储在不同的非易失性存储器中，并增设了通信模块，使之在操作系统启动之前就具有发送和接收文件的功能。将引导程序的各部分与操作系统核心文件均作为可信实体，发送至可信密码模块进行完整性度量，若度量成功则可信密码模块返回下一阶段的启动信号并在其本地存储器中保存可信实体；若度量失败则禁止启动。实验结果表明，该框架是可行、有效的,可以满足现今嵌入式终端在信息安全方面的需要。

An SoC trusted startup framework based on trusted cryptographic module

We design an SoC trusted startup framework based on trusted cryptographic module to satisfy the requirement for information security on embedded terminals. This framework can partition the boot program U boot functionally and store them in different non volatile memories. In addition, we add communication modules to enable the U boot to transmit and receive files before OS stratup. Trusted entities including the parts of the U boot and OS core files are transmitted to the trusted cryptographic module to measure integrity. If they pass the integrity measurement, then a signal for starting the next phase is sent back by the trusted cryptographic module and the trusted entities are stored in local memory on the trusted cryptographic module. Otherwise initialization signals are not sent. Experimental results show that the proposed framework is feasible and effective, and it can satisfy the requirement for information security on embedded terminals.