CN108664280A - A kind of embedded system start method and device - Google Patents
A kind of embedded system start method and device Download PDFInfo
- Publication number
- CN108664280A CN108664280A CN201710208114.9A CN201710208114A CN108664280A CN 108664280 A CN108664280 A CN 108664280A CN 201710208114 A CN201710208114 A CN 201710208114A CN 108664280 A CN108664280 A CN 108664280A
- Authority
- CN
- China
- Prior art keywords
- information
- digital certificate
- boot section
- embedded system
- program
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/445—Program loading or initiating
- G06F9/44505—Configuring for program initiating, e.g. using registry, configuration files
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/445—Program loading or initiating
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of embedded system start methods, including:Safe boot section and non-security boot section are set on embedded system chip, and the safe boot section and non-security boot section respectively correspond to different Bootstrap Commissioning Programs;After the completion of bootstrap loader operation, preset configuration information is read, the configuration information includes at least system Starting mode;The corresponding Bootstrap Commissioning Program of the system Starting mode is executed according to the system Starting mode, corresponding boot section is booted up and starts embedded system.The present invention further simultaneously discloses a kind of embedded system starter.
Description
Technical field
The present invention relates to embedded system technology field more particularly to a kind of embedded system start methods and device.
Background technology
With the continuous development of science and technology, embedded device is widely used in daily life.Wherein, embedding
Embedded system (Embedded System) is the core component of embedded device;So-called embedded system is a kind of complete
Inside embedded controlled device, the dedicated computer system of custom design for specific application, embedded system can be used for controlling, supervise
Depending on or assist various equipment, machine or for the equipment of plant operation.Embedded system and general meter as personal computer
Calculation machine system is different, and what embedded system usually executed is the pre-defined task with particular requirement.Due to embedded system
System just for a special task, relevant design personnel can optimize embedded system, reduce size, reduce at
This.Embedded system would generally carry out mass production, so single cost savings, it may be possible to be carried out with the promotion of yield
Amplification at double.
Currently, the bootstrap of embedded system is only supported to start the embedded system of one mode, such as:It is booted up peace
The embedded system of syntype, or it is booted up the embedded system of non-security mode.If necessary from startup one mode
Embedded system switches to the embedded system for starting another pattern, it is necessary to which related personnel rewrites startup code and lays equal stress on
It is new to throw piece production, the code that starts rewritten is written in the related chip of embedded system, thus, it is apparent that can greatly increase
It the R&D cycle of embedded system, takes considerable time and manpower and materials.
Invention content
In view of this, an embodiment of the present invention is intended to provide a kind of embedded system start method and device, it can be by guiding journey
Sequence starts the embedded system of different mode, more flexible to be easily booted up embedded system.
In order to achieve the above objectives, an embodiment of the present invention provides a kind of embedded system start method, the method includes:
Safe boot section and non-security boot section be set on embedded system chip, the safe boot section and non-security
Boot section respectively corresponds to different Bootstrap Commissioning Programs;The method further includes:
After the completion of bootstrap loader operation, preset configuration information is read, the configuration information is opened including at least system
Flowing mode;
The corresponding Bootstrap Commissioning Program of the system Starting mode is executed according to the system Starting mode, is booted up pair
The boot section answered starts embedded system.
In the above method, the configuration information is set in One Time Programmable OTP modules.
It is described to be booted up according to the system Starting mode execution system Starting mode is corresponding in the above method
Program is booted up before corresponding boot section startup embedded system, and the method further includes:
The first information and the second information are obtained, the first information includes the first digital certificate and the second verification number card
Book;Second information includes the second digital certificate and operating system program.
In the above method, the configuration information further includes the first verification digital certificate;
Described to execute the corresponding Bootstrap Commissioning Program of the system Starting mode according to the system Starting mode, guiding is opened
Dynamic corresponding boot section starts embedded system, including:
When the corresponding Bootstrap Commissioning Program of the system Starting mode is the Bootstrap Commissioning Program corresponding to safe boot section
When, the Bootstrap Commissioning Program be subject to it is described first verification digital certificate, to the first digital certificate in the first information
Carry out first time verification;
After the first time is verified, the second verification digital certificate being subject in the first information, in the second information
The second digital certificate carry out second and verify;
It is described be verified for the second time after, judge whether the operating system program in second information is encrypted, determine behaviour
When making system program and being encrypted and further include decruption key in the configuration information, using the decruption key to the operation
System program is decrypted;
After the operating system program successful decryption, start safe boot section.
In the above method, the first time verification includes:The first verification digital certificate being subject in the configuration information,
Whether identical as the first verification digital certificate verify the first digital certificate in the first information, when identical, described the
One-time authentication passes through;
Second verification includes:The second verification digital certificate being subject in the first information, verification second letter
Whether the second digital certificate in breath is identical as the second verification digital certificate, described to be verified for the second time when identical.
It is described to be booted up according to the system Starting mode execution system Starting mode is corresponding in the above method
Program is booted up corresponding boot section and starts embedded system, including:
When the corresponding Bootstrap Commissioning Program of the system Starting mode is the bootstrap corresponding to non-security boot section,
The bootstrap directly initiates non-security boot section.
The embodiment of the present invention additionally provides a kind of embedded system starter, and described device includes:Setup module, reading
Module, guiding module;Wherein,
Setup module, for safe boot section and non-security boot section, the safety to be arranged on embedded system chip
Boot section and non-security boot section respectively correspond to different Bootstrap Commissioning Programs;
Read module, for after the completion of bootstrap loader is run, reading preset configuration information, the configuration information
Including at least system Starting mode;
It is booted up module, is opened for executing the corresponding guiding of the system Starting mode according to the system Starting mode
Dynamic program is booted up corresponding boot section and starts embedded system.
In above-mentioned apparatus, described device further includes:OTP modules, for storing the configuration information.
In above-mentioned apparatus, the read module is additionally operable to:It obtains the first information and the second information, the first information includes
First digital certificate and the second verification digital certificate;Second information includes the second digital certificate and operating system program.
In above-mentioned apparatus, the configuration information that the read module is read further includes the first verification digital certificate;
The module that is booted up is specifically used for:
When the corresponding Bootstrap Commissioning Program of the system Starting mode is the Bootstrap Commissioning Program corresponding to safe boot section
When, the Bootstrap Commissioning Program be subject to it is described first verification digital certificate, to the first digital certificate in the first information
Carry out first time verification;
After the first time is verified, the second verification digital certificate being subject in the first information, in the second information
The second digital certificate carry out second and verify;
It is described be verified for the second time after, judge whether the operating system program in second information is encrypted, determine behaviour
When making system program and being encrypted and further include decruption key in the configuration information, using the decruption key to the operation
System program is decrypted;
After the operating system program successful decryption, start safe boot section.
In above-mentioned apparatus, it is described be booted up module also particularly useful for:In first time is verified, in the configuration information
The first verification digital certificate subject to, verify the first digital certificate in the first information whether with the first verification number
Certificate is identical, and when identical, the first time is verified;
In second is verified, the second verification digital certificate being subject in the first information is verified in second information
The second digital certificate whether with it is described second verification digital certificate it is identical, it is described to be verified for the second time when identical.
In above-mentioned apparatus, the module that is booted up is specifically used for:It is booted up when the system Starting mode is corresponding
When program is the bootstrap corresponding to non-security boot section, the bootstrap directly initiates non-security boot section.
Safety is arranged in embedded system start method and device provided in an embodiment of the present invention on embedded system chip
Boot section and non-security boot section, the safe boot section and non-security boot section respectively correspond to different Bootstrap Commissioning Programs;
After the completion of bootstrap loader operation, preset configuration information is read, the configuration information includes at least system Starting mode;Root
The corresponding Bootstrap Commissioning Program of the system Starting mode is executed according to the system Starting mode, is booted up corresponding boot section
Start embedded system.Start embedded system in this way, safe boot section can be booted up by Bootstrap Commissioning Program or draw
It leads and starts non-security boot section startup embedded system so that embedded system is more widely applied, more flexible easily to draw
Lead startup embedded system;Also, it is produced, can be greatly shortened embedding due to that need not rewrite to start code and throw piece again
The R&D cycle of embedded system avoids the consuming of time and manpower and materials.
Description of the drawings
Fig. 1 is the flow diagram of embedded system start method of the embodiment of the present invention;
Fig. 2 is the flow diagram that the embodiment of the present invention determines embedded system Starting mode;
Fig. 3 is the main-process stream schematic diagram of embedded system start method of the embodiment of the present invention;
Fig. 4 is the flow diagram that the embodiment of the present invention determines embedded system security state;
Fig. 5 is that the embodiment of the present invention starts embedded safety system flow diagram;
Fig. 6 is that the embodiment of the present invention starts embedded safety system detailed maps;
Fig. 7 is that the embodiment of the present invention starts embedded non-security system schematic diagram;
Fig. 8 is the composed structure schematic diagram of embedded system starter of the embodiment of the present invention.
Specific implementation mode
Below in conjunction with the accompanying drawings and specific embodiment is described in further detail the present invention again.
Fig. 1 is the flow diagram of embedded system start method of the embodiment of the present invention, as shown in Figure 1, the present invention is implemented
Example embedded system start method include:
Step 101:Safe boot section and non-security boot section, the safe boot section are set on embedded system chip
Different Bootstrap Commissioning Programs is respectively corresponded to non-security boot section;
Step 102:After the completion of bootstrap loader operation, preset configuration information is read, the configuration information at least wraps
Include system Starting mode;
Wherein, the configuration information, the configuration information are set to One Time Programmable (OTP, One Time
Programmable) in module.
Step 103:The corresponding Bootstrap Commissioning Program of the system Starting mode is executed according to the system Starting mode, is drawn
It leads and starts corresponding boot section startup embedded system.
Before above-mentioned steps 103, the startup method of embedded system of the embodiment of the present invention further includes:Obtain the first information and
Second information, the first information include the first digital certificate and the second verification digital certificate;Second information includes second
Digital certificate and operating system program;
Wherein, when the corresponding Bootstrap Commissioning Program of the system Starting mode is being booted up corresponding to safe boot section
When program and the configuration information also include the first verification digital certificate, the Bootstrap Commissioning Program verifies number with described first
Subject to word certificate, first time verification is carried out to the first digital certificate in the first information;
After the first time is verified, the second verification digital certificate being subject in the first information, in the second information
The second digital certificate carry out second and verify;
It is described be verified for the second time after, judge whether the operating system program in second information is encrypted, determine behaviour
Make system program be encrypted and configuration information in also include decruption key when, using the decruption key to the operating system
Program is decrypted;
After the operating system program successful decryption, start safe boot section.
When the system Starting mode is the bootstrap corresponding to non-security boot section, the bootstrap directly opens
Move non-security boot section.
Explanation is described in detail to the embedded startup method of the present invention with specific embodiment below:
Fig. 2 is that the embodiment of the present invention determines the flow diagram of embedded system Starting mode, institute in the embodiment of the present invention
It is pre-set security status field to state configuration information, as shown in Fig. 2, the embodiment of the present invention determines embedded system startup side
Formula includes:
Step 201:Pre-set security status field in OTP in reading embedded system;
In practical applications, pre-set security status field can be according to embedded system practical application field in OTP
Scape is set, and can not be changed again after the security status field typing OTP;
Step 202:Determine embedded system Starting mode;
Step 203:If it is determined that being clean boot mode, then verification signature reconciliation is carried out to embedded system image file
It is close;
Further include before the step 203:According to the empty piece mark in the embedded system chip, determine embedded
Whether System on Chip/SoC is sky piece, if it is empty piece, then stops starting embedded system;
If not empty piece, then the mk_en fields in the OTP are read, is judged whether according to the mk_en fields
MKID information, if the mk_en is 1, it is determined that there are MKID information, judge the MKID information and the embedded system of the first order
Whether the MKID information in system mirror image is consistent, if the MKID is inconsistent, stops starting embedded system;Wherein, described
Mk_en fields indicate embedded chip identity identification information whether is stored in OTP, and the MKID knows for embedded chip identity
Other information;
If the MKID is consistent, further judge that whether first in OTP verify digital certificate BL_KEY0 with first
Whether the RSA key in grade embedded system mirror image in digital certificate is consistent, if BL_KEY0 is inconsistent with RSA key, stops
Only start embedded system;
If BL_KEY is consistent with RSA key, verification signature is carried out to first order embedded system mirror image, if verification
It signs unsuccessful, then stops starting embedded system;
If verification is signed successfully, digital certificate in the second verification digital certificate BL_KEY1 and the second class mirror-image is judged
In RSA key it is whether consistent, if BL_KEY1 and the RSA key in digital certificate in the second class mirror-image are inconsistent, stop
Start embedded system;
If BL_KEY1 is consistent with the RSA key in digital certificate in the second class mirror-image, the second class mirror-image is solved
It is close, if unsuccessful to the decryption of the second class mirror-image, stop starting embedded system;
If to the second class mirror-image successful decryption, it is booted up safe boot section and starts embedded system;
Step 204:Start embedded system, terminates this process flow later;
Wherein, operation starts safety embedded system by the embedded system mirror image after verifying signature and decryption.
Step 205:If it is determined that being non-security Starting mode, then embedded system is started with non-security mode;
Wherein, if it is determined that embedded system Starting mode is non-security mode, shows that embedded system mirror image does not need
Carrying out verification signature and decryption can run, and according to the empty piece mark in flash storage, determine that embedded system device is
No is empty piece, and if it is empty piece, then safety embedded system is moved in stop and start;
If not empty piece, the system image in the flash storage is stored in the RAM memory of embedded system
In, start embedded system.
Before above-mentioned steps 201, the method for the embodiment of the present invention can also include:Execute the step of program curing and initialization
Suddenly, specific as shown in Figure 3.
Fig. 3 is the main-process stream schematic diagram of embedded system start method of the embodiment of the present invention, as shown in figure 3, the present invention is real
The process flow for applying an embedded system start method includes:
Step 301:Embedded system after the power is turned on, executes the program being solidificated in ROM memory;
In practical applications, the program being solidificated in ROM memory is BootLoader programs, described
BootLoader programs, will be soft or hard in embedded system for initializing embedded hardware equipment, establishing memory headroom mapping graph
Part environment is adjusted to working condition, and running environment is got out for call operation embedded system kernel;The Boot Loader journeys
Sequence is different according to not having to for embedded system device system, while Boot loader utilities also rely on embedded hardware and set
Standby configuration, therefore, Boot loader utilities be not general, for different embedded devices, even if different insertions
Formula equipment is built using consistent device system, if a kind of Boot Loader of the normal operation on embedded device
Program needs the normal operation on another embedded device, also usually requires to repair Boot loader utilities progress specific aim
Change.
Step 302:Initial configuration, will be in embedded system image file deposit RAM memory in flash storage;
Step 303:Pre-set security status field in OTP in reading embedded system;
In practical applications, pre-set security status field can be according to embedded system practical application field in OTP
Scape is set, and can not be changed again after the security status field typing OTP;
Step 304:Determine embedded system Starting mode, if it is determined that it is clean boot mode, thens follow the steps 305,
If it is determined that being non-security Starting mode, 307 are thened follow the steps;
Step 305:Verification signature and decryption are carried out to embedded system image file;
Step 306:Start embedded system, terminates this process flow later;
Step 307:Start embedded system with non-security mode.
Fig. 4 is the flow diagram that the embodiment of the present invention determines embedded system security state, as shown in figure 4, in reality
In, determine that embedded-type security state flow specifically includes following steps:
Step 401:Read Starting mode field in OTP;
Step 402:When the Starting mode field code is 1, indicates that safety is needed to be booted up embedded system, hold
Row step 404;When such as the Starting mode field code is 0, indicates that needs are non-security and is booted up embedded system, execute step
Rapid 403;
Step 403:Start embedded system, terminates this process flow later;
Wherein, it after embedded system mirror image being loaded into embedded system RAM memory, is guided with non-security bootstrap
Start embedded system, without carrying out verification signature and decryption to embedded system mirror image;
Step 404:Signature and decryption are verified to embedded system mirror image;
In practical applications, it when starting embedded system with safe guidance mode, demonstrates the need for embedded system mirror
As carrying out verification signature and decryption, only after verification, which is signed, to be successfully completed at the same time with successful decryption, reruning is loaded into RAM and deposits
Embedded system mirror image in reservoir is completed to start embedded system;If the verification, which signs and decrypts any one, not to be had
Failed by verifying or decrypting, then stops starting current embedded system.
Fig. 5 is startup embedded safety system flow diagram of the embodiment of the present invention, as shown in figure 5, in practical applications,
Start safety embedded system flow and specifically includes following steps:
Step 501:Read the empty piece mark in embedded system chip;
Whether burning enters operating system program to the sky piece mark characterization embedded system device;
Step 502:Judge whether embedded system device is sky piece, if it is empty piece, executes step 513;If not
Empty piece executes step 503;
Step 503:Read the mk_en fields in OTP, wherein mk_en fields indicate whether to be stored with embedded chip body
Part identification information;
Step 504:Judge whether mk_en fields are equal to 1, if being equal to 1, determines there are MKID, execute step 505;Such as
Fruit is not equal to 1, determines and MKID is not present, and skips step 505, executes step 506;
Step 505:Judge whether MKID is consistent with the MKID in the first mirror image in OTP, if unanimously, executing step 506;
If inconsistent, step 513 is executed;
Wherein, the MKID is that embedded system chip indicates information;
Step 506:Judge in OTP BL_KEY0 whether with the RSA key in first order embedded system mirror image digital certificate
Unanimously, if unanimously, executing step 507;If inconsistent, step 513 is executed;
Step 507:Verification signature is carried out to first order embedded system mirror image;
Step 508:Judge whether verification signature succeeds, if it is successful, executing step 509;If it fails, executing step
513;
Step 509:Judge whether BK_KEY1 is consistent with RSA key in the second mirror image digital certificate, if unanimously, executed
Step 510;If inconsistent, step 513 is executed;
Step 510:Second level embedded system mirror image is decrypted;
Step 511:Judge whether the decryption of the second mirror image succeeds, if it is successful, executing step 512;If it fails, executing
Step 513;
Step 512:Start embedded system, terminates this process flow later;
Step 513:Stop starting embedded system.
Fig. 6 is startup embedded safety system detailed maps of the embodiment of the present invention, as shown in fig. 6, in practical applications,
Embedded system mirror image carries out verification signature and decryption specifically includes following steps:
Step 601:Using in upper level code the first digital certificate or key KEY information to embedded system mirror image
Certificate is verified;Hash operations are carried out to first digital certificate or key KEY information, by the two of the regular length of acquisition
Binary value is stored in the first result sign_hash1;
Wherein, verification signature is carried out if it is to first order embedded system mirror image, then preset KEY in OTP is used to believe
Breath or the first digital certificate carry out verification signature to the first order embedded system mirror image certificate;Such as to the embedded system in the second level
System mirror image carries out verification signature, then uses KEY information or the first digital certificate pair second in first order embedded system mirror image
Grade embedded system mirror image certificate carries out verification signature, and so on;
Step 602:Hash operations are carried out to the certificate of embedded system mirror image described in step 601 or KEY information, will be obtained
Regular length binary numeral be stored in the second result sign_hash2 in;
Step 603:Judge whether sign_hash1 and sign_hash2 is equal, if equal, executes step 604;If
It is unequal, execute step 610;
Step 604:Hash operations are carried out to embedded system code image, by the binary numeral of the regular length of acquisition
It is stored in system image code effect code_hash1;
Step 605:Judge the system image code verification information code_hash to prestore in embedded system mirror image certificate with
Whether code_hash1 is equal, if equal, executes step 607;If unequal, step 610 is executed;
Step 606:Judge whether embedded system mirror image is encrypted, if encryption, executes step 607;If unencryption is held
Row step 609;
Step 607:It is decrypted with the key pair embedded system mirror image in OTP;
Step 608:Judge whether decryption succeeds, if it is successful, executing step 609;If it fails, executing step 610;
Step 609:Embedded system mirror image after operation decryption, starts embedded system, terminates this processing stream later
Journey;
Step 610:Stop starting embedded system.
Fig. 7 is that the embodiment of the present invention starts embedded non-security system schematic diagram, as shown in fig. 7, determining embedded system
For non-secure states, starts non-security embedded system and include the following steps:
Step 701:Read embedded system chip sky piece mark;
Step 702:Judge whether embedded system device is sky piece, if it is empty piece, executes step 703;If not
Empty piece executes step 704;
Step 703:Stop starting embedded system, terminates this process flow later;
Step 704:Embedded system mirror image in RAM memory is run, embedded system is started.
Fig. 8 is the structural schematic diagram of embedded system starter of the embodiment of the present invention, as shown in figure 8, the present invention is implemented
Example embedded system starter include:
Setup module 801, for safe boot section and non-security boot section, the peace to be arranged on embedded system chip
Full boot section and non-security boot section respectively correspond to different Bootstrap Commissioning Programs;
Read module 802, for after the completion of bootstrap loader is run, reading preset configuration information, the configuration
Information includes at least system Starting mode;
It is booted up module 803, the system Starting mode is corresponding to draw for being executed according to the system Starting mode
Startup program is led, corresponding boot section is booted up and starts embedded system;
Wherein, described device further includes:OTP modules 804, for storing the configuration information;
The read module 802, is additionally operable to:The first information and the second information are obtained, the first information includes the first number
Word certificate and the second verification digital certificate;Second information includes the second digital certificate and operating system program;
The module 803 that is booted up is specifically used for:
When the corresponding Bootstrap Commissioning Program of the system Starting mode is the Bootstrap Commissioning Program corresponding to safe boot section
When, the Bootstrap Commissioning Program be subject to it is described first verification digital certificate, to the first digital certificate in the first information
Carry out first time verification;
After the first time is verified, the second verification digital certificate being subject in the first information, in the second information
The second digital certificate carry out second and verify;
It is described be verified for the second time after, judge whether the operating system program in second information is encrypted, determine behaviour
When making system program and being encrypted and further include decruption key in the configuration information, using the decruption key to the operation
System program is decrypted;
After the operating system program successful decryption, start safe boot section;
Wherein, the first time, which is verified, includes:The first verification digital certificate being subject in the configuration information, verifies institute
Whether the first digital certificate stated in the first information is identical as the first verification digital certificate, and when identical, the first time tests
Card passes through;
Second verification includes:The second verification digital certificate being subject in the first information, verification second letter
Whether the second digital certificate in breath is identical as the second verification digital certificate, described to be verified for the second time when identical;
It is described be booted up module 803 also particularly useful for:When the corresponding Bootstrap Commissioning Program of the system Starting mode is
Corresponding to non-security boot section bootstrap when, the bootstrap directly initiates non-security boot section.
In practical applications, the setup module 801, read module 802, be booted up module 803 can be by embedded
Central processing unit (CPU, Central Processing Unit), microprocessor (MPU, Micro Processor in system
Unit), digital signal processor (DSP, Digital Signal Processor) or field programmable gate array (FPGA,
Field Programmable Gate Array) etc. realizations.
As described above, embedded system start method provided in an embodiment of the present invention and device, in embedded system chip
The safe boot section of upper setting and non-security boot section, the safe boot section and non-security boot section respectively correspond to different guiding
Startup program;After the completion of bootstrap loader operation, preset configuration information is read, the configuration information is opened including at least system
Flowing mode;The corresponding Bootstrap Commissioning Program of the system Starting mode is executed according to the system Starting mode, is booted up pair
The boot section answered starts embedded system.In this way, embedded startup method and device provided in an embodiment of the present invention can be simultaneously
It is compatible to start safety embedded system and non-security embedded system, when user needs to start another embedded system, no
Required change starts Embedded bootstrap or develops new device again, reduces the R&D cycle, uses manpower and material resources sparingly.
The foregoing is only a preferred embodiment of the present invention, is not intended to limit the scope of the present invention, it is all
All any modification, equivalent and improvement made by within the spirit and principles in the present invention etc. should be included in the protection of the present invention
Within the scope of.
Claims (12)
1. a kind of embedded system start method, which is characterized in that safe boot section and non-is arranged on embedded system chip
Safe boot section, the safe boot section and non-security boot section respectively correspond to different Bootstrap Commissioning Programs;The method is also
Including:
After the completion of bootstrap loader operation, preset configuration information is read, the configuration information includes at least system startup side
Formula;
The corresponding Bootstrap Commissioning Program of the system Starting mode is executed according to the system Starting mode, is booted up corresponding
Boot section starts embedded system.
2. according to the method described in claim 1, it is characterized in that, the configuration information is set to One Time Programmable OTP moulds
In block.
3. method according to claim 1 or 2, which is characterized in that described according to described in system Starting mode execution
The corresponding Bootstrap Commissioning Program of system Starting mode is booted up before corresponding boot section startup embedded system, the side
Method further includes:
The first information and the second information are obtained, the first information includes the first digital certificate and the second verification digital certificate;Institute
It includes the second digital certificate and operating system program to state the second information.
4. according to the method described in claim 3, it is characterized in that, the configuration information further includes the first verification digital certificate;
It is described that the corresponding Bootstrap Commissioning Program of the system Starting mode is executed according to the system Starting mode, it is booted up pair
The boot section answered starts embedded system, including:
When the corresponding Bootstrap Commissioning Program of the system Starting mode is the Bootstrap Commissioning Program corresponding to safe boot section, institute
It states Bootstrap Commissioning Program and is subject to the first verification digital certificate, the is carried out to the first digital certificate in the first information
One-time authentication;
After the first time is verified, the second verification digital certificate being subject in the first information, to the in the second information
Two digital certificates carry out second and verify;
It is described be verified for the second time after, judge whether the operating system program in second information is encrypted, determine operation system
When system program is encrypted and further includes decruption key in the configuration information, using the decruption key to the operating system
Program is decrypted;
After the operating system program successful decryption, start safe boot section.
5. according to the method described in claim 4, it is characterized in that, first time verification includes:With in the configuration information
The first verification digital certificate subject to, verify the first digital certificate in the first information whether with the first verification number
Certificate is identical, and when identical, the first time is verified;
Second verification includes:The second verification digital certificate being subject in the first information, is verified in second information
The second digital certificate whether with it is described second verification digital certificate it is identical, it is described to be verified for the second time when identical.
6. according to the method described in claim 1, it is characterized in that, described execute the system according to the system Starting mode
The corresponding Bootstrap Commissioning Program of Starting mode is booted up corresponding boot section and starts embedded system, including:
It is described when the corresponding Bootstrap Commissioning Program of the system Starting mode is the bootstrap corresponding to non-security boot section
Bootstrap directly initiates non-security boot section.
7. a kind of embedded system starter, which is characterized in that described device includes:Setup module, read module, guiding mould
Block;Wherein,
Setup module, for safe boot section and non-security boot section, the safety guiding to be arranged on embedded system chip
Area and non-security boot section respectively correspond to different Bootstrap Commissioning Programs;
Read module, for after the completion of bootstrap loader is run, reading preset configuration information, the configuration information is at least
Including system Starting mode;
It is booted up module, the system Starting mode is corresponding to be booted up journey for being executed according to the system Starting mode
Sequence is booted up corresponding boot section and starts embedded system.
8. device according to claim 7, which is characterized in that described device further includes:OTP modules, it is described for storing
Configuration information.
9. device according to claim 7 or 8, which is characterized in that the read module is additionally operable to:Obtain the first information and
Second information, the first information include the first digital certificate and the second verification digital certificate;Second information includes second
Digital certificate and operating system program.
10. device according to claim 9, which is characterized in that the configuration information that the read module is read further includes the
One verification digital certificate;
The module that is booted up is specifically used for:
When the corresponding Bootstrap Commissioning Program of the system Starting mode is the Bootstrap Commissioning Program corresponding to safe boot section, institute
It states Bootstrap Commissioning Program and is subject to the first verification digital certificate, the is carried out to the first digital certificate in the first information
One-time authentication;
After the first time is verified, the second verification digital certificate being subject in the first information, to the in the second information
Two digital certificates carry out second and verify;
It is described be verified for the second time after, judge whether the operating system program in second information is encrypted, determine operation system
When system program is encrypted and further includes decruption key in the configuration information, using the decruption key to the operating system
Program is decrypted;
After the operating system program successful decryption, start safe boot section.
11. device according to claim 10, which is characterized in that it is described be booted up module also particularly useful for:First
In secondary verification, the first verification digital certificate being subject in the configuration information verifies the first number in the first information
Whether certificate is identical as the first verification digital certificate, and when identical, the first time is verified;
In second verifies, the second verification digital certificate being subject in the first information verifies the in second information
Whether two digital certificates are identical as the second verification digital certificate, described to be verified for the second time when identical.
12. device according to claim 7, which is characterized in that the module that is booted up is specifically used for:When the system
When the corresponding Bootstrap Commissioning Program of Starting mode is the bootstrap corresponding to non-security boot section, the bootstrap directly opens
Move non-security boot section.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710208114.9A CN108664280A (en) | 2017-03-31 | 2017-03-31 | A kind of embedded system start method and device |
PCT/CN2017/095333 WO2018176707A1 (en) | 2017-03-31 | 2017-07-31 | Method and device for starting embedded system, and computer storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710208114.9A CN108664280A (en) | 2017-03-31 | 2017-03-31 | A kind of embedded system start method and device |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108664280A true CN108664280A (en) | 2018-10-16 |
Family
ID=63675120
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710208114.9A Withdrawn CN108664280A (en) | 2017-03-31 | 2017-03-31 | A kind of embedded system start method and device |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN108664280A (en) |
WO (1) | WO2018176707A1 (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109710295A (en) * | 2018-11-23 | 2019-05-03 | 北京计算机技术及应用研究所 | A kind of safely and reliably FPGA remote upgrade method |
CN110363010A (en) * | 2019-07-17 | 2019-10-22 | 中国大恒(集团)有限公司北京图像视觉技术分公司 | A kind of safety startup of system method based on MPSoC chip |
CN114647461A (en) * | 2022-05-19 | 2022-06-21 | 深圳比特微电子科技有限公司 | Starting method and system of embedded system |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1786916A (en) * | 2004-12-09 | 2006-06-14 | 三星电子株式会社 | Secure booting apparatus and method |
US20060179308A1 (en) * | 2005-02-07 | 2006-08-10 | Andrew Morgan | System and method for providing a secure boot architecture |
CN102650944A (en) * | 2011-02-28 | 2012-08-29 | 国民技术股份有限公司 | Operation system security bootstrap device and bootstrap device |
CN103069384A (en) * | 2010-08-10 | 2013-04-24 | 桑迪士克以色列有限公司 | Host device and method for securely booting the host device with operating system code loaded from a storage device |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6052778A (en) * | 1997-01-13 | 2000-04-18 | International Business Machines Corporation | Embedded system having dynamically linked dynamic loader and method for linking dynamic loader shared libraries and application programs |
CN101699402B (en) * | 2009-06-12 | 2012-06-27 | 苏州国芯科技有限公司 | Multi-mode startup embedded system |
CN101826027A (en) * | 2010-05-28 | 2010-09-08 | 深圳市融创天下科技发展有限公司 | Embedded system and updating method thereof |
CN104951328A (en) * | 2014-03-31 | 2015-09-30 | 国基电子(上海)有限公司 | Embedded equipment and starting method thereof |
-
2017
- 2017-03-31 CN CN201710208114.9A patent/CN108664280A/en not_active Withdrawn
- 2017-07-31 WO PCT/CN2017/095333 patent/WO2018176707A1/en active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1786916A (en) * | 2004-12-09 | 2006-06-14 | 三星电子株式会社 | Secure booting apparatus and method |
US20060179308A1 (en) * | 2005-02-07 | 2006-08-10 | Andrew Morgan | System and method for providing a secure boot architecture |
CN103069384A (en) * | 2010-08-10 | 2013-04-24 | 桑迪士克以色列有限公司 | Host device and method for securely booting the host device with operating system code loaded from a storage device |
CN102650944A (en) * | 2011-02-28 | 2012-08-29 | 国民技术股份有限公司 | Operation system security bootstrap device and bootstrap device |
Non-Patent Citations (1)
Title |
---|
曹英培 等: "基于Xilinx Zynq的嵌入式系统的BOOT方式探究", 《WWW.PAPER.EDU.CN/RELEASEPAPER/CONTENT/201509-274》 * |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109710295A (en) * | 2018-11-23 | 2019-05-03 | 北京计算机技术及应用研究所 | A kind of safely and reliably FPGA remote upgrade method |
CN109710295B (en) * | 2018-11-23 | 2022-05-27 | 北京计算机技术及应用研究所 | Safe and reliable FPGA remote upgrading method |
CN110363010A (en) * | 2019-07-17 | 2019-10-22 | 中国大恒(集团)有限公司北京图像视觉技术分公司 | A kind of safety startup of system method based on MPSoC chip |
CN110363010B (en) * | 2019-07-17 | 2021-11-16 | 中国大恒(集团)有限公司北京图像视觉技术分公司 | System safety starting method based on MPSoC chip |
CN114647461A (en) * | 2022-05-19 | 2022-06-21 | 深圳比特微电子科技有限公司 | Starting method and system of embedded system |
Also Published As
Publication number | Publication date |
---|---|
WO2018176707A1 (en) | 2018-10-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8572410B1 (en) | Virtualized protected storage | |
US11829479B2 (en) | Firmware security verification method and device | |
CN107220547B (en) | Terminal equipment and starting method thereof | |
CN102063591B (en) | Methods for updating PCR (Platform Configuration Register) reference values based on trusted platform | |
TW201512879A (en) | Mobile communication device and method of operating thereof | |
EP3384423B1 (en) | Device with multiple roots of trust | |
CN103914658A (en) | Safe starting method of terminal equipment, and terminal equipment | |
WO2018076648A1 (en) | Secure enabling method and device for chip, and computer storage medium | |
WO2019005396A1 (en) | Remote attestation for multi-core processor | |
CN103745167B (en) | The IAP method and device of single-chip microcomputer | |
CN108664280A (en) | A kind of embedded system start method and device | |
CN104008342A (en) | Method for achieving safe and trusted authentication through BIOS and kernel | |
CN104486355A (en) | Method and device for preventing malicious manipulation of codes | |
CN109814934B (en) | Data processing method, device, readable medium and system | |
CN106056017A (en) | Intelligent card COS encrypting and downloading system | |
CN105678162A (en) | TPM-based control method for safe startup of operating system | |
CN111177709A (en) | Execution method and device of terminal trusted component and computer equipment | |
CN106657551A (en) | Method and system for preventing mobile terminal from being unlocked | |
JP6769999B2 (en) | Secure computing environment | |
CN104778424B (en) | The method that ROM brush machines are prevented based on intelligent television | |
CN106156632B (en) | Safety device and method of the security service to host, safety equipment are provided in it | |
KR20210097379A (en) | Secure device, electronic device, secure boot management system, method for generating boot image, and method for excuting boot chain | |
CN106446620A (en) | Permission setting and processing method and device of WIFI module | |
CN115357274A (en) | Remote IO equipment firmware upgrading method and system | |
CN109145627A (en) | A kind of method and relevant apparatus of data processing |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WW01 | Invention patent application withdrawn after publication | ||
WW01 | Invention patent application withdrawn after publication |
Application publication date: 20181016 |