CN111814208B - Method for defending fault injection during secure start of soc national security chip - Google Patents

Method for defending fault injection during secure start of soc national security chip Download PDF

Info

Publication number
CN111814208B
CN111814208B CN202010633752.7A CN202010633752A CN111814208B CN 111814208 B CN111814208 B CN 111814208B CN 202010633752 A CN202010633752 A CN 202010633752A CN 111814208 B CN111814208 B CN 111814208B
Authority
CN
China
Prior art keywords
detection module
memory
hardware detection
software
chip
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010633752.7A
Other languages
Chinese (zh)
Other versions
CN111814208A (en
Inventor
盛志凡
应屹航
王强
杨勍
饶丰
陈鹏
黎政
梁坚
叶妙兵
沈建春
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Nationalchip Science & Technology Co ltd
Research Institute Of Radio And Television Science State Administration Of Radio And Television
Original Assignee
Hangzhou Nationalchip Science & Technology Co ltd
Research Institute Of Radio And Television Science State Administration Of Radio And Television
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Nationalchip Science & Technology Co ltd, Research Institute Of Radio And Television Science State Administration Of Radio And Television filed Critical Hangzhou Nationalchip Science & Technology Co ltd
Priority to CN202010633752.7A priority Critical patent/CN111814208B/en
Publication of CN111814208A publication Critical patent/CN111814208A/en
Application granted granted Critical
Publication of CN111814208B publication Critical patent/CN111814208B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/76Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in application-specific integrated circuits [ASIC] or field-programmable devices, e.g. field-programmable gate arrays [FPGA] or programmable logic devices [PLD]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/75Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by inhibiting the analysis of circuitry or operation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/445Program loading or initiating
    • G06F9/44505Configuring for program initiating, e.g. using registry, configuration files
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Mathematical Physics (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Storage Device Security (AREA)
  • Techniques For Improving Reliability Of Storages (AREA)
  • Stored Programmes (AREA)
  • Debugging And Monitoring (AREA)
  • Retry When Errors Occur (AREA)

Abstract

The invention discloses a method for defending fault injection during safe starting of a sol national security chip. When the chip design is completed, the new fault injection method is difficult to defend. The invention comprises the following steps: the system comprises a hardware detection module, a memory authority control module and a specific software start flow which are arranged in a chip. The method tracks the execution sequence of software when the safety is started through a built-in hardware detection module; when the software execution sequence is detected to be incorrect, the memory authority control module prohibits the read-write or execution authority of the software to the memory, so that the software cannot continue to execute, and the safe starting flow is terminated. The method effectively defends the risk of skipping key steps caused by fault injection. The method of the invention realizes the defense of the abnormal jump of the software caused by the fault injection during the safe start, and improves the safety of the system.

Description

Method for defending fault injection during secure start of soc national security chip
Technical Field
The invention belongs to the technical field of integrated circuits, in particular to the technical field of embedded systems and chip designs, and relates to a method for preventing fault injection when a system on chip (soc) is started safely.
Background
In existing embedded systems, the boot programs and image files of the system are typically stored in an external medium, such as FLASH. In some applications involving high-level security, the boot program and image files are typically encrypted and signed. In the safe starting process of the system, decryption and signature verification can be carried out, so that the authenticity and the integrity of the program are ensured, and the program is prevented from being tampered and replaced.
However, in the process of safe starting, if an attacker adopts physical means such as electromagnetic interference, voltage surge or clock burr, and the like, faults are accurately injected, so that the program is in error in the execution process, the decryption signature verification function is skipped, the trust chain of safe starting can be destroyed, and the authority of the embedded system can be illegally obtained.
In the prior art, for fault injection, more methods such as voltage detection or clock burr detection are adopted, and the fault injection method is used for judging whether the fault injection attack is carried out. As fault injection methods increase, so does the need for more and more detection. And when the chip design is completed, the new fault injection method is difficult to defend.
Disclosure of Invention
The invention aims to provide a method for defending fault injection during the safe starting of a sol national security chip, which is independent of a fault injection detection method, can be combined with an original defending method, and provides a better defending effect.
The invention comprises the following steps: the system comprises a hardware detection module, a memory authority control module and a specific software start flow which are arranged in a chip.
When the chip is designed, a hardware detection module is built in the chip, the hardware detection module tracks the process executed by software, and when the correct sequence is detected, a memory authority control module is operated to release the read-write or execution authority of the memory step by step; when the incorrect sequence is detected, the read-write or execution permission of the memory is not released through the memory permission control module, so that the software cannot continue to execute, specifically: in the chip design stage, the software and hardware agree together that for each key step of the safe start, a specific character is marked, and when the safe start is performed, the software writes the corresponding character into the hardware detection module every time one key step is executed.
And the hardware detection module is embedded with a state machine, and sequentially checks written characters according to a preset value to judge whether the software is executed correctly. Writing corresponding characters by specific safety starting software under each state so as to enable correct jump; if the written character is wrong, the state machine will enter into the wrong state, fall into the dead loop, only power-on reset again, can resume.
The key steps include various SM4 symmetric decryption algorithms, SM2 asymmetric signing verification algorithms, SM3 hash algorithms, random number self-test and specific system operation. The specific system operation includes waiting for a hardware security module self-test, program jumping from ROM to internal SRAM, etc.
After the memory authority control module is electrified on the chip, the CPU is forbidden to read, write and execute the authority of the memory by default. The memory includes an SRAM (random static memory) inside the chip and an DRAM (random dynamic memory) outside the chip. The memory authority control module is only controlled by the hardware detection module.
The specific software start-up procedure refers to writing corresponding characters to the built-in hardware detection module every time a key step or specific system operation is executed on the basis of the conventional secure start-up procedure.
The method comprises the following specific steps:
the method comprises the following steps that (1) a chip is electrified, a CPU executes ROM codes, and self-checking of a security hardware cryptographic algorithm module and self-checking of random numbers are waited; the self-detection passes, and the CPU writes specific characters into the hardware detection module.
The secure hardware cryptographic algorithm module refers to a hardware implementation module of SM4 symmetric encryption and decryption algorithm, SM2 asymmetric signature verification algorithm and SM3 hash algorithm.
Step (2), the hardware detection module receives the characters passing the self-checking, and releases the read-write authority of the CPU to the internal SRAM through the memory authority control module;
step 3, the CPU reads the bootstrap program from the external medium to the internal SRAM, and executes SM4 decryption and SM2 signature verification operation (including SM 3); after the signature passes, writing specific characters into the hardware detection module;
step (4), after the hardware detection module receives the specific character, the execution authority of the CPU on the internal SRAM is released through the memory authority control module;
step (5), the CPU jumps to the SRAM from the ROM, executes a boot program in the SRAM, and writes specific characters into the hardware detection module;
step (6), after the hardware detection module receives the specific character, the read-write authority of the CPU to the external DRAM is released through the memory authority control module;
step 7, the CPU reads the image file from the external medium to the external DRAM, and executes SM4 decryption and SM2 signature verification operation (including SM 3); after the signature passes, writing specific characters into the hardware detection module;
step (8), after the hardware detection module receives the specific character, the execution authority of the CPU to the external DRAM is released through the memory authority control module;
step (9) the CPU jumps from the internal SRAM to the external DRAM to start the system.
And (3) performing decryption and signature verification operation in the steps (3) and (7), performing one or more times according to the difference of the safe starting flow, and writing different specific characters into the hardware detection module.
When the steps are executed, the accurate fault injection of an attacker is carried out, and therefore certain key steps are skipped, such as self-checking or signature checking, and the like, the hardware detection module can not receive correct characters, the memory authority control module can not release the read-write or execution authority of the corresponding memory, and the system start can not be completed.
In order to adapt to various different starting processes, common safe starting processes are numbered, programmed into the chip and electrically programmable fuses of the chip are blown. The detection module is internally provided with a corresponding character string of a common safety starting flow. After the chip is electrified, a corresponding character string is selected according to the number, and the starting flow is checked.
The invention tracks the execution steps in the safe starting process of the chip based on the specific hardware detection module and the corresponding mechanism, effectively defends the risk of skipping key steps caused by fault injection in the process, and ensures that the soc chip has higher safety.
Drawings
FIG. 1 is a schematic diagram of a hardware architecture of the present invention;
FIG. 2 is a schematic diagram of a normal secondary start-up flow according to one embodiment of the present invention;
fig. 3 is a schematic diagram of an attacked secondary boot flow in accordance with another embodiment of the present invention.
Detailed description of the preferred embodiments
In order to more clearly illustrate the objects, flow and advantages of the present invention, the present invention will be described in further detail below with reference to the accompanying drawings and detailed description.
Numerous implementation details are set forth in the following description, but the invention may be practiced otherwise than as described. Various modifications and improvements may be made by those skilled in the art without departing from the spirit and substance of the invention. Such variations and modifications are also to be regarded as a departure from the scope of the invention and are not limited to the disclosed embodiments.
Fig. 1 is a unitary frame of the present invention. A hardware detection module 13 and a memory authority control module 14 are included.
The CPU11 accesses both the SRAM12 and the DRAM15 through the memory authority control module 14. The hardware detection module 13 tracks the software execution sequence of the CPU11, and releases the read-write and execution authority of the SRAM12 and DRAM15 step by step through the memory authority control module 14. When the hardware detection module 13 detects that the software execution sequence of the CPU11 is abnormal, the read-write and execution authority of the SRAM12 and the DRAM15 is released, so that the system is failed to start, and the effect of preventing fault injection is achieved.
Table 1 shows the specific characters agreed by the software and hardware in the following embodiments.
Operation of Success of self-test Decryption completion Pass of check Jump SRAM success Failure to start
Character(s) C D S E F
Example 1:
as shown in fig. 2, the present embodiment illustrates a secure boot flow for normal secondary signatures. With the sequential execution of the start-up flow, the hardware module sequentially releases the read-write permission and the execution permission of the SRAM and the DRAM.
For secure boot software, the boot flow is as follows:
step 201, the chip is powered up and ROM code is executed.
Step 202, waiting for self-checking of the hardware security module of the cryptographic algorithm. The main purpose is to detect whether the hardware module used for decryption and signature verification is faulty or not.
Step 203, if the self-test fails, the system start-up fails in step 218; the self-test passes and jumps to step 204.
Step 204, send character "C" to the hardware detection module.
Step 205, executing ROM code, and loading the boot program and signature in the external medium.
Step 206, decrypting with the key built in the chip and sending the character "D" to the hardware detection module.
Step 207, the decrypted bootstrap program is checked by using the built-in public key of the chip.
Step 208, if the signature verification fails, the step 215 is skipped to the system start failure; the signature passes, the character "S" is sent to the hardware detection module, and the process jumps to step 209.
Step 209, the software jumps from ROM to internal SRAM. If the jump fails, entering step 215 system start failure; the jump is successful, the boot procedure is executed, and step 210 is entered.
Step 210, the execution program in the SRAM is normal, and the character "E" is written into the hardware module.
Step 211, loading the image file in the external medium to the external DRAM, and performing signature verification.
Step 212, if the signature verification fails, the step 215 is skipped to the system start failure; the signature passes, the character "S" is sent to the hardware detection module, and the process jumps to step 213.
Step 213 decompresses the image file and jumps from the internal SRAM to the external DRAM.
Step 214, executing the image file, and the system is started successfully.
For a hardware detection module, the built-in state machine flow is as follows:
step 220, power-on is started.
Step 221, wait for the software to write the character "C". After the software start step 204 writes the character "C", the process jumps to step 222.
Step 222, releasing the internal SRAM read/write permission to the CPU by the memory permission control module, and jumping to step 223.
Step 223, wait for software to write character "D". After the software start step 209 writes the character "D", the process jumps to step 225.
Step 224, wait for the software to write the character "S". After the software start step 211 writes the character "S", it jumps to step 226.
Step 225, the execution authority of the internal SRAM is released by the memory authority control module, and the process goes to step 227.
At step 226, the software waits for the character "E" to be written. After the software start step 213 writes the character "S", the process jumps to step 228.
Step 227, the read/write permission of the external DRAM is released by the memory permission control module, and the process goes to step 229.
Step 228, wait for the software to write the character "S". After the software start step 215 writes the character "S", the process jumps to step 230.
In step 229, the execution authority of the external DRAM is released by the memory authority control module, and the hardware detection module completes the detection operation.
In this embodiment, the hardware detection module tracks the execution process of the software, and releases the read-write permission of the SRAM after receiving the character "C" passing the self-check; after sequentially receiving the D and S, releasing the execution authority of the SRAM; receiving E, releasing the read-write authority of the external DRAM; and finally releasing the execution authority of the external DRAM after receiving S. The method ensures that the read-write permission and the execution permission are released step by step along with the sequential establishment of the starting trust chain.
Example 2:
as shown in fig. 3, on the basis of the first embodiment, a secondary security start-up procedure when being attacked by fault injection is shown.
Assume that an attacker tampers with the boot and image files of the external medium. According to the normal flow of the first embodiment (fig. 2), when the signature verification fails in step 207 and step 208, the program may be found to be tampered, and then the process jumps to step 215, and the start is terminated. However, if the attacker determines in step 207 that the signature result is accurate, the fault injection is performed, the program jumps to an error, and step 209 is continued, if the startup procedure fails to find the fault injection, the tampered boot procedure is continued. The system can continue to be tampered with the guiding program, the tampered image file is checked, the system can finally run an illegal program, and the security of the whole embedded system can be thoroughly destroyed.
After the method of the present invention is used, similarly (as shown in fig. 3), when the attacker performs the signature verification operation in step 307 and determines the signature result in step 308, fault injection is performed accurately, and the program is successfully skipped to step 309 and continues to execute. However, since the abnormal jump does not write the character "S" to the hardware detection module, when the subsequent step 309 jumps to the SRAM execution program, since the hardware detection module is waiting for the character "S", the execution authority of the SRAM is not released by the memory authority control module, the tampered boot program cannot be executed, the system will jump to step 315, start up failure, and write the character "F" to the hardware detection module. After the hardware detection module receives the character F, the system starting process is judged to be incorrect, and the state machine enters an abnormal state and falls into a dead loop. Only the reset is reset, and can be resumed.
As described above, the tampered program cannot be executed continuously, the subsequent image file cannot be loaded, and the illegal program cannot be run on the chip. The whole embedded system well resists fault injection attack.
The location of the attack in example 2 can be arbitrarily selected, for example, at the time of decryption, at the time of secondary signature verification, at the time of random number self-test, and at the time of mirror signature verification. The hardware detection module can timely track the execution sequence of the software, find the certainty of key steps, further prevent the release of memory authority through the memory controller, enable the safe start to be abnormally terminated, well resist the risk of fault injection and ensure the safety of the system.
The above embodiments are merely exemplary in nature and include start-up procedures and constraint characters, locations of attacks, methods, etc., and are intended to better illustrate principles, methods, and advantages. Any alterations, modifications, and improvements are intended to be within the spirit and scope of the invention as disclosed.

Claims (5)

1. The method for defending fault injection during the safe start of the soc national security chip is characterized by comprising the following steps:
a hardware detection module, a memory authority control module and a specific software starting flow which are arranged in the chip;
when the chip is designed, a hardware detection module is built in the chip, the hardware detection module tracks the process executed by software, and when the correct sequence is detected, a memory authority control module is operated to release the read-write or execution authority of the memory step by step; when the incorrect sequence is detected, the read-write or execution permission of the memory is not released through the memory permission control module, so that the software cannot continue to execute;
after the memory authority control module is electrified on the chip, the CPU is forbidden to read, write and execute the authority of the memory by default; the memory comprises an SRAM inside a chip and an external DRAM; the memory authority control module is only controlled by the hardware detection module;
the specific software starting flow is to write corresponding characters into the built-in hardware detection module every time a key step or specific system operation is executed on the basis of the conventional safe starting flow;
the method comprises the following specific steps:
the method comprises the following steps that (1) a chip is electrified, a CPU executes ROM codes, and self-checking of a security hardware cryptographic algorithm module and self-checking of random numbers are waited; the self-detection passes, and the CPU writes specific characters into the hardware detection module;
the safety hardware cryptographic algorithm module refers to a hardware implementation module of a symmetric encryption and decryption algorithm SM4, an asymmetric signature verification algorithm SM2 and a hash algorithm SM 3;
step (2), the hardware detection module receives the characters passing the self-checking, and releases the read-write authority of the CPU to the internal SRAM through the memory authority control module;
step (3), CPU reads the bootstrap program from the external medium to the internal SRAM, carry out SM4 and decrypt and SM2 and SM3 operation; after the signature passes, writing specific characters into the hardware detection module;
step (4), after the hardware detection module receives the specific character, the execution authority of the CPU on the internal SRAM is released through the memory authority control module;
step (5), the CPU jumps to the SRAM from the ROM, executes a boot program in the SRAM, and writes specific characters into the hardware detection module;
step (6), after the hardware detection module receives the specific character, the read-write authority of the CPU to the external DRAM is released through the memory authority control module;
step (7), CPU reads the image file from external medium to external DRAM, and executes SM4 decryption and SM2 and SM3 operation; after the signature passes, writing specific characters into the hardware detection module;
step (8), after the hardware detection module receives the specific character, the execution authority of the CPU to the external DRAM is released through the memory authority control module;
step (9) the CPU jumps from the internal SRAM to the external DRAM to start the system.
2. The method for defending fault injection during safe start-up of a soc national security chip as claimed in claim 1, wherein: the hardware detection module is arranged in the chip, the software and the hardware are agreed together in the chip design stage, each key step of the safe starting is marked by a specific character, and when the safe starting is carried out, the software writes corresponding characters into the hardware detection module every time when executing one key step.
3. The method for defending fault injection during safe start-up of a soc national security chip as claimed in claim 1, wherein: the hardware detection module is embedded with a state machine, and sequentially checks written characters according to a preset value to judge whether software is executed correctly; writing corresponding characters by specific safety starting software under each state so as to enable correct jump; if the written character is wrong, the state machine will enter into the wrong state, fall into the dead loop, only power-on reset again, can resume.
4. The method for defending fault injection during safe start-up of a soc national security chip as claimed in claim 1, wherein: the key steps include SM4 symmetric decryption algorithm, SM2 asymmetric signature verification algorithm, SM3 hash algorithm, random number self-test and specific system operation.
5. The method for defending fault injection during safe start-up of a soc national security chip as claimed in claim 1, wherein: and (3) performing decryption and signature verification operation in the steps (3) and (7), performing one or more times according to the difference of the safe starting flow, and writing different specific characters into the hardware detection module.
CN202010633752.7A 2020-07-02 2020-07-02 Method for defending fault injection during secure start of soc national security chip Active CN111814208B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010633752.7A CN111814208B (en) 2020-07-02 2020-07-02 Method for defending fault injection during secure start of soc national security chip

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010633752.7A CN111814208B (en) 2020-07-02 2020-07-02 Method for defending fault injection during secure start of soc national security chip

Publications (2)

Publication Number Publication Date
CN111814208A CN111814208A (en) 2020-10-23
CN111814208B true CN111814208B (en) 2023-07-28

Family

ID=72856823

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010633752.7A Active CN111814208B (en) 2020-07-02 2020-07-02 Method for defending fault injection during secure start of soc national security chip

Country Status (1)

Country Link
CN (1) CN111814208B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112287358A (en) * 2020-11-12 2021-01-29 瑞芯微电子股份有限公司 Chip security defense method and system
CN115080075B (en) * 2022-08-22 2022-11-18 南京芯驰半导体科技有限公司 Firmware deployment system and method of embedded hardware security module

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102004651A (en) * 2009-09-01 2011-04-06 上海祥昶实业有限公司 System and method for starting embedded device from T card
CN102135891A (en) * 2010-01-21 2011-07-27 杭州华三通信技术有限公司 System capable of realizing bootload, bootload control device and method
CN102447684A (en) * 2010-10-14 2012-05-09 工业和信息化部软件与集成电路促进中心 Data processing method and equipment
CN102467472A (en) * 2010-11-08 2012-05-23 中兴通讯股份有限公司 System-on-chip (SoC) chip boot startup device and SoC chip
CN102763098A (en) * 2009-12-14 2012-10-31 思杰系统有限公司 Methods and systems for communicating between trusted and non-trusted virtual machines
CN103488916A (en) * 2013-08-12 2014-01-01 中国航天科工集团第三研究院第八三五七研究所 On-missile software encipherment protection method
CN103826165A (en) * 2012-10-18 2014-05-28 美国博通公司 Set top box architecture supporting mixed secure and unsecure media pathways
CN106485131A (en) * 2016-11-02 2017-03-08 黄松柏 Interactive obscure type dynamic encryption lock control system

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102004651A (en) * 2009-09-01 2011-04-06 上海祥昶实业有限公司 System and method for starting embedded device from T card
CN102763098A (en) * 2009-12-14 2012-10-31 思杰系统有限公司 Methods and systems for communicating between trusted and non-trusted virtual machines
CN102135891A (en) * 2010-01-21 2011-07-27 杭州华三通信技术有限公司 System capable of realizing bootload, bootload control device and method
CN102447684A (en) * 2010-10-14 2012-05-09 工业和信息化部软件与集成电路促进中心 Data processing method and equipment
CN102467472A (en) * 2010-11-08 2012-05-23 中兴通讯股份有限公司 System-on-chip (SoC) chip boot startup device and SoC chip
CN103826165A (en) * 2012-10-18 2014-05-28 美国博通公司 Set top box architecture supporting mixed secure and unsecure media pathways
CN103488916A (en) * 2013-08-12 2014-01-01 中国航天科工集团第三研究院第八三五七研究所 On-missile software encipherment protection method
CN106485131A (en) * 2016-11-02 2017-03-08 黄松柏 Interactive obscure type dynamic encryption lock control system

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Luiz E.Ramos等.Page placement in hybrid memory systems.《ICS'11:Proceedings of the international conference on Supercomputing》.2011,85-95. *
基于国密算法的智能终端安全芯片信息存储;李果等;《电子设计工程》;第28卷(第7期);1-5 *

Also Published As

Publication number Publication date
CN111814208A (en) 2020-10-23

Similar Documents

Publication Publication Date Title
JP6373888B2 (en) Information processing apparatus and control method
US20230020278A1 (en) Secure boot assist for devices, and related systems, methods and devices
CN110363010B (en) System safety starting method based on MPSoC chip
CN110990084B (en) Chip secure starting method and device, storage medium and terminal
US20210149681A1 (en) Secure Firmware Management with Hierarchical Boot Sequence using Last Known Good Firmware
US20090193211A1 (en) Software authentication for computer systems
CN111814208B (en) Method for defending fault injection during secure start of soc national security chip
JP2007257197A (en) Information processor having start verification function
US20210397441A1 (en) Firmware updating system and method
CN113486360B (en) RISC-V based safe starting method and system
JP2011165175A (en) Method of downloading software
CN113553115A (en) Starting method based on heterogeneous multi-core chip and storage medium
CN113505363B (en) Method and system for realizing memory space replay prevention through software mode
KR101954439B1 (en) Soc having double security features, and double security method for soc
CN110781478A (en) Method and device for realizing debugging by temporarily authorizing Root
KR101988404B1 (en) Soc having double security features, and double security method for soc
CN114363008A (en) Virtual equipment authentication method and device, electronic equipment and storage medium
CN111291425B (en) Chip protection method and device, storage medium and vehicle-mounted chip
JP6622360B2 (en) Information processing device
CN104361298A (en) Method and device for information safety and confidentiality
CN114444083B (en) BMC-based server BIOS full life cycle safety protection system
CN114065218B (en) SoC system chip safe starting method
CN112817619B (en) Computer system, safety management method thereof and computer software product
JP7031070B1 (en) Program processing device, program processing method, and program
CN117472465A (en) System-on-chip secure starting method and device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant