CN113127879B - Firmware trusted starting method, electronic equipment and readable storage medium - Google Patents

Firmware trusted starting method, electronic equipment and readable storage medium Download PDF

Info

Publication number
CN113127879B
CN113127879B CN201911417938.2A CN201911417938A CN113127879B CN 113127879 B CN113127879 B CN 113127879B CN 201911417938 A CN201911417938 A CN 201911417938A CN 113127879 B CN113127879 B CN 113127879B
Authority
CN
China
Prior art keywords
firmware
cpu
memory chip
trusted
hash value
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911417938.2A
Other languages
Chinese (zh)
Other versions
CN113127879A (en
Inventor
施伟康
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Hikvision Digital Technology Co Ltd
Original Assignee
Hangzhou Hikvision Digital Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Hikvision Digital Technology Co Ltd filed Critical Hangzhou Hikvision Digital Technology Co Ltd
Priority to CN201911417938.2A priority Critical patent/CN113127879B/en
Publication of CN113127879A publication Critical patent/CN113127879A/en
Application granted granted Critical
Publication of CN113127879B publication Critical patent/CN113127879B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/572Secure firmware programming, e.g. of basic input output system [BIOS]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Stored Programmes (AREA)

Abstract

The embodiment of the invention provides a firmware trusted starting method, electronic equipment and a computer readable storage medium. The method is applied to a Central Processing Unit (CPU) in electronic equipment, the electronic equipment further comprises a first memory chip and a second memory chip, the first memory chip stores a trusted program, and the second memory chip stores firmware, and the method comprises the following steps: after the CPU is started, a trusted program is read from a first memory chip; executing the read trusted program to perform the steps of: carrying out security verification on the firmware; when the verification is successful, the start of the firmware is triggered. Compared with the prior art, the scheme provided by the embodiment of the invention can improve the trusted starting speed, and further improve the efficiency of the starting process of the operating system of the electronic equipment.

Description

Firmware trusted starting method, electronic equipment and readable storage medium
Technical Field
The present invention relates to the field of computer security technologies, and in particular, to a firmware trusted starting method, an electronic device, and a computer readable storage medium.
Background
With the continuous development of computer technology, various electronic devices play an increasingly important role in daily work and life of users. In order to ensure the security of the electronic device during use, the user wishes that the boot process be trusted when booting the operating system of the electronic device.
The idea of a so-called trusted start is: and a complete trust chain is established from a trust root, specifically, the trust root verifies the firmware of the electronic equipment, and when the firmware is trusted, the firmware is started to verify the operating system, so that the starting of the operating system is ensured to be safe and trusted.
Here, firmware means: is program code that solidifies within a memory chip, which may be flash memory in an application specific integrated circuit (Application Specific Integrated Circuit, ASIC), flash memory in a programmable logic device (Programmable Logic Device, PLD), and programmable read only memory, with the functions responsible for controlling and coordinating the integrated circuits. Firmware may be understood, among other things, as the underlying program of the operating system of the electronic device.
While trust root refers to: the predetermined piece of safe and trusted program code can be called a trusted program. The trust root verifies whether the firmware is trusted or not by comparing whether the preset hash value of the firmware is the same as the hash value calculated in the starting process, so as to determine whether to start the firmware or not.
Based on this, in the trusted boot process of the operating system, whether the firmware can be trusted to boot is an important process in deciding the trusted boot of the subsequent operating system.
In the related art, the trusted starting method of the firmware is as follows: a trusted module for executing a trusted program is additionally embedded in a main board of the electronic equipment, a hash value of firmware is stored in the trusted module in advance, and the trusted module is connected with a memory chip where the firmware is located; after the electronic equipment is powered on, the trusted module is started firstly, reads the firmware in the storage chip by running the trusted program, calculates the hash value of the firmware, compares the calculated hash value with the hash value stored in advance, and starts the firmware when the calculated hash value and the hash value are the same.
In the related art, the trusted module is a single chip microcomputer or an ARM (Advanced RISCMachines, RISC microprocessor) system, where RISC is an abbreviation of Reduced Instruction Set Computing (extremely simple instruction set). Because of the lower performance of the additional embedded devices, a lower rate of trusted boot will result, affecting the efficiency of the electronic device operating system boot process.
Disclosure of Invention
The embodiment of the invention aims to provide a firmware trusted starting method, electronic equipment and a computer readable storage medium, so as to improve the speed of trusted starting and further improve the efficiency of an operating system starting process of the electronic equipment. The specific technical scheme is as follows:
In a first aspect, an embodiment of the present invention provides a method for trusted firmware activation, which is applied to a CPU in an electronic device, where the electronic device further includes a first memory chip and a second memory chip, where a trusted program is stored in the first memory chip, and where firmware is stored in the second memory chip, and the method includes:
after the CPU is started, the trusted program is read from the first memory chip;
executing the read trusted program to perform the steps of:
carrying out security verification on the firmware; and triggering the starting of the firmware when the verification is successful.
Optionally, in a specific implementation manner, the security verification is performed on the firmware; triggering the start of the firmware when the verification is successful, including:
reading a first hash value of the firmware stored in advance from a designated storage location;
reading the firmware from the second memory chip;
calculating a second hash value of the firmware based on the read firmware, and judging whether the first hash value and the second hash value are the same;
and when the judgment result is yes, triggering the starting of the firmware.
Optionally, in a specific implementation manner, after the electronic device is powered on, the CPU is connected to the first storage chip, and the CPU is not connected to the second storage chip;
The CPU executes the read trusted program, and further executes the steps of:
before the firmware is read from the second memory chip, the connection between the CPU and the first memory chip is disconnected, and the connection between the CPU and the second memory chip is established.
Optionally, in a specific implementation manner, the electronic device further includes a switch, where the switch is used to control the CPU to connect with the first memory chip or the second memory chip;
the step of disconnecting the CPU from the first memory chip and establishing connection between the CPU and the second memory chip includes:
and switching the control state of the change-over switch, in which the CPU is connected with the first storage chip, to the control state of the connection of the CPU with the second storage chip.
Optionally, in a specific implementation manner, the switch controls the CPU to be connected to the first memory chip or the second memory chip through a general purpose input/output port GPIO.
Optionally, in a specific implementation manner, before starting the firmware, the method further includes:
resetting the hardware equipment of the electronic equipment, and starting the firmware after the resetting is completed.
Optionally, in a specific implementation manner, the CPU executes the read trusted program and further executes the following steps:
before the step of reading the first hash value of the firmware stored in advance from the designated storage location, judging whether an upgrade request of the trusted program exists;
if yes, upgrading the trusted program, restarting the electronic equipment, and returning to the step of reading the trusted program from the first memory chip;
if not, the step of reading the pre-stored first hash value of the firmware from the designated storage location is performed.
Optionally, in a specific implementation manner, the step of reading the pre-stored first hash value of the firmware from the designated storage location includes:
reading a preset encryption hash value of the firmware from a first storage device, and decrypting the encryption hash value to obtain a first hash value of the firmware;
the first storage device is a hard disk of the electronic device or a storage device in communication connection with the electronic device.
Optionally, in a specific implementation manner, the CPU executes the read trusted program and further executes the following steps:
If the first hash value and the second hash value are judged to be different, reading backup firmware stored in the second storage device in advance, and replacing the firmware stored in the second storage chip with the backup firmware;
the second storage device is a hard disk of the electronic device or a storage device in communication connection with the electronic device.
In a second aspect, an embodiment of the present invention provides an electronic device, including a processor, a communication interface, a memory, a communication bus, a first memory chip, and a second memory chip, where the processor, the communication interface, the memory, and the first memory chip and the second memory chip complete communication with each other through the communication bus;
the memory is used for storing a computer program;
the first memory chip is used for storing a trusted program;
the second memory chip is used for storing firmware;
and the processor is used for reading the trusted program from the first storage chip after starting and executing the read trusted program to execute the following steps:
carrying out security verification on the firmware; and triggering the starting of the firmware when the verification is successful.
In a third aspect, an embodiment of the present invention provides a computer readable storage medium having stored therein a computer program which, when executed by a processor, implements the steps of any of the firmware trusted boot methods provided in the first aspect above.
The above can be seen that, by applying the technical solution provided by the embodiment of the present invention, the electronic device includes a first memory chip and a second memory chip, where the first memory chip stores a trusted program, and the second memory chip stores firmware. Thus, when the firmware is started in a trusted way, the CPU of the electronic equipment can read the trusted program from the first memory chip after starting; further, the read trusted program is executed to perform the steps of: and carrying out security verification on the firmware stored in the second memory chip, and triggering the start of the firmware when the verification is passed, so that the trusted start of the firmware can be realized.
Based on the above, in the technical scheme provided by the embodiment of the invention, a storage chip for storing the trusted program is added in the electronic equipment, and then, in the process of trusted starting of the firmware, the electronic equipment can directly utilize the CPU to execute the trusted program, thereby realizing verification and trusted starting of the firmware. Therefore, the performance of the CPU of the electronic equipment is higher, so that the speed of trusted starting can be improved, and the efficiency of the starting process of the operating system of the electronic equipment is improved.
In addition, on the premise of ensuring that the same starting efficiency as that of a trusted starting method in the prior art, the scheme in the embodiment of the invention only needs to add a memory chip in the electronic equipment, so that the hardware cost of the electronic equipment can be reduced; correspondingly, on the premise of ensuring the same cost as the trusted starting method in the prior art, the scheme provided by the embodiment of the invention is executed by the CPU of the electronic equipment, so that the efficiency of the trusted starting of the firmware can be improved. Of course, it is not necessary for any one product or method of practicing the invention to achieve all of the advantages set forth above at the same time.
Drawings
In order to more clearly illustrate the embodiments of the invention or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described, it being obvious that the drawings in the following description are only some embodiments of the invention, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a flow chart of a first firmware trusted starting method according to an embodiment of the present invention;
FIG. 2 is a flow chart of one implementation of S102 in FIG. 1;
FIG. 3 is a flowchart of a second firmware trusted boot method according to an embodiment of the present invention based on the specific implementation shown in FIG. 2;
FIG. 4 is a flowchart of a third method for trusted boot of firmware according to an embodiment of the present invention based on the specific implementation shown in FIG. 2;
FIG. 5 is a flowchart of a fourth firmware trusted boot method according to an embodiment of the present invention based on the specific implementation shown in FIG. 2;
FIG. 6 is a flowchart of a fifth method for trusted boot of firmware according to an embodiment of the present invention based on the specific implementation shown in FIG. 2;
FIG. 7 is a flowchart of a specific embodiment of a method for trusted firmware boot according to an embodiment of the present invention;
FIG. 8 is a diagram showing the connection relationship among a switch, a first memory chip, a second memory chip and a CPU in an electronic device;
fig. 9 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
In the related art, a trusted starting method of firmware is implemented by a trusted module for executing a trusted program additionally embedded on a motherboard of an electronic device. The trusted module is a singlechip or an ARM system, and the performance of the additionally embedded device is low, so that the speed of trusted starting is low, and the efficiency of the starting process of the operating system of the electronic equipment is affected.
In order to solve the above problems, the embodiment of the invention provides a firmware trusted starting method. The method is applied to a Central Processing Unit (CPU) in electronic equipment, the electronic equipment further comprises a first storage chip and a second storage chip, the first storage chip stores a trusted program, and the second storage chip stores firmware, and the method comprises the following steps:
after the CPU is started, the trusted program is read from the first memory chip;
executing the read trusted program to perform the steps of:
carrying out security verification on the firmware; and triggering the starting of the firmware when the verification is successful.
The above can be seen that, by applying the technical solution provided by the embodiment of the present invention, the electronic device includes a first memory chip and a second memory chip, where the first memory chip stores a trusted program, and the second memory chip stores firmware. Thus, when the firmware is started in a trusted way, the CPU of the electronic equipment can read the trusted program from the first memory chip after starting; further, the read trusted program is executed to perform the steps of: and carrying out security verification on the firmware stored in the second memory chip, and triggering the start of the firmware when the verification is passed, so that the trusted start of the firmware can be realized.
Based on the above, in the technical scheme provided by the embodiment of the invention, a storage chip for storing the trusted program is added in the electronic equipment, and then, in the process of trusted starting of the firmware, the electronic equipment can directly utilize the CPU to execute the trusted program, thereby realizing verification and trusted starting of the firmware. Therefore, the performance of the CPU of the electronic equipment is higher, so that the speed of trusted starting can be improved, and the efficiency of the starting process of the operating system of the electronic equipment is improved.
In addition, on the premise of ensuring that the same starting efficiency as that of a trusted starting method in the prior art, the scheme in the embodiment of the invention only needs to add a memory chip in the electronic equipment, so that the hardware cost of the electronic equipment can be reduced; correspondingly, on the premise of ensuring the same cost as the trusted starting method in the prior art, the scheme provided by the embodiment of the invention is executed by the CPU of the electronic equipment, so that the efficiency of the trusted starting of the firmware can be improved. Of course, it is not necessary for any one product or method of practicing the invention to achieve all of the advantages set forth above at the same time.
The following describes a firmware trusted starting method in detail.
Fig. 1 is a flow chart of a firmware trusted starting method according to an embodiment of the present invention.
The method is applied to a CPU (Central Processing Unit ) of an electronic device, and the electronic device may be any electronic device that needs to be started by firmware, for example, a notebook computer, a desktop computer, a tablet computer, etc., which is not particularly limited, and the embodiment of the invention is hereinafter referred to as an electronic device.
In addition, the electronic device further comprises a first memory chip and a second memory chip, wherein the first memory chip stores a trusted program, and the second memory chip stores firmware.
Since the firmware is a program code that is solidified within the memory chip, it can be understood as an underlying program of the operating system of the electronic device, the firmware stored in the second memory chip is inherent to the electronic device, and thus the second memory chip is inherent to the electronic device. Based on the above, the first memory chip is newly added to the electronic device for storing the trusted program.
As shown in fig. 1, a method for trusted firmware initiation provided by an embodiment of the present invention may include the following steps:
s101: after the CPU is started, a trusted program is read from a first memory chip;
After the electronic equipment is powered on and started, a CPU of the electronic equipment is started, and then the CPU of the electronic equipment can read the trusted program from the first memory chip after being started.
The program is run in the CPU, so that the CPU is required to meet certain running environment requirements and hardware support of the electronic equipment is required, and the trusted program read by the CPU comprises an initialization program. Further, when executing the initialization program code in the read trusted program, the CPU may first initialize itself, and hardware related to the trusted program operation, such as a memory and a hard disk of the electronic device.
S102: executing the read trusted program, and carrying out security verification on the firmware; when the verification is successful, the start of the firmware is triggered.
After the CPU reads the trusted program from the first memory chip, the CPU may start executing the trusted program, i.e. the trusted program starts running in the CPU.
Wherein, the process of the CPU reading the trusted program from the first memory chip and executing the trusted program may be referred to as: the CPU is started from a trusted program in the first memory chip.
Thus, after the CPU starts from the trusted program in the first memory chip, the CPU can execute the trusted starting program to perform security verification on the firmware stored in the second memory chip, so as to determine whether the firmware is tampered and safe and trusted.
Furthermore, when the verification is successful, the firmware is not tampered and is safe and reliable, the CPU can execute the read trusted program to trigger the starting of the firmware, and the CPU can start executing the firmware.
That is, when the CPU executes the read trusted program to verify the firmware and the firmware is successfully verified, the CPU may stop executing the trusted program and start executing the firmware, thereby realizing secure boot of the firmware.
Among them, the process of executing firmware by the CPU may be referred to as: the CPU is started from firmware in the second memory chip.
Optionally, in a specific implementation manner, as shown in fig. 2, the step S102 may include the following steps:
s201: executing the read trusted program, and reading a first hash value of the pre-stored firmware from a designated storage location;
specifically, when starting to execute the read trusted program, the CPU may first read the first hash value of the pre-stored firmware from the specified storage location.
Wherein the first hash value of the firmware is calculated based on the untampered secure program code of the firmware using a hash algorithm.
It should be noted that, after the electronic device is powered on, the hardware device of the electronic device cannot be started directly, and the required hardware device may be different according to the program executed by the CPU of the electronic device, so that related hardware in the electronic device needs to be initialized according to the program executed by the CPU, so that the hardware can be started, and then, the hardware is called when the CPU executes the program.
Based on this, in the process of step S101 described above, the CPU executes the read trusted program, and first initializes the relevant hardware in the electronic apparatus. For example, a hardware device such as a memory, a network port, a hard disk, etc. of the electronic device is initialized.
Optionally, in a specific implementation manner, the step S201 may include the following steps:
reading a preset encryption hash value of the firmware from the first storage device, and decrypting the encryption hash value to obtain a first hash value of the firmware;
the first storage device is a hard disk of the electronic device or a storage device in communication connection with the electronic device.
The first hash value of the preset firmware can be stored in the storage device, so that the CPU can read the first hash value from the storage device when executing the read trusted program.
Further, in order to secure the first hash value stored into the storage device, the first hash value may be encrypted at the time of storage. Based on this, when executing the read trusted program, the CPU may first read a preset encrypted hash value of the firmware from the first storage device, and then decrypt the encrypted hash value, thereby obtaining a first hash value of the firmware.
Any information encryption method may be used to encrypt the first hash value of the firmware to obtain the encrypted hash value of the firmware, which is not particularly limited in the embodiment of the present invention.
The first storage device may be a storage device of the electronic device itself, for example, a hard disk of the electronic device, or may be another storage device communicatively connected to the electronic device, for example, a web server communicatively connected to the electronic device, or another electronic device communicatively connected to the electronic device. This is reasonable.
Alternatively, in another specific implementation manner, the step S201 may include the following steps:
reading a first hash value of preset firmware from a trusted program;
specifically, when writing the trusted program, the preset first hash value of the firmware may be written into the trusted program, so that when executing the read trusted program, the CPU may read the pre-written first hash value from the code of the trusted program.
In this way, in this specific implementation manner, when the firmware of the electronic device is not updated, the CPU may directly read the first hash value from the read trusted program, so that the reading process is more convenient and efficient.
S203: executing the read trusted program, and reading the firmware from the second memory chip;
s204: executing the read trusted program, calculating a second hash value of the firmware based on the read firmware, and determining whether the first hash value and the second hash value are the same; if so, S205 is performed;
s205: executing the read trusted program, triggering the start-up of the firmware.
After the read trusted program is executed and the first hash value of the pre-stored firmware is read from the designated storage location, the CPU may continue to execute the read trusted program and read the firmware from the second memory chip. Further, when the firmware is read, the CPU may further execute the read trusted program, calculate a second hash value of the firmware based on the program code of the read firmware, and determine whether the first hash value of the read firmware and the calculated second hash value of the firmware are the same.
The hash algorithm used for calculating the first hash value of the firmware in advance is the same as the hash algorithm used for calculating the second hash value of the firmware in step S204 described above.
Further, when the program code for calculating the hash value and the hash algorithm are the same, the calculated hash value is the same, and correspondingly, when the hash algorithm for calculating the hash value and the calculated hash value are the same, the program code for calculating the hash value is the same.
Based on this, when it is determined in the above-described step S204 that the first hash value of the read firmware and the second hash value of the calculated firmware are the same, it is indicated that the program code of the firmware for calculating the first hash value is the same as the program code of the firmware for calculating the second hash value, that is, the program code of the firmware for calculating the first hash value is the same as the program code of the CPU executing the read trusted program, and the firmware read from the second memory chip is the same.
Further, since the program code for calculating the first hash value is the tamper-free secure program code of the firmware, the CPU executes the read trusted program, and the firmware read from the second memory chip is secure, that is, the secure verification of the firmware is successful in the trusted boot process, based on which the CPU can execute the read trusted program, and determine that the secure verification of the firmware is successful. Thus, the CPU can execute the read trusted program to trigger the starting of the firmware.
In contrast to the case where the CPU executes the read trusted program to determine that the first hash value of the read firmware and the calculated second hash value of the firmware are the same in step S204 described above, when the CPU executes the read trusted program to determine that the first hash value of the read firmware and the calculated second hash value of the firmware are different, it is indicated that the program code of the firmware for calculating the first hash value and the program code of the firmware for calculating the second hash value are different, that is, the program code of the firmware for calculating the first hash value and the program code of the firmware for CPU executing the read trusted program are different, and the firmware read from the second memory chip is different.
At this time, when the CPU executes the read trusted program to determine that the first hash value of the read firmware and the calculated second hash value of the firmware are different, there may be two cases:
case one: the CPU executes the read trusted program, and the firmware read from the second memory chip is unsafe, for example, the read firmware is tampered with by a hacker or the like;
and a second case: the user updates the first hash value of the firmware stored in advance in the designated storage location, thereby causing the calculated second hash value to be different from the first hash value although the CPU executes the read trusted program and the firmware read from the second memory chip is not tampered with.
Obviously, in either case, at this time, the secure verification of the firmware is unsuccessful in the trusted boot process, and therefore, the boot of the firmware cannot be triggered.
Optionally, when the CPU executes the read trusted program to determine that the first hash value of the read firmware and the calculated second hash value of the firmware are different, the CPU may execute the read trusted program to issue a prompt message for prompting that the security verification of the firmware is unsuccessful.
The prompt information can have various expression forms, such as voice prompt information, text prompt information, flashing prompt information of a warning lamp, and the like. This is reasonable.
Optionally, in a specific implementation manner, as shown in fig. 3, the method for starting up firmware trusted according to the embodiment of the present invention further includes the following steps:
s206: if the first hash value and the second hash value are judged to be different, the backup firmware stored in the second storage device in advance is read, and the firmware stored in the second storage chip is replaced by the backup firmware.
The second storage device is a hard disk of the electronic device or a storage device in communication connection with the electronic device;
in this embodiment, when it is determined that the first hash value and the second hash value are different, it is indicated that the security verification of the firmware currently stored in the second memory chip is unsuccessful, and the starting of the firmware cannot be triggered, so the CPU may execute the read trusted program to directly read the backup firmware stored in advance from the second memory device, thereby covering the firmware stored in the second memory chip with the backup firmware, so as to replace the firmware stored in the second memory chip that is unsuccessful in the security verification with the backup firmware.
Furthermore, the electronic device is restarted, the CPU can return to execute the firmware trusted starting method provided by the embodiment of the invention, and in the process of returning to execute the method again, the CPU executes the firmware read by the read trusted program from the second memory chip as the backup firmware read from the second memory device.
The second storage device may be a storage device of the electronic device itself, for example, a hard disk of the electronic device, or may be another storage device communicatively connected to the electronic device, for example, a network server connected to a network of the electronic device, or another electronic device communicatively connected to the electronic device. This is reasonable.
The second storage device may be the same storage device as the first storage device, or may be a different storage device.
In the technical field of the embodiment of the present invention, for the above-mentioned case, the CPU executes the read trusted program, and the firmware read from the second memory chip is unsafe, that is, the first hash value is not changed, and the firmware stored in the second memory chip is tampered, where the process of step S206 may be referred to as firmware recovery;
For the second case, the user updates the first hash value of the firmware stored in advance in the designated storage location, so that although the CPU executes the read trusted program, the firmware read from the second storage chip is not tampered, the calculated second hash value is still different from the first hash value, that is, the first hash value is changed, and the firmware stored in the second storage chip is not changed, at this time, the process of the step S206 may be referred to as firmware upgrade;
for the second case, the backup firmware stored in the second storage device in advance is firmware for calculating the updated first hash value, and obviously, the backup firmware may be different from the firmware stored in the second storage chip.
In the field of computer security, physical isolation is a relatively efficient way to ensure security. Based on this, in order to prevent a hacker from being connected to the first memory chip by means of the CPU, thereby having an opportunity to access and tamper with the trusted program stored in the first memory chip, thereby reducing the security of the trusted program, leading to failure of trusted starting of the firmware, or leading to unsafe firmware being started through security, threatening the operation security of the whole electronic device, the CPU may be physically isolated from the first memory chip before the CPU reads the firmware from the second memory chip, so as to reduce the opportunity of malicious access and tampering with the trusted program stored in the first memory chip, and ensure the security of the trusted program.
Based on this, in an optional specific implementation manner, after the electronic device is powered on, the CPU is connected to the first storage chip by default, and the CPU is not connected to the second storage chip; furthermore, as shown in fig. 4, the method for starting up the firmware trusted according to the embodiment of the present invention further includes the following steps:
s202: the CPU executes the read trusted program, disconnects the CPU from the first memory chip, and establishes the connection of the CPU to the second memory chip.
The trusted program is run in the CPU, and when the CPU reads the trusted program from the first memory chip, the trusted program can be stored in the memory of the electronic device or the cache of the CPU, so that when the connection between the CPU and the first memory chip is disconnected, the trusted program still exists in the memory of the electronic device or the cache of the CPU, and the CPU can still execute the trusted program.
In this specific implementation manner, before the CPU is connected to the second memory chip, the CPU is disconnected from the first memory chip, so as to implement physical isolation between the CPU and the first memory chip.
Optionally, based on the embodiment shown in fig. 4, in a specific implementation manner, the electronic device further includes a switch, where the switch is used to control the CPU to connect with the first memory chip or the second memory chip;
Accordingly, in this embodiment, in step S202, the step of executing the read trusted program by the CPU, disconnecting the CPU from the first memory chip, and establishing the connection between the CPU and the second memory chip may include the following steps:
the CPU executes the read trusted program and switches the control state of the change-over switch, which is connected with the first storage chip by the CPU, to the control state of the connection of the CPU with the second storage chip.
In this specific implementation manner, after the electronic device is powered on, the switch is located in a control state where the CPU is connected to the first memory chip by default.
Optionally, when the switch is switched from the control state of the connection between the CPU and the first storage chip to the control state of the connection between the CPU and the second storage chip, before the electronic device is powered on again, that is, before the electronic device is turned off and restarted, so that the switch is restored to the default control state of the connection between the CPU and the first storage chip, the switch may not receive the control signal, where the control signal is a signal for controlling the switch to change the control state.
That is, when the change-over switch is switched from the control state in which the CPU is connected to the first memory chip to the control state in which the CPU is connected to the second memory chip, the change-over switch will always maintain the control state in which the CPU is connected to the second memory chip before the electronic device is powered up again, without being switched to the control state in which the CPU is connected to the first memory chip again, so that the CPU will always maintain the connection to the second memory chip after the CPU is connected to the second memory chip and before the electronic device is powered up again, without being connected to the first memory chip again.
Therefore, a hacker can be prevented from connecting the CPU with the first memory chip again by controlling the switching state of the switching switch, and the security of the trusted program stored in the first memory chip is endangered.
Further, optionally, a switch included in the electronic device may be connected to the first memory chip or the second memory chip through a general purpose input/output port GPIO control CPU.
As shown in fig. 8, a connection relationship diagram among a switch, a first memory chip, a second memory chip and a CPU in an electronic device is shown. The FLASH1 is a first memory chip, the FLASH2 is a second memory chip, the FLASH1 and the change-over switch are connected through a FLASH1 interface, the FLASH2 and the change-over switch are connected through a FLASH2 interface, the CPU and the change-over switch are connected through a FLASH interface I, and the change-over switch controls the connection of the CPU and the FLASH1 or the FLASH2 through the GPIO.
Since the operating environment required by the CPU to execute the trusted program may be different from that required by the CPU to execute the firmware, the relevant hardware devices in the electronic device may be reinitialized when the CPU executes the firmware. Wherein, since the related hardware devices in the electronic device have been initialized when the CPU executes the read trusted program, when the CPU executes the firmware, the process of re-initializing the related hardware devices in the electronic device may be referred to as resetting the hardware devices of the electronic device.
Based on this, in an optional specific implementation manner, as shown in fig. 5, the method for starting up firmware trusted according to the embodiment of the present invention further includes the following steps:
s207: and resetting the hardware equipment of the electronic equipment, and starting the firmware after the resetting is completed.
In this specific implementation manner, when it is determined in step S204 that the first hash value of the read firmware is the same as the second hash value of the calculated firmware, the CPU executes the read trusted program to trigger the start of the firmware, and then the CPU receives the trigger information, so that the hardware device of the electronic device can be reset, and further, when the reset is completed, the electronic device can start to start the firmware.
Of course, the CPU may not reset the hardware device of the electronic device, but may directly initialize the remaining hardware devices related to firmware running in the electronic device, which are not initialized.
Further, optionally, since the operating environment required by the CPU to execute the trusted program and the CPU to execute the firmware may be different, when the CPU executes the firmware, the relevant operating environment in the CPU may be reinitialized to meet the requirement of firmware operation. In this case, since the CPU has been initialized when the CPU executes the read trusted program, the process of re-initializing the CPU when the CPU executes the firmware may be referred to as a CPU reset.
Of course, when the CPU executes the firmware, the CPU may not perform resetting, but may directly initialize the remaining various parameters related to the firmware operation that have not been initialized in the related operation environment in the CPU.
Alternatively, when the electronic device includes a switch for controlling connection of the CPU to the first memory chip or the second memory chip on the basis of the embodiment shown in fig. 5, the switch is in a control state in which the CPU is connected to the second memory chip and the CPU is not connected to the first memory chip when it is determined in step S204 that the read first hash value of the firmware and the calculated second hash value of the firmware are the same.
Based on this, in one embodiment, when the CPU executes the above step S207 and resets the hardware device of the electronic device, the CPU may send a reset signal only to each hardware device, and then the change-over switch will maintain the control state that the CPU is connected to the second memory chip and the CPU is not connected to the first memory chip, but will not switch to the control state that the CPU is not connected to the second memory chip and the CPU is connected to the first memory chip.
In another embodiment, when the change-over switch is set, the reset interface may not be set in the change-over switch, so that even if the CPU sends a reset signal to the change-over switch, the change-over switch cannot receive the reset signal, and therefore, the change-over switch can only recover to a default control state where the CPU is connected to the first storage chip after the electronic device is powered up again.
In another embodiment, when the CPU executes the above step S207 and resets the hardware device of the electronic device, a reset signal may be sent to each hardware device and the switch at the same time, and in order to ensure that the physical isolation between the first memory chip and the CPU is maintained in the subsequent trusted starting process, the switch may ignore the reset signal, so as to maintain the control state that the CPU is connected to the second memory chip and the CPU is not connected to the first memory chip, but not to switch to the control state that the CPU is not connected to the second memory chip and the CPU is connected to the first memory chip.
It should be noted that, when the CPU does not reset the hardware of the electronic device, but directly initializes the hardware device related to the firmware operation in the electronic device that is not yet initialized, and/or the CPU does not reset, but directly initializes the remaining various parameters related to the firmware operation in the related operation environment in the CPU, because the hardware that is required to be initialized, and/or the number of various parameters in the CPU is less, the efficiency of trusted starting can be further improved, and thus, the efficiency of the starting process of the operating system of the electronic device is improved.
In order to improve the starting performance of the electronic device, a technician can continuously upgrade the trusted program to improve the efficiency of the trusted starting process of the firmware, so that an upgrade interface can be reserved in the trusted program in order to ensure that the trusted program can be successfully upgraded.
Based on this, in an optional specific implementation manner, as shown in fig. 6, the method for starting up firmware trusted according to the embodiment of the present invention further includes the following steps:
s208: the CPU executes the read trusted program and judges whether an upgrading request of the trusted program exists or not; if yes, execute S209; if not, returning to execute step S201;
s209: the trusted program is upgraded, the electronic device is restarted, and step S101 is returned.
In this specific implementation manner, when the CPU executes the read trusted program and determines that there is an upgrade request of the trusted program, the CPU may read upgrade information of the trusted program from the third storage device, thereby upgrading the trusted program, and also store the upgraded trusted program in the first storage chip.
The third storage device may be the same storage device as the first storage device and the second storage device, or may be different storage devices.
After the trusted program is upgraded, in order to enable the trusted start of the firmware by using the upgraded trusted program, the electronic device may be restarted, so that the CPU is restarted, and further, the above step S101 is executed again, and after the CPU is started, the trusted program is read from the first memory chip.
When the step S101 is executed, the trusted program read by the restarted CPU from the first memory chip is the upgraded trusted program.
Correspondingly, when the CPU executes the read trusted program and judges that the upgrading request of the trusted program does not exist, the trusted program does not need to be upgraded, and further, the CPU executes the read trusted program and can continue to execute relevant steps in the subsequent trusted starting process.
The CPU executes the read trusted program to determine whether there is a request for upgrading the trusted program in various manners, for example, the CPU executes the read trusted program to detect a jump cap or a hot key to determine whether there is a request for upgrading the trusted program.
The jump cap is a movable part, the outer layer is made of insulating plastic, the inner layer is made of conductive material, and the jump cap can be inserted on the jumper pins of the main board, so that the two jumper pins are communicated. The general design is that one jumper pin is connected with the GPIO and is pulled up through a pull-up resistor, and the other jumper pin is connected with the ground, so that when the jump cap is inserted, the two jumper pins are communicated, the GPIO level is pulled down, and therefore whether a user is connected with the jump cap or not can be judged by detecting the level on the GPIO so as to request the upgrading of the trusted program.
The hot key refers to a keyboard key or a combination key, and whether the user has a request for upgrading the trusted program can be judged by detecting whether the user presses a keyboard-designated key or a combination key.
In order to facilitate understanding of a firmware trusted boot method provided by an embodiment of the present invention, as shown in fig. 7, a flowchart of a specific embodiment is shown. Specifically, this embodiment includes the steps of:
s700: powering up and starting the electronic equipment;
s701: the change-over switch is switched to a control state that the CPU is not connected with the second memory chip and the CPU is connected with the first memory chip, and resets the CPU;
s702: after the CPU is started, the CPU reads a trusted program from the first memory chip;
s703: the CPU executes the read trusted program to initialize the CPU and hardware in the electronic equipment;
s704: the CPU executes the read trusted program and judges whether an upgrading request of the trusted program exists or not; if yes, go to step S705; otherwise, step S706 is performed;
s705: the CPU upgrades the trusted program, and restarts the electronic equipment, and returns to execute the step S701;
s706: the CPU executes the read trusted program and reads a first hash value of the pre-stored firmware from a designated storage position;
S707: the CPU executes the read trusted program, and switches the control state of the change-over switch, which is connected with the first storage chip by the CPU, to the control state of the connection of the CPU with the second storage chip;
s708: the CPU executes the read trusted program, reads the firmware from the second memory chip, and calculates a second hash value of the firmware based on the read firmware;
s709: the CPU executes the read trusted program and judges whether the first hash value and the second hash value are the same; if yes, go to step S710, otherwise go to step S711;
s710: the CPU resets hardware equipment of the electronic equipment, resets the CPU, and starts firmware after the CPU is reset;
s711: and reading the pre-stored backup firmware from the second storage device, replacing the firmware stored in the second storage chip with the backup firmware, restarting the electronic device, and returning to the execution step S701.
Corresponding to the firmware trusted starting method provided by the embodiment of the present invention, the embodiment of the present invention further provides an electronic device, as shown in fig. 9, which includes a processor 901, a communication interface 902, a memory 903, a communication bus 904, a first memory chip 905 and a second memory chip 906, where the processor 901, the communication interface 902, the memory 903, the first memory chip 905 and the second memory chip 906 complete communication with each other through the communication bus 904,
A memory 903 for storing a computer program;
a first memory chip 905 for storing a trusted program;
a second memory chip 906 for storing firmware;
a processor 901, configured to read the trusted program from the first memory chip after the CPU is started, and execute the read trusted program to perform the following steps:
carrying out security verification on the firmware; and triggering the starting of the firmware when the verification is successful.
The above can be seen that, by applying the technical solution provided by the embodiment of the present invention, the electronic device includes a first memory chip and a second memory chip, where the first memory chip stores a trusted program, and the second memory chip stores firmware. Thus, when the firmware is started in a trusted way, the processor of the electronic device can read the trusted program from the first memory chip after starting; further, the read trusted program is executed to perform the steps of: and carrying out security verification on the firmware stored in the second memory chip, and triggering the start of the firmware when the verification is passed, so that the trusted start of the firmware can be realized.
Based on the above, in the technical scheme provided by the embodiment of the invention, a storage chip for storing the trusted program is added in the electronic equipment, and then, in the process of trusted starting of the firmware, the electronic equipment can directly utilize the processor of the electronic equipment to execute the trusted program, thereby realizing verification and trusted starting of the firmware. In this way, the performance of the processor of the electronic device is higher, so that the speed of trusted starting can be increased, and the efficiency of the starting process of the operating system of the electronic device is improved.
In addition, on the premise of ensuring that the same starting efficiency as that of a trusted starting method in the prior art, the scheme in the embodiment of the invention only needs to add a memory chip in the electronic equipment, so that the hardware cost of the electronic equipment can be reduced; correspondingly, on the premise of ensuring the same cost as the trusted starting method in the prior art, the scheme provided by the embodiment of the invention is executed by the processor of the electronic equipment, so that the efficiency of the trusted starting of the firmware can be improved. Of course, it is not necessary for any one product or method of practicing the invention to achieve all of the advantages set forth above at the same time.
Optionally, in a specific implementation manner, the CPU performs security verification on the firmware; when verification is successful, the manner of triggering the start of the firmware comprises:
executing the read trusted program, and reading a first hash value of the firmware stored in advance from a designated storage position;
executing the read trusted program, and reading the firmware from the second memory chip;
executing the read trusted program, calculating a second hash value of the firmware based on the read firmware, and judging whether the first hash value and the second hash value are the same;
Executing the read trusted program, and triggering the start of the firmware when the judgment result is yes.
Optionally, in a specific implementation manner, after the electronic device is powered on, the CPU is connected to the first storage chip, and the CPU is not connected to the second storage chip;
the processor 901 is further configured to execute the read trusted program, disconnect the CPU from the first memory chip and establish a connection between the CPU and the second memory chip before reading the firmware from the second memory chip.
Optionally, in a specific implementation manner, the electronic device further includes a switch, where the switch is used to control the CPU to connect with the first memory chip or the second memory chip;
the processor 901 is specifically configured to execute the read trusted program, and switch the control state of the switch, in which the CPU is connected to the first memory chip, to the control state of the CPU connected to the second memory chip.
Optionally, in a specific implementation manner, the switch controls the CPU to be connected to the first memory chip or the second memory chip through a general purpose input/output port GPIO.
Optionally, in a specific implementation manner, the processor 901 is further configured to reset a hardware device of the electronic device before starting the firmware, and after the reset is completed, start the firmware.
Optionally, in a specific implementation manner, the processor 901 is further configured to, before the step of reading a first hash value of the firmware stored in advance from the specified storage location, execute the read trusted program, and determine whether an upgrade request of the trusted program exists;
if yes, upgrading the trusted program, restarting the electronic equipment, and returning to the step of reading the trusted program from the first memory chip;
and if not, returning to the step of executing the read trusted program and reading the prestored first hash value of the firmware from the appointed storage position.
Optionally, in a specific implementation manner, the step of reading the pre-stored first hash value of the firmware from the designated storage location includes:
reading a preset encryption hash value of the firmware from a first storage device, and decrypting the encryption hash value to obtain a first hash value of the firmware; the first storage device is a hard disk of the electronic device or a storage device in communication connection with the electronic device.
Optionally, in a specific implementation manner, the processor 901 is further configured to read backup firmware stored in advance in the second storage device and replace firmware stored in the second storage chip with the backup firmware if it is determined that the first hash value and the second hash value are different; the second storage device is a hard disk of the electronic device or a storage device in communication connection with the electronic device. .
The communication bus mentioned above for the electronic devices may be a peripheral component interconnect standard (Peripheral Component Interconnect, PCI) bus or an extended industry standard architecture (Extended Industry Standard Architecture, EISA) bus, etc. The communication bus may be classified as an address bus, a data bus, a control bus, or the like. For ease of illustration, the figures are shown with only one bold line, but not with only one bus or one type of bus.
The communication interface is used for communication between the electronic device and other devices.
The Memory may include random access Memory (Random Access Memory, RAM) or may include Non-Volatile Memory (NVM), such as at least one disk Memory. Optionally, the memory may also be at least one memory device located remotely from the aforementioned processor.
The processor may be a general-purpose processor, including a central processing unit (Central Processing Unit, CPU), a network processor (Network Processor, NP), etc.; but also digital signal processors (Digital Signal Processing, DSP), application specific integrated circuits (Application Specific Integrated Circuit, ASIC), field programmable gate arrays (Field-Programmable Gate Array, FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components.
Corresponding to the firmware trusted starting method provided by the embodiment of the invention, the embodiment of the invention also provides a computer readable storage medium, and the computer program realizes the firmware trusted starting method provided by the embodiment of the invention when being executed by a processor.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
In this specification, each embodiment is described in a related manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for system embodiments, since they are substantially similar to method embodiments, the description is relatively simple, as relevant to see a section of the description of method embodiments.
The foregoing description is only of the preferred embodiments of the present invention and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present invention are included in the protection scope of the present invention.

Claims (11)

1. The method is characterized by being applied to a Central Processing Unit (CPU) in electronic equipment, the electronic equipment further comprises a first storage chip and a second storage chip, the first storage chip stores a trusted program, and the second storage chip stores firmware, and the method comprises the following steps:
after the CPU is started, the trusted program is read from the first memory chip;
executing the read trusted program to perform the steps of:
Carrying out security verification on the firmware; and triggering the starting of the firmware when the verification is successful.
2. The method of claim 1, wherein the secure validation of the firmware; triggering the start of the firmware when the verification is successful, including:
reading a first hash value of the firmware stored in advance from a designated storage location;
reading the firmware from the second memory chip;
calculating a second hash value of the firmware based on the read firmware, and judging whether the first hash value and the second hash value are the same;
and when the judgment result is yes, triggering the starting of the firmware.
3. The method of claim 2, wherein after powering up the electronic device, the CPU is connected to the first memory chip, and the CPU is unconnected to the second memory chip;
the CPU executes the read trusted program, and further executes the steps of:
before the firmware is read from the second memory chip, the connection between the CPU and the first memory chip is disconnected, and the connection between the CPU and the second memory chip is established.
4. The method of claim 3, wherein the electronic device further comprises a switch for controlling the CPU to connect with the first memory chip or the second memory chip;
The step of disconnecting the CPU from the first memory chip and establishing connection between the CPU and the second memory chip includes:
and switching the control state of the change-over switch, in which the CPU is connected with the first storage chip, to the control state of the connection of the CPU with the second storage chip.
5. The method of claim 4, wherein the step of determining the position of the first electrode is performed,
the change-over switch controls the CPU to be connected with the first storage chip or the second storage chip through a general purpose input/output port GPIO.
6. The method of any of claims 1-5, wherein prior to booting the firmware, the method further comprises:
resetting the hardware equipment of the electronic equipment, and starting the firmware after the resetting is completed.
7. The method according to any one of claims 2-5, wherein the CPU executes the read trusted program, further performing the steps of:
before the step of reading the first hash value of the firmware stored in advance from the designated storage location, judging whether an upgrade request of the trusted program exists;
if yes, upgrading the trusted program, restarting the electronic equipment, and returning to the step of reading the trusted program from the first memory chip;
If not, the step of reading the pre-stored first hash value of the firmware from the designated storage location is performed.
8. The method of any of claims 2-5, wherein the step of reading a pre-stored first hash value of the firmware from a designated storage location comprises:
reading a preset encryption hash value of the firmware from a first storage device, and decrypting the encryption hash value to obtain a first hash value of the firmware;
the first storage device is a hard disk of the electronic device or a storage device in communication connection with the electronic device.
9. The method according to any one of claims 2-5, wherein the CPU executes the read trusted program, further performing the steps of:
if the first hash value and the second hash value are judged to be different, reading backup firmware stored in the second storage device in advance, and replacing the firmware stored in the second storage chip with the backup firmware;
the second storage device is a hard disk of the electronic device or a storage device in communication connection with the electronic device.
10. The electronic equipment is characterized by comprising a processor, a communication interface, a memory, a communication bus, a first memory chip and a second memory chip, wherein the processor, the communication interface, the memory, the first memory chip and the second memory chip are in communication with each other through the communication bus;
The memory is used for storing a computer program;
the first memory chip is used for storing a trusted program;
the second memory chip is used for storing firmware;
and the processor is used for reading the trusted program from the first storage chip after starting and executing the read trusted program to execute the following steps:
carrying out security verification on the firmware; and triggering the starting of the firmware when the verification is successful.
11. A computer-readable storage medium, characterized in that the computer-readable storage medium has stored therein a computer program which, when executed by a processor, implements the method steps of any of claims 1-9.
CN201911417938.2A 2019-12-31 2019-12-31 Firmware trusted starting method, electronic equipment and readable storage medium Active CN113127879B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911417938.2A CN113127879B (en) 2019-12-31 2019-12-31 Firmware trusted starting method, electronic equipment and readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911417938.2A CN113127879B (en) 2019-12-31 2019-12-31 Firmware trusted starting method, electronic equipment and readable storage medium

Publications (2)

Publication Number Publication Date
CN113127879A CN113127879A (en) 2021-07-16
CN113127879B true CN113127879B (en) 2023-09-05

Family

ID=76769631

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911417938.2A Active CN113127879B (en) 2019-12-31 2019-12-31 Firmware trusted starting method, electronic equipment and readable storage medium

Country Status (1)

Country Link
CN (1) CN113127879B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113569302A (en) * 2021-07-28 2021-10-29 全球能源互联网研究院有限公司 Terminal trusted control module, control method and device and electronic equipment
CN114661368B (en) * 2022-05-19 2022-09-06 中昊芯英(杭州)科技有限公司 Chip and starting method thereof

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5553237A (en) * 1994-12-13 1996-09-03 Base Ten Systems, Inc. Safety critical monitoring of microprocessor controlled embedded systems
CN106384053A (en) * 2016-09-14 2017-02-08 江苏北弓智能科技有限公司 Trusted boot method and apparatus for mobile operation system
CN108549551A (en) * 2018-04-13 2018-09-18 浪潮(北京)电子信息产业有限公司 A kind of the startup method, apparatus and equipment of server network interface card
CN109325352A (en) * 2018-08-28 2019-02-12 全球能源互联网研究院有限公司 A kind of credible calculating platform framework
CN109542518A (en) * 2018-10-09 2019-03-29 华为技术有限公司 The method of chip and bootrom
CN110096393A (en) * 2018-01-31 2019-08-06 北京可信华泰信息技术有限公司 A kind of credible measure of server
CN110321715A (en) * 2019-07-08 2019-10-11 北京可信华泰信息技术有限公司 Credible measurement method, apparatus and processor

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8782387B2 (en) * 2011-12-31 2014-07-15 International Business Machines Corporation Secure boot of a data breakout appliance with multiple subsystems at the edge of a mobile data network
CN104951316B (en) * 2014-03-25 2018-09-21 华为技术有限公司 A kind of credible startup method and apparatus of kernel

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5553237A (en) * 1994-12-13 1996-09-03 Base Ten Systems, Inc. Safety critical monitoring of microprocessor controlled embedded systems
CN106384053A (en) * 2016-09-14 2017-02-08 江苏北弓智能科技有限公司 Trusted boot method and apparatus for mobile operation system
CN110096393A (en) * 2018-01-31 2019-08-06 北京可信华泰信息技术有限公司 A kind of credible measure of server
CN108549551A (en) * 2018-04-13 2018-09-18 浪潮(北京)电子信息产业有限公司 A kind of the startup method, apparatus and equipment of server network interface card
CN109325352A (en) * 2018-08-28 2019-02-12 全球能源互联网研究院有限公司 A kind of credible calculating platform framework
CN109542518A (en) * 2018-10-09 2019-03-29 华为技术有限公司 The method of chip and bootrom
CN110321715A (en) * 2019-07-08 2019-10-11 北京可信华泰信息技术有限公司 Credible measurement method, apparatus and processor

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
嵌入式系统的安全启动机制研究与应用;李锐等;《家庭生活指南》;全文 *

Also Published As

Publication number Publication date
CN113127879A (en) 2021-07-16

Similar Documents

Publication Publication Date Title
CN111052118B (en) Hardware-implemented firmware security
US10395039B2 (en) Customer-owned trust of device firmware
EP2729896B1 (en) Bios flash attack protection and notification
US9292302B2 (en) Allowing bypassing of boot validation in a computer system having secure boot enabled by default only under certain circumstances
EP3522059B1 (en) Perform security action based on inventory comparison
US8856771B2 (en) Protection for unauthorized firmware and software upgrades to consumer electronic devices
EP3399408B1 (en) Information processing apparatus and computer readable storage medium
CN109657448B (en) Method and device for acquiring Root authority, electronic equipment and storage medium
CN111158767B (en) BMC-based server safe starting method and device
EP2962241A1 (en) Continuation of trust for platform boot firmware
US9710652B1 (en) Verifying boot process of electronic device
CN113127879B (en) Firmware trusted starting method, electronic equipment and readable storage medium
US20180285126A1 (en) Method and apparatus for hybrid firmware boot
CN110795738A (en) Computer starting method, controller, storage medium and system
US10621330B2 (en) Allowing use of a test key for a BIOS installation
CN112181513B (en) Trusted measurement method based on control host system guidance of hardware board card
US10019579B2 (en) Embedded controller for safety booting and method thereof
CN111625263A (en) Server component firmware updating method
CN116266467A (en) Memory device with secure boot update and auto-restore
CN113626792B (en) PCIe Switch firmware secure execution method, device, terminal and storage medium
KR102386614B1 (en) IoT Device Firmware Update System, IoT Device Firmware Update Method, and IoT Device Booting Method
CN107360167B (en) Authentication method and device
WO2021262161A1 (en) Authentication of hardware component firmware
CN111506897A (en) Data processing method and device
KR20230081988A (en) Vehicle security starting method, device, electronic control unit and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant