CN109426523B - Dual-system starting method based on trustzone technology and computer readable storage medium - Google Patents
Dual-system starting method based on trustzone technology and computer readable storage medium Download PDFInfo
- Publication number
- CN109426523B CN109426523B CN201710710893.2A CN201710710893A CN109426523B CN 109426523 B CN109426523 B CN 109426523B CN 201710710893 A CN201710710893 A CN 201710710893A CN 109426523 B CN109426523 B CN 109426523B
- Authority
- CN
- China
- Prior art keywords
- operating system
- program
- real
- starting
- running
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/4401—Bootstrapping
- G06F9/4406—Loading of operating system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/74—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
Abstract
The invention discloses a dual-system starting method and a computer readable storage medium, wherein the method comprises the following steps: running a ROM program; if the ROM program verifies that the boot program passes, operating the boot program; the boot program is started to load a real-time operating system and a common operating system to a memory area; running the real-time operating system; and loading and running the common operating system through the real-time operating system. The invention uses a boot program to start and load the dual system, the first operating system directly starts the second operating system, and skips the running time of the second boot program, thereby greatly shortening the starting time, simplifying the starting process and ensuring the safety of the system mirror image in the starting process.
Description
Technical Field
The invention relates to the field of operating systems, in particular to a dual-system starting method based on a trustzone technology and a computer readable storage medium.
Background
Trustzone technology (trusted zone technology) is a security extension of ARM processors, which can divide hardware and software on system devices into two operating environments: trusted environments and untrusted environments. Software running in a trusted environment may access all resources of the processor, while software running in an untrusted environment may only access non-secure resources on the processor. A common operating system with rich applications, such as a linux operating system and an Android operating system, is generally run in an untrusted environment, and a real-time operating system is run in a trusted environment.
The prior guide method based on the trustzone double system comprises the following steps:
after the device is powered on, a boot program (ROM program) solidified on a processor is firstly run, then a first boot program is loaded and verified, and after the verification is passed, the first boot program starts to execute. The first boot bootstrap program loads a real-time operating system and a second boot bootstrap program to a memory area of the processor, verifies the identities of the real-time operating system and the second boot bootstrap program, jumps to the real-time operating system to run after the verification is passed, jumps to the second boot bootstrap program to run after the real-time operating system is initialized, and the second boot bootstrap program loads a common operating system to the memory area again, verifies the identity of the common operating system, and jumps to an entry address of the common operating system to start running the common operating system after the verification is passed.
The disadvantage of this method is that two boot drivers (the two boot drivers have the same main function, but the boot objects are different) need to be run, the engineering measurement of the run time of one boot driver is about 600ms to 700ms, and in the case of needing quick start, such as the vehicle-mounted ECU module needs to be started within 2s, the cost of the time is huge.
Disclosure of Invention
The technical problem to be solved by the invention is as follows: a dual-system starting method based on the trustzone technology and a computer readable storage medium are provided, which simplify the starting process, reduce the starting time and simultaneously have no loss of safety.
In order to solve the technical problems, the invention adopts the technical scheme that: a dual-system starting method based on a trustzone technology comprises the following steps:
running a ROM program;
if the ROM program verifies that the boot bootstrap program passes, running the boot bootstrap program;
the boot program is started to load a real-time operating system and a common operating system to a memory area;
running the real-time operating system;
and loading and running the common operating system through the real-time operating system.
The invention also relates to a computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of:
running a ROM program;
if the ROM program verifies that the boot bootstrap program passes, running the boot bootstrap program;
the boot program is started to load a real-time operating system and a common operating system to a memory area;
running the real-time operating system;
and loading and running the common operating system through the real-time operating system.
The invention has the beneficial effects that: the dual system is started and loaded by only using one starting bootstrap program, the second starting bootstrap program is cancelled, the first operating system directly starts the second operating system, the running time of the second starting bootstrap program is skipped, the starting time is greatly shortened, the starting process is simplified, the safety of the system mirror image in the starting process can be ensured, and the dual system has good engineering utilization value in the occasion needing quick starting.
Drawings
FIG. 1 is a flow chart of a dual system starting method based on trustzone technology of the present invention;
FIG. 2 is a flowchart of a method according to a first embodiment of the present invention.
Detailed Description
In order to explain technical contents, objects and effects of the present invention in detail, the following detailed description is given with reference to the accompanying drawings in conjunction with the embodiments.
The most key concept of the invention is as follows: the dual system is loaded by using only one boot loader, and the second operating system is directly started by the first operating system.
Referring to fig. 1, a dual system booting method based on trustzone technology includes:
running a ROM program;
if the ROM program verifies that the boot program passes, operating the boot program;
the boot program is started to load a real-time operating system and a common operating system to a memory area;
running the real-time operating system;
and loading and running the common operating system through the real-time operating system.
From the above description, the beneficial effects of the present invention are: the starting process is simplified, the starting time is reduced, and meanwhile, the safety is not lost.
Further, the "running the boot loader if the ROM program verifies that the boot loader passes" specifically includes:
the ROM program verifies the boot bootstrap program through a root key solidified on the equipment;
and if the verification is passed, running a starting bootstrap program.
Further, the "running the real-time operating system" specifically includes:
the boot program is started to verify the real-time operating system through a root key solidified on the equipment;
and if the verification is passed, operating the real-time operating system.
As can be seen from the above description, security is ensured by using the root key to authenticate the boot loader and the real-time operating system.
Further, the "loading and running the common operating system through the real-time operating system" specifically includes:
the real-time operating system verifies the common operating system through a root key solidified on equipment;
if the verification is passed, running a monitoring mode program of the real-time operating system;
the monitoring mode program saves the context environment of the security state of the current processor, wherein the context environment of the security state comprises the value of an ARM general register and the value of a state register;
the monitoring mode program sets and loads a context environment in an unsafe state, wherein the context environment in the unsafe state comprises an entry address of a common operating system and starting parameters required by starting the common operating system;
and starting to run from the entry address, and starting a common operating system according to the starting parameters.
As can be seen from the above description, the security is ensured by using the root key to verify the common operating system; by saving the context environment of the safe state of the processor, the current key register value in the safe state is prevented from being replaced by the value in the unsafe state after the processor is switched to the unsafe state; the processor is switched from a secure state to a non-secure state to launch the normal operating system.
Further, the "the monitoring mode program sets and loads a context environment in an unsecure state, where the context environment in the unsecure state includes an entry address of a common operating system and start parameters required for starting the common operating system" specifically includes:
the monitoring mode program sets a first instruction address which runs after the switching processor is in a non-safe state as an entry address of the common operating system, and sets starting parameters required by starting the common operating system, wherein the starting parameters comprise an equipment number and an equipment tree address;
the supervisor mode program loads the entry address and startup parameters into the corresponding registers of the processor and sets the NS bit in the SCR register of coprocessor CP15 to 1.
As can be seen from the above description, a context in an unsecure state is prepared and then the processor is allowed to switch from the secure state to the unsecure state, thereby booting the normal operating system.
The invention also relates to a computer-readable storage medium, on which a computer program is stored which, when executed by a processor, carries out the steps of:
running a ROM program;
if the ROM program verifies that the boot bootstrap program passes, running the boot bootstrap program;
the boot program is started to load a real-time operating system and a common operating system to a memory area;
running the real-time operating system;
and loading and running the common operating system through the real-time operating system.
Further, the "running the boot loader if the ROM program verifies that the boot loader passes" specifically includes:
the ROM program verifies the boot bootstrap program through a root key solidified on the equipment;
and if the verification is passed, running a starting bootstrap program.
Further, the "running the real-time operating system" specifically includes:
the boot program is started to verify the real-time operating system through a root key solidified on the equipment;
and if the verification is passed, operating the real-time operating system.
Further, the "loading and running the common operating system through the real-time operating system" specifically includes:
the real-time operating system verifies the common operating system through a root key solidified on equipment;
if the verification is passed, running a monitoring mode program of the real-time operating system;
the monitoring mode program saves the context environment of the security state of the current processor, wherein the context environment of the security state comprises the value of an ARM general register and the value of a state register;
the monitoring mode program sets and loads a context environment in an unsafe state, wherein the context environment in the unsafe state comprises an entry address of a common operating system and starting parameters required by starting the common operating system;
and starting to run from the entry address, and starting a common operating system according to the starting parameters.
Further, the "the monitoring mode program sets and loads a context environment in an unsecure state, where the context environment in the unsecure state includes an entry address of a common operating system and start parameters required for starting the common operating system" specifically includes:
the monitoring mode program sets a first instruction address which runs after the switching processor is in a non-safe state as an entry address of the common operating system, and sets starting parameters required by starting the common operating system, wherein the starting parameters comprise an equipment number and an equipment tree address;
the supervisor mode program loads the entry address and startup parameters into the corresponding registers of the processor and sets the NS bit to 1 in the SCR register of coprocessor CP 15.
Example one
Referring to fig. 2, a first embodiment of the present invention is: a dual-system starting method based on trustzone technology comprises the following steps:
s1: the device is powered on, and the device is in a safe state at the moment.
S2: the device runs a ROM program that is solidified on the device.
S3: and the ROM program verifies the boot program through the root key solidified on the equipment, judges whether the boot program passes the verification, and if so, executes the step S4.
S4: the equipment runs a starting bootstrap program; the boot program is started to initialize the basic operating environment of the device, and then step S5 is executed.
S5: the boot program is started to load a real-time operating system and a common operating system to a memory area; i.e. the boot program is started to load the real-time operating system and the normal operating system from the flash memory of the device into the memory area of the device.
S6: and the boot starting program verifies the real-time operating system through the root key solidified on the equipment, judges whether the verification is passed, and if so, executes the step S7. The root key in this step is the root key in step S3.
S7: the equipment runs the real-time operating system; the real-time operating system completes its initialization and then executes step S8.
S8: and the real-time operating system verifies the common operating system through the root key solidified on the equipment, judges whether the verification is passed, and if so, executes the step S9. The root key in this step is also the root key in step S3.
S9: the equipment runs a monitoring mode program of a real-time operating system; after the common operating system passes the verification, the real-time operating system executes an SMC instruction, the instruction enables the equipment to enter a monitoring mode, and after the equipment enters the monitoring mode, the equipment starts to run a monitoring mode program of the real-time operating system.
S10: the monitoring mode program saves the context environment of the security state of the current processor, wherein the context environment of the security state comprises the value of an ARM general register and the value of a state register; i.e. the relevant register values are stored in a contiguous block of memory.
S11: the monitoring mode program sets and loads a context environment in an unsafe state, wherein the context environment in the unsafe state comprises an entry address of a common operating system and starting parameters required by starting the common operating system.
Specifically, a first instruction address running after the switching processor is in an unsafe state is set as an entry address of the ordinary operating system, and starting parameters required by the ordinary operating system, such as a device number and a device tree address, are set; the context of the non-secure state is then loaded into the corresponding register of the processor, i.e. the register value stored in the memory area is assigned to the corresponding register of the processor, and the NS bit in the SCR register of the coprocessor CP15 is set to 1 (the coprocessor CP15 of the ARM processor supporting trustzone has a secure configuration register SCR with an NS bit indicating the current system state, and if NS =0, the system is in the secure state, NS =1, and the system is in the non-secure state). At this point, the device is in an unsecured state.
S12: and starting running from the entry address, and starting a common operating system according to the starting parameters. Namely, the device starts to run from the entry address of the ordinary operating system, runs the ordinary operating system, and then the ordinary operating system finishes starting according to the transmitted starting parameters.
Since the processor needs to switch between the secure state and the non-secure state, and both the secure state and the non-secure state use the same set of registers, in order to prevent the current critical register value in the secure state from being replaced by the value in the non-secure state after the processor switches to the non-secure state, in step S10, the values of some critical registers in the secure state of the processor need to be saved.
The embodiment provides a new boot method of the dual system, improves the trustzone classic boot mode, only uses one boot bootstrap program to start and load the dual system, cancels the second boot bootstrap program, directly starts the second operating system by the first operating system, skips the running time of the second boot bootstrap program, greatly shortens the boot time, simplifies the boot process, ensures the safety of the system mirror image in the boot process, and has good engineering utilization value in the occasion needing quick boot.
Example two
The present embodiment is a computer-readable storage medium corresponding to the above-mentioned embodiments, on which a computer program is stored, which when executed by a processor, performs the steps of:
running a ROM program;
if the ROM program verifies that the boot program passes, operating the boot program;
the boot program is started to load a real-time operating system and a common operating system to a memory area;
running the real-time operating system;
and loading and running the common operating system through the real-time operating system.
Further, the "running the boot loader if the ROM program verifies that the boot loader passes" specifically includes:
the ROM program verifies the boot program through a root key solidified on the equipment;
and if the verification is passed, running a starting bootstrap program.
Further, the "running the real-time operating system" specifically includes:
the boot program is started to verify the real-time operating system through a root key solidified on the equipment;
and if the verification is passed, operating the real-time operating system.
Further, the "loading and running the common operating system through the real-time operating system" specifically includes:
the real-time operating system verifies the common operating system through a root key solidified on equipment;
if the verification is passed, running a monitoring mode program of the real-time operating system;
the monitoring mode program saves the context environment of the security state of the current processor, wherein the context environment of the security state comprises the value of an ARM general register and the value of a state register;
the monitoring mode program sets and loads a context environment in an unsafe state, wherein the context environment in the unsafe state comprises an entry address of a common operating system and starting parameters required by starting the common operating system;
and starting running from the entry address, and starting a common operating system according to the starting parameters.
Further, the "setting and loading a context environment in an unsecure state by the monitoring mode program, where the context environment in the unsecure state includes an entry address of a common operating system and start parameters required for starting the common operating system" specifically includes:
the monitoring mode program sets a first instruction address which runs after the switching processor is in a non-safe state as an entry address of the common operating system, and sets starting parameters required by starting the common operating system, wherein the starting parameters comprise an equipment number and an equipment tree address;
the supervisor mode program loads the entry address and startup parameters into the corresponding registers of the processor and sets the NS bit to 1 in the SCR register of coprocessor CP 15.
In summary, the dual-system boot method and the computer readable storage medium based on trustzone technology provided by the present invention only use one boot program to boot and load the dual system, and cancel the second boot program, but the first operating system directly boots the second operating system, and the running time of the second boot program is skipped, so that the boot time is greatly shortened, the boot process is simplified, the security of the system image during the boot process can be ensured, and the method and the computer readable storage medium have good engineering utilization value in the occasions where quick boot is required.
The above description is only an embodiment of the present invention, and not intended to limit the scope of the present invention, and all equivalent changes made by using the contents of the present specification and the drawings, or applied directly or indirectly to the related technical fields, are included in the scope of the present invention.
Claims (8)
1. A dual-system starting method based on trustzone technology is characterized by comprising the following steps:
running a ROM program;
if the ROM program verifies that the boot program passes, operating the boot program;
the boot program is started to load a real-time operating system and a common operating system to a memory area;
running the real-time operating system;
loading and running the common operating system through the real-time operating system;
the step of loading and running the common operating system through the real-time operating system specifically comprises the following steps:
the real-time operating system verifies the common operating system through a root key solidified on equipment;
if the verification is passed, running a monitoring mode program of the real-time operating system;
the monitoring mode program saves the context environment of the security state of the current processor, wherein the context environment of the security state comprises the value of an ARM general register and the value of a state register;
the monitoring mode program sets and loads a context environment in an unsafe state, wherein the context environment in the unsafe state comprises an entry address of a common operating system and starting parameters required by starting the common operating system;
and starting to run from the entry address, and starting a common operating system according to the starting parameters.
2. The dual-system booting method based on trustzone technology according to claim 1, wherein the "running the boot loader if the ROM program verifies that the boot loader passes" is specifically:
the ROM program verifies the boot program through a root key solidified on the equipment;
and if the verification is passed, running a starting bootstrap program.
3. The dual-system booting method based on trustzone technology according to claim 1, wherein the "running the real-time operating system" specifically includes:
the boot program is started to verify the real-time operating system through a root key solidified on the equipment;
and if the verification is passed, operating the real-time operating system.
4. The trustzone-technology-based dual-system booting method as claimed in claim 1, wherein the "the monitor mode program sets and loads a non-secure context, and the non-secure context includes an entry address of a general operating system and booting parameters required for booting the general operating system" specifically includes:
the monitoring mode program sets a first instruction address which runs after the switching processor is in an unsafe state as an entry address of the common operating system, and sets starting parameters required by starting the common operating system, wherein the starting parameters comprise an equipment number and an equipment tree address;
the supervisor mode program loads the entry address and startup parameters into the corresponding registers of the processor and sets the NS bit in the SCR register of coprocessor CP15 to 1.
5. A computer-readable storage medium on which a computer program is stored, which program, when executed by a processor, performs the steps of:
running a ROM program;
if the ROM program verifies that the boot program passes, operating the boot program;
the boot program is started to load a real-time operating system and a common operating system to a memory area;
running the real-time operating system;
loading and running the common operating system through the real-time operating system;
the step of loading and running the common operating system through the real-time operating system specifically comprises the following steps:
the real-time operating system verifies the common operating system through a root key solidified on equipment;
if the verification is passed, running a monitoring mode program of the real-time operating system;
the monitoring mode program saves the context environment of the security state of the current processor, wherein the context environment of the security state comprises the value of an ARM general register and the value of a state register;
the monitoring mode program sets and loads a context environment in an unsafe state, wherein the context environment in the unsafe state comprises an entry address of a common operating system and starting parameters required by starting the common operating system;
and starting to run from the entry address, and starting a common operating system according to the starting parameters.
6. The computer-readable storage medium according to claim 5, wherein the "running the boot loader if the ROM program verifies that the boot loader passes" is specifically:
the ROM program verifies the boot bootstrap program through a root key solidified on the equipment;
and if the verification is passed, running a starting bootstrap program.
7. The computer-readable storage medium according to claim 5, wherein said "running the real-time operating system" is specifically:
the boot program is started to verify the real-time operating system through a root key solidified on the equipment;
and if the verification is passed, operating the real-time operating system.
8. The computer-readable storage medium according to claim 5, wherein the "the monitor mode program sets and loads a context environment in an unsecure state, where the context environment in the unsecure state includes an entry address of a general operating system and a start parameter required for starting the general operating system" specifically includes:
the monitoring mode program sets a first instruction address which runs after the switching processor is in a non-safe state as an entry address of the common operating system, and sets starting parameters required by starting the common operating system, wherein the starting parameters comprise an equipment number and an equipment tree address;
the supervisor mode program loads the entry address and startup parameters into the corresponding registers of the processor and sets the NS bit to 1 in the SCR register of coprocessor CP 15.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710710893.2A CN109426523B (en) | 2017-08-18 | 2017-08-18 | Dual-system starting method based on trustzone technology and computer readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710710893.2A CN109426523B (en) | 2017-08-18 | 2017-08-18 | Dual-system starting method based on trustzone technology and computer readable storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109426523A CN109426523A (en) | 2019-03-05 |
| CN109426523B true CN109426523B (en) | 2022-12-06 |
Family
ID=65497333
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710710893.2A Active CN109426523B (en) | 2017-08-18 | 2017-08-18 | Dual-system starting method based on trustzone technology and computer readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109426523B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112069506B (en) * | 2020-09-16 | 2024-02-23 | 地平线(上海)人工智能技术有限公司 | Safe starting method and device |
| CN115237480A (en) * | 2021-11-05 | 2022-10-25 | 科东(广州)软件科技有限公司 | Starting method and device of embedded equipment, embedded equipment and storage medium |
| CN115309463A (en) * | 2022-09-29 | 2022-11-08 | 成都菁蓉联创科技有限公司 | Method for guiding and configuring AMP system |
| CN115357310A (en) * | 2022-10-24 | 2022-11-18 | 北京智芯微电子科技有限公司 | System starting method and device, electronic equipment and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104156659A (en) * | 2014-08-14 | 2014-11-19 | 电子科技大学 | Embedded system secure start method |
| CN104318182A (en) * | 2014-10-29 | 2015-01-28 | 中国科学院信息工程研究所 | Intelligent terminal isolation system and intelligent terminal isolation method both based on processor safety extension |
| CN104598841A (en) * | 2014-12-29 | 2015-05-06 | 东软集团股份有限公司 | Double-system guide method and device facing terminal security |
| CN104992122A (en) * | 2015-07-20 | 2015-10-21 | 武汉大学 | Cell phone private information safe box based on ARM Trust Zone |
| WO2016055358A1 (en) * | 2014-10-10 | 2016-04-14 | Bundesdruckerei Gmbh | Method for loading executable program instructions into a chip card during active operation |
-
2017
- 2017-08-18 CN CN201710710893.2A patent/CN109426523B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104156659A (en) * | 2014-08-14 | 2014-11-19 | 电子科技大学 | Embedded system secure start method |
| WO2016055358A1 (en) * | 2014-10-10 | 2016-04-14 | Bundesdruckerei Gmbh | Method for loading executable program instructions into a chip card during active operation |
| CN104318182A (en) * | 2014-10-29 | 2015-01-28 | 中国科学院信息工程研究所 | Intelligent terminal isolation system and intelligent terminal isolation method both based on processor safety extension |
| CN104598841A (en) * | 2014-12-29 | 2015-05-06 | 东软集团股份有限公司 | Double-system guide method and device facing terminal security |
| CN104992122A (en) * | 2015-07-20 | 2015-10-21 | 武汉大学 | Cell phone private information safe box based on ARM Trust Zone |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109426523A (en) | 2019-03-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109426523B (en) | Dual-system starting method based on trustzone technology and computer readable storage medium | |
| US9189247B2 (en) | Method for switching between virtualized and non-virtualized system operation | |
| US10902112B2 (en) | System including a hypervisor | |
| CN109669734B (en) | Method and apparatus for starting a device | |
| US9111097B2 (en) | Secure execution architecture | |
| US8726364B2 (en) | Authentication and access protection of computer boot modules in run-time environments | |
| US6925557B2 (en) | Method and system for a clean system booting process | |
| US20090064274A1 (en) | Dual non-volatile memories for a trusted hypervisor | |
| CN109522099B (en) | Method and system for improving instantaneity of non-instantaneity operating system | |
| US20100082955A1 (en) | Verification of chipset firmware updates | |
| KR20060130200A (en) | Autonomous memory checkers and their methods for ensuring runtime safety | |
| CN108549812A (en) | Security isolation method, safety insulating device based on Trustzone and car-mounted terminal | |
| US20060069904A1 (en) | Information processing apparatus and startup control method | |
| CN108090376B (en) | CAN bus data protection method and system based on TrustZone | |
| US20210073397A1 (en) | Computing device and method for operating same | |
| CN113348110A (en) | Electronic control device and safety verification method for electronic control device | |
| CN111443950A (en) | Vehicle-mounted system safety starting method and vehicle-mounted system | |
| WO2016184180A1 (en) | Method and apparatus for safe startup of system | |
| CN111079194A (en) | Computing device and operating method for the same | |
| CN110955493A (en) | Method, system and related equipment for realizing switching of safe operation environment | |
| EP1535124B1 (en) | Computer architecture for executing a program in a secure of insecure mode | |
| CN107437021B (en) | Intelligent system operation method and device and terminal equipment | |
| CN113239347B (en) | Starting method and device suitable for TEE security application example | |
| CN113448682B (en) | Virtual machine monitor loading method and device and electronic equipment | |
| CN109753788B (en) | Integrity checking method and computer readable storage medium during kernel operation |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |