CN115080473B - Multi-chip interconnection system and safe starting method based on same - Google Patents

Multi-chip interconnection system and safe starting method based on same Download PDF

Info

Publication number
CN115080473B
CN115080473B CN202210755860.0A CN202210755860A CN115080473B CN 115080473 B CN115080473 B CN 115080473B CN 202210755860 A CN202210755860 A CN 202210755860A CN 115080473 B CN115080473 B CN 115080473B
Authority
CN
China
Prior art keywords
chip
storage device
firmware
chips
speed storage
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210755860.0A
Other languages
Chinese (zh)
Other versions
CN115080473A (en
Inventor
杜潘洋
张攀勇
李功波
郭金鑫
申银
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Haiguang Information Technology Co Ltd
Original Assignee
Haiguang Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Haiguang Information Technology Co Ltd filed Critical Haiguang Information Technology Co Ltd
Priority to CN202210755860.0A priority Critical patent/CN115080473B/en
Publication of CN115080473A publication Critical patent/CN115080473A/en
Application granted granted Critical
Publication of CN115080473B publication Critical patent/CN115080473B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F13/00Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
    • G06F13/14Handling requests for interconnection or transfer
    • G06F13/20Handling requests for interconnection or transfer for access to input/output bus
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Stored Programmes (AREA)

Abstract

The invention provides a multi-chip interconnection system and a safe starting method based on the same. At least two chips are interconnected by a chip interconnect bus. The master chip is directly connected with the firmware storage device, and each slave chip is directly connected with the master chip or indirectly connected with the master chip through other slave chips. Also included is a high-speed memory device that accesses the chip interconnect bus, all of the chips sharing the high-speed memory device. The firmware storage device stores the same firmware used by all chips, and the master chip loads the same firmware from the firmware storage device to the high-speed storage device so that the master chip and each slave chip acquire firmware execution data of the same firmware from the high-speed storage device. Under the multi-chip scene of using the same firmware for a plurality of chips, the validity verification time is shortened, the validity verification efficiency is improved, and the safe starting time of the whole system can be effectively shortened.

Description

Multi-chip interconnection system and safe starting method based on same
Technical Field
The invention relates to the technical field of chips, in particular to a multi-chip interconnection system and a safe starting method based on the multi-chip interconnection system.
Background
The multi-chip refers to that a plurality of chips work cooperatively through bus interconnection and externally appear as a complete system. Regarding the interconnection manner of the Multi-Chip structure in the processor field, the interconnection manner may be represented by a plurality of Single-Chip Module (SCM) interconnections, 1 or more homogeneous Multi-Chip Module (MCM) interconnections, and 1 or more heterogeneous Multi-Chip Module (System In Package, SIP) interconnections. The multi-chip interconnect type may be linear, ring, star, etc. The secure boot is a process of sequentially verifying the trusted firmware outside the chip through a trusted root built in the chip to realize the trusted boot of the system. By safe starting, tampered firmware can be effectively prevented from being executed on a chip, so that the credibility and safety of the whole system are ensured. The corresponding multi-chip safe starting is realized under the multi-chip structure.
In the secure boot flow, one step is a process of loading the base firmware, which is critical in the multi-chip secure boot process, and for the scenario with a large number of chips, the loading method of the base firmware directly affects the boot time and security of the system. How to safely load firmware for a plurality of chips is a key problem of multi-chip safe starting. In the existing design manner of the motherboard and the multi-chip structure, due to the cost and simplicity of the motherboard design, it is common knowledge in the industry to design only one firmware storage device (usually Flash memory) on the motherboard. The connection modes of the multi-chip structure and the firmware storage device can be summarized into two types. One of the classes (scheme a for short) is: only one chip is connected with Flash, and the chip is used as a master chip and is responsible for receiving the read-write request of the slave chip and acting for data access of the firmware storage device. Another class (scheme b) is: each chip is connected with Flash, and each chip can access the firmware storage device independently in sequence to acquire data. Since firmware storage devices typically use a low-speed serial SPI (Serial Peripheral Interface ) interface (at a rate on the order of 100 Mbps), while inter-chip Link (interconnect) typically uses a high-speed interface (at a rate on the order of 10Gbps or more), the firmware loading efficiency of scheme a is comparable to that of scheme b, which is approximately equal to the total time to read all of the firmware data from the firmware storage device. For the scenario where multiple chips in a multi-chip architecture use different firmware, it is reasonable to have to read all the firmware data from the firmware storage, both scheme a and scheme b above. For the scenario that the same firmware is used by multiple chips in the multi-chip structure, since the scheme a and the scheme b need to repeatedly read the same firmware from the firmware storage device multiple times, when the number of chips is large, the start-up time of the system is seriously affected.
Disclosure of Invention
The invention provides a multi-chip interconnection system and a safe starting method based on the same, which can shorten the loading time of the same firmware, shorten the validity verification time, improve the validity verification efficiency and effectively shorten the safe starting time of the whole system under the multi-chip scene that the same firmware is used for a plurality of chips.
In a first aspect, the present invention provides a multi-chip interconnect system that includes a circuit board on which a firmware storage device and at least two chips are disposed. At least two chips are interconnected by a chip interconnect bus, and at least two chips include a master chip and other slave chips. The master chip is directly connected with the firmware storage device, and each slave chip is directly connected with the master chip or indirectly connected with the master chip through other slave chips. The multi-chip interconnect system also includes a high-speed memory device that is accessed to the chip interconnect bus, all of the chips sharing the high-speed memory device. The same firmware used by all chips is stored in the firmware storage device, and the master chip is used for loading the same firmware from the firmware storage device to the high-speed storage device, so that the master chip and each slave chip acquire firmware execution data of the same firmware from the high-speed storage device. And a validity verification module is also arranged in the main chip and is used for verifying the validity of the same firmware loaded in the high-speed storage device.
In the above scheme, by setting the high-speed storage device connected to the chip interconnection bus, in the case that the firmware storage device stores the same firmware used by all chips, the master chip only needs to access the low-speed firmware storage device once, and loads the same firmware from the firmware storage device to the high-speed storage device, so that the master chip and other slave chips use the chip interconnection bus to acquire firmware execution data of the same firmware from the high-speed storage device in the process of safety verification or execution of the same firmware. And the main chip performs validity verification on the same firmware after loading the same firmware into the high-speed storage device, so that an interaction flow of the validity verification is also operated between the chip interconnection bus of high-speed transmission and the high-speed storage device, the validity verification time is shortened, and the validity verification efficiency is improved. Compared with the prior art that a plurality of chips repeatedly read the firmware execution data of the same firmware from the firmware storage device through the chip interconnection bus, the scheme of the application is optimized to read the firmware execution data of the same firmware from the high-speed storage device by using the chip interconnection bus, the reading speed of the data read from the firmware storage device is improved to 10Gbps from 100Mbps, and the time for reading the firmware execution data of each chip is greatly shortened by utilizing the advantage that the transmission speed between the chips and the shared high-speed storage device is more than 100 times of the access speed of the low-speed firmware storage device. Namely, under the multi-chip scene that the same firmware is used for a plurality of chips, the scheme of the application can effectively shorten the safe starting time of the whole system. Since the multi-chip architecture in the processor domain, whether it is a homogeneous architecture or a heterogeneous architecture, the entire system has a large number of identical chips, which typically use identical firmware due to the similar initialization flow. When the scheme is applied to a multi-chip structure in the field of processors, the loading time of the same firmware can be shortened, the validity verification time is shortened, the validity verification efficiency is improved, and the safe starting time of the whole system is greatly shortened.
In a specific embodiment, at least two chips are provided with status registers for synchronous use. After the master chip has completed verifying the legitimacy of the same firmware loaded into the high-speed storage device, the master chip also changes the status register from the first state to the second state to broadcast notification to all slave chips. After the master chip completes the validity verification, the information is timely broadcast to all other slave chips, and the initialization flow of the multiple chips to the same firmware is similar, so that the other slave chips do not need to carry out repeated validity verification on the same firmware, and the safe starting time is further shortened.
In a specific embodiment, the status register is a register integrated in the main chip, so that the main chip can quickly change the status of the status register.
In a specific embodiment, the high-speed storage device supports concurrent access of at least two chips, so that multiple chips can concurrently acquire firmware codes of the same firmware from the high-speed storage device, and therefore, as the number of slave chips increases, the overall system start-up time of the technical scheme does not increase.
In a specific embodiment, the firmware execution data includes firmware code and independent variable data for each chip. The high-speed storage device is divided into a first storage space and at least two second storage spaces. The first storage space is used for storing firmware codes; the at least two second storage spaces are in one-to-one correspondence with the at least two chips, and each second storage space is used for storing independent variable data of the corresponding chip. And the first memory space address and the second memory space address corresponding to the chip are mapped into the same virtual address in each chip. Facilitating the normal execution of the same piece of firmware code in multiple chips concurrently.
In a specific embodiment, a cryptographic module is provided in each chip, and key agreement is supported between the cryptographic modules in at least two chips. Each chip encrypts a plaintext to be written into the high-speed storage device into a ciphertext through a cryptographic module in the chip and then writes the ciphertext into the high-speed storage device; each chip also reads and decrypts the ciphertext stored in the high-speed storage device through a cryptographic module therein. The cipher modules are added in each chip, and key negotiation is supported among the cipher modules of the chips, so that the negotiated keys are correspondingly configured into the cipher modules, and the cipher texts are stored in the high-speed storage device. The method not only can prevent an attacker from deducing the secret key to decrypt the ciphertext in the high-speed storage device, but also can prevent the attacker from falsifying the ciphertext and then encrypting the ciphertext to be put back into the high-speed storage device. Moreover, if an attacker directly tampers with the ciphertext, the decrypted content is not usually a correct instruction, and the system is directly halted, so that the attack of the attacker is prevented.
In a specific embodiment, a shared key is generated between cryptographic modules in at least two chips by key agreement; the shared key is used for each cryptographic module to encrypt plaintext into ciphertext or to decrypt ciphertext into plaintext.
In a specific embodiment, the cryptographic module also encrypts the address information to be stored in the high-speed storage device as address ciphertext for the ciphertext. The address where the data is to be saved is also involved in the encryption calculation, so that an attacker cannot attack by repeatedly placing the firmware ciphertext data.
In a specific embodiment, the high-speed memory device is disposed off-chip of at least two chips, such that the slave chips can choose whether to access the high-speed memory device via the master chip, facilitating each slave chip accessing the high-speed memory device with an optimal access path. Or the high-speed storage device is arranged in the main chip, so that the main chip can load the same firmware from the firmware storage device into the high-speed storage device.
In a second aspect, the present invention further provides a secure boot method based on any of the above-mentioned multi-chip interconnection systems, where the secure boot method includes: the main chip loads the same firmware stored in the firmware storage device to the high-speed storage device; the master chip verifies the legitimacy of the same firmware loaded into the high-speed storage device; the master chip and each slave chip acquire firmware execution data of the same firmware from the high-speed storage device.
In the above scheme, by setting the high-speed storage device connected to the chip interconnection bus, in the case that the firmware storage device stores the same firmware used by all chips, the master chip only needs to access the low-speed firmware storage device once, and loads the same firmware from the firmware storage device to the high-speed storage device, so that the master chip and other slave chips use the chip interconnection bus to acquire firmware execution data of the same firmware from the high-speed storage device in the process of safety verification or execution of the same firmware. The main chip performs validity verification on the same firmware after loading the same firmware into the high-speed storage device, so that an interaction flow of the validity verification is also operated between the chip interconnection bus of high-speed transmission and the high-speed storage device, the validity verification time is shortened, and the validity verification efficiency is improved. Compared with the prior art that a plurality of chips repeatedly read the firmware execution data of the same firmware from the firmware storage device through the chip interconnection bus, the scheme of the application is optimized to read the firmware execution data of the same firmware from the high-speed storage device by using the chip interconnection bus, the reading speed of the data read from the firmware storage device is improved to 10Gbps from 100Mbps, and the time for reading the firmware execution data of each chip is greatly shortened by utilizing the advantage that the transmission speed between the chips and the shared high-speed storage device is more than 100 times of the access speed of the low-speed firmware storage device. Namely, under the multi-chip scene that the same firmware is used for a plurality of chips, the scheme of the application can effectively shorten the safe starting time of the whole system. Since the multi-chip architecture in the processor domain, whether it is a homogeneous architecture or a heterogeneous architecture, the entire system has a large number of identical chips, which typically use identical firmware due to the similar initialization flow. When the scheme is applied to a multi-chip structure in the field of processors, the loading time of the same firmware can be shortened, the validity verification time is shortened, the validity verification efficiency is improved, and the safe starting time of the whole system is greatly shortened.
In a specific embodiment, at least two chips are provided with status registers for synchronous use. After the master chip completes verifying the legitimacy of the same firmware loaded into the high-speed storage device, the secure boot method further comprises: the master chip changes the status register from the first state to the second state to broadcast notification to all slave chips. After the master chip completes the validity verification, the information is timely broadcast to all other slave chips, and the initialization flow of the multiple chips to the same firmware is similar, so that the other slave chips do not need to carry out repeated validity verification on the same firmware, and the safe starting time is further shortened.
In a specific embodiment, the master chip and each slave chip obtain firmware execution data of the same firmware from the high-speed storage device includes: the main chip and each slave chip access the high-speed storage device concurrently to acquire firmware execution data of the same firmware, so that a plurality of chips can acquire firmware codes of the same firmware from the high-speed storage device concurrently, and the overall system start time of the technical scheme is not increased along with the increase of the number of the slave chips.
In a specific embodiment, the firmware execution data includes firmware code and independent variable data for each chip. The concurrent access of the master chip and each slave chip to the high-speed storage device includes: all chips divide the same first storage space in the high-speed storage device, and the first storage space is used for storing firmware codes; each chip is also divided into a second storage space corresponding to the chip in the high-speed storage device, and the second storage space is used for storing independent variable data of the corresponding chip; and mapping the first storage space address and the second storage space address corresponding to the chip into the same virtual address in each chip. Facilitating the normal execution of the same piece of firmware code in multiple chips concurrently.
In a specific embodiment, a cryptographic module is provided in each chip, and key agreement is supported between the cryptographic modules in at least two chips. The safe starting method further comprises the following steps: key negotiation is carried out between the cryptographic modules in at least two chips; each chip encrypts a plaintext to be written into the high-speed storage device into a ciphertext through a cryptographic module in the chip and then writes the ciphertext into the high-speed storage device; each chip also reads and decrypts the ciphertext stored in the high-speed storage device through a cryptographic module therein. The cipher modules are added in each chip, and key negotiation is supported among the cipher modules of the chips, so that the negotiated keys are correspondingly configured into the cipher modules, and the cipher texts are stored in the high-speed storage device. The method not only can prevent an attacker from deducing the secret key to decrypt the ciphertext in the high-speed storage device, but also can prevent the attacker from falsifying the ciphertext and then encrypting the ciphertext to be put back into the high-speed storage device. Moreover, if an attacker directly tampers with the ciphertext, the decrypted content is not usually a correct instruction, and the system is directly halted, so that the attack of the attacker is prevented.
In a specific embodiment, the key agreement between the cryptographic modules in at least two chips comprises: and carrying out key negotiation between the cryptographic modules in at least two chips to generate a shared key. Encrypting plaintext to be written into the high-speed storage device into ciphertext and then writing into the high-speed storage device comprises: plaintext to be written into the high-speed storage device is encrypted into ciphertext using the shared key and then written into the high-speed storage device. Reading and decrypting ciphertext stored in a high-speed storage device includes: the ciphertext stored in the high-speed storage device is read and decrypted using the shared secret key.
In a specific embodiment, encrypting the plaintext to be written into the high-speed storage device into ciphertext and then writing into the high-speed storage device further comprises: address information to be stored in the high-speed storage device is also encrypted as address ciphertext. The address where the data is to be saved is also involved in the encryption calculation, so that an attacker cannot attack by repeatedly placing the firmware ciphertext data.
Drawings
FIG. 1 is a schematic block diagram of a multi-chip interconnect system provided by an embodiment of the present invention;
FIG. 2 is a schematic block diagram of another multi-chip interconnect system provided by an embodiment of the present invention;
FIG. 3 is a schematic block diagram of the multi-chip interconnect system workflow shown in FIG. 2;
FIG. 4 is a flowchart of the operation of the multi-chip interconnect system shown in FIG. 2;
fig. 5 is a schematic block diagram of the workflow of another multi-chip interconnect system provided by an embodiment of the present invention.
Reference numerals:
10-firmware storage 20-master chip 21-slave chip
201-crypto module 202-control module 30-high speed memory device
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
In order to facilitate understanding of the multi-chip interconnection system provided by the embodiment of the present invention, an application scenario of the multi-chip interconnection system provided by the embodiment of the present invention is first described below, where the multi-chip interconnection system is applied to a system formed by interconnecting a plurality of chips. The multi-chip interconnect system is described in detail below with reference to the accompanying drawings.
Referring to fig. 1, a multi-chip interconnection system provided in an embodiment of the present invention includes a circuit board (not shown) on which a firmware storage device 10 and at least two chips are disposed. At least two chips are interconnected by a chip interconnect bus (e.g., the thicker line width in fig. 1-3 and 5 indicates a chip interconnect bus), and at least two chips include a master chip 20 and other slave chips 21. Wherein the master chip 20 is directly connected with the firmware storage device 10, and each slave chip 21 is directly connected with the master chip 20 or indirectly connected with the master chip 20 through other slave chips 21. The multi-chip interconnect system further includes a high-speed memory device 30 that accesses the chip interconnect bus, all of the chips sharing the high-speed memory device 30. The same firmware used by all chips is stored in the firmware storage 10, and the master chip 20 is used to load the same firmware from the firmware storage 10 to the high-speed storage 30 so that the master chip 20 and each slave chip 21 acquire firmware execution data of the same firmware from the high-speed storage 30. A validity verification module for verifying the validity of the same firmware loaded into the high-speed storage device 30 is provided in the main chip 20.
In the above-mentioned scheme, by providing the high-speed storage device 30 with the chip interconnection bus, in the scenario that the firmware storage device 10 stores the same firmware used by all chips, the master chip 20 only needs to access the low-speed firmware storage device 10 once, and loads the same firmware from the firmware storage device 10 to the high-speed storage device 30, so that the master chip 20 and the other slave chips 21 use the chip interconnection bus to acquire the firmware execution data of the same firmware from the high-speed storage device 30 during the security verification or execution of the same firmware. And the main chip 20 performs validity verification on the same firmware after loading the same firmware into the high-speed storage device 30, so that an interaction flow of validity verification is also operated between the chip interconnection bus of high-speed transmission and the high-speed storage device 30, the validity verification time is shortened, and the validity verification efficiency is improved. Compared with the prior art that a plurality of chips repeatedly read the firmware execution data of the same firmware from the firmware storage device 10 through the chip interconnection bus, the scheme of the application is optimized to read the firmware execution data of the same firmware from the high-speed storage device 30 by using the chip interconnection bus, the reading speed of the data read from the firmware storage device 10 is increased from the magnitude of 100Mbps to the magnitude of 10Gbps, and the time for reading the firmware execution data of each chip is greatly shortened by utilizing the advantage that the transmission speed between the chips and the shared high-speed storage device 30 is more than 100 times of the access speed of the low-speed firmware storage device 10. Namely, under the multi-chip scene that the same firmware is used for a plurality of chips, the scheme of the application can effectively shorten the safe starting time of the whole system. Since the multi-chip architecture in the processor domain, whether it is a homogeneous architecture or a heterogeneous architecture, the entire system has a large number of identical chips, which typically use identical firmware due to the similar initialization flow. When the scheme is applied to a multi-chip structure in the field of processors, the loading time of the same firmware can be shortened, the validity verification time is shortened, the validity verification efficiency is improved, and the safe starting time of the whole system is greatly shortened. The following describes each of the above structures in detail with reference to the accompanying drawings.
When the circuit board is arranged, the circuit board can be a main board in a server, or can be a circuit board which is formed by wiring and via holes in other scenes. The circuit board is a load-bearing and interconnect structure for the firmware storage device 10 and the chip, and may be implemented using a printed circuit board.
Referring to fig. 1, a firmware storage device 10 is provided on a circuit board, and the firmware storage device 10 is used as a storage medium to store off-chip firmware of each chip, so that when the chip is started, each chip loads corresponding firmware from the firmware storage device 10 to realize corresponding functions. In particular arrangements, the firmware storage 10 may employ a memory such as, but not limited to, a Flash memory (Flash). The firmware storage 10 typically employs an SPI interface with a transmission rate on the order of 100 Mbps. In the present application, the firmware storage device 10 stores the same firmware used by all the above chips, that is, each of at least two chips needs to load the same firmware during the starting process to implement the corresponding function.
Referring to fig. 1, at least two chips are further provided on the circuit board, and interconnection is achieved between the at least two chips through a chip interconnection bus. Each chip in the package may be a single chip package (SCM), a multi-chip package (MCM) with a same structure, or one chip in a multi-chip package with a same structure. Even more, each chip may be a heterogeneous multi-chip package (SIP) or one chip in a heterogeneous multi-chip package. That is, each chip in the present application may specifically be a package formed by single and multiple isomorphic or heterogeneous chip packages, and may also be one chip in a package formed by multiple isomorphic or heterogeneous chip packages. The application does not limit whether the chip is in particular a package or a die within a package, but rather the manner in which multiple chips are connected by a chip interconnection bus. The chip interconnection bus may specifically be a chip interconnection bus formed within a package to interconnect between different dies within the same package; the chip interconnection buses of different packages or chips in different packages may also be formed on a package substrate or circuit board outside the package. The data transfer rate of the chip interconnect bus is substantially greater than the data transfer rate between the chip and other devices outside the at least two chip systems. The data transmission rate of the chip interconnection bus can be set to be above 10Gbps, namely the chip interconnection bus interface used between chips is a high-speed interface.
With continued reference to fig. 1, the at least two chips include a main chip 20, and the main chip 20 is directly connected to the firmware storage device 10, specifically, may be directly connected to the firmware storage device 10 through an SPI bus. And the data transfer rate of the bus directly connecting the firmware memory device 10 and the main chip 20 is lower than the data transfer rate of the chip interconnection bus. As shown in fig. 1, the other chips except the master chip 20 of the at least two chips are each connected as a slave chip 21 directly to the master chip 20 through a chip interconnection bus or indirectly to the master chip 20 through a chip interconnection bus and other slave chips 21. It should be noted that, even though the slave chip 21 is indirectly connected to the master chip 20 through the chip interconnection bus and other slave chips 21, the data transfer rate between the slave chip 21 and the master chip 20 is far greater than the data transfer rate between the master chip 20 and the firmware storage device 10. In particular, the interconnection of the slave chip 21 and the master chip 20 may be achieved by interconnecting at least two chips in an interconnection manner such as, but not limited to, a linear type, a ring type, a star type, etc. The at least two chips as shown in fig. 1 are linearly interconnected by a chip interconnection bus, i.e., the at least two chips are connected in a linear topology by the chip interconnection bus. It should be noted that the manner in which at least two chips are interconnected is not limited to the linear type of interconnection shown in fig. 1, but other interconnection manners may be employed.
Referring to fig. 1, the multi-chip interconnect system further includes a high-speed memory device 30, and the high-speed memory device 30 is connected to the chip interconnect bus, so that the high-speed memory device 30 has globally independent addresses. And all of the at least two chips share the high-speed memory device 30 such that each chip has access to the high-speed memory device 30. The high-speed memory device 30 has high-speed data access capability, enabling each chip to access the high-speed memory device 30 at a higher data transfer rate when accessing the chip interconnect bus. In a specific arrangement, a random access memory (Random Access Memory, RAM) such as, but not limited to, a Cache memory (Cache) may be employed as the high-speed storage device 30, enabling each chip to access the high-speed storage device 30 at a high-speed data transfer rate via the chip interconnect bus.
Referring to fig. 1, the high-speed storage device 30 may be disposed off-chip of at least two chips, i.e., not in-chip of each chip, so that the slave chip 21 can select whether to access the high-speed storage device 30 through the master chip 20, facilitating each slave chip 21 to access the high-speed storage device 30 with an optimal access path. Of course, referring to fig. 5, the high-speed storage device 30 may also be disposed within the main chip 20, so that the main chip 20 loads the same firmware from the firmware storage device 10 into the high-speed storage device 30. It should be understood that the present application is not limited to the location of the high-speed memory device 30, but rather primarily limits the access of the high-speed memory device 30 to the chip interconnect bus, enabling multiple chips to share the high-speed memory device 30 and to access the high-speed memory device 30 at a high number of transfer rates.
In the secure boot process, referring to fig. 1 and 4, the master chip 20 can load the same firmware from the firmware storage device 10 to the high-speed storage device 30, specifically, the master chip 20 loads the same firmware stored in the firmware storage device 10 and writes the same firmware into the high-speed storage device 30, so that the master chip 20 and each slave chip 21 acquire firmware execution data of the same firmware from the high-speed storage device 30 to perform verification, loading, and other execution operations. By providing the high-speed memory device 30 with the chip interconnection bus, in the case where the firmware memory device 10 stores the same firmware used by all chips, the master chip 20 only needs to access the low-speed firmware memory device 10 once, and loads the same firmware from the firmware memory device 10 to the high-speed memory device 30, so that the master chip 20 and other slave chips 21 can use the chip interconnection bus to acquire the firmware execution data of the same firmware from the high-speed memory device 30 during the security verification or execution of the same firmware. Compared with the prior art that a plurality of chips repeatedly read the firmware execution data of the same firmware from the firmware storage device 10 through the chip interconnection bus, the scheme of the application is optimized to read the firmware execution data of the same firmware from the high-speed storage device 30 by using the chip interconnection bus, the reading speed of the data read from the firmware storage device 10 is increased from the magnitude of 100Mbps to the magnitude of 10Gbps, and the time for reading the firmware execution data of each chip is greatly shortened by utilizing the advantage that the transmission speed between the chips and the shared high-speed storage device 30 is more than 100 times of the access speed of the low-speed firmware storage device 10. Namely, under the multi-chip scene that the same firmware is used for a plurality of chips, the scheme of the application can effectively shorten the safe starting time of the whole system. Since the multi-chip architecture in the processor domain, whether it is a homogeneous architecture or a heterogeneous architecture, the entire system has a large number of identical chips, which typically use identical firmware due to the similar initialization flow. When the scheme is applied to a multi-chip structure in the field of processors, the safe starting time of the whole system can be greatly shortened.
In addition, the master chip 20 may also implement validity verification of the same firmware by interacting with the same firmware in the high-speed storage device 30 after loading the same firmware from the firmware storage device 10 into the high-speed storage device 30. Specifically, a validity verification module may be disposed in the main chip 20, and the validity verification module is used to verify the validity of the same firmware loaded into the high-speed storage device 30 when the same firmware is loaded into the high-speed storage device 30. The main chip 20 performs validity verification on the same firmware after loading the same firmware into the high-speed storage device 30, so that an interaction flow of validity verification is also operated between the chip interconnection bus of high-speed transmission and the high-speed storage device 30, the validity verification time is shortened, and the validity verification efficiency is improved. It should be appreciated that the primary chip 20 is not limited to implementations in which validation is performed by interacting with the same firmware loaded into the high-speed storage device 30, but may take other forms. For example, the master chip 20 may first interact with the same firmware in the firmware storage 10 to verify its legitimacy, i.e., the master chip 20 verifies the legitimacy of the same firmware in the firmware storage 10 prior to loading the same firmware, and only after the legitimacy verification passes, the same firmware is loaded into the high-speed storage 30.
Further, a status register for synchronous use may be provided in at least two chips, and the status change of the status register is used to identify whether the master chip 20 completes the validity verification on the same firmware, so as to inform other slave chips 21 to decide whether to perform the validity verification on the same firmware again according to the requirement. Specifically, after the master chip 20 completes verifying the validity of the same firmware loaded into the high-speed storage device 30, the master chip 20 also needs to change the status register from a first state to a second state, where the first state may be binary "0", and the second state may be binary "1", and of course, the opposite definition manner may also be adopted, so as to broadcast and notify all the slave chips 21, and the master chip 20 completes verifying the validity of the same firmware. After the master chip 20 completes the validity verification, the information is broadcast to all other slave chips 21 in time, and since the initialization flow of the multiple chips to the same firmware is similar, the other slave chips 21 do not need to perform repeated validity verification on the same firmware, and the safe starting time is further shortened. When the status register is specifically selected, the master chip 20 can negotiate with each other slave chip 21 to use one register in the master chip 20 as the status register, so that the master chip 20 can quickly change the status of the status register. Of course, the status register may also be located in one of the registers of any slave chip 21.
When the main chip 20 and the slave chip 21 are specifically realized to share and access the high-speed storage device 30, the high-speed storage device 30 can support concurrent access of at least two chips by adjusting software and hardware, so that a plurality of chips can obtain firmware codes of the same firmware from the high-speed storage device 30 concurrently, and therefore, the overall system start time of the technical scheme is not increased along with the increase of the number of the slave chips 21. Taking fig. 3 and fig. 4 as an example, for the main chip 20, the time of the whole firmware loading process of the same firmware is: the time that the main chip 20 loads the same firmware from the firmware storage 10 to the shared high-speed storage 30 through the path 1→2→3. For the subsequent other master chip 20 and each slave chip 21, the subsequent master chip 20 passes through path 2→3, the slave chip 1 (slave chip 1 of slave chips 1, 2, 3 …, n in fig. 3 and 4) passes through path 4→5, and the slave chip 2 (slave chip 2 of slave chips 1, 2, 3 …, n in fig. 3 and 4) passes through path 6→7, concurrently from the shared high-speed storage device 30, to acquire corresponding firmware execution data. When the master chip 20 and the slave chip 21 access firmware execution data of the same firmware in the high-speed storage 30, the firmware execution data may include firmware code and independent variable data for each chip. Thus, in implementing concurrent access, the same piece of firmware code that supports multiple chips to access the same firmware concurrently is required. In particular, the shared access to the high-speed memory device 30 by the master chip 20 and the slave chip 21 may be implemented in various ways. One implementation is shown as follows by way of example.
The high-speed storage device 30 may be divided into a first storage space and at least two second storage spaces. The first storage space is used for storing a firmware code of the same firmware. The at least two second storage spaces are in one-to-one correspondence with the at least two chips, and each second storage space is used for storing independent variable data of the corresponding chip. At this time, software in each chip including the master chip 20 and the slave chip 21 needs to be adjusted, so that each chip maps the first memory space address and the second memory space address corresponding to the chip into the same virtual address, which is convenient for the normal execution of the same firmware code in multiple chips. It should be understood that the above only illustrates one implementation that supports concurrent access to the high-speed memory device 30 by multiple chips, and that other implementations may be employed.
Furthermore, functional modules for ensuring the security may be added, and the security of the transmission may be ensured by these functional modules when the firmware execution data is transmitted between the high-speed storage device 30 and the chip. Specifically, referring to fig. 2, 3 and 5, a cryptographic module 201 may be provided in each chip, and key negotiation is supported between the cryptographic modules 201 in at least two chips so that a symmetric key can be shared between all chips. Each chip then encrypts the plaintext to be written into the high-speed storage device 30 into ciphertext through the cryptographic module 201 therein, and then writes the ciphertext into the high-speed storage device 30. Each chip also reads and decrypts ciphertext stored in the high-speed storage device 30 via the cryptographic module 201 therein. That is, each chip needs to encrypt plaintext into ciphertext before writing to the high-speed storage device 30 when writing the same firmware, such as but not limited to, to the high-speed storage device 30. Specifically, referring to fig. 2, 3 and 5, a control module 202 is further provided in each chip and connected to the cryptographic module 201 to control the corresponding operation. As shown in fig. 2, after the same firmware is loaded from the firmware storage device 10, the control module 202 of the main chip 20 first sends the firmware to the cryptographic module 201 in the main chip 20 to encrypt the firmware into a ciphertext, and then writes the ciphertext into the high-speed storage device 30. After the master chip 20 or each slave chip 21 has loaded from the high-speed storage device 30 a firmware code such as, but not limited to, the same firmware or independent variable data for each chip, it is required to be decrypted by the cryptographic module 201 before being handed to the control module 202 within each chip for corresponding operation. By adding the cryptographic module 201 to each chip and supporting key negotiation between the cryptographic modules 201 of a plurality of chips, the negotiated key is correspondingly configured to the cryptographic module 201, so that all the ciphertext is stored in the high-speed storage device 30. Not only can the attacker not speculate the secret key to decrypt the ciphertext in the high-speed storage device 30, but also the attacker is prevented from being tampered with and then encrypted and put back into the high-speed storage device 30. Moreover, if an attacker directly tampers with the ciphertext, the decrypted content is not usually a correct instruction, and the system is directly halted, so that the attack of the attacker is prevented. In a preferred embodiment, the cryptographic module 201 may encrypt the address information of the data to be stored in the high-speed storage device 30, which is to be stored in the high-speed storage device 30, into the address ciphertext, and encrypt the address information of the data to be stored in the high-speed storage device 30, so that the address of the data to be stored also participates in the encryption calculation, and thus an attacker cannot attack by repeatedly placing the firmware ciphertext data.
When the cryptographic modules 201 in the at least two chips perform key negotiation, a shared key can be generated between the cryptographic modules 201 in the at least two chips through key negotiation, and the shared key is used for each cryptographic module 201 to encrypt plaintext into ciphertext or decrypt ciphertext into plaintext.
In the above-described scheme, by providing the high-speed memory device 30 with the chip interconnection bus, in a scenario in which the firmware memory device 10 stores the same firmware used by all chips, the master chip 20 only needs to access the low-speed firmware memory device 10 once, and loads the same firmware from the firmware memory device 10 to the high-speed memory device 30, so that the master chip 20 and the other slave chips 21 use the chip interconnection bus to acquire the firmware execution data of the same firmware from the high-speed memory device 30 during the security verification or execution of the same firmware. And the main chip 20 performs validity verification on the same firmware after loading the same firmware into the high-speed storage device 30, so that an interaction flow of validity verification is also operated between the chip interconnection bus of high-speed transmission and the high-speed storage device 30, the validity verification time is shortened, and the validity verification efficiency is improved. Compared with the prior art that a plurality of chips repeatedly read the firmware execution data of the same firmware from the firmware storage device 10 through the chip interconnection bus, the scheme of the application is optimized to read the firmware execution data of the same firmware from the high-speed storage device 30 by using the chip interconnection bus, the reading speed of the data read from the firmware storage device 10 is increased from the magnitude of 100Mbps to the magnitude of 10Gbps, and the time for reading the firmware execution data of each chip is greatly shortened by utilizing the advantage that the transmission speed between the chips and the shared high-speed storage device 30 is more than 100 times of the access speed of the low-speed firmware storage device 10. Namely, under the multi-chip scene that the same firmware is used for a plurality of chips, the scheme of the application can effectively shorten the safe starting time of the whole system. Since the multi-chip architecture in the processor domain, whether it is a homogeneous architecture or a heterogeneous architecture, the entire system has a large number of identical chips, which typically use identical firmware due to the similar initialization flow. When the scheme is applied to a multi-chip structure in the field of processors, the loading time of the same firmware can be shortened, the validity verification time is shortened, the validity verification efficiency is improved, and the safe starting time of the whole system is greatly shortened.
In addition, the embodiment of the application also provides a safe starting method based on the arbitrary multi-chip interconnection system, and referring to fig. 1, the safe starting method comprises the following steps: the main chip 20 loads the same firmware stored in the firmware storage 10 to the high-speed storage 30; the main chip 20 verifies the legitimacy of the same firmware loaded into the high-speed storage device 30; the master chip 20 and each slave chip 21 acquire firmware execution data of the same firmware from the high-speed storage device 30.
In the above-mentioned scheme, by providing the high-speed storage device 30 with the chip interconnection bus, in the scenario that the firmware storage device 10 stores the same firmware used by all chips, the master chip 20 only needs to access the low-speed firmware storage device 10 once, and loads the same firmware from the firmware storage device 10 to the high-speed storage device 30, so that the master chip 20 and the other slave chips 21 use the chip interconnection bus to acquire the firmware execution data of the same firmware from the high-speed storage device 30 during the security verification or execution of the same firmware. And the main chip 20 performs validity verification on the same firmware after loading the same firmware into the high-speed storage device 30, so that an interaction flow of validity verification is also operated between the chip interconnection bus of high-speed transmission and the high-speed storage device 30, the validity verification time is shortened, and the validity verification efficiency is improved. Compared with the prior art that a plurality of chips repeatedly read the firmware execution data of the same firmware from the firmware storage device 10 through the chip interconnection bus, the scheme of the application is optimized to read the firmware execution data of the same firmware from the high-speed storage device 30 by using the chip interconnection bus, the reading speed of the data read from the firmware storage device 10 is increased from the magnitude of 100Mbps to the magnitude of 10Gbps, and the time for reading the firmware execution data of each chip is greatly shortened by utilizing the advantage that the transmission speed between the chips and the shared high-speed storage device 30 is more than 100 times of the access speed of the low-speed firmware storage device 10. Namely, under the multi-chip scene that the same firmware is used for a plurality of chips, the scheme of the application can effectively shorten the safe starting time of the whole system. Since the multi-chip architecture in the processor domain, whether it is a homogeneous architecture or a heterogeneous architecture, the entire system has a large number of identical chips, which typically use identical firmware due to the similar initialization flow. When the scheme is applied to a multi-chip structure in the field of processors, the loading time of the same firmware can be shortened, the validity verification time is shortened, the validity verification efficiency is improved, and the safe starting time of the whole system is greatly shortened. The steps are described in detail below with reference to the accompanying drawings.
First, the main chip 20 loads the same firmware stored in the firmware storage 10 to the high-speed storage 30. Specific implementations are referred to the foregoing description of the multi-chip interconnect system portion and are not repeated here.
Again, referring to fig. 4, after the main chip 20 loads the same firmware stored in the firmware storage 10 to the high-speed storage 30, the main chip 20 verifies the validity of the same firmware loaded into the high-speed storage 30. Specific implementations are referred to the foregoing description of the multi-chip interconnect system portion and are not repeated here.
As described above with respect to the multi-chip interconnect system portion, status registers for synchronous use may also be provided in at least two chips. The mode of using the status register specifically may be: after the master chip 20 has completed verifying the legitimacy of the same firmware loaded into the high-speed storage device 30, the master chip 20 also changes the status register from the first state to the second state to broadcast notification of all the slave chips 21. After the master chip 20 completes the validity verification, the information is broadcast to all other slave chips 21 in time, and since the initialization flow of the multiple chips to the same firmware is similar, the other slave chips 21 do not need to perform repeated validity verification on the same firmware, and the safe starting time is further shortened.
Next, referring to fig. 3 and 4, the master chip 20 and each slave chip 21 acquire firmware execution data of the same firmware from the high-speed storage device 30.
As described above with respect to the multi-chip interconnection system portion, when the master chip 20 and each slave chip 21 acquire firmware execution data of the same firmware from the high-speed storage device 30, the master chip 20 and each slave chip 21 may be caused to concurrently access the high-speed storage device 30 to acquire firmware execution data of the same firmware, so that a plurality of chips can concurrently acquire firmware codes of the same firmware from the high-speed storage device 30, and thus the overall system start-up time of the present technical solution does not increase with an increase in the number of slave chips 21. When the master chip 20 and the slave chip 21 access firmware execution data of the same firmware in the high-speed storage 30, the firmware execution data may include firmware code and independent variable data for each chip. Thus, in implementing concurrent access, the same piece of firmware code that supports multiple chips to access the same firmware concurrently is required. In particular, the shared access to the high-speed memory device 30 by the master chip 20 and the slave chip 21 may be implemented in various ways. One implementation is shown as follows by way of example.
When the master chip 20 and each slave chip 21 are specifically implemented and access to the high-speed storage device 30 concurrently, all the chips divide the same first storage space in the high-speed storage device 30, and the first storage space is used for storing firmware codes; each chip is also divided into a second storage space corresponding to the chip in the high-speed storage device 30, and the second storage space is used for storing independent variable data of the corresponding chip; and mapping the first storage space address and the second storage space address corresponding to the chip into the same virtual address in each chip. Facilitating the normal execution of the same piece of firmware code in multiple chips concurrently. Specific implementations are referred to the foregoing description of the multi-chip interconnect system portion and are not repeated here.
In addition, referring to fig. 2, 3 and 5, a cryptographic module 201 may be further provided in each chip, and key negotiation is supported between the cryptographic modules 201 in at least two chips. At this time, the secure boot method may further include: key agreement is performed between the cryptographic modules 201 in at least two chips; each chip encrypts a plaintext to be written into the high-speed storage device 30 into a ciphertext through a cryptographic module 201 therein and then writes the ciphertext into the high-speed storage device 30; each chip also reads and decrypts ciphertext stored in the high-speed storage device 30 via the cryptographic module 201 therein. By adding the cryptographic module 201 to each chip and supporting key negotiation between the cryptographic modules 201 of a plurality of chips, the negotiated key is correspondingly configured to the cryptographic module 201, so that all the ciphertext is stored in the high-speed storage device 30. Not only can the attacker not speculate the secret key to decrypt the ciphertext in the high-speed storage device 30, but also the attacker is prevented from being tampered with and then encrypted and put back into the high-speed storage device 30. Moreover, if an attacker directly tampers with the ciphertext, the decrypted content is not usually a correct instruction, and the system is directly halted, so that the attack of the attacker is prevented. Specific implementations are referred to the foregoing description of the multi-chip interconnect system portion and are not repeated here.
When key negotiation is performed between the cryptographic modules 201 in at least two chips, key negotiation may be performed between the cryptographic modules 201 in at least two chips to generate a shared key. At this time, encrypting plaintext to be written in the high-speed storage device 30 into ciphertext and then writing the ciphertext in the high-speed storage device 30 includes: plaintext to be written into the high-speed storage device 30 is encrypted into ciphertext using the shared key, and then written into the high-speed storage device 30. At this time, reading and decrypting the ciphertext stored in the high-speed storage device 30 includes: the ciphertext stored in the high-speed storage device 30 is read and decrypted using the shared secret key.
Further, when the plaintext to be written into the high-speed storage device 30 is encrypted into the ciphertext and then written into the high-speed storage device 30, the address information to be stored in the high-speed storage device 30 may be encrypted into the address ciphertext by the ciphertext, so that the address to be stored with the data also participates in the encryption calculation, and therefore, an attacker cannot attack by repeatedly placing the firmware ciphertext data.
The foregoing is merely illustrative of the present invention, and the present invention is not limited thereto, and any changes or substitutions easily contemplated by those skilled in the art within the scope of the present invention should be included in the present invention. Therefore, the protection scope of the present invention should be subject to the protection scope of the claims.

Claims (16)

1. A multi-chip interconnect system, comprising:
a circuit board;
a firmware storage device disposed on the circuit board;
at least two chips arranged on the circuit board and interconnected by a chip interconnection bus, wherein the at least two chips comprise a master chip and other slave chips; the master chip is directly connected with the firmware storage device, and each slave chip is directly connected with the master chip or indirectly connected with the master chip through other slave chips;
a high-speed storage device connected to the chip interconnection bus, wherein all chips share the high-speed storage device;
wherein the firmware storage device stores the same firmware used by all the chips;
the master chip is used for loading the same firmware from the firmware storage device to the high-speed storage device so that the master chip and each slave chip acquire firmware execution data of the same firmware from the high-speed storage device;
and a validity verification module is also arranged in the main chip and used for verifying the validity of the same firmware loaded in the high-speed storage device.
2. The multi-chip interconnect system of claim 1, wherein the at least two chips have status registers disposed therein for synchronous use;
After the master chip completes verifying the legitimacy of the same firmware loaded into the high-speed storage device, the master chip also changes the status register from a first state to a second state to broadcast notification to all slave chips.
3. The multi-chip interconnect system of claim 2, wherein the status register is a register integrated within the main chip.
4. The multi-chip interconnect system of claim 1, wherein the high-speed memory device supports concurrent access by the at least two chips.
5. The multi-chip interconnect system of claim 4, wherein the firmware execution data includes firmware code and independent variable data for each chip;
the high-speed storage device is divided into a first storage space and at least two second storage spaces; the first storage space is used for storing the firmware codes; the at least two second storage spaces are in one-to-one correspondence with the at least two chips, and each second storage space is used for storing the independent variable data of the corresponding chip;
and mapping the first memory space address and the second memory space address corresponding to the chip into the same virtual address in each chip.
6. The multi-chip interconnect system of claim 1, wherein a cryptographic module is disposed in each chip, and wherein key agreement is supported between the cryptographic modules in the at least two chips;
each chip encrypts a plaintext to be written into the high-speed storage device into a ciphertext through the cryptographic module in the chip and then writes the ciphertext into the high-speed storage device; each chip also reads and decrypts the ciphertext stored in the high-speed storage device through the cryptographic module therein.
7. The multi-chip interconnect system of claim 6, wherein a shared key is generated between cryptographic modules in the at least two chips by key agreement;
the shared key is used by each cryptographic module to encrypt the plaintext into the ciphertext or to decrypt the ciphertext into the plaintext.
8. The multi-chip interconnect system of claim 6, wherein the cryptographic module further encrypts the ciphertext for address information to be stored in the high-speed storage device as address ciphertext.
9. The multi-chip interconnect system of claim 1, wherein the high-speed memory device is disposed off-chip of the at least two chips; or alternatively, the first and second heat exchangers may be,
The high-speed storage device is disposed within the main chip.
10. A method of secure initiation based on the multi-chip interconnect system of claim 1, comprising:
the main chip loads the same firmware stored in the firmware storage device to the high-speed storage device;
the master chip verifies the legitimacy of the same firmware loaded into the high-speed storage device;
the master chip and each slave chip acquire firmware execution data of the same firmware from the high-speed storage device.
11. The secure boot method of claim 10, wherein a status register for synchronous use is provided in the at least two chips;
after the master chip completes verifying the legitimacy of the same firmware loaded into the high-speed storage device, the secure boot method further comprises: the master chip changes the status register from a first state to a second state to broadcast notification to all slave chips.
12. The secure boot method of claim 10, wherein the master chip and each slave chip obtaining firmware execution data of the same firmware from the high-speed storage device comprises:
The master chip and each slave chip concurrently access the high-speed storage device to acquire firmware execution data of the same firmware.
13. The secure boot method of claim 12, wherein the firmware execution data includes firmware code and independent variable data for each chip;
the master chip and each slave chip concurrently accessing the high-speed storage device includes:
all the chips divide the same first storage space in the high-speed storage device, and the first storage space is used for storing the firmware codes;
each chip is also divided into a second storage space corresponding to the chip in the high-speed storage device, and the second storage space is used for storing the independent variable data of the corresponding chip;
and mapping the first memory space address and the second memory space address corresponding to the chip into the same virtual address in each chip.
14. The secure boot method of claim 10, wherein a cryptographic module is disposed in each chip, and wherein key agreement is supported between the cryptographic modules in the at least two chips;
the safe starting method further comprises the following steps:
Key negotiation is carried out between the cryptographic modules in the at least two chips;
each chip encrypts a plaintext to be written into the high-speed storage device into a ciphertext through the cryptographic module in the chip and then writes the ciphertext into the high-speed storage device;
each chip also reads and decrypts the ciphertext stored in the high-speed storage device through the cryptographic module therein.
15. The secure boot method of claim 14, wherein the key agreement between the cryptographic modules in the at least two chips comprises: key negotiation is carried out between the cryptographic modules in the at least two chips to generate a shared key;
the encrypting plaintext to be written into the high-speed storage device into ciphertext and then writing into the high-speed storage device comprises the following steps: encrypting the plaintext to be written into the high-speed storage device into ciphertext by using the shared key, and then writing the ciphertext into the high-speed storage device;
the reading and decrypting the ciphertext stored in the high-speed storage device includes: the ciphertext stored in the high-speed storage device is read and decrypted using the shared key.
16. The secure boot method of claim 14, wherein encrypting plaintext to be written into the high-speed storage device into ciphertext and then writing into the high-speed storage device further comprises:
The ciphertext is also encrypted with address information to be stored in the high-speed storage device as address ciphertext.
CN202210755860.0A 2022-06-29 2022-06-29 Multi-chip interconnection system and safe starting method based on same Active CN115080473B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210755860.0A CN115080473B (en) 2022-06-29 2022-06-29 Multi-chip interconnection system and safe starting method based on same

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210755860.0A CN115080473B (en) 2022-06-29 2022-06-29 Multi-chip interconnection system and safe starting method based on same

Publications (2)

Publication Number Publication Date
CN115080473A CN115080473A (en) 2022-09-20
CN115080473B true CN115080473B (en) 2023-11-21

Family

ID=83256270

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210755860.0A Active CN115080473B (en) 2022-06-29 2022-06-29 Multi-chip interconnection system and safe starting method based on same

Country Status (1)

Country Link
CN (1) CN115080473B (en)

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5872967A (en) * 1989-12-29 1999-02-16 Packard Bell Nec Method for warm boot from reset
WO2004050369A1 (en) * 2002-12-02 2004-06-17 Silverbrook Research Pty Ltd Dead nozzle compensation
JP2005303370A (en) * 2004-04-06 2005-10-27 Sony Corp Semiconductor chip, start program, semiconductor chip program, storage medium, terminal, and information processing method
CN201655114U (en) * 2010-04-26 2010-11-24 王宾 Hardware structure of DSP experimental platform
CN103383676A (en) * 2012-07-13 2013-11-06 威盛电子股份有限公司 Hub device and method for initializing hub device
CN109086228A (en) * 2018-06-26 2018-12-25 深圳市安信智控科技有限公司 High-speed memory chip with multiple independent access channels
CN110716756A (en) * 2019-10-15 2020-01-21 上海兆芯集成电路有限公司 Multi-grain multi-core computer platform and starting method thereof
CN112540785A (en) * 2020-11-17 2021-03-23 中山市江波龙电子有限公司 Firmware upgrading method of storage device, control equipment and storage device
CN113051111A (en) * 2021-03-05 2021-06-29 海光信息技术股份有限公司 Multi-chip module fault identification processing method and system
CN113485754A (en) * 2021-06-22 2021-10-08 新华三半导体技术有限公司 Chip starting method and device and electronic equipment

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI276994B (en) * 2004-11-23 2007-03-21 Mediatek Inc Method and chip for upgrading flash ROM of optical disk drive

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5872967A (en) * 1989-12-29 1999-02-16 Packard Bell Nec Method for warm boot from reset
WO2004050369A1 (en) * 2002-12-02 2004-06-17 Silverbrook Research Pty Ltd Dead nozzle compensation
JP2005303370A (en) * 2004-04-06 2005-10-27 Sony Corp Semiconductor chip, start program, semiconductor chip program, storage medium, terminal, and information processing method
CN201655114U (en) * 2010-04-26 2010-11-24 王宾 Hardware structure of DSP experimental platform
CN103383676A (en) * 2012-07-13 2013-11-06 威盛电子股份有限公司 Hub device and method for initializing hub device
CN109086228A (en) * 2018-06-26 2018-12-25 深圳市安信智控科技有限公司 High-speed memory chip with multiple independent access channels
CN110716756A (en) * 2019-10-15 2020-01-21 上海兆芯集成电路有限公司 Multi-grain multi-core computer platform and starting method thereof
CN112540785A (en) * 2020-11-17 2021-03-23 中山市江波龙电子有限公司 Firmware upgrading method of storage device, control equipment and storage device
CN113051111A (en) * 2021-03-05 2021-06-29 海光信息技术股份有限公司 Multi-chip module fault identification processing method and system
CN113485754A (en) * 2021-06-22 2021-10-08 新华三半导体技术有限公司 Chip starting method and device and electronic equipment

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
嵌入式设备的邮递式升级方案;陈云;;计算机科学(S1);全文 *

Also Published As

Publication number Publication date
CN115080473A (en) 2022-09-20

Similar Documents

Publication Publication Date Title
US9881182B2 (en) Programming on-chip non-volatile memory in a secure processor using a sequence number
US9251380B1 (en) Method and storage device for isolating and preventing access to processor and memory used in decryption of text
CN108345806B (en) Hardware encryption card and encryption method
TWI493951B (en) Systems and methods for protecting symmetric encryption keys
JP4616345B2 (en) A method for directly distributing a certification private key to a device using a distribution CD
US20060230439A1 (en) Trusted platform module apparatus, systems, and methods
US9729309B2 (en) Securing data transmission between processor packages
US11070380B2 (en) Authentication apparatus based on public key cryptosystem, mobile device having the same and authentication method
US7636441B2 (en) Method for secure key exchange
WO2022132184A1 (en) System, method and apparatus for total storage encryption
US11243881B2 (en) Practical ORAM delegation for untrusted memory on cloud servers
CN110580420A (en) data processing method based on integrated chip, computer equipment and storage medium
CN115408707B (en) Data transmission method, device and system, electronic equipment and storage medium
KR20210095038A (en) Address decryption for memory storage
JP4138225B2 (en) Encryption circuit architecture that realizes various types of encryption algorithms at the same time without performance loss
RU2602336C2 (en) Establishing physical locality between secure execution environments
CN115080473B (en) Multi-chip interconnection system and safe starting method based on same
WO2023160705A1 (en) Component authentication method and apparatus
CN112395651A (en) Memory device and method for operating memory device
CN114553411B (en) Distributed memory encryption device and distributed memory decryption device
CN116048716A (en) Direct storage access method and device and related equipment
US7809939B2 (en) Trusted point-to-point communication over open bus
US20230163964A1 (en) Secure key exchange in a multi-processor device
JP2002244925A (en) Semiconductor circuit and data processing method
CN114598468A (en) Key configuration method, data transmission method, processor, system and related equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant