CN116339852A - Method and device for safely starting bootstrap program for intelligent power utilization terminal - Google Patents
Method and device for safely starting bootstrap program for intelligent power utilization terminal Download PDFInfo
- Publication number
- CN116339852A CN116339852A CN202211670516.8A CN202211670516A CN116339852A CN 116339852 A CN116339852 A CN 116339852A CN 202211670516 A CN202211670516 A CN 202211670516A CN 116339852 A CN116339852 A CN 116339852A
- Authority
- CN
- China
- Prior art keywords
- esam
- uboot
- bootstrap
- program
- comparison
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 45
- 102100038591 Endothelial cell-selective adhesion molecule Human genes 0.000 claims abstract description 36
- 101000882622 Homo sapiens Endothelial cell-selective adhesion molecule Proteins 0.000 claims abstract description 36
- 238000005259 measurement Methods 0.000 claims abstract description 32
- 238000004590 computer program Methods 0.000 claims description 17
- 238000010586 diagram Methods 0.000 description 9
- 238000012795 verification Methods 0.000 description 5
- 230000006870 function Effects 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/445—Program loading or initiating
- G06F9/44568—Immediately runnable code
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Stored Programmes (AREA)
Abstract
The invention discloses a method and a device for safely starting a bootstrap program for an intelligent power utilization terminal, comprising the following steps: after the ESAM of the security chip is started, reading a boot program uboot from the SPI Flash of the serial port Flash; the security chip ESAM calculates an SM3 measurement value of the bootstrap uboot, and compares the SM3 measurement value with an SM3 measurement value stored in the bootstrap uboot; if the SM3 measurement values are consistent in comparison, the MCU loads and starts a bootstrap program from the serial Flash SPI Flash. By adopting an SM3 metric comparison method, the integrity of the bootstrap program can be verified through the metric comparison, and the source reliability of the bootstrap program is ensured.
Description
Technical Field
The invention relates to the field of embedded systems, in particular to a method and a device for safely starting a bootstrap program for an intelligent power utilization terminal.
Background
The boot loader is a small program which needs to be run first before the kernel system of the operating system runs, and can initialize hardware equipment and establish a mapping diagram of a memory space through the boot loader so as to prepare an environment for calling the kernel of the operating system. The main running task of the boot loader is to read the kernel image from the SPI Flash to the memory, and then jump to the entry point of the kernel to run, namely starting to start the operating system.
The intelligent power consumption terminal adopts an embedded operating system, in the embedded system, a firmware program like a BIOS is usually not available, and the code for completing initialization operation during starting is a boot program uboot, so that the loading and starting task of the whole system is completely completed by the boot program uboot.
After the terminal is started, the uboot serving as a system boot program is started first, so that the source reliability and tamper resistance of the boot program are required to be ensured, and the security of the boot program is ensured. At present, a method for safely starting a bootstrap program is lacking, and the existing starting mode is that when a terminal is powered on, an MCU directly loads and executes the bootstrap program, the bootstrap program completes safety verification of a kernel and loads a starting kernel, and starting of an operating system is completed. Since the bootstrap is not verified, the security of the bootstrap is difficult to guarantee, and may pose a threat to the system security of the terminal.
Disclosure of Invention
Aiming at the technical problems, the invention provides a method for safely starting a bootstrap program of an intelligent power utilization terminal, which comprises the following steps:
after the ESAM of the security chip is started, reading a boot program uboot from the SPI Flash of the serial port Flash;
the security chip ESAM calculates an SM3 measurement value of the bootstrap uboot, and compares the SM3 measurement value with an SM3 measurement value stored in the bootstrap uboot;
if the SM3 measurement values are consistent in comparison, the MCU loads and starts a bootstrap program from the serial Flash SPI Flash.
Further, after the secure chip ESAM is started, before the step of reading the boot program uboot from the serial Flash SPI Flash, the method further includes:
and the intelligent power utilization terminal is electrified, and the security chip ESAM is started.
Further, the security chip ESAM is started, and the security chip ESAM controls the power pin of the MCU to be at a low level.
Further, the method further comprises the following steps: if the SM3 measurement values are inconsistent in comparison, the intelligent power utilization terminal is reset, and the boot program uboot is failed in safe start.
Further, the method further comprises the following steps: if the SM3 measurement values are consistent in comparison, the security chip ESAM pulls up the power pin of the MCU.
The invention also provides a device for safely starting the bootstrap program for the intelligent power utilization terminal, which comprises:
the boot program reading unit is used for reading a boot program uboot from the serial port Flash SPI Flash after the ESAM of the security chip is started;
the comparison unit is used for calculating an SM3 measurement value of the bootstrap uboot by the ESAM of the security chip and comparing the SM3 measurement value with an SM3 measurement value stored in the bootstrap uboot;
the first starting unit is used for loading and starting a bootstrap program from the serial port Flash SPI Flash by the MCU if the SM3 measurement values are consistent in comparison.
Further, the method further comprises the following steps:
and the power-on unit is used for powering on the intelligent power-on terminal and safely starting the ESAM.
Further, the method further comprises the following steps:
and the control unit is used for controlling the power pin of the MCU to be at a low level by the ESAM of the safety chip.
Further, the method further comprises the following steps:
and the second starting unit resets the intelligent power utilization terminal if the SM3 metric values are inconsistent in comparison, and fails to start the boot program uboot safely.
Further, the method further comprises the following steps:
and the transistor pin pulling unit is used for pulling up the power pin of the MCU by the security chip ESAM if the SM3 measurement values are consistent in comparison.
The invention also provides an electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the steps of any of the methods described above when executing the computer program.
The invention also provides a readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of the method of any of the preceding claims.
The invention provides a method and a device for safely starting a bootstrap program for an intelligent power utilization terminal, wherein the key point of the safe starting of the bootstrap program is that a safety chip controls an MCU power pin to be low level, so that the MCU cannot run during the process of reading and calculating the bootstrap program metric value by the safety chip; and secondly, the verification method of the bootstrap program adopts an SM3 metric comparison method, and the bootstrap program can be subjected to integrity verification through the metric comparison, so that the source reliability of the bootstrap program is ensured.
Drawings
FIG. 1 is a flow chart of a method for safely starting a bootstrap program for an intelligent power utilization terminal;
FIG. 2 is a boot procedure diagram of the intelligent power terminal according to the present invention;
fig. 3 is a schematic diagram of a device for safely starting a bootstrap program for an intelligent power consumption terminal.
Detailed Description
In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present invention. The present invention may be embodied in many other forms than those herein described, and those skilled in the art will readily appreciate that the present invention may be similarly embodied without departing from the spirit or essential characteristics thereof, and therefore the present invention is not limited to the specific embodiments disclosed below.
Fig. 1 is a schematic flow chart of a method for safely starting a bootstrap program for an intelligent power consumption terminal, and the method provided by the invention is described in detail below with reference to fig. 1.
Step S101, after the security chip ESAM is started, a boot program uboot is read from the serial Flash SPI Flash.
Step S102, the secure chip ESAM calculates an SM3 metric value of the boot program uboot, and compares the SM3 metric value with an SM3 metric value stored in the boot program uboot.
Step S103, if the SM3 metric values are consistent in comparison, the MCU loads and starts a bootstrap program from the serial port Flash SPI Flash.
The safety starting process of the bootstrap program for the intelligent power utilization terminal is shown in fig. 2:
and the intelligent power utilization terminal is electrified, and the security chip ESAM is started. The ESAM of the safety chip controls the power pin of the MCU to be in a low level. The security chip ESAM reads a boot program uboot from the serial port Flash SPI Flash; the security chip ESAM calculates an SM3 measurement value of the boot program uboot, compares the SM3 measurement value with an SM3 measurement value stored in the boot program uboot, and pulls up a power pin of the MCU if the SM3 measurement value is consistent in comparison. The MCU loads and starts a bootstrap program from serial port Flash SPI Flash, and the secure start of the bootstrap program uboot is completed; if the SM3 measurement values are inconsistent in comparison, the intelligent power utilization terminal is reset, and the boot program uboot is failed in safe start.
Based on the same inventive concept, the present invention also provides a device 300 for safely starting a bootstrap program for an intelligent power consumption terminal, as shown in fig. 3, including:
the boot program reading unit 310 is configured to read a boot program uboot from the serial Flash SPI Flash after the ESAM of the security chip is started;
a comparison unit 320, configured to calculate an SM3 metric value of the boot loader uboot by using the ESAM of the security chip, and compare the SM3 metric value with an SM3 metric value stored in the boot loader uboot;
the first starting unit 330 is configured to load and start the boot program from the serial Flash SPI Flash if the SM3 metric values are consistent.
Further, the method further comprises the following steps:
and the power-on unit is used for powering on the intelligent power-on terminal and safely starting the ESAM.
Further, the method further comprises the following steps:
and the control unit is used for controlling the power pin of the MCU to be at a low level by the ESAM of the safety chip.
Further, the method further comprises the following steps:
and the second starting unit resets the intelligent power utilization terminal if the SM3 metric values are inconsistent in comparison, and fails to start the boot program uboot safely.
Further, the method further comprises the following steps:
and the transistor pin pulling unit is used for pulling up the power pin of the MCU by the security chip ESAM if the SM3 measurement values are consistent in comparison.
The key point of the safe starting of the bootstrap program is that the safety chip controls the MCU power pin to be low level, so that the MCU cannot run during the process of reading and calculating the bootstrap program metric value by the safety chip; and secondly, the verification method of the bootstrap program adopts an SM3 metric comparison method, and the bootstrap program can be subjected to integrity verification through the metric comparison, so that the source reliability of the bootstrap program is ensured.
Based on the same inventive concept, the invention also provides an electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the steps of any one of the methods described above when executing the computer program.
Based on the same inventive concept, the present invention also provides a storage medium having stored thereon a computer program, characterized in that the computer program when executed by a processor realizes the steps of any of the methods described above.
It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
Finally, it should be noted that: the above embodiments are only for illustrating the technical solution of the present invention and not for limiting the same, and although the present invention has been described in detail with reference to the above embodiments, it should be understood by those skilled in the art that modifications and equivalents may be made to the specific embodiments of the present invention without departing from the spirit and scope of the present invention, and it should be covered by the scope of the claims of the present invention.
Claims (12)
1. The method for safely starting the bootstrap program for the intelligent power utilization terminal is characterized by comprising the following steps of:
after the ESAM of the security chip is started, reading a boot program uboot from the SPI Flash of the serial port Flash;
the security chip ESAM calculates an SM3 measurement value of the bootstrap uboot, and compares the SM3 measurement value with an SM3 measurement value stored in the bootstrap uboot;
if the SM3 measurement values are consistent in comparison, the MCU loads and starts a bootstrap program from the serial Flash SPI Flash.
2. The method of claim 1, wherein after the secure chip ESAM is started, before the step of reading the boot program uboot from the serial Flash SPI Flash, the method further comprises:
and the intelligent power utilization terminal is electrified, and the security chip ESAM is started.
3. The method of claim 1, wherein the secure chip ESAM is enabled and controls a power pin of the MCU to a low level.
4. The method as recited in claim 1, further comprising: if the SM3 measurement values are inconsistent in comparison, the intelligent power utilization terminal is reset, and the boot program uboot is failed in safe start.
5. The method as recited in claim 1, further comprising: if the SM3 measurement values are consistent in comparison, the security chip ESAM pulls up the power pin of the MCU.
6. The utility model provides a device towards intelligent power consumption terminal's bootstrap program safety start-up which characterized in that includes:
the boot program reading unit is used for reading a boot program uboot from the serial port Flash SPI Flash after the ESAM of the security chip is started;
the comparison unit is used for calculating an SM3 measurement value of the bootstrap uboot by the ESAM of the security chip and comparing the SM3 measurement value with an SM3 measurement value stored in the bootstrap uboot;
the first starting unit is used for loading and starting a bootstrap program from the serial port Flash SPI Flash by the MCU if the SM3 measurement values are consistent in comparison.
7. The apparatus as recited in claim 6, further comprising:
and the power-on unit is used for powering on the intelligent power-on terminal and safely starting the ESAM.
8. The apparatus as recited in claim 6, further comprising:
and the control unit is used for controlling the power pin of the MCU to be at a low level by the ESAM of the safety chip.
9. The apparatus as recited in claim 6, further comprising:
and the second starting unit resets the intelligent power utilization terminal if the SM3 metric values are inconsistent in comparison, and fails to start the boot program uboot safely.
10. The apparatus as recited in claim 6, further comprising:
and the transistor pin pulling unit is used for pulling up the power pin of the MCU by the security chip ESAM if the SM3 measurement values are consistent in comparison.
11. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the steps of the method of any one of claims 1 to 5 when the computer program is executed by the processor.
12. A storage medium having stored thereon a computer program, which when executed by a processor, implements the steps of the method of any of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211670516.8A CN116339852A (en) | 2022-12-24 | 2022-12-24 | Method and device for safely starting bootstrap program for intelligent power utilization terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211670516.8A CN116339852A (en) | 2022-12-24 | 2022-12-24 | Method and device for safely starting bootstrap program for intelligent power utilization terminal |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116339852A true CN116339852A (en) | 2023-06-27 |
Family
ID=86888267
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211670516.8A Pending CN116339852A (en) | 2022-12-24 | 2022-12-24 | Method and device for safely starting bootstrap program for intelligent power utilization terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116339852A (en) |
-
2022
- 2022-12-24 CN CN202211670516.8A patent/CN116339852A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR101861724B1 (en) | Selective power management for pre-boot firmware updates | |
| US7752428B2 (en) | System and method for trusted early boot flow | |
| CN111523112B (en) | Method, device, equipment and medium for safely starting server | |
| US9530004B2 (en) | Secure boot method, semiconductor device and recording medium | |
| US9703635B2 (en) | Method, computer program, and computer for restoring set of variables | |
| CN101807152B (en) | Basic output and input system for self verification of selection read only memory and verification method thereof | |
| TW201519100A (en) | System and method for auto-enrolling option ROMs in a UEFI secure boot database | |
| WO2007045133A1 (en) | A computer system and a method which can perform integrity checking | |
| WO2016206514A1 (en) | Startup processing method and device | |
| CN107665308B (en) | TPCM system for building and maintaining trusted operating environment and corresponding method | |
| TW201506788A (en) | Secure boot override in a computing device equipped with unified-extensible firmware interface (UEFI)-compliant firmware | |
| US20200104504A1 (en) | Information handling system firmware bit error detection and correction | |
| US20150154091A1 (en) | Bios maintenance method | |
| CN111158767A (en) | BMC-based server secure starting method and device | |
| CN109634781A (en) | One kind is based on embedded program two-region Backup Images system and starting method | |
| CN111488589A (en) | Safe and trusted boot and firmware upgrade system and method based on hardware write protection | |
| CN113901473B (en) | Method, device, equipment and readable medium for safely starting server | |
| CN110286953B (en) | Method and device for starting embedded system, embedded device and storage medium | |
| CN116991622A (en) | Recovery method and system for starting failure of trusted DCS controller system | |
| CN116339852A (en) | Method and device for safely starting bootstrap program for intelligent power utilization terminal | |
| CN111090443A (en) | Method, equipment and storage medium for guaranteeing safe upgrade of linux system | |
| KR102598510B1 (en) | Method and apparatus for verify software integrity | |
| CN114077740A (en) | Bidirectional authentication trusted boot system and method based on TPCM chip | |
| CN107360167B (en) | Authentication method and device | |
| CN112667444A (en) | System upgrading method, storage medium and terminal equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |