Conferences and supporting programme
Secure Boot of a Complex Quad Core CPU
Security has emerged as the preeminent concern in architecting and designing Embedded Systems in broad deployment today for mission critical applications, where higher levels of reliability and tamper-resistance are fundamental requirements. The process of booting Linux on an SOC involves multiple stages before transferring control to the Linux Kernel. After Reset is applied, a First Stage Boot Loader (FSBL) pointed to by the Reset Vector. Typically, FSBL’s are placed in ROM and have immutably as their primary security feature which has benefits in immutability but disadvantages in that you cant update it. We present a flash based FSBL with all the security benefits of a ROM based FSBL, and more, with the advantages of flash memory. As the methods of attack are becoming more sophisticated, methods must be deployed to guard against a scenario where a malicious agent manages to affect the behavior of the FSBL. We present here Secure Boot of a complex SoC. Before the FSBL is executed, a “Zero Stage Boot Loader” (ZSBL) is pushed into the CPU Complex by the a (Root of Trust) for the purpose of authenticating the NVM image before transferring control to FSBL. A Secure Hash Algorithm (SHA) of NVM image is run on the multiple 64 bit RISC-V cores cores included in the CPU Complex : The calculated hash is then checked against a purported value stored in a signed code certificate for FSBL.
--- Date: 26.02.2019 Time: 5:00 PM - 5:30 PM Location: Conference Counter NCC Ost