Research On Key Issues In Security-Enhanced Trusted Execution Environment Of Embedded Systems

With the continuous expansion of embedded system applications,its importance has become increasingly prominent.At the same time,due to the convenience of network connection,the hotspots of network attack and defense are being transformed into embedded systems.As many hackers turn their attention to embedded systems,the shortcomings of their ability to respond to security threats are emerging.After summarizing the security research of embedded systems in different application areas,it can be found that the Trusted Execution Environment(TEE)is a more effective solution to improve the security of embedded systems.However,current research focus on TEE still has shortcomings,including how to build a trusted execution environment,how to provide security services,and how to enhance system security.Therefore,there are security risks when applying TEE technologies in embedded systems.This thesis comprehensively analyzes and summarizes the security challenges of trusted execution environment from the aspects of Root of Trust,Chain of Trust,isolation mechanism and trusted operating system security vulnerability,and proposes a security enhanced trusted execution environment architecture.And propose solutions for some key issues,including how to design a root of trust to defend against physical and software attacks,how to provide active defense capability in the TrustZone monitor mode program,how to build a security model for a trusted operating system kernel,and how to design a kernel based on the security model,how to design system services for microkernel operating systems,how to perform security analysis on untrusted cryptographic software,how to ensure the credibility of machine learning calculations,and how to enhance system security.Finally,a basic software development framework for TEE,as well as formal analysis and verification methods for key mechanisms or critical software are formed.The prototype system has been implemented on the experimental platform.The experimental evaluation results show that the designed security-enhanced trusted execution environment can meet the requirements of embedded systems in terms of function,performance and security.An application system is also designed based on the designed security-enhanced trusted execution environment.The experimental evaluation results show that the designed intrusion detection system can effectively identify the network attack and realize the active defense of the system.The main contributions and innovations in this thesis include the following.(1)A security enhanced trusted execution environment architecture is proposed and the Root of Trust that protects against physical attacks and software attacks is designed and implemented.This Root of Trust can be implemented in the TrustZone hardware architecture to ensure the credibility of the code being executed first after the embedded system device is powered on.We also build a complete Chain of Trust,from the Root of Trust to the bootloader,to the trusted operating system,to system services,and finally to trusted applications.(2)According to the idea and method of operating system security design,the state machine security model of the trusted operating system kernel is established by formal method,which provides a framework for reasoning about the ability to enforce security policies.Based on the security model,based on the idea of microkernel,a secure enhanced trusted operating system kernel is designed.Its access control system is used to control all access to system resources and kernel services,thereby solving the problem of the lack of security design and security mechanisms for trusted operating systems.(3)A method and framework for implementing user mode system services based on microkernel architecture is proposed.Based on the state machine security model,the formal method is used to verify that the effective isolation between components can be ensured through the kernel access control mechanism.Isolation between the kernel and complex system service components is achieved by running system services in user mode,and isolation between system service components and trusted applications is ensured through kernel access control mechanisms.This can effectively solve the security problems caused by the expansion of the current trusted operating system code size.(4)Based on the user-mode system service framework,the NFC software stack,the cryptographic service and the lightweight neural network trusted computing service framework are implemented in the trusted operating system,which simplifies the development of the upper-layer application.In order to provide security for untrusted components in system services,such as the open source cryptographic software library used in the cryptographic service,a formal method that can analyze the security of cryptographic software is proposed.In the lightweight neural network trusted computing service framework,the most time-consuming linear operations(matrix multiplication)in neural network computing are outsourced to REE.The result of the outsourced computation is checked to ensure that neural network calculations are trustworthy.The result check operation is performed in the trusted execution environment.The framework can effectively solve the problem of being vulnerable when performing neural network computing in REE.(5)Based on the Linux user mode intrusion detection system architecture,a lightweight real-time network intrusion detection method is proposed.Based on this method,a framework of intrusion detection system based on trusted execution environment is proposed.Identifying network threats through intrusion detection,ensuring the security of the intrusion detection system itself through the trusted execution environment,and providing active defense functions through the trusted execution environment,which can improve the overall security of the system.