Design And Implementation Of End Node Secure Syetem In Smart Home Based On TEE

Smart Home bring people a highly humanized living space.However,more and more IoT attacks also indicate that their security problems are getting worse.In Smart Home,the end node devices face the most serious security challenges,and its security has become the focus of attention in the industry and academia.This thesis analyzes the security requirements of Smart Home end node system resources and the common attack methods to Smart Home,and proposes the security objectives of Smart Home end node,combine security objectives with Trusted Execution Environment(TEE)to design and implementation a lightweight end node secure system.TEE divides the end node system into normal world and secure world that is isolated from each other,and protects system resources within the secure world.TEE kernel module,secure service module and secure peripheral driver module are designed in the secure world.TEE kernel module is the core of building end node secure system,including secure partition manager,secure service scheduler and secure interrupt handler;secure service module includes platform customization services,secure boot and firmware upgrade service,secure key storage service and secure encryption and decryption service;secure peripheral driver module is secure world hardware peripheral driver programs.The Smart Home end node functional applications run in the normal world,and secure service APIs are designed for normal world to interact with the secure world to call secure services.This thesis implements TEE kernel module based on Synopsys ARC Secureshield,a hardware technology of TEE in low-power embedded processor,implements the securie service module by integrating MCUBoot and mbedTLS,and implements the platform customization services based on the hardware characteristics of the ARC processor.This thesis builds an experimental platform based on ARC EM Start Kit(EMSK)which supports SecureShield to build a complete secure end node for family baby care system application,and test system security and reliability.The result shows that the system conforms to the lightweight design principle,the memory consumption of secure world is 44 K,the execution time of secure service scheduler is 11.1us,and the average execution time of secure services is 37.1us.