Research And Implementation Of Trusted Embedded System Based On STM32

With the rapid development of information technology,embedded devices and their applications are also rapidly increasing.However,in recent years,security threats caused by insufficient security protection capabilities of embedded systems have emerged in many fields.It is imperative to improve the security of embedded systems.This article takes the STM32 platform as an example and adopts trusted computing technology to build a trusted embedded system to solve the security problems faced by embedded systems.In the process of design and implementation of the whole system,the following important tasks were mainly done:1.Analyze the current security threats faced by embedded systems and related technologies to improve the security performance of embedded systems.The principle of trusted embedded system is introduced,including the theory of TEE,the construction of TEE,the types of encryption algorithms and the specific application of encryption algorithms in trusted embedded systems.2.Designed a scheme of trusted embedded system.Firstly,the framework of a trusted embedded system is constructed;secondly,a secure start-up scheme for the system is given,which includes the creation of the root of trust,the construction of the trust chain,and the mechanism for invoking the security engine;finally,the secure firmware update scheme and the availability are analyzed.Relevant protection measures and security strategies of the letter embedded.3.Based on the STM32F767IGT6 chip,the hardware platform of the trusted embedded system is designed.Mainly includes power module(implemented by DC-DC chip MC34063),USB interface for data transmission,system external memory SDRAM(size:32M,model:W9825G6KH-6)and external non-volatile memory NAND FLASH(size:512M,model:29F4G08ABADA).4.Based on the HAL library,the software framework of a trusted embedded system is constructed,which mainly includes a secure boot module,a secure engine module,and a user program module.Among them,the secure boot module is used to build a trusted execution environment;the secure engine module is used to provide security services to secure boot and user modules;the user module is used to test whether the trusted embedded system designed in this article meets the expected requirements.5.Tested the secure boot,secure firmware update,non-secure firmware update and security protection functions of the trusted embedded system,and analyzed the results.The test results show that the trusted embedded system designed in this paper has the ability to resist internal and external attacks and meets the final design requirements.