Research On Construction Technology Of Trusted Chain Based On Embedded System

The performance of the current embedded system is improving rapidly,and the development is very rapid.There are a large number of applications in different scenarios.With the popularization of embedded systems,attacks on embedded systems have begun to increase,but the development of security protection for embedded systems is not yet mature enough.Existing studies have shown that the use of trusted computing technology in embedded systems is a practical security protection scheme.The trusted computing technology recommended by the International Trusted Computing Group(TCG)is based on the idea of establishing a trusted chain from embedded systems.The chain of trust is established throughout the entire process from the start of power-up to the running of the application in the operating system.However,the current trusted chain recommended by TCG still has some security problems: one problem is that the trusted chain is transmitted forward in a chain structure,which will lead to the problem of trust loss in the process of trust transmission,and the level of trust chain transmission is higher,the loss will be more obvious;another problem is that the trusted chain uses a static measurement scheme for each component before starting,so the system state information recorded by the trusted chain can only reflect the state of the program in the system when it is started,but cannot reflect the state at runtime.In response to the above problems,the main work of this article is as follows:1.The research and analysis of the current development status of embedded systems are carried out,the current research status of trusted chain models and trusted chain application systems are listed.Improve the method of trust chain construction on the embedded system.Complete research on the current development of trusted computing.2.Analyze the problem of trust loss in the currently commonly used chain trusted chain model recommended by TCG.At the same time,the star trusted chain model as an optimization scheme has too high requirements for the core root of trust for measurement and poor scalability,practicability.A new type of trusted chain model that separates the measurer from the measured object is proposed.This model has the advantages of less trust loss,strong practicability,and good security.According to the proposed trusted chain model,several feasible trusted chain transfer implementation schemes are designed,including the using different processor cores to start different systems,virtual machine-based multi-system environment and Trust Zone-based dual-system scheme.Research shows that the third option is most suitable for use on embedded devices.3.Aiming at the problem that the static measurement of the trusted chain cannot reflect the runtime behavior of the program,by analyzing the process operation credibility theorem defined in the non-interference model,a dynamic measurement model design that uses the imaginary system to run synchronously with the real system is proposed.Based on this design idea,this article calls the operating model of the sequence analysis program through the application,and improves the model from the perspective of measurement granularity to improve the operating efficiency of the measurement.Based on this,a dynamic integrity measurement method that can perform real-time dynamic measurement of programs is proposed,and various algorithms used in this method are studied.4.Based on the FT2000 platform and Sylix OS embedded system,the prototypes of the static transfer model and dynamic measurement model of the trusted chain proposed in this paper are implemented and tested.Experiments show that the model proposed in this paper can effectively improve the security of embedded systems.