HKG18-223 - Trusted FirmwareM: Trusted boot

Linaro
LinaroLinaro
Confidential © 2017 Arm Limited Trusted Firmware M Trusted Boot Tamas Ban Linaro 2018​ Arm
Non-Confidential © Arm 20182 Agenda • Concept of trusted boot • Bootloader in TF-M • Firmware upgrade • Alternatives for upgrade • Alternatives for crypto • Plans • Q&A
Non-Confidential © Arm 20183 What is trusted environment? An integrated execution environment(HW + SW) which can protect valuable assets against extraction: • Sensitive user data • Crypto keys • Firmware itself, etc. Hardware Trusted Env.
Non-Confidential © Arm 20184 Introduction to trusted bootloader concept What? Why? How? SW whose aim is to verify the origin and integrity of other SW components which run on the target system. • Bootloader runs as soon as system is released from reset prior any other SW. In case of successful authentication it passes execution to the runtime firmware. One wants to ensure that only a certain set of SW, without any external modification, can run on a particular device. • Device contains sensitive assets which could be extracted with the usage of malicious SW. Device contains immutable SW and data, which can be used for authentication: • Integrity of SW: – Checking hash value • Origin of SW: – Checking digital signature
Non-Confidential © Arm 20185 Considerations at selection of bootloader Secure boot requirements PSA spec defines boot and firmware update requirements: • Support for firmware upgrade • Support for chain-of-trust • Support for NIST or NSA approved cryptographic algorithm: SHA2, RSA, ECDSA, HMAC, KDF • Etc. Device constraints Device constraints mandate `yet-another` bootloader: • Usually less than 1 MB flash memory for code • Usually less than 256 KB RAM for data • Usage of cryptographic accelerator HW component • Computing power • No MMU, no memory virtualization • Power failure awareness • Etc.
Non-Confidential © Arm 20186 Bootloader in TF-M MCUBoot is utilized to act as BL2 in TF-M: • Open source project with Apache 2.0 licensing • Low memory footprint; designed for 32 bit microcontrollers • Running from flash(currently XIP) • Several secure boot features are supported for firmware authentication: SHA256, RSA- 2048, (ECDSA) • Usage of 3rd party libraries for cryptographic operations: mbedTLS, (TinyCrypt) • Firmware update with image swapping • Power failure resistant upgrade • Fallback mechanism to stable version
Non-Confidential © Arm 20187 First bootloader release MCUBoot integrated within TF-M repository: Customized to be OS agnostic Currently SHA256 and RSA-2048 are supported SPE and NSPE are concatenated to a single binary blob Hash and digital signature tooling and runtime check Software Upgrade prototype as proof of concept: • Emulating flash interface and behaviour over code SRAM System constraints: • No support for image size that does not fit in available RAM • CoT reduced to verify SPE and NSPE in the same go
Non-Confidential © Arm 20188 Immutable BL1 code Chain of trust Hash BL2 image SIP/OEM Root of Trust Public Key (ROTPK) OEM/Developer Public Key(s) Use CA public key if supporting certificate revocation Check signature Public image signing keys can be rotated Check integrity NSPE image SPE image Check signature Public key Public key(s) Check signature
Non-Confidential © Arm 20189 RTOS & Application Boot process Stage PSA (not mandatory) TF-M BL1 Immutable boot code in ROM Boot code in eFlash BL2 NSPESPE Secure runtime firmware Verify Load Start Core SPM Secure services TBD Verify Load Start Verify Load Start RTOS & Application BL2 MCUBoot Start Start Verify combined hash and signature
Non-Confidential © Arm 201810 Basic operation and memory layout
Non-Confidential © Arm 201811 6.) Copy scratch to Slot_0 3.) Erease Slot_1 Image swapping • Code linked to Slot_0 memory space • Divided into rounds • Scratch-sized data is moved in one go • Status info saved after each round • Power failure safe Slot_1_Sector_2 Slot_1_Sector_N Slot_1_Sector_3 Active image Slot_0 New image Slot_1 Slot_0_Sector_2 Slot_0_Sector_N Slot_0_Sector_3 Scratch area 1.) Erease scratch Sector_0 Sector_1 Slot_0_Sector_0 Slot_0_Sector_1 Slot_1_Sector_0 Slot_1_Sector_1 2.) Copy Slot_1 to scratch 4.) Copy Slot_1 to scratch 5.) Erease Slot_0 Slot_1_Sector_1 Slot_1_Sector_0 Save swap status info Slot_1_Sector_0 Slot_1_Sector_1 Slot_0_Sector_0 Slot_0_Sector_1 Slot_1_Sector_1 Slot_1_Sector_0
Non-Confidential © Arm 201812 Firmware upgrade • Upgrade is a task of runtime FW • Potentially split between NSPE and SPE • XIP images
Non-Confidential © Arm 201813 Image fallback • Store previous image • Health-check new image with BIST • Self confirmation • Reboot in case of failure • Revert back stable image • Set rollback after confirmation
Non-Confidential © Arm 201814 Design constraints Header size - VTOR alignment: • Device dependent 512-1024 bytes Image slot’s layout must be aligned Scratch area size: • Flash memory wear-out • At least as the largest block size Real image size smaller than image slot: • Image header, TLV, swap status info, etc. No recovery option, if both images are faulty
Non-Confidential © Arm 201815 Common threats Threat Mitigation Implemented Malicious firmware sent to device Signed firmware images Yes Downgrade to old vulnerable version Version or fallback counters check Not yet* Persistent malware(rootkits) Immutable boot code and data(BL1) Not yet Remote bricking of the device Backup image Yes Attacker gets signing key Key revocation support Not yet* *: Planned to be addressed in 2018
Non-Confidential © Arm 201816 Alternatives to image swapping Position independent code Pros: • Reduced P/E cycle leads to longer lifetime • Reduced BL complexity and code footprint • Reduced boot-up time(no swapping) Cons: • Might lead bigger firmware code footprint • Some compiler switches are not compatible with PIC code • Some C lib (Microlib) cannot be compiled to be PIC • Other constraints when compiling code to be PIC Dual image build Pros: • Reduced P/E cycle leads to longer lifetime • Reduced BL complexity and code footprint • Reduced boot-up time(no swapping) Cons: • More complex build process • Extra logic in update client
Non-Confidential © Arm 201817 Alternatives to image swapping Execute from RAM Pros: • Reduced P/E cycle leads to longer lifetime • Faster firmware execution • Reduced BL complexity and code footprint Cons: • Usually infeasible: less RAM than ROM Off-chip storage Pros: • Reduced P/E cycle leads to longer lifetime • Reduced BL complexity and code footprint Cons: • Might be a security risk: when to verify signature? • Might require image encryption, increased code footprint(include AES) and boot-up time
Non-Confidential © Arm 201818 Alternatives to image swapping Overwrite Pros: • Reduced P/E cycle leads to longer lifetime • No need for scratch space • Reduced BL complexity and code footprint Cons: • Risk of bricking the device because no revert possible
Non-Confidential © Arm 201819 MCUBoot as PIC code Experiment to compile PIC code: • RO and RW position independent( --ropi, --rwpi) • Vector table and IRQ handlers must be in RAM • IRQ handling unavailable until vectors and handlers relocated to RAM • Image size increased: • 29KB -> 38KB; More std. C lib was compiled-in • Limitations on source code: • Constant pointer cannot be used • CMSE armclang flag is not compatible with ROPI • Microlib cannot be compiled to be position independent
Non-Confidential © Arm 201820 Comparison of crypto algorithms RSA • Big key size: up to 15KB • 128 bit level of security: RSA-3072 • ROM size(mbedTLS): ~14KB • RAM usage(mbedTLS): ~7KB • Key generation: slower • Signature generation: slower • Signature verification time: faster ECC • Small key size: up to 512 bits • 128 bit level of security: ECC-256 • ROM size(mbedTLS): • RAM usage(mbedTLS): ~13KB • Key generation: faster • Signature generation: faster • Signature verification : slower Moving from RSA to ECC
Non-Confidential © Arm 201821 „Speed up asymmetric crypto” Signature verification with RSA or ECC is time consuming Symmetric crypto can spare clock cycles Replace asym. crypto with symmetric: HMAC, CMAC, etc: • Previously verified images(upgrade time) can get a MAC, generated based on Hardware Unique Key(HUK) • At boot time this MAC is verified instead of original signature • Boot time can be significantly reduced Download new firmware Verify signature Deploy in flash Generate MAC Save to flash Reset device Bootloader checks MAC
Non-Confidential © Arm 201822 Alternatives for crypto libraries HW accelerator: • Improved performance / reduced code footprint CryptoCell-312: • Symmetric and asymmetric crypto • Runtime library: use mbedTLS API • Boot library: – Signature verification – X509 certificate parsing – Image verification and optional decryption • Asset provisioning to OTP memory • Rollback counters
Non-Confidential © Arm 201823 Bootloader plans PSA compliance: • Anti-rollback protection • Create interface between SPE and bootloaders • Add support of multiple chains of trust and might be certificates Explore possibilities to make BL2 updatable Integrate crypto HW accelerator (CC312) with BL2
Non-Confidential © Arm 201824 How to get involved TF-A and TF-M master codebases • https://git.trustedfirmware.org/ TF-M Team @ Connect HKG18 • Abhishek Pandit • Ashutosh Singh • Tamas Ban • Miklos Balint Get in touch • Come round LITE hacking room between 3-4 pm Wednesday • Schedule a meeting via hkg18.pathable.com More info on developer.arm.com
2525 Confidential © 2017 Arm Limited Thank You! Danke! Merci! 谢谢! ありがとう! Gracias! Kiitos! 감사합니다 धन्यवाद
Non-Confidential © Arm 201826 Supported platforms MCUBoot with TF-M can run on: • In simulator environment(FVP) on PC. • MPS2 development board with AN521 (Castor) FPGA image • MPS2 development board with AN519 (M23) FPGA image • Musca_A porting is in progress
Non-Confidential © Arm 201827 Trailer(Swap status) BL2 - Bootloader Secure firmware Non-secure firmware Header TLV(SHA, DS) Secure firmware Non-secure firmware Header TLV(SHA, DS) SLOT_1 Placeholder for new image SLOT_0 Active image Scratch area Currently not updatable 0x0000... 0xXXXX... Used during image swapping
Non-Confidential © Arm 201828 BL2 - Bootloader started Erase SLOT_1 Finalize aborted swap Initialize phase Authenticate SW in SLOT_1 Swap images between SLOT_0 and SLOT_1 Finalize image status info Pass execution to SPE in SLOT_0 CPU released from reset Is new SW in SLOT_1 Is there aborted swap? yes no yes Valid SW? no no
Non-Confidential © Arm 201829 SPENSPE Update Client Trusted Update Function Firmware Storage Server Runtime firmware BL2 - Bootloader Slot_0 – Active Image Slot_1 – New imageLocal Storage 1. Download: - firmware - manifest 2. Authentication: - send manifest Keys NV counters 3. Provison new image 4. Reboot 5. Authenticate and swap images, start image in slot_0 Remote server
Non-Confidential © Arm 201830 Old image New image Reboot New image Old image Test NOK New image Old image New image Old image Test OK Confirm New image Old image Reboot Old image New image Set rollback
1 sur 30

HKG18-223 - Trusted FirmwareM: Trusted boot

Télécharger pour lire hors ligne
Technologie

"Session ID: HKG18-223 Session Name: HKG18-223 - Trusted Firmware M : Trusted Boot Speaker: Tamas Ban Track: LITE ★ Session Summary ★ An overview of the trusted boot concept and firmware update on the ARMv8-M based platform and how MCUBoot acts as a BL2 bootloader for TF-M. Trusted Firmware M In October 2017, Arm announced the vision of Platform Security Architecture (PSA) - a common framework to allow everyone in the IoT ecosystem to move forward with stronger, scalable security and greater confidence. There are three key stages to the Platform Security Architecture: Analysis, Architecture and Implementation which are described at https://developer.arm.com/products/architecture/platform-security-architecture. _Trusted Firmware M, i.e. TF-M, is the Arm project to provide an open source reference implementation firmware that will conform to the PSA specification for M-Class devices. Early access to TF-M was released in December 2017 and it is being made public during Linaro Connect. The implementation should be considered a prototype until the PSA specifications reach release state and the code aligns._ --------------------------------------------------- ★ Resources ★ Event Page: http://connect.linaro.org/resource/hkg18/hkg18-223/ Presentation: http://connect.linaro.org.s3.amazonaws.com/hkg18/presentations/hkg18-223.pdf Video: http://connect.linaro.org.s3.amazonaws.com/hkg18/videos/hkg18-223.mp4 --------------------------------------------------- ★ Event Details ★ Linaro Connect Hong Kong 2018 (HKG18) 19-23 March 2018 Regal Airport Hotel Hong Kong --------------------------------------------------- Keyword: LITE 'http://www.linaro.org' 'http://connect.linaro.org' --------------------------------------------------- Follow us on Social Media https://www.facebook.com/LinaroOrg https://www.youtube.com/user/linaroorg?sub_confirmation=1 https://www.linkedin.com/company/1026961"

Linaro
LinaroLinaro

Recommandé

LCU13: An Introduction to ARM Trusted Firmware par
LCU13: An Introduction to ARM Trusted FirmwareLCU13: An Introduction to ARM Trusted Firmware
LCU13: An Introduction to ARM Trusted FirmwareLinaro
30.4K vues26 diapositives
HKG18-212 - Trusted Firmware M: Introduction par
HKG18-212 - Trusted Firmware M: IntroductionHKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: IntroductionLinaro
2.2K vues22 diapositives
U-boot and Android Verified Boot 2.0 par
U-boot and Android Verified Boot 2.0U-boot and Android Verified Boot 2.0
U-boot and Android Verified Boot 2.0GlobalLogic Ukraine
7.9K vues26 diapositives
Qemu Introduction par
Qemu IntroductionQemu Introduction
Qemu IntroductionChiawei Wang
5.3K vues52 diapositives
ALSF13: Xen on ARM - Virtualization for the Automotive Industry - Stefano Sta... par
ALSF13: Xen on ARM - Virtualization for the Automotive Industry - Stefano Sta...ALSF13: Xen on ARM - Virtualization for the Automotive Industry - Stefano Sta...
ALSF13: Xen on ARM - Virtualization for the Automotive Industry - Stefano Sta...The Linux Foundation
4.6K vues27 diapositives
LCU14 500 ARM Trusted Firmware par
LCU14 500 ARM Trusted FirmwareLCU14 500 ARM Trusted Firmware
LCU14 500 ARM Trusted FirmwareLinaro
11.9K vues10 diapositives

Contenu connexe

Tendances

ARMv8-M TrustZone: A New Security Feature for Embedded Systems (FFRI Monthly ... par
ARMv8-M TrustZone: A New Security Feature for Embedded Systems (FFRI Monthly ...ARMv8-M TrustZone: A New Security Feature for Embedded Systems (FFRI Monthly ...
ARMv8-M TrustZone: A New Security Feature for Embedded Systems (FFRI Monthly ...FFRI, Inc.
1.5K vues12 diapositives
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall... par
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...The Linux Foundation
3.5K vues41 diapositives
Trusted firmware deep_dive_v1.0_ par
Trusted firmware deep_dive_v1.0_Trusted firmware deep_dive_v1.0_
Trusted firmware deep_dive_v1.0_Linaro
10K vues55 diapositives
LAS16-402: ARM Trusted Firmware – from Enterprise to Embedded par
LAS16-402: ARM Trusted Firmware – from Enterprise to EmbeddedLAS16-402: ARM Trusted Firmware – from Enterprise to Embedded
LAS16-402: ARM Trusted Firmware – from Enterprise to EmbeddedLinaro
3.4K vues26 diapositives
BitVisor Summit 11「2. BitVisor on Aarch64」 par
BitVisor Summit 11「2. BitVisor on Aarch64」BitVisor Summit 11「2. BitVisor on Aarch64」
BitVisor Summit 11「2. BitVisor on Aarch64」BitVisor
75 vues42 diapositives
DPDK IPSec performance benchmark ~ Georgii Tkachuk par
DPDK IPSec performance benchmark ~ Georgii TkachukDPDK IPSec performance benchmark ~ Georgii Tkachuk
DPDK IPSec performance benchmark ~ Georgii TkachukIntel
1.6K vues18 diapositives

Tendances(20)

ARMv8-M TrustZone: A New Security Feature for Embedded Systems (FFRI Monthly ... par FFRI, Inc.
ARMv8-M TrustZone: A New Security Feature for Embedded Systems (FFRI Monthly ...ARMv8-M TrustZone: A New Security Feature for Embedded Systems (FFRI Monthly ...
ARMv8-M TrustZone: A New Security Feature for Embedded Systems (FFRI Monthly ...
FFRI, Inc.1.5K vues
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall... par The Linux Foundation
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...
The Linux Foundation3.5K vues
Trusted firmware deep_dive_v1.0_ par Linaro
Trusted firmware deep_dive_v1.0_Trusted firmware deep_dive_v1.0_
Trusted firmware deep_dive_v1.0_
Linaro10K vues
LAS16-402: ARM Trusted Firmware – from Enterprise to Embedded par Linaro
LAS16-402: ARM Trusted Firmware – from Enterprise to EmbeddedLAS16-402: ARM Trusted Firmware – from Enterprise to Embedded
LAS16-402: ARM Trusted Firmware – from Enterprise to Embedded
Linaro3.4K vues
BitVisor Summit 11「2. BitVisor on Aarch64」 par BitVisor
BitVisor Summit 11「2. BitVisor on Aarch64」BitVisor Summit 11「2. BitVisor on Aarch64」
BitVisor Summit 11「2. BitVisor on Aarch64」
BitVisor75 vues
DPDK IPSec performance benchmark ~ Georgii Tkachuk par Intel
DPDK IPSec performance benchmark ~ Georgii TkachukDPDK IPSec performance benchmark ~ Georgii Tkachuk
DPDK IPSec performance benchmark ~ Georgii Tkachuk
Intel1.6K vues
GPU Virtualization in Embedded Automotive Solutions par GlobalLogic Ukraine
GPU Virtualization in Embedded Automotive SolutionsGPU Virtualization in Embedded Automotive Solutions
GPU Virtualization in Embedded Automotive Solutions
GlobalLogic Ukraine2.2K vues
Embedded_Linux_Booting par Rashila Rr
Embedded_Linux_BootingEmbedded_Linux_Booting
Embedded_Linux_Booting
Rashila Rr513 vues
Bare-Metal Hypervisor as a Platform for Innovation par The Linux Foundation
Bare-Metal Hypervisor as a Platform for InnovationBare-Metal Hypervisor as a Platform for Innovation
Bare-Metal Hypervisor as a Platform for Innovation
The Linux Foundation3.7K vues
ARM Trusted FirmwareのBL31を単体で使う! par Mr. Vengineer
ARM Trusted FirmwareのBL31を単体で使う!ARM Trusted FirmwareのBL31を単体で使う!
ARM Trusted FirmwareのBL31を単体で使う!
Mr. Vengineer13K vues
Qemu par Koganti Ravikumar
QemuQemu
Qemu
Koganti Ravikumar2.6K vues
Using QEMU for cross development par Tetsuyuki Kobayashi
Using QEMU for cross developmentUsing QEMU for cross development
Using QEMU for cross development
Tetsuyuki Kobayashi2.8K vues
Implementing a UEFI BIOS into an Embedded System par insydesoftware
Implementing a UEFI BIOS into an Embedded SystemImplementing a UEFI BIOS into an Embedded System
Implementing a UEFI BIOS into an Embedded System
insydesoftware108.4K vues
Play with UEFI par Takuya ASADA
Play with UEFIPlay with UEFI
Play with UEFI
Takuya ASADA7.6K vues
[CB19] Attacking DRM subsystem to gain kernel privilege on Chromebooks by Di ... par CODE BLUE
[CB19] Attacking DRM subsystem to gain kernel privilege on Chromebooks by Di ...[CB19] Attacking DRM subsystem to gain kernel privilege on Chromebooks by Di ...
[CB19] Attacking DRM subsystem to gain kernel privilege on Chromebooks by Di ...
CODE BLUE603 vues
Diving into SWUpdate: adding new platform support in 30minutes with Yocto/OE ! par Pierre-jean Texier
Diving into SWUpdate: adding new platform support in 30minutes with Yocto/OE !Diving into SWUpdate: adding new platform support in 30minutes with Yocto/OE !
Diving into SWUpdate: adding new platform support in 30minutes with Yocto/OE !
Pierre-jean Texier949 vues
Openwrt frontend backend par 晓东 杜
Openwrt frontend backendOpenwrt frontend backend
Openwrt frontend backend
晓东 杜759 vues
Develop Your Own Operating Systems using Cheap ARM Boards par National Cheng Kung University
Develop Your Own Operating Systems using Cheap ARM BoardsDevelop Your Own Operating Systems using Cheap ARM Boards
Develop Your Own Operating Systems using Cheap ARM Boards
National Cheng Kung University14.2K vues
java vs C# par Shivalik college of engineering
java vs C#java vs C#
java vs C#
Shivalik college of engineering1.7K vues
How to Improve Your Image Builds Using Advance Docker Build par Docker, Inc.
How to Improve Your Image Builds Using Advance Docker BuildHow to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker Build
Docker, Inc.1.2K vues

Similaire à HKG18-223 - Trusted FirmwareM: Trusted boot

LCA14: LCA14-502: The way to a generic TrustZone® solution par
LCA14: LCA14-502: The way to a generic TrustZone® solutionLCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solutionLinaro
6.4K vues16 diapositives
Security Consideration for Set-top box SoC par
Security Consideration for Set-top box SoCSecurity Consideration for Set-top box SoC
Security Consideration for Set-top box SoCWesley Li
612 vues8 diapositives
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4 par
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4Qualcomm Developer Network
2K vues49 diapositives
Windows 7 professional Vs Windows 7 enterprise par
Windows 7 professional Vs Windows 7 enterpriseWindows 7 professional Vs Windows 7 enterprise
Windows 7 professional Vs Windows 7 enterprise247infotech
20.3K vues10 diapositives
Top 10 secure boot mistakes par
Top 10 secure boot mistakesTop 10 secure boot mistakes
Top 10 secure boot mistakesJustin Black
213 vues23 diapositives
CSF18 - GDPR - Sami Laiho par
CSF18 - GDPR - Sami LaihoCSF18 - GDPR - Sami Laiho
CSF18 - GDPR - Sami LaihoNCCOMMS
222 vues140 diapositives

Similaire à HKG18-223 - Trusted FirmwareM: Trusted boot(20)

LCA14: LCA14-502: The way to a generic TrustZone® solution par Linaro
LCA14: LCA14-502: The way to a generic TrustZone® solutionLCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solution
Linaro6.4K vues
Security Consideration for Set-top box SoC par Wesley Li
Security Consideration for Set-top box SoCSecurity Consideration for Set-top box SoC
Security Consideration for Set-top box SoC
Wesley Li612 vues
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4 par Qualcomm Developer Network
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
Qualcomm Developer Network2K vues
Windows 7 professional Vs Windows 7 enterprise par 247infotech
Windows 7 professional Vs Windows 7 enterpriseWindows 7 professional Vs Windows 7 enterprise
Windows 7 professional Vs Windows 7 enterprise
247infotech20.3K vues
Top 10 secure boot mistakes par Justin Black
Top 10 secure boot mistakesTop 10 secure boot mistakes
Top 10 secure boot mistakes
Justin Black213 vues
CSF18 - GDPR - Sami Laiho par NCCOMMS
CSF18 - GDPR - Sami LaihoCSF18 - GDPR - Sami Laiho
CSF18 - GDPR - Sami Laiho
NCCOMMS222 vues
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE par Linaro
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEEBKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
Linaro10.6K vues
CSF18 - BitLocker Deep Dive - Sami Laiho par NCCOMMS
CSF18 - BitLocker Deep Dive - Sami LaihoCSF18 - BitLocker Deep Dive - Sami Laiho
CSF18 - BitLocker Deep Dive - Sami Laiho
NCCOMMS590 vues
Review of Hardware based solutions for trusted cloud computing.pptx par ssusere142fe
Review of Hardware based solutions for trusted cloud computing.pptxReview of Hardware based solutions for trusted cloud computing.pptx
Review of Hardware based solutions for trusted cloud computing.pptx
ssusere142fe71 vues
Easily emulating full systems on amazon fpg as par RISC-V International
Easily emulating full systems on amazon fpg asEasily emulating full systems on amazon fpg as
Easily emulating full systems on amazon fpg as
RISC-V International116 vues
Implementing Trusted Endpoints in the Mobile World par LINE Corporation
Implementing Trusted Endpoints in the Mobile WorldImplementing Trusted Endpoints in the Mobile World
Implementing Trusted Endpoints in the Mobile World
LINE Corporation5.5K vues
TC and TPM.ppt par yhaxpsos
TC and TPM.pptTC and TPM.ppt
TC and TPM.ppt
yhaxpsos10 vues
HKG18-113- Secure Data Path work with i.MX8M par Linaro
HKG18-113- Secure Data Path work with i.MX8MHKG18-113- Secure Data Path work with i.MX8M
HKG18-113- Secure Data Path work with i.MX8M
Linaro1.4K vues
eFolder Expert Series Webinar - BDR Do's and Dont's: Featuring Andrew Bensing... par eFolder
eFolder Expert Series Webinar - BDR Do's and Dont's: Featuring Andrew Bensing...eFolder Expert Series Webinar - BDR Do's and Dont's: Featuring Andrew Bensing...
eFolder Expert Series Webinar - BDR Do's and Dont's: Featuring Andrew Bensing...
eFolder455 vues
Managing bitlocker with MBAM par Olav Tvedt
Managing bitlocker with MBAMManaging bitlocker with MBAM
Managing bitlocker with MBAM
Olav Tvedt9.2K vues
XPDS16: Display Handler, a Client Display Framework for Xen - Brendan Kerrig... par The Linux Foundation
XPDS16: Display Handler, a Client Display Framework for Xen - Brendan Kerrig...XPDS16: Display Handler, a Client Display Framework for Xen - Brendan Kerrig...
XPDS16: Display Handler, a Client Display Framework for Xen - Brendan Kerrig...
The Linux Foundation775 vues
Platform Security Summit 18: Xen Security Weather Report 2018 par The Linux Foundation
Platform Security Summit 18: Xen Security Weather Report 2018Platform Security Summit 18: Xen Security Weather Report 2018
Platform Security Summit 18: Xen Security Weather Report 2018
The Linux Foundation413 vues
Thesis presentation par CHIACHE lee
Thesis presentationThesis presentation
Thesis presentation
CHIACHE lee440 vues
Opening last bits of the infrastructure par Erwan Velu
Opening last bits of the infrastructureOpening last bits of the infrastructure
Opening last bits of the infrastructure
Erwan Velu441 vues
Confidential compute with hyperledger fabric .v17 par LennartF
Confidential compute with hyperledger fabric .v17Confidential compute with hyperledger fabric .v17
Confidential compute with hyperledger fabric .v17
LennartF220 vues

Plus de Linaro

Deep Learning Neural Network Acceleration at the Edge - Andrea Gallo par
Deep Learning Neural Network Acceleration at the Edge - Andrea GalloDeep Learning Neural Network Acceleration at the Edge - Andrea Gallo
Deep Learning Neural Network Acceleration at the Edge - Andrea GalloLinaro
7K vues54 diapositives
Arm Architecture HPC Workshop Santa Clara 2018 - Kanta Vekaria par
Arm Architecture HPC Workshop Santa Clara 2018 - Kanta VekariaArm Architecture HPC Workshop Santa Clara 2018 - Kanta Vekaria
Arm Architecture HPC Workshop Santa Clara 2018 - Kanta VekariaLinaro
3K vues8 diapositives
Huawei’s requirements for the ARM based HPC solution readiness - Joshua Mora par
Huawei’s requirements for the ARM based HPC solution readiness - Joshua MoraHuawei’s requirements for the ARM based HPC solution readiness - Joshua Mora
Huawei’s requirements for the ARM based HPC solution readiness - Joshua MoraLinaro
3.7K vues20 diapositives
Bud17 113: distribution ci using qemu and open qa par
Bud17 113: distribution ci using qemu and open qaBud17 113: distribution ci using qemu and open qa
Bud17 113: distribution ci using qemu and open qaLinaro
662 vues63 diapositives
OpenHPC Automation with Ansible - Renato Golin - Linaro Arm HPC Workshop 2018 par
OpenHPC Automation with Ansible - Renato Golin - Linaro Arm HPC Workshop 2018OpenHPC Automation with Ansible - Renato Golin - Linaro Arm HPC Workshop 2018
OpenHPC Automation with Ansible - Renato Golin - Linaro Arm HPC Workshop 2018Linaro
2.3K vues16 diapositives
HPC network stack on ARM - Linaro HPC Workshop 2018 par
HPC network stack on ARM - Linaro HPC Workshop 2018HPC network stack on ARM - Linaro HPC Workshop 2018
HPC network stack on ARM - Linaro HPC Workshop 2018Linaro
2.6K vues21 diapositives

Plus de Linaro(20)

Deep Learning Neural Network Acceleration at the Edge - Andrea Gallo par Linaro
Deep Learning Neural Network Acceleration at the Edge - Andrea GalloDeep Learning Neural Network Acceleration at the Edge - Andrea Gallo
Deep Learning Neural Network Acceleration at the Edge - Andrea Gallo
Linaro7K vues
Arm Architecture HPC Workshop Santa Clara 2018 - Kanta Vekaria par Linaro
Arm Architecture HPC Workshop Santa Clara 2018 - Kanta VekariaArm Architecture HPC Workshop Santa Clara 2018 - Kanta Vekaria
Arm Architecture HPC Workshop Santa Clara 2018 - Kanta Vekaria
Linaro3K vues
Huawei’s requirements for the ARM based HPC solution readiness - Joshua Mora par Linaro
Huawei’s requirements for the ARM based HPC solution readiness - Joshua MoraHuawei’s requirements for the ARM based HPC solution readiness - Joshua Mora
Huawei’s requirements for the ARM based HPC solution readiness - Joshua Mora
Linaro3.7K vues
Bud17 113: distribution ci using qemu and open qa par Linaro
Bud17 113: distribution ci using qemu and open qaBud17 113: distribution ci using qemu and open qa
Bud17 113: distribution ci using qemu and open qa
Linaro662 vues
OpenHPC Automation with Ansible - Renato Golin - Linaro Arm HPC Workshop 2018 par Linaro
OpenHPC Automation with Ansible - Renato Golin - Linaro Arm HPC Workshop 2018OpenHPC Automation with Ansible - Renato Golin - Linaro Arm HPC Workshop 2018
OpenHPC Automation with Ansible - Renato Golin - Linaro Arm HPC Workshop 2018
Linaro2.3K vues
HPC network stack on ARM - Linaro HPC Workshop 2018 par Linaro
HPC network stack on ARM - Linaro HPC Workshop 2018HPC network stack on ARM - Linaro HPC Workshop 2018
HPC network stack on ARM - Linaro HPC Workshop 2018
Linaro2.6K vues
It just keeps getting better - SUSE enablement for Arm - Linaro HPC Workshop ... par Linaro
It just keeps getting better - SUSE enablement for Arm - Linaro HPC Workshop ...It just keeps getting better - SUSE enablement for Arm - Linaro HPC Workshop ...
It just keeps getting better - SUSE enablement for Arm - Linaro HPC Workshop ...
Linaro1.9K vues
Intelligent Interconnect Architecture to Enable Next Generation HPC - Linaro ... par Linaro
Intelligent Interconnect Architecture to Enable Next Generation HPC - Linaro ...Intelligent Interconnect Architecture to Enable Next Generation HPC - Linaro ...
Intelligent Interconnect Architecture to Enable Next Generation HPC - Linaro ...
Linaro2.4K vues
Yutaka Ishikawa - Post-K and Arm HPC Ecosystem - Linaro Arm HPC Workshop Sant... par Linaro
Yutaka Ishikawa - Post-K and Arm HPC Ecosystem - Linaro Arm HPC Workshop Sant...Yutaka Ishikawa - Post-K and Arm HPC Ecosystem - Linaro Arm HPC Workshop Sant...
Yutaka Ishikawa - Post-K and Arm HPC Ecosystem - Linaro Arm HPC Workshop Sant...
Linaro2.4K vues
Andrew J Younge - Vanguard Astra - Petascale Arm Platform for U.S. DOE/ASC Su... par Linaro
Andrew J Younge - Vanguard Astra - Petascale Arm Platform for U.S. DOE/ASC Su...Andrew J Younge - Vanguard Astra - Petascale Arm Platform for U.S. DOE/ASC Su...
Andrew J Younge - Vanguard Astra - Petascale Arm Platform for U.S. DOE/ASC Su...
Linaro2.7K vues
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline par Linaro
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainlineHKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline
Linaro4.4K vues
HKG18-100K1 - George Grey: Opening Keynote par Linaro
HKG18-100K1 - George Grey: Opening KeynoteHKG18-100K1 - George Grey: Opening Keynote
HKG18-100K1 - George Grey: Opening Keynote
Linaro839 vues
HKG18-318 - OpenAMP Workshop par Linaro
HKG18-318 - OpenAMP WorkshopHKG18-318 - OpenAMP Workshop
HKG18-318 - OpenAMP Workshop
Linaro608 vues
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline par Linaro
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainlineHKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline
Linaro866 vues
HKG18-315 - Why the ecosystem is a wonderful thing, warts and all par Linaro
HKG18-315 - Why the ecosystem is a wonderful thing, warts and allHKG18-315 - Why the ecosystem is a wonderful thing, warts and all
HKG18-315 - Why the ecosystem is a wonderful thing, warts and all
Linaro219 vues
HKG18- 115 - Partitioning ARM Systems with the Jailhouse Hypervisor par Linaro
HKG18- 115 - Partitioning ARM Systems with the Jailhouse HypervisorHKG18- 115 - Partitioning ARM Systems with the Jailhouse Hypervisor
HKG18- 115 - Partitioning ARM Systems with the Jailhouse Hypervisor
Linaro1.5K vues
HKG18-TR08 - Upstreaming SVE in QEMU par Linaro
HKG18-TR08 - Upstreaming SVE in QEMUHKG18-TR08 - Upstreaming SVE in QEMU
HKG18-TR08 - Upstreaming SVE in QEMU
Linaro476 vues
HKG18-120 - Devicetree Schema Documentation and Validation par Linaro
HKG18-120 - Devicetree Schema Documentation and Validation HKG18-120 - Devicetree Schema Documentation and Validation
HKG18-120 - Devicetree Schema Documentation and Validation
Linaro1.3K vues
HKG18-500K1 - Keynote: Dileep Bhandarkar - Emerging Computing Trends in the D... par Linaro
HKG18-500K1 - Keynote: Dileep Bhandarkar - Emerging Computing Trends in the D...HKG18-500K1 - Keynote: Dileep Bhandarkar - Emerging Computing Trends in the D...
HKG18-500K1 - Keynote: Dileep Bhandarkar - Emerging Computing Trends in the D...
Linaro243 vues
HKG18-317 - Arm Server Ready Program par Linaro
HKG18-317 - Arm Server Ready ProgramHKG18-317 - Arm Server Ready Program
HKG18-317 - Arm Server Ready Program
Linaro1.1K vues

Dernier

Uni Systems for Power Platform.pptx par
Uni Systems for Power Platform.pptxUni Systems for Power Platform.pptx
Uni Systems for Power Platform.pptxUni Systems S.M.S.A.
56 vues21 diapositives
virtual reality.pptx par
virtual reality.pptxvirtual reality.pptx
virtual reality.pptxG036GaikwadSnehal
11 vues15 diapositives
ESPC 2023 - Protect and Govern your Sensitive Data with Microsoft Purview in ... par
ESPC 2023 - Protect and Govern your Sensitive Data with Microsoft Purview in ...ESPC 2023 - Protect and Govern your Sensitive Data with Microsoft Purview in ...
ESPC 2023 - Protect and Govern your Sensitive Data with Microsoft Purview in ...Jasper Oosterveld
18 vues49 diapositives
Vertical User Stories par
Vertical User StoriesVertical User Stories
Vertical User StoriesMoisés Armani Ramírez
14 vues16 diapositives
Data Integrity for Banking and Financial Services par
Data Integrity for Banking and Financial ServicesData Integrity for Banking and Financial Services
Data Integrity for Banking and Financial ServicesPrecisely
21 vues26 diapositives
Powerful Google developer tools for immediate impact! (2023-24) par
Powerful Google developer tools for immediate impact! (2023-24)Powerful Google developer tools for immediate impact! (2023-24)
Powerful Google developer tools for immediate impact! (2023-24)wesley chun
10 vues38 diapositives

Dernier(20)

Uni Systems for Power Platform.pptx par Uni Systems S.M.S.A.
Uni Systems for Power Platform.pptxUni Systems for Power Platform.pptx
Uni Systems for Power Platform.pptx
Uni Systems S.M.S.A.56 vues
virtual reality.pptx par G036GaikwadSnehal
virtual reality.pptxvirtual reality.pptx
virtual reality.pptx
G036GaikwadSnehal11 vues
ESPC 2023 - Protect and Govern your Sensitive Data with Microsoft Purview in ... par Jasper Oosterveld
ESPC 2023 - Protect and Govern your Sensitive Data with Microsoft Purview in ...ESPC 2023 - Protect and Govern your Sensitive Data with Microsoft Purview in ...
ESPC 2023 - Protect and Govern your Sensitive Data with Microsoft Purview in ...
Jasper Oosterveld18 vues
Vertical User Stories par Moisés Armani Ramírez
Vertical User StoriesVertical User Stories
Vertical User Stories
Moisés Armani Ramírez14 vues
Data Integrity for Banking and Financial Services par Precisely
Data Integrity for Banking and Financial ServicesData Integrity for Banking and Financial Services
Data Integrity for Banking and Financial Services
Precisely21 vues
Powerful Google developer tools for immediate impact! (2023-24) par wesley chun
Powerful Google developer tools for immediate impact! (2023-24)Powerful Google developer tools for immediate impact! (2023-24)
Powerful Google developer tools for immediate impact! (2023-24)
wesley chun10 vues
iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas... par Bernd Ruecker
iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas...iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas...
iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas...
Bernd Ruecker37 vues
Info Session November 2023.pdf par AleksandraKoprivica4
Info Session November 2023.pdfInfo Session November 2023.pdf
Info Session November 2023.pdf
AleksandraKoprivica412 vues
GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N... par James Anderson
GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N...GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N...
GDG Cloud Southlake 28 Brad Taylor and Shawn Augenstein Old Problems in the N...
James Anderson85 vues
Five Things You SHOULD Know About Postman par Postman
Five Things You SHOULD Know About PostmanFive Things You SHOULD Know About Postman
Five Things You SHOULD Know About Postman
Postman33 vues
The Research Portal of Catalonia: Growing more (information) & more (services) par CSUC - Consorci de Serveis Universitaris de Catalunya
The Research Portal of Catalonia: Growing more (information) & more (services)The Research Portal of Catalonia: Growing more (information) & more (services)
The Research Portal of Catalonia: Growing more (information) & more (services)
CSUC - Consorci de Serveis Universitaris de Catalunya80 vues
HTTP headers that make your website go faster - devs.gent November 2023 par Thijs Feryn
HTTP headers that make your website go faster - devs.gent November 2023HTTP headers that make your website go faster - devs.gent November 2023
HTTP headers that make your website go faster - devs.gent November 2023
Thijs Feryn22 vues
PRODUCT LISTING.pptx par angelicacueva6
PRODUCT LISTING.pptxPRODUCT LISTING.pptx
PRODUCT LISTING.pptx
angelicacueva614 vues
STPI OctaNE CoE Brochure.pdf par madhurjyapb
STPI OctaNE CoE Brochure.pdfSTPI OctaNE CoE Brochure.pdf
STPI OctaNE CoE Brochure.pdf
madhurjyapb14 vues
【USB韌體設計課程】精選講義節錄-USB的列舉過程_艾鍗學院 par IttrainingIttraining
【USB韌體設計課程】精選講義節錄-USB的列舉過程_艾鍗學院【USB韌體設計課程】精選講義節錄-USB的列舉過程_艾鍗學院
【USB韌體設計課程】精選講義節錄-USB的列舉過程_艾鍗學院
IttrainingIttraining52 vues
Business Analyst Series 2023 - Week 3 Session 5 par DianaGray10
Business Analyst Series 2023 - Week 3 Session 5Business Analyst Series 2023 - Week 3 Session 5
Business Analyst Series 2023 - Week 3 Session 5
DianaGray10248 vues
Melek BEN MAHMOUD.pdf par MelekBenMahmoud
Melek BEN MAHMOUD.pdfMelek BEN MAHMOUD.pdf
Melek BEN MAHMOUD.pdf
MelekBenMahmoud14 vues
Evolving the Network Automation Journey from Python to Platforms par Network Automation Forum
Evolving the Network Automation Journey from Python to PlatformsEvolving the Network Automation Journey from Python to Platforms
Evolving the Network Automation Journey from Python to Platforms
Network Automation Forum13 vues
Igniting Next Level Productivity with AI-Infused Data Integration Workflows par Safe Software
Igniting Next Level Productivity with AI-Infused Data Integration Workflows Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Safe Software263 vues
Case Study Copenhagen Energy and Business Central.pdf par Aitana
Case Study Copenhagen Energy and Business Central.pdfCase Study Copenhagen Energy and Business Central.pdf
Case Study Copenhagen Energy and Business Central.pdf
Aitana16 vues

HKG18-223 - Trusted FirmwareM: Trusted boot

  • 1. Confidential © 2017 Arm Limited Trusted Firmware M Trusted Boot Tamas Ban Linaro 2018​ Arm
  • 2. Non-Confidential © Arm 20182 Agenda • Concept of trusted boot • Bootloader in TF-M • Firmware upgrade • Alternatives for upgrade • Alternatives for crypto • Plans • Q&A
  • 3. Non-Confidential © Arm 20183 What is trusted environment? An integrated execution environment(HW + SW) which can protect valuable assets against extraction: • Sensitive user data • Crypto keys • Firmware itself, etc. Hardware Trusted Env.
  • 4. Non-Confidential © Arm 20184 Introduction to trusted bootloader concept What? Why? How? SW whose aim is to verify the origin and integrity of other SW components which run on the target system. • Bootloader runs as soon as system is released from reset prior any other SW. In case of successful authentication it passes execution to the runtime firmware. One wants to ensure that only a certain set of SW, without any external modification, can run on a particular device. • Device contains sensitive assets which could be extracted with the usage of malicious SW. Device contains immutable SW and data, which can be used for authentication: • Integrity of SW: – Checking hash value • Origin of SW: – Checking digital signature
  • 5. Non-Confidential © Arm 20185 Considerations at selection of bootloader Secure boot requirements PSA spec defines boot and firmware update requirements: • Support for firmware upgrade • Support for chain-of-trust • Support for NIST or NSA approved cryptographic algorithm: SHA2, RSA, ECDSA, HMAC, KDF • Etc. Device constraints Device constraints mandate `yet-another` bootloader: • Usually less than 1 MB flash memory for code • Usually less than 256 KB RAM for data • Usage of cryptographic accelerator HW component • Computing power • No MMU, no memory virtualization • Power failure awareness • Etc.
  • 6. Non-Confidential © Arm 20186 Bootloader in TF-M MCUBoot is utilized to act as BL2 in TF-M: • Open source project with Apache 2.0 licensing • Low memory footprint; designed for 32 bit microcontrollers • Running from flash(currently XIP) • Several secure boot features are supported for firmware authentication: SHA256, RSA- 2048, (ECDSA) • Usage of 3rd party libraries for cryptographic operations: mbedTLS, (TinyCrypt) • Firmware update with image swapping • Power failure resistant upgrade • Fallback mechanism to stable version
  • 7. Non-Confidential © Arm 20187 First bootloader release MCUBoot integrated within TF-M repository: Customized to be OS agnostic Currently SHA256 and RSA-2048 are supported SPE and NSPE are concatenated to a single binary blob Hash and digital signature tooling and runtime check Software Upgrade prototype as proof of concept: • Emulating flash interface and behaviour over code SRAM System constraints: • No support for image size that does not fit in available RAM • CoT reduced to verify SPE and NSPE in the same go
  • 8. Non-Confidential © Arm 20188 Immutable BL1 code Chain of trust Hash BL2 image SIP/OEM Root of Trust Public Key (ROTPK) OEM/Developer Public Key(s) Use CA public key if supporting certificate revocation Check signature Public image signing keys can be rotated Check integrity NSPE image SPE image Check signature Public key Public key(s) Check signature
  • 9. Non-Confidential © Arm 20189 RTOS & Application Boot process Stage PSA (not mandatory) TF-M BL1 Immutable boot code in ROM Boot code in eFlash BL2 NSPESPE Secure runtime firmware Verify Load Start Core SPM Secure services TBD Verify Load Start Verify Load Start RTOS & Application BL2 MCUBoot Start Start Verify combined hash and signature
  • 10. Non-Confidential © Arm 201810 Basic operation and memory layout
  • 11. Non-Confidential © Arm 201811 6.) Copy scratch to Slot_0 3.) Erease Slot_1 Image swapping • Code linked to Slot_0 memory space • Divided into rounds • Scratch-sized data is moved in one go • Status info saved after each round • Power failure safe Slot_1_Sector_2 Slot_1_Sector_N Slot_1_Sector_3 Active image Slot_0 New image Slot_1 Slot_0_Sector_2 Slot_0_Sector_N Slot_0_Sector_3 Scratch area 1.) Erease scratch Sector_0 Sector_1 Slot_0_Sector_0 Slot_0_Sector_1 Slot_1_Sector_0 Slot_1_Sector_1 2.) Copy Slot_1 to scratch 4.) Copy Slot_1 to scratch 5.) Erease Slot_0 Slot_1_Sector_1 Slot_1_Sector_0 Save swap status info Slot_1_Sector_0 Slot_1_Sector_1 Slot_0_Sector_0 Slot_0_Sector_1 Slot_1_Sector_1 Slot_1_Sector_0
  • 12. Non-Confidential © Arm 201812 Firmware upgrade • Upgrade is a task of runtime FW • Potentially split between NSPE and SPE • XIP images
  • 13. Non-Confidential © Arm 201813 Image fallback • Store previous image • Health-check new image with BIST • Self confirmation • Reboot in case of failure • Revert back stable image • Set rollback after confirmation
  • 14. Non-Confidential © Arm 201814 Design constraints Header size - VTOR alignment: • Device dependent 512-1024 bytes Image slot’s layout must be aligned Scratch area size: • Flash memory wear-out • At least as the largest block size Real image size smaller than image slot: • Image header, TLV, swap status info, etc. No recovery option, if both images are faulty
  • 15. Non-Confidential © Arm 201815 Common threats Threat Mitigation Implemented Malicious firmware sent to device Signed firmware images Yes Downgrade to old vulnerable version Version or fallback counters check Not yet* Persistent malware(rootkits) Immutable boot code and data(BL1) Not yet Remote bricking of the device Backup image Yes Attacker gets signing key Key revocation support Not yet* *: Planned to be addressed in 2018
  • 16. Non-Confidential © Arm 201816 Alternatives to image swapping Position independent code Pros: • Reduced P/E cycle leads to longer lifetime • Reduced BL complexity and code footprint • Reduced boot-up time(no swapping) Cons: • Might lead bigger firmware code footprint • Some compiler switches are not compatible with PIC code • Some C lib (Microlib) cannot be compiled to be PIC • Other constraints when compiling code to be PIC Dual image build Pros: • Reduced P/E cycle leads to longer lifetime • Reduced BL complexity and code footprint • Reduced boot-up time(no swapping) Cons: • More complex build process • Extra logic in update client
  • 17. Non-Confidential © Arm 201817 Alternatives to image swapping Execute from RAM Pros: • Reduced P/E cycle leads to longer lifetime • Faster firmware execution • Reduced BL complexity and code footprint Cons: • Usually infeasible: less RAM than ROM Off-chip storage Pros: • Reduced P/E cycle leads to longer lifetime • Reduced BL complexity and code footprint Cons: • Might be a security risk: when to verify signature? • Might require image encryption, increased code footprint(include AES) and boot-up time
  • 18. Non-Confidential © Arm 201818 Alternatives to image swapping Overwrite Pros: • Reduced P/E cycle leads to longer lifetime • No need for scratch space • Reduced BL complexity and code footprint Cons: • Risk of bricking the device because no revert possible
  • 19. Non-Confidential © Arm 201819 MCUBoot as PIC code Experiment to compile PIC code: • RO and RW position independent( --ropi, --rwpi) • Vector table and IRQ handlers must be in RAM • IRQ handling unavailable until vectors and handlers relocated to RAM • Image size increased: • 29KB -> 38KB; More std. C lib was compiled-in • Limitations on source code: • Constant pointer cannot be used • CMSE armclang flag is not compatible with ROPI • Microlib cannot be compiled to be position independent
  • 20. Non-Confidential © Arm 201820 Comparison of crypto algorithms RSA • Big key size: up to 15KB • 128 bit level of security: RSA-3072 • ROM size(mbedTLS): ~14KB • RAM usage(mbedTLS): ~7KB • Key generation: slower • Signature generation: slower • Signature verification time: faster ECC • Small key size: up to 512 bits • 128 bit level of security: ECC-256 • ROM size(mbedTLS): • RAM usage(mbedTLS): ~13KB • Key generation: faster • Signature generation: faster • Signature verification : slower Moving from RSA to ECC
  • 21. Non-Confidential © Arm 201821 „Speed up asymmetric crypto” Signature verification with RSA or ECC is time consuming Symmetric crypto can spare clock cycles Replace asym. crypto with symmetric: HMAC, CMAC, etc: • Previously verified images(upgrade time) can get a MAC, generated based on Hardware Unique Key(HUK) • At boot time this MAC is verified instead of original signature • Boot time can be significantly reduced Download new firmware Verify signature Deploy in flash Generate MAC Save to flash Reset device Bootloader checks MAC
  • 22. Non-Confidential © Arm 201822 Alternatives for crypto libraries HW accelerator: • Improved performance / reduced code footprint CryptoCell-312: • Symmetric and asymmetric crypto • Runtime library: use mbedTLS API • Boot library: – Signature verification – X509 certificate parsing – Image verification and optional decryption • Asset provisioning to OTP memory • Rollback counters
  • 23. Non-Confidential © Arm 201823 Bootloader plans PSA compliance: • Anti-rollback protection • Create interface between SPE and bootloaders • Add support of multiple chains of trust and might be certificates Explore possibilities to make BL2 updatable Integrate crypto HW accelerator (CC312) with BL2
  • 24. Non-Confidential © Arm 201824 How to get involved TF-A and TF-M master codebases • https://git.trustedfirmware.org/ TF-M Team @ Connect HKG18 • Abhishek Pandit • Ashutosh Singh • Tamas Ban • Miklos Balint Get in touch • Come round LITE hacking room between 3-4 pm Wednesday • Schedule a meeting via hkg18.pathable.com More info on developer.arm.com
  • 25. 2525 Confidential © 2017 Arm Limited Thank You! Danke! Merci! 谢谢! ありがとう! Gracias! Kiitos! 감사합니다 धन्यवाद
  • 26. Non-Confidential © Arm 201826 Supported platforms MCUBoot with TF-M can run on: • In simulator environment(FVP) on PC. • MPS2 development board with AN521 (Castor) FPGA image • MPS2 development board with AN519 (M23) FPGA image • Musca_A porting is in progress
  • 27. Non-Confidential © Arm 201827 Trailer(Swap status) BL2 - Bootloader Secure firmware Non-secure firmware Header TLV(SHA, DS) Secure firmware Non-secure firmware Header TLV(SHA, DS) SLOT_1 Placeholder for new image SLOT_0 Active image Scratch area Currently not updatable 0x0000... 0xXXXX... Used during image swapping
  • 28. Non-Confidential © Arm 201828 BL2 - Bootloader started Erase SLOT_1 Finalize aborted swap Initialize phase Authenticate SW in SLOT_1 Swap images between SLOT_0 and SLOT_1 Finalize image status info Pass execution to SPE in SLOT_0 CPU released from reset Is new SW in SLOT_1 Is there aborted swap? yes no yes Valid SW? no no
  • 29. Non-Confidential © Arm 201829 SPENSPE Update Client Trusted Update Function Firmware Storage Server Runtime firmware BL2 - Bootloader Slot_0 – Active Image Slot_1 – New imageLocal Storage 1. Download: - firmware - manifest 2. Authentication: - send manifest Keys NV counters 3. Provison new image 4. Reboot 5. Authenticate and swap images, start image in slot_0 Remote server
  • 30. Non-Confidential © Arm 201830 Old image New image Reboot New image Old image Test NOK New image Old image New image Old image Test OK Confirm New image Old image Reboot Old image New image Set rollback

Notes de l'éditeur

  1. Assumes a two stage bootloader Assumes Assumes certain kind of certificate chain, e.g. updating validation certificate for NSPE images requires updating BL2.