Design And Verification Of Chip TEE Module Based On AMBA Protocol

With the increasing maturity and development of the mobile terminal market,security issues such as privacy leakage,malware,and Trojan horse viruses have gradually become the focus of attention.End users are no longer satisfied with data protection at the software level.More and more end users expect to be able to Realize the security protection of data from the chip level;on the other hand,the domestic chip manufacturing industry is catching up with the country' s vigorous development.According to relevant national plans,China' s chip self-sufficiency rate must reach 70%by 2025.With the strong support of the company,related technologies such as chip design and verification have all received the attention of scientific researchers.The Trusted Execution Environment(TEE)is a secure area on the main processor of the device.It protects data through hardware isolation technology to ensure the integrity,authenticity and confidentiality of the data.It is an important module in the chip structure.It is widely used in complex devices such as smart phones,wearable devices,tablet computers and TV set-top boxes.At present,the research on TEE at home and abroad mainly focuses on the related software design of TEE hardware architecture,such as trusted operating system,API interface design,etc.,And there are relatively few researches on the underlying hardware design of TEE.This article mainly studies the TEE hardware architecture design scheme based on the AMBA bus protocol,and realizes the design,simulation and verification of the TEE module.The thesis first analyzes the data risks in the mobile terminal and leads to the necessity of TEE;then introduces the related technology of the AMBA bus protocol and the related technology of TEE hardware design;then,based on the current commonly used chip architecture,it proposes the AMBA-based The TEE module design scheme of the bus completed the design of the TEE module;then a UVM verification platform was built for the designed TEE module,and the function simulation was carried out;finally,the FPGA prototype verification was carried out for the designed TEE module,and the designed TEE module was tested.The performance of the TEE module in actual application scenarios.The main work and innovations of the research are as follows:(1)In view of the fact that there are few cases of tee module on chip and the related design is closed source,we independently designed the tee module on chip based on AMBA bus protocol,including Axi bus,AHB bus and APB bus.The specific innovation is:for Axi bus,the user-defined signal is used to transmit the host's world For AHB bus,AHB extension bus is proposed,and two additional signal lines are introduced to transmit the host's world ID and the read-write legitimate signal returned to the slave;for APB bus,considering that there is only one host,APB bus is proposed through axi2apb Bridge module is mounted on Axi bus,and tee module on Axi bus protects APB bus.(2)The simulation platform of UVM is built for the designed tee module,and the operation mechanism of UVM is studied.By designing different input excitation,the output waveforms of main modules under different excitation are analyzed,and the functional correctness of tee module is verified.(3)Simulating the scene of mobile phone malicious app calling camera to capture face image illegally,a unique FPGA prototype verification system is designed for tee module.The FPGA prototype verification system takes image acquisition module as slave and VGA display module as host,covering all parts of tee module.At the same time,apb2iic module and related peripheral modules are designed independently.Finally,the designed module is run on Xilinx development board.The verification results show that the designed tee module has correct function on FPGA development board and has practical value.