Research And Implementation Of Trusted Boot Of RT-Thread Platform

With the rapid development of information technology such as big data,cloud computing and the Internet of Things,information security issues are increasingly prominent.The traditional CPU design doesn’t integrate the security measurement module,which may cause the core information of the system to be tampered with before startup,and threaten the security of the computer after startup.In the context of trusted computing 3.0 in China,the concept of autonomy,controllability,security and credibility is more prominent,and improving the security of computer systems is an important research direction.In order to break away from the complexity of cryptographic algorithm design when measuring the reliability of hardware,this paper combines the domestic operating system RT-Thread with trusted computing,avoids foreign technologies,designs a trusted cryptographic algorithm on the RT-Thread platform,builds a trusted boot framework,and implements a trusted boot strategy.The prerequisite for the implementation of the trusted boot strategy is the successful transplantation of the RT-Thread operating system on a certain hardware processor.The hardware processor relied on in this paper is the 32-bit RISC-V architecture soft-core processor designed by the project team members on FPGA,which supports UART,SPI,GPIO and other interfaces.Based on this,the main research contents of this paper are as follows:Build a cross compilation platform by modifying RT-Thread kernel files and writing suitable drivers to realize its migration on 32-bit RISC-V soft-core processors.The functions implemented in the migration process mainly include global interrupt switch function,context switch function,thread stack initialization function,etc.Modify the configuration files and parameters in board.c and libcpu;In addition,UART,I2 C,SPI and GPIO drivers are designed and transplanted in RT-Thread according to the requirements of trusted boot peripherals.The successful transplantation of RT-Thread and its peripherals has made full preparation for the implementation of the trusted boot strategy.Complete the implementation of the trusted boot strategy.Through the creation of SM2,SM3,and SM4 cryptographic algorithm threads in RT-Thread,set their thread priority,time slice,thread stack size,etc.,and design the cryptographic algorithm control function to realize the scheduling of different cryptographic algorithms.The cryptographic algorithms can communicate and call each other;The key functions and parameters involved in the implementation of the three cryptographic algorithms in the trusted module are analyzed;This paper discusses the trusted startup process and the handling of abnormal state in the BIOS controlled by the cryptographic algorithm.Test the transplanting of the RT-Thread operating system to the 32-bit RISC-V architecture soft-core processor.The operating system is successfully transplanted,and the UART,I2 C,SPI,and GPIO drivers can also be correctly identified;The encryption and decryption results of SM2,SM3 and SM4 cryptographic algorithms are verified to be correct;The trusted boot platform designed in this paper realizes power-on control and reset functions on the domestic motherboard Feiteng D2000;Test the performance of the system.The encryption and decryption speed is normal.The boot time has been extended,but the performance loss is within a reasonable range,which will not affect the user experience.The design of the trusted boot framework is reasonable and effective.