What does Hua Weihai think of the advantage of the safe starting mechanism of chip to have?

The safe starting mechanism that Hua Weihai considers chip is his integrality of safeguard equipment firmware, prevent distort and the status is legal core technology of the gender, have many sided distinct advantage, specific as follows:

1.Compose establishs authentic root, ensure the source that start is secure

The safe mechanism that start with the buy inside chipHardware accredit rootFor start (area of the silk that be like frit, safe memory) , this solidify when trusting the root leaves factory in chip, cannot distort or replace. All follow-up segment that start (wait like kernel of BootROM, bootstrap, operating system) the test and verify that needs to pass trustful root, form ” chain is trustful ” , from the risk that fountainhead puts an end to baleful code infuse or firmware is distorted.

2.Mutiple level test and verify, promotion atttacks a doorsill

Hai Saian is started completely useStatified mechanism of test and verify, the integrality desired result that the code of every phase that start wants to pass on one level (if breath out test and verify of sign one’s name of rare desired result, number) , and close key of test and verify pursues course controlled. For example:

• The first phase (BootROM) test and verify bootstrap of the 2nd phase (LK) autograph;
• Kernel of operating system of LK test and verify (Kernel) integrality;
• The kernel is farther the lawful sex of software of layer of application of test and verify.
• This kind multilayer class test and verify increased aggressor to bypass considerably the difficulty of safe mechanism, although some link is broken through, follow-up phase still can be offerred defend.

3.Hardware class defends, increase fight attack ability

The safe mechanism that start and chip hardware deepness are united in wedlock, pass special and safe module (be like safe engine, Jiamijia fast implement, prevent physics to distort circuit) implementation key operates (like test and verify of close key memory, autograph) hardware class protection:

• Close key memory is in the safe frit silk of chip interior or add close memory section, cannot read through software take or derive;
• The operation such as autograph test and verify, haing rare computation quickens module to finish by hardware, avoid to reveal sensitive data in memory, reduce the risk that is atttacked by side channel;
• Partial chip has physics to prevent distort design, if detect lid, voltage is unusual wait for attack, close key of can automatic destroy by melting or burning or lock decide chip.

4.Support agile configuration, comfortable match much setting demand

Hai Saian starts a mechanism to be able to apply setting according to differring completely (if consume equipment of step of plan of control of electron, industry, car,wait) undertake agile configuration:

• Support a variety of adding close algorithm (if Ha Xi of series of RSA, ECC, SHA is algorithmic) , can ask to choose according to security;
• Allow a manufacturer to define autograph close key and strategy of test and verify oneself, satisfy the identity attestation requirement of different equipment;
• Offer ” safety is started shut ” (need special limits of authority) wait for option, convenient development debugs the agile operation of level, produce level in the quantity at the same time compulsive open is highest and safe grade.

5.Defence diversification is atttacked, ensure safety of equipment complete lifecycle

This mechanism can resist effectively a variety of attack methods that are aimed at the link that start:

• Firmware distorts attack: The original version that through signing test and verify ensures the code that start and manufacturer release is identical, prevent by embedded and baleful program;
• Time roll attack: Support ” prevent time roll a mechanism ” (if pass version date desired result) , avoid equipment to be demoted to be put in the old version firmware of safe flaw;
• Supply catenary attack: Pass rigorous close key management and autograph mechanism, ensure the firm ability that passes accredit only releases lawful firmware, in preventing to supply chain, be replaced or embedded and baleful code;
• Physical attack: Combinative hardware defends, resist tear open solution, bougie to read through chip take wait for physical method filch close key or distort the attack of the flow that start.

6.Accord with occupation standard, aid force to add up to compasses sex attestation

Hai Saian starts a mechanism to accord with multinomial international and trade safety standard completely (wait like ISO 26262 of compasses of GCF, CE, 3GPP, car) , the device that assists embarking sea to consider chip passes of all kinds and safe attestation, apply to extremely tall to security demand domain (if financial terminal, car carries equipment of network of couplet of other people of system, industry,wait) , the application that extended chip is attrib border.

On put together, the safe starting mechanism that Hua Weihai considers chip is passed ” hardware root is trustful + statified test and verify + agile configuration + fight attack to design ” , for equipment from started the complete lifecycle that move to provide reliable safe safeguard, it is its chip the main technique that waits for a domain to win wide application in control of terminal of content couplet net, intelligence, industry is propped up.