Embedded device safe starting scheme design method based on formalized verification

Abstract

The invention discloses a formalized verification-based embedded device security startup scheme design method, which comprises the following steps of: based on formalized analysis and verification, analyzing a threat model to obtain a security demand, establishing a formalized model on the basis of the security demand, and finally converting the formalized model into a security startup scheme. The invention provides a solution method based on formalized verification aiming at the security problem existing in the security starting process of the embedded system equipment and ensuring the availability and security of the security starting scheme of the embedded equipment through a theorem proving method in order to solve the security problem existing in the security starting process of the embedded system equipment. The method systematically and comprehensively analyzes problems in the safe starting process, provides a specific safe starting scheme design, and provides availability and safety proof of a specific scheme by using a theorem proof method, so that threats in the safe starting process can be quickly solved, and the safety of the safe starting process is improved. And the safety and the reliability of the scheme are proved theoretically.

Description

technical field [0001] The invention relates to the field of formal methods, in particular to a method for designing a safe startup scheme of an embedded device based on formal verification. Background technique [0002] In recent years, with the advent of the Internet of Everything era, all kinds of intelligent embedded devices have become more and more widely used in our daily life, even in key medical, automatic driving, aerospace, rail transit and other fields. Large-scale deployment provides users with a variety of convenient services. However, embedded devices deployed in actual application scenarios usually have the characteristics of massive, heterogeneous, and limited resources (for example, they do not support additional hardware security features such as TPS, HSM, and SGX enclave), which makes these devices easily exist and can be Vulnerabilities exploited by attackers. Once the data stored in an embedded device is stolen or tampered with, it may not only cause ...

AI Technical Summary

Problems solved by technology

Therefore, after the boot processor wakes up the application processor, the attacker can obtain the same level of authority as the boot processor, and even tamper with the system runtime data, which poses a great security threat to the system.

[0007] (2) Although the application of formalized related technologies is becoming more and more extensive, few people apply it to the proof of secure boot, resulting in the lack of strict proofs in most of the existing boot schemes, so there may be neglected Logic flaws or potential loopholes

In recent years, the current industry and academia have begun to realize the importance and value of formal analysis and proof of equipment start-up schemes, and have carried out active and beneficial explorations, but the current research in this field is still in its infancy

Images