TrustBUF：實作於TF-M的共享緩衝區溝通方法;TrustBUF: A Secure Shared Buffer Communication Method on TF-M

NCUIR > College of Electrical Engineering & Computer Science > Graduate Institute of Computer Science and Information Engineering > Electronic Thesis & Dissertation > Item 987654321/95610

Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/95610

Title:	TrustBUF：實作於TF-M的共享緩衝區溝通方法;TrustBUF: A Secure Shared Buffer Communication Method on TF-M
Authors:	黃浩洋;Huang, Hao-Yang
Contributors:	資訊工程學系
Keywords:	IoT 安全;可信執行環境;TrustZone -M;Trusted Firmware-M;電腦安全;IoT Security;Trusted Execution Environment;TrustZone-M;Trusted Firmware-M;Computer Security
Date:	2024-07-26
Issue Date:	2024-10-09 17:05:57 (UTC+8)
Publisher:	國立中央大學
Abstract:	隨著生活、工業環境的需求下，Internet of Things（IoT）設備數量正以飛快的速度成長。但也因為IoT的影響與日俱增，現在許多的IoT設備服務需要處理包含安全性敏感的資訊，吸引了攻擊者針對IoT的安全進行破壞。在近年來，Trusted Execution Environment（TEE）安全概念也應用在IoT設備的系統上，其概念是透過將系統區分成安全與非安全兩個世界並將敏感的資訊儲存在安全世界的服務中如加密服務來防止外界的存取。ARM官方將TEE的概念實作在TrustZone-M（TZ-M）並將該功能置入應用於IoT設備的Armv8-M系列處理器中。基於TZ-M，為了提供一個認證的安全標準給更多的微控制器開發者，Trusted Firmware-M（TF-M）架構被引入作為Armv8-M系列處理器的IoT設備提供一定程度的保護。儘管如此，研究人員發現TF-M中存在由非安全世界中的程式傳遞惡意參數到安全世界的服務而導致的軟體漏洞可能會洩露機密。藉由分析相關的安全議題文獻，我們認為這個問題源自於TEE在將系統分成兩個世界後無法完全掌握來自非安全世界的服務呼叫者的性質。因此我們提出了TrustBUF，一種由安全世界處理的共享緩衝區通訊方法來確保兩個世界之間通訊的安全性，同時解決因TEE分割環境的特性所帶來的安全疑慮。為了展示TrustBUF的實用性，我們將系統的雛型實作在搭配了Arm Cortex-M33的STM32L562E-DK開發板上。;With the growing demand in living and industrial environments, the production of Internet of Things (IoT) devices is rapidly increasing. However, numerous IoT devices are now required to process security-related information, attracting attackers who exploit IoT security vulnerabilities. In recent years, the security concept of Trusted Execution Environment (TEE) has also been applied to IoT devices. TEE prevents external access by dividing the system into the Secure World and Normal World, and storing sensitive security information in the Secure World′s service such as the crypto service. ARM implements the TEE concept on TrustZone-M (TZ-M), integrated into the Armv8-M processors widely adopted in IoT devices. On top of the TZ-M, to provide a certified security standard for border MCU developers, the Trusted Firmware-M (TF-M) architecture is introduced as a certain level of protection for IoT devices in the Armv8-M chips family. Despite this, researchers have found software vulnerabilities in TF-M caused by programs in Normal World passing malicious arguments into Secure World′s service that can result in revealing the secret. By analyzing related security issue literature, we found this result originates from TEE′s inability to fully grasp the nature of the service caller from Normal World after dividing the system into two worlds. Therefore, we propose the TrustBUF, a shared buffer communication method handled by Secure World to ensure secure communication between the two worlds while addressing the security issue caused by the TEE intrinsic of dividing the processing environments. To demonstrate the practicality of TrustBUF, we implement the prototype system on the STM32L562E-DK development board with Arm Cortex-M33.
Appears in Collections:	[Graduate Institute of Computer Science and Information Engineering] Electronic Thesis & Dissertation

Files in This Item:

File	Description	Size	Format
index.html		0Kb	HTML	17	View/Open

社群 sharing

Loading...