Introduction
XAPP1309 (v1.0) March 7, 2017
3
www.xilinx.com
Figure 2
shows functional components of the Zynq-7000 AP SoC and the Infineon OPTIGA SLB
9670 TPM on the client platform.
At power-up, the Zynq-7000 AP SoC on-chip BootROM code loads the first stage boot loader
(FSBL). The FSBL loads U-boot, and U-Boot loads the Linux kernel, root file system, device tree,
and Linux application software. In one approach to booting with a chain of trust, the BootROM
authenticates/measures the FSBL, the FSBL authenticates/measures U-Boot, and U-Boot
authenticates/measures the Linux partitions.
The SHA-1 measurement logs are stored in the TPM platform configuration registers (PCRs).
Measurements of the BootROM and the FSBL are done by the FSBL and placed in the PCRs using
a serial peripheral interface (SPI) connection. The measurements are transmitted to the server
for remote attestation. The TPM cryptographically signs the SHA-1 values in PCRs so that
partition measurements are not transmitted from the embedded system in plain text.
For remote attestation of firmware updates, the network connection between the attestation
server and clients must be secure. IPsec functionality, including a privacy certificate authority
(CA) that generates X.509 certificates, implements the transport layer security (TLS) handshake
between the server and client(s). The network security used in the measured boot reference
design is discussed in
Network Security in Measured Boot, page 12
.
X-Ref Target - Figure 2
Figure 2:
Functional Diagram of Client Platform Based on Zynq-7000 AP SoC
Zynq-7010 AP SoC
Infineon SLB9670 OPTIGA TPM
SPI
Wind River Pulsar Linux
with TPM Driver
U-Boot
TrouSerS
FSBL – TPM SPI, TPM
Tools
strongSWAN Client
Platform Configuration
Registers
Non-Volatile Memory
Random Number Generator
Crypto Engine
Tamper Detection Circuitry
CPU
X18730-020317
