manualshive.com logo in svg

Xilinx Zynq-7000, Примечание к применению

Xilinx Zynq-7000 - мощный программируемый микропроцессорный комплекс, объединяющий процессор ARM с логикой программируемых вентилей. Чтобы узнать больше о возможностях этого устройства, загрузите бесплатный руководство пользователя с manualshive.com. В нем содержится вся необходимая информация для работы с Xilinx Zynq-7000.

Поделиться
Скачать
background image

Hardware Root of Trust

XAPP1309 (v1.0) March 7, 2017

 7

www.xilinx.com

Figure 5

 shows three possible system setups. The strongSwan software running on an Ubuntu 

server does both the remote attestation and the network security. The Ethernet connection can 

be either direct from the PC to the Avnet board or dynamic host configuration protocol (DHCP) 

using Ethernet wall sockets. In (a), the server is run on an Ubuntu installation on either 

VirtualBox or VMware on the PC. In (b), an Ubuntu-based PC runs the strongSwan server. In (c), 

the server runs on an Amazon web server (AWS). Xilinx does not provide the AWS account.

The reference system provides methods for a measured boot of a single client, providing 

remote attestation of early load software (BootROM, FSBL) which is new functionality for 

embedded systems. An actual connected system has multiple embedded devices, and the 

strongSwan server measures all Linux partitions loaded, not just the early load software.

Hardware Root of Trust

In Zynq-7000 AP SoCs, the HROT is based on the first code executed by the ARM® CPU0 at 

power-on. The code is stored in on-chip, metal-masked ROM, and is referred to as BootROM 

code. BootROM code is immutable, and its principle function is to perform device initialization 

and load the FSBL into read/writable on-chip memory (OCM). Neither the BootROM nor the 

OCM are accessible at device pins. The BootROM Configuration Flowchart figure in 

Zynq-7000 

All Programmable SoC Technical Reference Manual

 (UG585) 

[Ref 1]

 provides the flow of the 

BootROM code functionality. If secure boot is specified, the BootROM authenticates the FSBL 

using the RSA-2048 standard prior to execution of the FSBL. The Zynq-7000 AP SoC HROT is 

enhanced by adding a TPM to the embedded platform. The TPM provides partition 

measurements, cryptographic functions, and secure key storage for keys used by the Zynq-7000 

AP SoC.

X-Ref Target - Figure 5

Figure 5:

Reference System Hardware Setup Options

Laptop

Virtual Box

Ubuntu

strongSwan

IIoT 

Starter Kit

Laptop

Ubuntu

strongSwan

IIoT Starter Kit

Laptop

AWS

strongSwan

IIoT

Starter Kit

(a)

(b)

(c)

MicroZed

MicroZed

MicroZed

730

730

730

Server

Client

X18732-030617

Содержание Zynq-7000

Страница 1: ...ation note from the Xilinx website Introduction In most current applications Xilinx FPGAs and SoCs are programmed once at the factory and often not reconfigured for the life cycle of the device A meth...

Страница 2: ...etwork update the software re run remote attestation and allow the client to connect to the network if the software can be trusted Isolating a corrupted embedded system from the network limits its abi...

Страница 3: ...ts are transmitted to the server for remote attestation The TPM cryptographically signs the SHA 1 values in PCRs so that partition measurements are not transmitted from the embedded system in plain te...

Страница 4: ...rd Two USB type A to USB mini B cables for UART and JTAG communication Micro Secure Digital microSD memory card 16 GB Ethernet cable Xilinx Software Development Kit 2017 1 Xilinx Vivado Design Suite 2...

Страница 5: ...p for the single client system used in the reference design The client in the Avnet IIoT drives a communication terminal The strongSwan attestation server runs from VirtualBox A browser is used to vie...

Страница 6: ...icroZed and includes the strongSwan client software Prior to booting WRPL the Zynq 7000 AP SoC runs the FSBL The FSBL runs pre boot authentication on the BootROM and FSBL The FSBL then executes PCR ex...

Страница 7: ...rust In Zynq 7000 AP SoCs the HROT is based on the first code executed by the ARM CPU0 at power on The code is stored in on chip metal masked ROM and is referred to as BootROM code BootROM code is imm...

Страница 8: ...tems which use measured boot Secure boot and measured boot functionality are complementary Connecting embedded systems to a network provides a method for firmware updates Embedded systems connected to...

Страница 9: ...ents RIMs and acts according to a predefined policy In the reference design this is referred to as the policy decision point PDP After running measured boot a server website provides a summary of meas...

Страница 10: ...remote attestation of a client is based on a quote A quote is measurement or evidence on the partitions booted In TPM 1 2 an SHA 1 digest is used as the measurement for partitions loaded In TPM 2 0 a...

Страница 11: ...n extend the SHA 1 digests into the TPM s PCRs The SHA 1 values are calculated in sha1 c Code to take ownership and activate the TPM is in slb9670_tpm_spi c The PCRs are extended in slb9670_spi_tpm c...

Страница 12: ...rd PTS formats for interoperability between applications and vendors The policy decision point PDP defines the action taken by the server after measurement verification A typical policy action is to l...

Страница 13: ...nager The process is defined on the strongSwan website Conclusion Zynq 7000 AP SoCs provide significant advantages in their ability to program both hardware and software on the same device Cost effect...

Страница 14: ...You may not reproduce modify distribute or publicly display the Materials without prior written consent Certain products are subject to the terms and conditions of Xilinx s limited warranty please re...

Отзывы:

Нет отзывов

Похожие инструкции для Zynq-7000

ECS KT600-AA User Manual preview
KT600-AA
Бренд: ECS Страницы: 27
Microchip Technology PL360G55Cx-EK User Manual preview
PL360G55Cx-EK
Бренд: Microchip Technology Страницы: 17
Gan Systems GSWP300W-EVBPA Technical Manual preview
GSWP300W-EVBPA
Бренд: Gan Systems Страницы: 28
MSI MS-6391 User Manual preview
MS-6391
Бренд: MSI Страницы: 104
AOpen MX4SG-4DL Easy Installation Manual preview
MX4SG-4DL
Бренд: AOpen Страницы: 8
AOpen AK76D Easy Installation Manual preview
AK76D
Бренд: AOpen Страницы: 8
Microsemi VSC8584 User Manual preview
VSC8584
Бренд: Microsemi Страницы: 15
Tews Technologies TVME220 Series User Manual preview
TVME220 Series
Бренд: Tews Technologies Страницы: 26
Zamel EXTA ZCM-11 Instruction Manual preview
EXTA ZCM-11
Бренд: Zamel Страницы: 2
Supero X9SPU-F User Manual preview
X9SPU-F
Бренд: Supero Страницы: 107
Texas Instruments TAS5508-5142K7EVM User Manual preview
TAS5508-5142K7EVM
Бренд: Texas Instruments Страницы: 20
Texas Instruments Chipset TRF2436EVM User Manual preview
Chipset TRF2436EVM
Бренд: Texas Instruments Страницы: 11
ASROCK IMB-150D-PCI User Manual preview
IMB-150D-PCI
Бренд: ASROCK Страницы: 40
Gigabyte GA-N650SLI-DS4L User Manual preview
GA-N650SLI-DS4L
Бренд: Gigabyte Страницы: 100
Texas Instruments THVD1424 User Manual preview
THVD1424
Бренд: Texas Instruments Страницы: 20
QDI Advance 5 Manual preview
Advance 5
Бренд: QDI Страницы: 19
ASROCK Z97 Extreme9 User Manual preview
Z97 Extreme9
Бренд: ASROCK Страницы: 125
AvaLAN AW2400mR-EVAL User Manual preview
AW2400mR-EVAL
Бренд: AvaLAN Страницы: 14

Бренды по названию

Популярные бренды

Загрузить еще бренды