针对流式无闪存启动系统提出了一种安全可靠的固件更新详细方法.pdf

1、Munir AhmadChing-Yu(Lawrence)LoJayant MangalampalliStreaming and flash-less boot system-a detailed methodology is proposed for secure and authenticated Firmware updateStreaming and flash-less boot system-a detailed methodology is proposed for secure and authenticated Firmware updateMunir AhmadChing-

2、Yu(Lawrence)LoJayant MangalampalliOPEN PLATFORM FIRMWARE(OPF)Flash-less boot(also known as streaming boot)is a method of booting a system without using onboard non-volatile memory(like NOR/NAND SPI flash).Instead,the boot image is streamed directly into the devices memory(usually RAM)from an externa

3、l sourceKey Components and FlowPlatform Agent RoT(PA-RoT)Boot ROM(or Bootloader in ROM)The SoC or an external source contains a small,immutable boot ROM(early FW)This ROM initializes basic hardware and communication interfacesSets up the interface(USB,UART,SPI,eSPI,I3C,etc.)for streamingImage Fetchi

4、ngThe Boot ROM fetches the boot image from an external source.This image typically includes a second-stage or remainder FW or directly the OS kernel.Image Loading:The image is loaded into RAMExecution begins from the loaded image,continuing the boot process.What is Flash-less/streaming bootFirst-sta

5、ge boot loader helps to load the second-stage bootloader or OS image into RAM.AdvantagesCost Reduction:Eliminates the need for onboard flash memorySecurity:Boot ROM verifies the signature of the streamed image,ensuring authenticityFlexibility:Easier to update firmware remotely or during manufacturin

6、g.Space Saving:Useful in space-constrained designs.ChallengesDependency on External Interface:Booting depends on the availability and reliability of the external source.Latency:Second-stage boot loader performs full system initialization.Streaming may introduce boot-time delays compared to local fla