在RISCV双核上构建轻量级可信执行环境

信息安全研究 ›› 2025, Vol. 11 ›› Issue (6): 500-.

在RISCV双核上构建轻量级可信执行环境

张龙1唐佳绩1,2郑兴建1,3刘畅4杨峰1

1(军事科学院系统工程研究院北京100141)
2(通信抗干扰全国重点实验室(电子科技大学)成都611731)
3(西安电子科技大学计算机科学与技术学院西安710071)
4(国防科技大学计算机学院长沙410073)

出版日期:2025-06-22 发布日期:2025-06-22
通讯作者: 张龙博士，高级工程师，CCF会员.主要研究方向为形式化方法、集成电路辅助设计与验证. zhanglong10@nudt.edu.cn
作者简介:张龙博士，高级工程师，CCF会员.主要研究方向为形式化方法、集成电路辅助设计与验证. zhanglong10@nudt.edu.cn 唐佳绩硕士.主要研究方向为RISCV处理器可信执行环境. 202122220107@std.uestc.edu.cn 郑兴建博士.主要研究方向为网络安全、大模型形式化定理证明. zhengxj96@163.com 刘畅博士，助理研究员.主要研究方向为微处理器设计与验证、集成电路计算机辅助设计. liuchang@nudt.edu.cn 杨峰博士，高级工程师.主要研究方向为信息系统与网络安全. yfzy1221@163.com

Constructing Lightweight Trusted Execution Environment on RISCV Dualcore Processor

Zhang Long1, Tang Jiaji1,2, Zheng Xingjian1,3, Liu Chang4, and Yang Feng1

1(Institute of Systems Engineering, Academy of Military Science, Beijing 100141)
2(National Key Laboratory of Wireless Communications(University of Electronic Science and Technology of China), Chengdu 611731)
3(School of Computer Science and Technology, Xidian University, Xi’an 710071)
4(College of Computer Science and Technology, National University of Defense Technology, Changsha 410073)

Online:2025-06-22 Published:2025-06-22

摘要/Abstract

摘要： 随着物联网技术的快速发展，资源受限的嵌入式物联网设备在信息安全方面面临的挑战尤为严峻.可信执行环境(trusted execution environment, TEE)为解决终端设备的信息安全问题提供了一种有效的途径.它通过将系统划分为安全区域和普通区域，并采用内存访问权限控制等手段，确保安全应用软件与普通应用软件的分离运行，从而有效提升了系统的整体安全性.针对安全应用软件的可信隔离运行问题，提出了一种基于RISCV双核的轻量级TEE片上系统SoC解决方案，该方案利用物理内存保护(physical memory protection, PMP)机制实现可信隔离运行；为了阻止普通区域应用程序对安全区域资源的未授权访问，提出一种低资源占用的输入输出物理内存保护(input output physical memory protection, IOPMP)设计方案，该方案通过物理地址访问防火墙机制阻止未授权访问；同时针对安全区与普通区之间消息的高效传递的问题，提出了一种基于“消息队列+中断”机制的Mailbox通信方案.实验结果表明，该方案在硬件资源消耗方面低于同类设计，功耗仅为0.256W，降低了14%；在TEE CPU的CoreMark测试中，得分达到了2.40CoreMarkMHz，是同类设计性能的2倍.

关键词: 可信执行环境, 双核SoC, RISCV, PMP, IOPMP, Mailbox

Abstract: With the rapid development of Internet of Things (IoT) technology, resourceconstrained embedded IoT devices face particularly severe challenges in information security. The Trusted Execution Environment (TEE) provides an effective approach to addressing the security issues of terminal devices. By dividing the system into secure and ordinary areas and employing mechanisms such as memory access control, TEE ensures the separate execution of secure and ordinary application software, thereby significantly enhancing the overall system security. This paper addresses the problem of trusted isolation of secure application software and proposes a lightweight TEE SystemonChip (SoC) solution based on a RISCV dualcore architecture. Specifically, the solution leverages the Physical Memory Protection (PMP) mechanism to achieve trusted isolation. Additionally, to prevent unauthorized access to secure area resources by ordinary area applications, a lowresource IOPMP design is presented, which uses a physical address access firewall mechanism to block unauthorized access. Furthermore, to facilitate efficient message transfer between the secure and ordinary areas, a Mailbox communication scheme based on the “message queue & interrupt” mechanism is proposed. Experimental results indicate that the design proposed in this paper has lower hardware resource consumption compared to similar designs, with a power consumption of only 0.256W, a 14% reduction. In the CoreMark test for the TEE CPU, the score reached 2.40 CoreMarks/MHz, which is double the performance of similar designs.

Key words: trusted execution environment, dualcore SoC, RISCV, PMP, IOPMP, Mailbox

中图分类号:

TP309

张龙, 唐佳绩, 郑兴建, 刘畅, 杨峰, . 在RISCV双核上构建轻量级可信执行环境[J]. 信息安全研究, 2025, 11(6): 500-.

参考文献

［1］鲍聪颖, 吴昊, 陆凯, 等. 基于可信执行环境的5G边缘计算安全研究［J］. 信息安全研究, 2023, 9(1): 3847［2］Xia Ke, Luo Yukui, Xu Xiaolin, et al. SGXFPGA: Trusted execution environment for CPUFPGA heterogeneous architecture［C］ Proc of DAC Conference. Piscataway, NJ: IEEE, 2015: 301306［3］Liang Hongliang, Li Mingyu, Chen Yixiu, et al. Establishing trusted IO paths for SGX client systems with aurora［J］. IEEE Trans on Information Forensics and Security, 2020, 15(1): 15891600［4］Zhang Yiming, Hu Yuxin, Ning Zhenyu, et al. SHELTER: Extending arm CCA with isolation in user space［C］ Proc of USENIX Security Symposium Conference. Berkeley, CA: USENIX Association, 2023: 62576274［5］Costan V, Lebedev I, Devadas S. Sanctum: Minimal hardware extensions for strong software isolation［C］ Proc of USENIX Security Symposium Conference. Berkeley, CA: USENIX Association, 2016: 857874［6］Bourgeat T, Lebedev I, Wright A, et al. MI6: Secure enclaves in a speculative outoforder processor［C］ Proc of MICRO Conference. New York: ACM, 2019: 4256［7］Lee D, Kohlbrenner D, Shinde S, et al. Keystone: An open framework for architecting trusted execution environments［C］ Proc of EuroSys Conference. New York: ACM, 2020: 116［8］Feng Erhu, Lu Xu, Du Dong, et al. Scalable memory protection in the PENGLAI enclave［C］ Proc of USENIX OSDI Symposium Conference. Berkeley, CA: USENIX, 2021: 275294［9］Weiser S, Werner M, Brasser F, et al. TIMBERV: Tagisolated memory bringing finegrained enclaves to RISCV［C］ Proc of NDSS Conference. Virginia, Alexandria: ISOC, 2019［10］Hoang T T, Duran C, Serrano R, et al. Trusted execution environment hardware by isolated heterogeneous architecture for key scheduling［J］.IEEE Access, 2022, 10: 460144602710［11］Nasahl P, Schilling R, Werner M, et al. HECTORV: A heterogeneous CPU architecture for a secure RISCV execution environment［C］ Proc of ASIA CCS Conference. New York: ACM, 2021: 187199［12］Ma Jun, Chong Ting, Li Lei, et al. Construction of RISCV lightweight trusted execution environment based on hardware extension［C］ Proc of ICPICS Conference. Piscataway, NJ: IEEE, 2021: 237242［13］RISCV IOPMP Task Group. RISCV IOPMP architecture specification［ROL］. 2023 ［20240801］. https:lists.riscv.orggtechiopmpattachment34710iopmpv0.9.2RC3.pdf［14］Chen yuehai, Chen Huarun, Chen Shaozhen, et al. DITES: A lightweight and flexible dualcore isolated trusted execution SoC based on RISCV［J］. Sensors, 2022, 22(16): 59815981

[1]	潘无穷, 韦韬, 李宏宇, 李婷婷, 何安珣, . 跨域管控：数据流通关键安全技术[J]. 信息安全研究, 2023, 9(E1): 105-.
[2]	沈传年, 徐彦婷, 陈滢霞. 隐私计算关键技术及研究展望[J]. 信息安全研究, 2023, 9(8): 714-.
[3]	鲍聪颖, 吴昊, 陆凯, 曹松钱, 卢秋呈, . 基于可信执行环境的5G边缘计算安全研究[J]. 信息安全研究, 2023, 9(1): 38-.
[4]	黄坚会, 沈昌祥, 张建标, 王亮, . 基于TPCM可信根的下一代可信执行环境平台方案[J]. 信息安全研究, 2022, 8(E2): 33-.
[5]	张海涛, 包森成, 何志坚. 隐私计算在算力网络中的实践应用[J]. 信息安全研究, 2022, 8(E2): 130-.
[6]	杨光远杨大利张羽马利民张伟. 基于可信硬件的隐私数据可搜索加密加速方法研究[J]. 信息安全研究, 2021, 7(4): 319-327.