Presentation is loading. Please wait.

Presentation is loading. Please wait.

Senior Design May 12-08 AbstractDesign Alex Frisvold Alex Meyer Nazmus Sakib Eric Van Buren Our project is to develop a working emulator for an Android.

Published byDerick Wells Modified over 8 years ago

Similar presentations

Presentation on theme: "Senior Design May 12-08 AbstractDesign Alex Frisvold Alex Meyer Nazmus Sakib Eric Van Buren Our project is to develop a working emulator for an Android."— Presentation transcript:

1 Senior Design May 12-08 AbstractDesign Alex Frisvold Alex Meyer Nazmus Sakib Eric Van Buren Our project is to develop a working emulator for an Android device so that it is able to accurately represent the security extension of the device’s CPU, known as ARM TrustZone. Using TrustZone, we will provide a Trusted Platform Module (TPM) service. As of right now, there are no commercial Android emulators that can correctly model the ARM TrustZone. Therefore, application developers are forced to test their devices on actual hardware to see if their code works. This is both dangerous to the device and time consuming. The logical next step is to try and emulate the inner workings of this hardware so that developers can then start writing applications to use it. ARM TrustZone works by providing two virtual processors backed by hardware based access control. This enables the application core to switch between two states, referred to a worlds, in order to prevent information from leaking from the more trusted world (secure world) to the less secure world (non-secure world). The way we approached this problem was by constructing a software stack consisting of a hardware emulator, a microkernel, a run-time environment, and the Android OS. We made necessary modifications to different layers in the stack to allow TrustZone support. Requirements QEMU – a powerful processor emulator that uses dynamic binary translation to allow it to be ported to many different CPU architectures. The hardware emulation of the ARM TrustZone is implemented here. Fiasco Microkernel – software needed to implement the runtime environment that will run on top of it, this is the only piece of software that will run in the secure world of the processor. The memory management unit of Fiasco has been modified to implement the memory separation required. Fiasco L4Re – provides a basic set of services and abstractions, which will be used to implement and run applications on top of the microkernel. L4 Android – an operating system developed to run on top of the Fiasco L4Re run-time environment, provides a layer for us to develop applications on top of. FunctionalNon-Functional Fiasco.OC microkernel will run seamlessly over Mr.Winter’s QEMU L4RE will run seamlessly over Fiasco.OC The L4Android will run seamlessly over L4RE An Android application will use the TPM services provided Modifications made to any components of the stack will not adversely affect existing functionality The stack will provide the user with a secure environment The stack will run at a usable speed The stack will be stable and run reliably Modifications to QEMU, Fiasco.OC and L4Re will be written in C and ++ Developed applications will use TrustZone and our TPM services in real time Our software stack will allow TPM services to be added later TrustZone Advisor: George AmariucaiClient: The Boeing Company Work Breakdown Context Switch Full Context Switch (Secure World) On context switch: 1) Write back all modified CPU memory 2) Zero out before switching Attributes: More performance overhead but more secure Lazy Context Switch (Normal World) On context switch: 1) Only write back if CPU memory is modified or page fault occurs Attributes: Less overhead but also less secure UsersEnvironments Used Android Application developers Anyone interested in TrustZone GCC ARM GCC Tools Used Cross Compiler CodeSourcery This cross compiler was needed because all the software we used was written for x86 processors and not the ARM processor we were to use. This compiler took the object files written for the stack and converted it to ARM object files to run on top of our ARM processor. Programming Languages Java is used to complete all Android applications including our secure application C is what our QEMU emulator was written and edited in C++ is the programming language used for Fiasco Microkernel and also for all of the L4RE components Process of a Context Switch The process to context switch from the normal world to the secure world and back to the normal world is as follows: Executing application requests a context switch to Fiasco MMU, SMC bit set Once the Fiasco microkernel receives the request a masked FIQ interrupt is thrown, this gives control to the secure world If the application has previous saved data in the secure memory, the Fiasco MMU loads that memory into the CPU Secure section of application executes Processor memory saved in secure world memory Masked IRQ interrupt is thrown, this gives control back to the normal world ARM TrustZone is a security extension to the CPU that provides two virtual processors backed by hardware based access control. TrustZone splits the CPU into two worlds, the secure world and the non-secure world. It ensures that nothing from the secure world can be accessed by the non-secure world. It is available on all of ARM’s advanced chipsets. Applications Secure PIN entry Digital Rights Management Software license management e-Ticketing Mobile TV (Netflix) TrustZone adds a “parallel world” to allow trusted programs and data to be safely separated from the operating system and applications

Download ppt "Senior Design May 12-08 AbstractDesign Alex Frisvold Alex Meyer Nazmus Sakib Eric Van Buren Our project is to develop a working emulator for an Android."

Similar presentations

User-Mode Linux Ken C.K. Lee

User-Mode Linux Ken C.K. Lee
MODERN OPERATING SYSTEMS Third Edition ANDREW S. TANENBAUM Chapter 3 Memory Management Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall,

MODERN OPERATING SYSTEMS Third Edition ANDREW S. TANENBAUM Chapter 3 Memory Management Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall,
CSCE 145: Algorithmic Design I Chapter 1 Intro to Computers and Java Muhammad Nazmus Sakib.

CSCE 145: Algorithmic Design I Chapter 1 Intro to Computers and Java Muhammad Nazmus Sakib.
Extensibility, Safety and Performance in the SPIN Operating System Presented by Allen Kerr.

Extensibility, Safety and Performance in the SPIN Operating System Presented by Allen Kerr.
1/1/ / faculty of Electrical Engineering eindhoven university of technology Introduction Part 3: Input/output and co-processors dr.ir. A.C. Verschueren.

1/1/ / faculty of Electrical Engineering eindhoven university of technology Introduction Part 3: Input/output and co-processors dr.ir. A.C. Verschueren.
1/21/2008CSCI 315 Operating Systems Design1 Operating System Structures Notice: The slides for this lecture have been largely based on those accompanying.

1/21/2008CSCI 315 Operating Systems Design1 Operating System Structures Notice: The slides for this lecture have been largely based on those accompanying.
Operating System Structure. Announcements Make sure you are registered for CS 415 First CS 415 project is up –Initial design documents due next Friday,

Operating System Structure. Announcements Make sure you are registered for CS 415 First CS 415 project is up –Initial design documents due next Friday,
1/28/2004CSCI 315 Operating Systems Design1 Operating System Structures & Processes Notice: The slides for this lecture have been largely based on those.

1/28/2004CSCI 315 Operating Systems Design1 Operating System Structures & Processes Notice: The slides for this lecture have been largely based on those.
Memory Management Chapter 5.

Memory Management Chapter 5.
Silberschatz, Galvin and Gagne ©2013 Operating System Concepts – 9 th Edition Chapter 2: Operating-System Structures.

Silberschatz, Galvin and Gagne ©2013 Operating System Concepts – 9 th Edition Chapter 2: Operating-System Structures.
A. Frank - P. Weisberg Operating Systems Structure of Operating Systems.

A. Frank - P. Weisberg Operating Systems Structure of Operating Systems.
Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition Chapter 2: Operating-System Structures Modified from the text book.

Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition Chapter 2: Operating-System Structures Modified from the text book.
Slide 3-1 Copyright © 2004 Pearson Education, Inc. Operating Systems: A Modern Perspective, Chapter 3 Operating System Organization.

Slide 3-1 Copyright © 2004 Pearson Education, Inc. Operating Systems: A Modern Perspective, Chapter 3 Operating System Organization.
Copyright Arshi Khan1 System Programming Instructor Arshi Khan.

Copyright Arshi Khan1 System Programming Instructor Arshi Khan.
Prardiva Mangilipally

Prardiva Mangilipally
Group 5 Alain J. Percial Paula A. Ortiz Francis X. Ruiz.

Group 5 Alain J. Percial Paula A. Ortiz Francis X. Ruiz.
Android Security GROUP MAY 1208 Alex Frisvold Alex Meyer Nazmus Sakib Eric Van Buren.

Android Security GROUP MAY 1208 Alex Frisvold Alex Meyer Nazmus Sakib Eric Van Buren.
Stack Management Each process/thread has two stacks  Kernel stack  User stack Stack pointer changes when exiting/entering the kernel Q: Why is this necessary?

Stack Management Each process/thread has two stacks  Kernel stack  User stack Stack pointer changes when exiting/entering the kernel Q: Why is this necessary?
Virtualization Technology Prof D M Dhamdhere CSE Department IIT Bombay Moving towards Virtualization… Department of Computer Science and Engineering, IIT.

Virtualization Technology Prof D M Dhamdhere CSE Department IIT Bombay Moving towards Virtualization… Department of Computer Science and Engineering, IIT.
Computer Organization

Computer Organization

Similar presentations

Ads by Google