An Approach of Implementing SW-TPM in Real-Time Operating System

Virus, trojan and malware on embedded systems have brought significant effect for the information security of the industrial control systems (ICS). ICS as the national core infrastructure, the security affects the national economy and livelihood of all people. Trusted computing technology (TCT) is a technology developed and promoted by the trusted computing group (TCG). At present, TCT has been applied to the general systems, such as multitasking and distributed systems. However, it is necessary to verify the feasibility of applying TCT to the specific systems with high real-time requirements. This paper implements a trusted real-time operating system (tRTOS) based on Preempt-rt, which turns the original linux kernel into a fully pre-emptible kernel. The soft-ware trusted platform module (SW-TPM) is built in the kernel mode to provide trusted computing services. After that, the schedule policy and priority of tpmd, which is the daemon of SW-TPM, have been adjusted. In this approach, tpmd may not be pre-empted while running. It means that, SW-TPM can provide services of encryption, attestation at real-time, which can meet the requirements of RTOS in embedded systems. This paper has measured the execution time of several TPM commands in the tRTOS and a contrast system. A comparative test is carried out between tRTOS and a non-real-time system. The result shows that, the average execution time of TPM commands in the tRTOS is reduced by 15.3% without system interference, and 32.7% with system interference.