Tongxin xuebao (Apr 2025)
Dual system trusted terminal computing architecture based on TPCM RoT
Abstract
Due to the limitations of the times, the von Neumann computer system failed to consider the modern security environment, and the computing structure lacked independent protective components based on hardware trusted roots. A trusted terminal architecture based on the Chinese national standard GB/T 40650-2021 trusted platform control module (TPCM) trusted root was proposed. A dual architecture was adopted to implement a progressive parallel trusted execution environment architecture based on trusted roots, solving the problems of terminal device source, platform execution environment, and terminal device trusted management from the perspectives of hardware trusted root chips and underlying basic software. The method ensured that the TPCM trusted root chip of the terminal device and the tested basic components were powered on first, completing the trusted measurement of the CPU execution environment, and controlling the CPU power and device initialization configuration, gradually performing trusted diffusion during the computer startup process. It can achieve reliable and trustworthy network applications while ensuring the security and trustworthiness of the device itself, realizing the privacy, security protection, and network security of device data.
