An Approach of Implementing SW-TPM in Real-Time Operating System

  • Mingdi Xu
  • Xueyuan GaoEmail author
  • Fan Zhang
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 960)


Virus, trojan and malware on embedded systems have brought significant effect for the information security of the industrial control systems (ICS). ICS as the national core infrastructure, the security affects the national economy and livelihood of all people. Trusted computing technology (TCT) is a technology developed and promoted by the trusted computing group (TCG). At present, TCT has been applied to the general systems, such as multitasking and distributed systems. However, it is necessary to verify the feasibility of applying TCT to the specific systems with high real-time requirements. This paper implements a trusted real-time operating system (tRTOS) based on Preempt-rt, which turns the original linux kernel into a fully pre-emptible kernel. The soft-ware trusted platform module (SW-TPM) is built in the kernel mode to provide trusted computing services. After that, the schedule policy and priority of tpmd, which is the daemon of SW-TPM, have been adjusted. In this approach, tpmd may not be pre-empted while running. It means that, SW-TPM can provide services of encryption, attestation at real-time, which can meet the requirements of RTOS in embedded systems. This paper has measured the execution time of several TPM commands in the tRTOS and a contrast system. A comparative test is carried out between tRTOS and a non-real-time system. The result shows that, the average execution time of TPM commands in the tRTOS is reduced by 15.3% without system interference, and 32.7% with system interference.


Industrial control system Trusted computing technology Trusted RTOS SW-TPM Performance testing 



This work was supported by National Nature Science Foundation of China under grant 61502438, 61272452 and 61403350.


  1. 1.
    Mattei, T.A.: Privacy, confidentiality, and security of health care information: lessons from the recent WannaCry cyber attack. World Neurosurg. 104, 972–974 (2017)CrossRefGoogle Scholar
  2. 2.
    Wang, Y., Wang, Y., Zhang, L.: Analysis and defense of the BlackEnergy malware in the Ukrainian electric power system. Chin. J. Netw. Inf. Secur. 1, 46–53 (2017)Google Scholar
  3. 3.
    Sun, Y., Jing, K., Wang, Y.: A network security protection research for industrial control system. J. Inf. Secur. Res. 3(2), 171–176 (2017)Google Scholar
  4. 4.
    Strasser, M., Stamer, H.: A software-based trusted platform module emulator. In: Lipp, P., Sadeghi, A.-R., Koch, K.-M. (eds.) Trust 2008. LNCS, vol. 4968, pp. 33–47. Springer, Heidelberg (2008). Scholar
  5. 5.
    Khalid, O., Rolfes, C., Ibing, A.: On implementing trusted boot for embedded systems. In: IEEE International Symposium on Hardware-Oriented Security and Trust, pp. 75–80 (2013)Google Scholar
  6. 6.
    Trusted Computing Group.: Secure Embedded Platform with Trusted Computing: Automotive and Other Systems in the Internet of Things Must Be Protected, 10 June 2012.
  7. 7.
    Johannes, W.: Trusted computing building blocks for embedded linux-based ARM trustzone platforms. In: Proceedings of the 3rd ACM Workshop on Scalable Trusted Computing. ACM Press, Fairfax (2008)Google Scholar
  8. 8.
    Lucas, D., Alexandra, D., Christoph, K.: Trusted virtual domains on OKL4: secure information sharing on smartphones. In: Proceedings of the 6th ACM Workshop on Scalable Trusted Computing. ACM Press, Chicago (2011)Google Scholar
  9. 9.
    Aaraj, N., Raghunathan, A., Jha, N.K.: Analysis and design of a hardware/software trusted platform module for embedded systems. ACM Trans. Embed. Comput. Syst. 8(1), 1–31 (2008)CrossRefGoogle Scholar
  10. 10.
    Xu, M., Yang, L.: Research on trusted computing technology in embedded real-time operation system. Comput. Eng. 40(1), 130–133 (2014)Google Scholar
  11. 11.
    Litayem, N., Ben Saoud, S.: Impact of the linux real-time enhancements on the system performances for multi-core intel architectures. Int. J. Comput. Appl. 17(3), 17–23 (2011)Google Scholar
  12. 12.
    Fayyad-Kazan, H., Perneel, L., Timmerman, M.: Linux Preempt-rt v2.6.33 versus v3.6.6: better or worse for real-time applications? ACM SIGBED Rev. 11(1), 26–31 (2014)CrossRefGoogle Scholar
  13. 13.
    Berger, S., Caceres, R.A., Goldman, K.: vTPM: virtualizing the trusted platform module. In: Conference on USENIX Security Symposium BC Canada, pp. 305–320. USENIX Association, Berkeley (2006)Google Scholar
  14. 14.
    Gleixner, T., Niehaus, D.: Hrtimers and beyond: transforming the linux time subsystems. In: Proceeding of the Linux Symposium, Ottawa, Ontario (2006)Google Scholar
  15. 15.
    Trusted Computing Group.: TCG Software Stack (TSS) Specification, Version 1.2, Errata A [EB/OL], 21 April 2011.
  16. 16.
    Koolwal, K.: Myths and realities of real-time linux software systems. In: Proceedings of Eleventh Real-Time Linux Workshop, pp. 13–18 (2009)Google Scholar
  17. 17.
    Hall, C.E.J.: A real-time linux system for autonomous navigation and flight attitude control of an uninhabited aerial vehicle. In: Digital Avionics Systems, DASC Conference, vol. 1, pp. 1A1/1–1A1/9 (2001)Google Scholar
  18. 18.
    Srinivasan, B., Hill, R., Pather, S.: KURT-linux support for synchronous fine-grain distributed computations. In: IEEE Real-Time Technology & Applications Symposium, pp. 78–81 (2000)Google Scholar
  19. 19.
    Lin, K.J., Wang, Y.C.: The design and implementation of real-time schedulers in RED-linux. Proc. IEEE 91(7), 1114–1130 (2003)CrossRefGoogle Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2019

Authors and Affiliations

  1. 1.Wuhan Digital Engineering InstituteWuhanChina
  2. 2.School of Mathematics and Computing ScienceWuhanChina

Personalised recommendations