Verification-Based Multi-backup Firmware Architecture, an Assurance of Trusted Boot Process for the Embedded Systems

NAND flash has been widely used as the only non-volatile storage device in the embedded systems. However, it has high rates of bad block, which may lead the stored programs damaged. Especially for the firmware including bootloader and OS, this will lead the system crash immediately. This paper proposes a novel verification-based multi-backup firmware architecture (VMFA) to improve the reliability with the multiple copies of firmware in NAND flash. According to the theory of chain of trust, during the boot process, the integrity of one program should be checked before it gets the right to execute, and the program can be executed only on condition that its integrity is valid. Meanwhile, the system can automatically load and measure the backup copies and verify the integrity when the original program is damaged. Some experiments are taken on a real development platform and the VMFA is measured with time module to analyze the boot time. The results show that the system can work well with VMFA and the boot process can be ensured with the suitable verifications.