Standard System Software
Introduction
Standard System Software includes software components that are commonly used in embedded systems, such as:
Boot ROM (Read-Only Memory): Executes the very initial code to start the hardware and then passes control to the PBL.
Original Function:
The Boot ROM contains the initial set of instructions that the processor executes when it is powered up or reset. This code is typically burned onto the ROM and is immutable.Technical Details:
The Boot ROM is a small piece of code, usually stored in a non-volatile memory like flash or an actual ROM chip on the device. The instructions in Boot ROM are hardware-specific and are used to initialize essential hardware components like the CPU and memory controller.Boot ROM Execution Sequence: Execute Boot ROM→Initialize Hardware→Load PBL
PBL (Primary Program Loader): Takes over from Boot ROM to initialize minimal hardware and then loads SPL.
Original Function: The PBL is the first program that runs when a processor powers up. It takes over from the Boot ROM to initialize minimal hardware and then loads the SPL.
Technical Details: The PBL is responsible for initializing the minimal set of hardware resources required to load and run the secondary program loader (SPL).
PBL Sequence: Boot ROM→Execute PBL→Initialize Minimal Hardware→Load SPL
SPL (Secondary Program Loader): Further initializes hardware and then loads the main bootloader (U-Boot).
Original Function: The SPL is the first stage bootloader that further initializes the hardware and loads the actual boot program, like U-Boot.
Technical Details: SPL initializes more hardware resources than PBL and prepares the system to load U-Boot, which will eventually load the OS kernel.
SPL Sequence: Execute PBL→Execute SPL→Load U-Boot
U-Boot (Main Bootloader): Takes over from SPL, initializes more hardware if needed, and loads the operating system kernel into memory.
Original Function: The Bootloader takes over from the Boot ROM and is responsible for loading the operating system kernel into memory
Technical Details: U-Boot is often used synonymously with bootloader in embedded systems. It has the capability to load the kernel from various types of storage media, including NAND flash, NOR flash, SD cards, USB devices, and so on.
Bootloader Sequence: Execute SPL→Load U-Boot -> Load Kernel
ATF (ARM Trusted Firmware): Firmware that provides a reference implementation of secure world software.
Original Function: ATF provides a reference implementation of secure world software for ARM processors.
Technical Details: ATF is especially important in systems that require secure boot or secure function execution, providing an isolation between the secure and non-secure worlds in ARM devices.
Equation for ATF: Execute SPL→Load ATF→Initialize Secure Environment
Note: ATF comes into play after the SPL (Secondary Program Loader) as it's responsible for initializing the secure environment.
TEE (Trusted Execution Environment): For running trusted applications.
Original Function:The TEE is used for running trusted applications in a secure environment, separate from the operating system.
Technical Details: The TEE interacts closely with the operating system but runs in a separate, isolated environment. It's used for secure data storage and processing.
Equation for TEE: Load OS→Initialize TEE→Run Trusted Applications
Note: TEE is typically invoked after the operating system (OS) has been loaded and initializes the Trusted Execution Environment for running secure applications.
To summarize the complete sequence:
Boot ROM: Executes initial code, starts hardware, and passes control to PBL.
PBL (Primary Program Loader): Initializes minimal hardware and loads SPL.
SPL (Secondary Program Loader): Further initializes hardware, loads ATF for secure operations, and then loads U-Boot.
U-Boot (Main Bootloader): Initializes additional hardware (if needed) and loads the OS kernel.
OS (Operating System): Runs the primary user applications.
TEE (Trusted Execution Environment): Initializes and runs secure applications in a separate, isolated environment.
Additonal Note: ATF provides the secure foundation, including secure boot services and integrity checks, while TEE operates within this secure context to execute trusted applications. Together, they contribute to the overall security of ARM-based systems, especially in scenarios where secure boot and secure execution are essential, such as in mobile devices or embedded systems with stringent security requirements.