A microcode signature security management system based on a Trustzone technology comprises the steps of: starting a normal operating system; acquiring the signature-encrypted microcode file and outputting the signature-encrypted microcode file and a switching signal by the normal operating system; receiving the switching signal and starting the monitor mode by the microprocessor to start a secure operating system; receiving the signature-encrypted microcode file, performing signature verification on the signature-encrypted microcode file, loading the file when the signature verification passes, otherwise outputting microcode error information when the signature verification fails by the secure operating system. The security of microcode is ensured on the basis of a secure operating system safety environment to which a system layer is inaccessible. A cryptography tool measure is adopted, so that the security, integrity and correctness of loaded microcode are ensured, and the risk of breaking, modifying and replacing an existing microcode management mechanism is lowered.