[go: up one dir, main page]

GB2308905A - Protected system processor - Google Patents

Protected system processor Download PDF

Info

Publication number
GB2308905A
GB2308905A GB9600274A GB9600274A GB2308905A GB 2308905 A GB2308905 A GB 2308905A GB 9600274 A GB9600274 A GB 9600274A GB 9600274 A GB9600274 A GB 9600274A GB 2308905 A GB2308905 A GB 2308905A
Authority
GB
United Kingdom
Prior art keywords
protected
processor
end user
memory
system processor
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB9600274A
Other versions
GB9600274D0 (en
Inventor
John Robert Miller
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to GB9600274A priority Critical patent/GB2308905A/en
Publication of GB9600274D0 publication Critical patent/GB9600274D0/en
Publication of GB2308905A publication Critical patent/GB2308905A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/75Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by inhibiting the analysis of circuitry or operation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/86Secure or tamper-resistant housings
    • G06F21/87Secure or tamper-resistant housings by means of encapsulation, e.g. for integrated circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2207/00Indexing scheme relating to methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F2207/72Indexing scheme relating to groups G06F7/72 - G06F7/729
    • G06F2207/7219Countermeasures against side channel or fault attacks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Physics (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Storage Device Security (AREA)

Abstract

A micro-processor 4, memory circuit 5 and control circuit 6, all in 'naked die' form, are combined together on a substrate 'printed' with an electrical circuit to form a single package, hybrid Integrated Circuit capable of executing / storing proprietary programs / data in a secure environment. During normal processor operation, only the internal processor 4 can read from or write to the internal memory 5 prodding protection against unauthorised access to the said memory contents and security for the operation of the system as a whole. The internal memory is 100% end user configurable and is prepared for operation by the end user testing and programming the Device in the PTU (Programming / Testing Unit). Full compatability means no special hardware or software engineering requirement for Device implementation and, due to re-programmability, repeated re-use of the Device in subsequent differing applications.

Description

PROTECTED SYSTEM PROCESSOR This invention relates to a Protected System Processor.
Security, or the lack of it, is a major problem for computer users large and small. Armed with basic systems knowledge and given a little time and expertise, it is not particularly difficult to 'hack' i.e. break into, a computer system, remoteness from the target system being no obstacle. Once access is gained to a computer system, the system program can be manipulated or worse still, 'viruses' introduced with the end result being anything from irritating to absolutely catastrophic.
Generally speaking, computer systems are basically of an 'open architecture' (Fig. 1) i.e. the processor 1, the system memory 2 and related control elements 3 are in individual I.C. (Integrated Circuit) packages placed at various locations around the motherboard. On such computer systems, there is ready access to both the system program and / or information on the data bus be it by direct physical contact or remotely via keyboard or modem.
The idea for this invention, hereafter referred to as the Device, came about as a perceived need for some form of active system in an attempt to address the ever-increasing problem of computer security. Its development is based on the assumption that the only effective solution is to protect the system program. To do this properly, the system memory 2 must be physically protected whereby the system program is accessible only by its legitimate user i.e. the central processing unit 1.
The prime function of the Device is the protection of the system program, by storing it in, and executing it from, a protected memory area. Referring to Figures 2 and 3, the Device achieves this by integrating a micro-processor 4, system memory 5 and required control circuit elements 6 into a single package so arranged to provide a secure system memory area and secure internal data bus 7.
Referring to Figure 1, in a standard 'open architecture' system, the processor 1, at 'boot-up' (i.e. power-up and / or system reset), fetches and executes instructions from a system memory circuit 2 situated somewhere on the system motherboard whereas, referring to Figure 2, the Protected System Processor 4, albeit performing the same operation, now does so from the secure internal memory 5 via the secured internal data bus 7.
Because the internal data bus is isolated from the 'outside world' by way of the internal control circuit 6, the internal data transfers are invisible to an external observer and the Device is said to be in 'secure mode'. When the processor requires information (be it program or data) from an external source, it shuts down the internal memory, switches to 'standard' mode and returns to 'secure' mode only when that particular operation is complete.
The Device cannot be switched, either actively or passively, into a mode whereby protected memory contents are externally available i.e. the Device memory cannot be 'read out' so protecting the contents from unauthorised third party use - this applies equally whether the memory contents be proprietary program or proprietary data.
There is no en-coding / de-coding of the system program nor does the Device make use of, or require, en-coding / de-coding of the system program in any form. It is a fundamental aspect of the Protected System Processor design that it employs RAM (Random Access Memory) technology allowing protected memory read / write and is supplied to the end user with 'blank' memory i.e. at the 'point of sale', where the Device is shipped to the customer, there is no 'resident' software in any form of which the internal micro-processor can make use.
To prepare the Device for operation, the end user configures the protected memory according to proprietary end user specification. To achieve this, the Device is tested and programmed, by the end-user, with the PTU (Programming / Testing Unit), a dedicated function minicomputer marketed in association with the Device. Only when the Device is inserted in, and being controlled by the PTU, can the internal memory be written to from the 'outside world' i.e. there is no 'normal' mode of operation whereby the Device memory contents can be externally altered the system memory contents therefore remain pristine. A further advantage is the that the 'System Stack', a specially reserved memory area used exclusively by the CPU to 'keep track' of own operations, is afforded protection. After being programmed by the end user, the Device is simply inserted into the target system.
The Device is manufactured using C.O.B. This 'trade' term meaning cont.
meaning Chip and wire On Board, is a micro-electronic manufacturing process whereby the requisite Integrated Circuits in 'naked' silicon die form are attached to a substrate which has been 'printed' with the appropriate circuit. Fine wires are then connected between the integrated circuits and the substrate circuit. The complete unit is then sealed in some form of encapsulant for protection and to render the 'internals' inaccessable. Because the device employs Random Access Memory to achieve its performance specification, there must be a voltage potential applied across the power connections to the internal memory at all times to maintain the memory contents - this may take the form of, a) an umbilical connected between the Device and the system battery back-up supply on the target system motherboard or, b) an integral battery.
The Device is physically connected to its target system by some form of end user specified, 'industry standard' connection.
The actual design and layout of the Protected System Processor as described herein can be adapted to accomodate a variety of commercially available micro-processors. Due to the fact that hardware compatability is a feature of the system, the actual end product can have a variety of physical shapes and dimensions and no Claims whatsoever are made in respect of the shape or appeareance of the end product. For this reason, the drawings supplied as Figures 1,2 and 3 are given as theoretical / graphical representations of critical elements of the design.
Use of the term 'system program' herein is a reference to the main program (i.e. the Operating System or Embedded Control program), in whole or part, whose function it is, in whole or part, to handle the I /O (Input / Output) operations.
Use of the term 'system memory' herein is a reference to that part of a computers' memory which holds, in whole or part, the system program and, where specified by the end user, proprietary data.
Use of the term 'processor' herein is equivalent to and interchangeable with the term 'micro-processor' and / or CPU i.e. Central Processing Unit.
Use of the term 'Device' herein is a specific reference to the Protected System Processor.

Claims (9)

1) A Protected System Processor implemented as a hybrid Integrated Circuit comprising micro-processor, Random Access Memory and requisite control circuit elements so designed to provide a secure memory area and data bus for storage and execution of the said Protected System Processors' system program.
2) A Protected System Processor as claimed in Claim 1 where the system program residing in the protected internal memory is accessible only by the internal processor and cannot be read out.
3) A Protected System Processor as claimed in Claim 1 or Claim 2 whereby the system program residing in the protected internal memory cannot be copied for unauthorised third party use.
4) A Protected System Processor as claimed in Claim 1 or Claim 2 whereby the system program residing in the protected internal memory cannot be modified or manipulated.
5) A Protected System Processor as claimed in Claim 1 which provides the end user with a fully configurable secure memory area for proprietary system operation.
6) A Protected System Processor as claimed in any preceding Claim whereby the system Stack (a unique data area required by the processor while in operation) resides in the protected memory area affording protection from unauthorised third party access.
7) A Protected System Processor as claimed in Claim 1 which affords the end user with a secure memory area, parts of which, according to end user definition, may be used for proprietary data storage.
8) A Protected System Processor as claimed in Claim 1 which is repeatedly re-configureable by the end user permitting employment of the Device in differing subsequent applications.
9) A Protected Sysytem Processor substantially as described herein with reference to Figures 1, 2 and 3, the accompanying drawings.
GB9600274A 1996-01-08 1996-01-08 Protected system processor Withdrawn GB2308905A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB9600274A GB2308905A (en) 1996-01-08 1996-01-08 Protected system processor

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB9600274A GB2308905A (en) 1996-01-08 1996-01-08 Protected system processor

Publications (2)

Publication Number Publication Date
GB9600274D0 GB9600274D0 (en) 1996-03-13
GB2308905A true GB2308905A (en) 1997-07-09

Family

ID=10786721

Family Applications (1)

Application Number Title Priority Date Filing Date
GB9600274A Withdrawn GB2308905A (en) 1996-01-08 1996-01-08 Protected system processor

Country Status (1)

Country Link
GB (1) GB2308905A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100369224C (en) * 2005-05-08 2008-02-13 薛萍 Chip with built-in software and hardware system and making method thereof

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1981002480A1 (en) * 1980-02-20 1981-09-03 M Kaufman Memory addressing apparatus and method
GB2092338A (en) * 1981-01-31 1982-08-11 Jpm Automatic Machines Ltd Improvements relating to programmable memories
EP0136155A2 (en) * 1983-09-22 1985-04-03 Fujitsu Limited Single-chip microcomputer comprising means for preventing read-out of its internal ROM
EP0137995A2 (en) * 1983-10-14 1985-04-24 Kabushiki Kaisha Toshiba Single-chip microcomputer with encryptable function on program memory
GB2165377A (en) * 1984-09-19 1986-04-09 Itt Ind Ltd A computer element
GB2263348A (en) * 1992-01-14 1993-07-21 Rohm Co Ltd Securing program code.

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1981002480A1 (en) * 1980-02-20 1981-09-03 M Kaufman Memory addressing apparatus and method
GB2092338A (en) * 1981-01-31 1982-08-11 Jpm Automatic Machines Ltd Improvements relating to programmable memories
EP0136155A2 (en) * 1983-09-22 1985-04-03 Fujitsu Limited Single-chip microcomputer comprising means for preventing read-out of its internal ROM
EP0137995A2 (en) * 1983-10-14 1985-04-24 Kabushiki Kaisha Toshiba Single-chip microcomputer with encryptable function on program memory
GB2165377A (en) * 1984-09-19 1986-04-09 Itt Ind Ltd A computer element
GB2263348A (en) * 1992-01-14 1993-07-21 Rohm Co Ltd Securing program code.

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100369224C (en) * 2005-05-08 2008-02-13 薛萍 Chip with built-in software and hardware system and making method thereof

Also Published As

Publication number Publication date
GB9600274D0 (en) 1996-03-13

Similar Documents

Publication Publication Date Title
US10089470B2 (en) Event-based apparatus and method for securing BIOS in a trusted computing system during execution
JP3023425B2 (en) Data processing device
US5892826A (en) Data processor with flexible data encryption
US7210009B2 (en) Computer system employing a trusted execution environment including a memory controller configured to clear memory
US9183394B2 (en) Secure BIOS tamper protection mechanism
EP2874091B1 (en) Partition-based apparatus and method for securing bios in a trusted computing system during execution
US20070180271A1 (en) Apparatus and method for providing key security in a secure processor
TW201712593A (en) Loading and virtualizing cryptographic keys
JPH10228420A (en) Processing system security
EP2874092B1 (en) Recurrent BIOS verification with embedded encrypted hash
WO1998015086A1 (en) Secure boot
US9367689B2 (en) Apparatus and method for securing BIOS in a trusted computing system
JPS59130000A (en) Method of protecting virtual memory device
CN113557500A (en) Multi-mode protected memory
KR20030092264A (en) Smart card with enhanced security and method for protecting security information stored therein
US10049217B2 (en) Event-based apparatus and method for securing bios in a trusted computing system during execution
GB2308905A (en) Protected system processor
US10055588B2 (en) Event-based apparatus and method for securing BIOS in a trusted computing system during execution
US5657444A (en) Microprocessor with secure programmable read only memory circuit
EP1920376A2 (en) Processor hardware and software
JPS6336349A (en) Preventing circuit for memory writing in microprocessor
CN114785512A (en) Method and apparatus and electronic device for processing security keys
US10095868B2 (en) Event-based apparatus and method for securing bios in a trusted computing system during execution
JPH0399346A (en) Semiconductor storage device
JPS61279941A (en) Fault detector for computer

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)