Checking method, checking system and checking device for processor security

US 10,572,671 B2
Filed: 02/12/2018
Issued: 02/25/2020
Est. Priority Date: 02/20/2017
Status: Active Grant

First Claim

Patent Images

1. A method for checking a processor security, comprising:

acquiring a recording information of a data read and write operation between a processor and a peripheral, wherein the data read and write operation is a data read and write operation initiated by the processor or and a data read and write operation initiated by the peripheral;

acquiring a log information of the data read and write operation initiated by the peripheral, when the data read and write operation is a data read and write operation initiated by the peripheral, so that a checking device analyzes the data read and write operation initiated by the peripheral according to the log information, wherein the log information comprises an instruction position and the data read and write operation initiated by the peripheral, and the instruction position is an instruction position at which the processor suspends execution of an instruction and processes the data read and write operation initiated by the peripheral; and

determining whether the processor is secure according to the recording information of the data read and write operation and an analysis result on the data read and write operation by the checking device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present disclosure discloses a processor security checking method, system and checking device. The processor security checking method includes: acquiring recording information of data read and write operations between a processor and a peripheral device, where the data read and write operation is a data read and write operation initiated by the processor or a data read and write operation initiated by the peripheral; and determining whether the processor is secure according to the recording information of the data read and write operation and an analysis result on the data read and write operation by the checking device. The embodiments of the present disclosure may detect hardware vulnerabilities and improve the security of hardware usage.

Citations

16 Claims

1. A method for checking a processor security, comprising:
- acquiring a recording information of a data read and write operation between a processor and a peripheral, wherein the data read and write operation is a data read and write operation initiated by the processor or and a data read and write operation initiated by the peripheral;
  
  acquiring a log information of the data read and write operation initiated by the peripheral, when the data read and write operation is a data read and write operation initiated by the peripheral, so that a checking device analyzes the data read and write operation initiated by the peripheral according to the log information, wherein the log information comprises an instruction position and the data read and write operation initiated by the peripheral, and the instruction position is an instruction position at which the processor suspends execution of an instruction and processes the data read and write operation initiated by the peripheral; and
  
  determining whether the processor is secure according to the recording information of the data read and write operation and an analysis result on the data read and write operation by the checking device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 15)
- - 2. The method according to claim 1, wherein the data read and write operation initiated by the processor comprises a Memory Mapped I/O “
    - MMIO”
      
      type of data read and write operation; and
      
      /or the data read and write operation initiated by the peripheral comprises a Direct Memory Access “
      
      DMA”
      
      type of or a Peer to Peer communication “
      
      P2P”
      
      type of data read and write operation.
  - 3. The method according to claim 2, wherein determining whether the processor is secure according to the recording information of the data read and write operation and the analysis result on the data read and write operation by the checking device comprises:
    - when the data read and write operation is an MMIO type of read operation, comparing an operation address and a data length in the recording information with an operation address and a data length obtained by analyzing the MMIO type of read operation by the checking device, and comparing an operation sequence in the recording information with an operation sequence obtained by analyzing the MMIO type of read operation by the checking device; and
      
      when the comparison results are consistent with each other, determining that the processor is secure during performing the MMIO type of read operation, otherwise determining that the processor is not secure during performing the MMIO type of read operation.
  - 4. The method according to claim 2, wherein determining whether the processor is secure according to the recording information of the data read and write operation and the analysis result on the data read and write operation by the checking device comprises:
    - when the data read and write operation is an MMIO type of write operation, comparing an operation address, a data content and a data length in the recording information with an operation address, a data content and a data length obtained by analyzing the MMIO type of write operation by the checking device, and comparing an operation sequence in the recording information with an operation sequence obtained by analyzing the MMIO type of write operation by the checking device; and
      
      when the comparison results are consistent with each other, determining that the processor is secure during performing the MMIO type of write operation, otherwise determining that the processor is not secure during performing the MMIO type of write operation.
  - 5. The method according to claim 2, wherein determining whether the processor is secure according to the recording information of the data read and write operation and the analysis result on the data read and write operation by the checking device comprises:
    - when the data read and write operation is a DMA type of read operation, comparing an operation address, a data content and a data length in the recording information with an operation address, a data content and a data length obtained by analyzing the DMA type of read operation by the checking device; and
      
      when the comparison results are consistent with each other, determining that the processor is secure during performing the DMA type of read operation, otherwise determining that the processor is not secure during performing the DMA type of read operation.
  - 6. The method according to claim 2, wherein determining whether the processor is secure according to the recording information of the data read and write operation and the analysis result on the data read and write operation by the checking device comprises:
    - when the data read and write operation is a DMA type of write operation, comparing an operation address and a data length of the operation data in the recording information with an operation address and a data length obtained by analyzing the DMA type of write operation by the checking device; and
      
      when the comparison results are consistent with each other, determining that the processor is secure during performing the DMA type of write operation, otherwise determining that the processor is not secure during performing the DMA type of write operation.
  - 7. The method according to claim 2, wherein determining whether the processor is secure according to the recording information of the data read and write operation and the analysis result on the data read and write operation by the checking device comprises:
    - when the data read and write operation is a P2P type of data read and write operation, comparing a data content and a data length flowing from the peripheral to the processor with a data content and a data length flowing from the processor to the destination peripheral of the P2P type of data read and write operation in the recording information; and
      
      when the comparison results are consistent with each other, determining that the processor is secure during performing the P2P type of data read and write operation, otherwise determining that the processor is not secure during performing the P2P type of data read and write operation.
  - 15. A non-transitory computer-readable storage medium having stored thereon a computer program comprising instructions which, being executed on a processor, causes the processor to carry out the method according to claim 1.

8. A checking device for a processor security, comprising a microprocessor configured to:
- acquire a recording information of a data read and write operation between a processor and a peripheral, wherein the data read and write operation is a data read and write operation initiated by the processor and a data read and write operation initiated by the peripheral;
  
  acquire a log information of a data read and write operation initiated by the peripheral, when the data read and write operation is a data read and write operation initiated by the peripheral, so that the checking device analyzes the data read and write operation initiated by the peripheral according to the log information, wherein the log information comprises an instruction position and the data read and write operation initiated by the peripheral, and the instruction position is an instruction position at which the processor suspends execution of an instruction and processes the data read and write operation initiated by the peripheral; and
  
  determine whether the processor is secure according to the recording information of the data read and write operation and an analysis result on the data read and write operation by the checking device.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The checking device according to claim 8, wherein the data read and write operation initiated by the processor comprises an MMIO type of data read and write operation;
    - and/or the data read and write operation initiated by the peripheral comprises a Direct Memory Access “
      
      DMA”
      
      type or a P2P type of data read and write operation.
  - 10. The checking device according to claim 9, wherein the microprocessor is further configured to:
    - when the data read and write operation is an MMIO type of read operation, compare an operation address and a data length in the recording information with an operation address and a data length obtained by analyzing the MMIO type of read operation by the checking device, and compare an operation sequence in the recording information with an operation sequence obtained by analyzing the MMIO type of read operation by the checking device; and
      
      when the comparison results are consistent with each other, determine that the processor is secure during performing the MMIO type of read operation, otherwise determine that the processor is not secure during performing the MMIO type of read operation.
  - 11. The checking device according to claim 9, wherein the microprocessor is further configured to:
    - when the data read and write operation is an MMIO type of write operation, compare an operation address, a data content and a data length in the recording information with an operation address, a data content and a data length obtained by analyzing the MMIO type of write operation by the checking device, and compare an operation sequence in the recording information with an operation sequence obtained by analyzing the MMIO type of write operation by the checking device; and
      
      when the comparison results are consistent with each other, determine that the processor is secure during performing the MMIO type of write operation, otherwise determine that the processor is not secure during performing the MMIO type of write operation.
  - 12. The checking device according to claim 9, wherein the microprocessor is further configured to:
    - when the data read and write operation is a DMA type of read operation, compare an operation address, a data content and a data length in the recording information with an operation address, a data content and a data length obtained by analyzing the DMA type of read operation by the checking device; and
      
      when the comparison results are consistent with each other, determine that the processor is secure during performing the DMA type of read operation, otherwise determine that the processor is not secure during performing the DMA type of read operation.
  - 13. The checking device according to claim 9, wherein the microprocessor is further configured to:
    - when the data read and write operation is a DMA type of write operation, compare an operation address and a data length of the operation data in the recording information with an operation address and a data length obtained by analyzing the DMA type of write operation by the checking device; and
      
      when the comparison results are consistent with each other, determine that the processor is secure during performing the DMA type of write operation, otherwise determine that the processor is not secure during performing the DMA type of write operation.
  - 14. The checking device according to claim 9, wherein the microprocessor is further configured to:
    - when the data read and write operation is a P2P type of data read and write operation, compare a data content and a data length flowing from the peripheral to the processor with a data content and a data length flowing from the processor to the destination peripheral of the P2P type of data read and write operation in the recording information; and
      
      when the comparison results are consistent with each other, determine that the processor is secure during performing the P2P type of data read and write operation, otherwise determine that the processor is not secure during performing the P2P type of data read and write operation.

16. A non-transitory computer-readable storage medium having stored thereon a computer program comprising instructions which, when being executed on a processor, causes the processor to:
- acquire a recording information of a data read and write operation between a processor and a peripheral, wherein the data read and write operation is a data read and write operation initiated by the processor or and a data read and write operation initiated by the peripheral;
  
  acquire a log information of the data read and write operation initiated by the peripheral, when the data read and write operation is a data read and write operation initiated by the peripheral, so that a checking device analyzes the data read and write operation initiated by the peripheral according to the log information, wherein the log information comprises an instruction position and the data read and write operation initiated by the peripheral, and the instruction position is an instruction position at which the processor suspends execution of an instruction and processes the data read and write operation initiated by the peripheral; and
  
  determine whether the processor is secure according to the recording information of the data read and write operation and an analysis result on the data read and write operation by the checking device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Tsinghua University
Original Assignee
Tsinghua University
Inventors
Liu, Leibo, Luo, Ao, Wei, Shaojun
Primary Examiner(s)
Rahman, Shawnchoy

Application Number

US15/894,042
Publication Number

US 20180239907A1
Time in Patent Office

743 Days
Field of Search
US Class Current
CPC Class Codes

G06F 12/0835   for main memory peripheral ...

G06F 12/1081   for peripheral access to ma...

G06F 13/28   using burst mode transfer, ...

G06F 21/577   Assessing vulnerabilities a...

G06F 21/78   to assure secure storage of...

G06F 21/85   interconnection devices, e....

G06F 2212/206   Memory mapped I/O

G06F 2212/621   Coherency control relating ...

G06F 2221/034   Test or assess a computer o...

Checking method, checking system and checking device for processor security

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Checking method, checking system and checking device for processor security

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links