System and method of identifying and preventing security violations within a computing system

US 20060021035A1
Filed: 10/08/2004
Published: 01/26/2006
Est. Priority Date: 07/23/2004
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

monitoring activity on a core bus coupled to a processor core, the processor core operating in a computing system;

identifying activity on the core bus as a security violation; and

preventing execution of an instruction within the processor core in response to the security violation.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method of identifying and preventing security violations within a computing system. Some exemplary embodiments may be a method comprising monitoring activity on a core bus coupled to a processor core (the processor core operating in a computing system), identifying activity on the core bus as a security violation, and preventing execution of an instruction within the processor core in response to the security violation.

91 Citations

View as Search Results

31 Claims

1. A method, comprising:
- monitoring activity on a core bus coupled to a processor core, the processor core operating in a computing system;
  
  identifying activity on the core bus as a security violation; and
  
  preventing execution of an instruction within the processor core in response to the security violation.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, further comprising:
    - asserting an interrupt signal to the processor core in response to the security violation; and
      
      executing security response software in response to the asserted interrupt signal.
  - 3. The method of claim 2, further comprising:
    - identifying a software program executing on the processor core as causing the security violation; and
      
      preventing the software program from executing.
  - 4. The method of claim 1, further comprising:
    - identifying as the security violation an attempted access of a non-privileged resource by a privileged resource of the computing system; and
      
      preventing access to the non-privileged resource.
  - 5. The method of claim 1, further comprising:
    - identifying as the security violation an attempted access of a privileged resource by a non-privileged resource of the computing system; and
      
      preventing access to the privileged resource.
  - 6. The method of claim 1, further comprising identifying as the security violation an instruction abort sequence presented to the processor core.
  - 7. The method of claim 1, further comprising activating a visual indicator to notify the user that the security violation has been detected.
  - 8. The method of claim 1, further comprising activating a visual indicator to notify the user that the security violation has been neutralized.
  - 9. The method of claim 1, further comprising activating an audible indicator to notify the user that the security violation has been detected.

10. A method, comprising:
- tracking activity on a core bus of a processor core of a computing system;
  
  recognizing activity on the core bus as a security violation;
  
  asserting an interrupt signal to the processor core in response to the security violation; and
  
  executing security response software in response to the asserted interrupt signal.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The method of claim 10, further comprising blocking execution of an instruction within the processor core in response to the security violation.
  - 12. The method of claim 10, further comprising:
    - ending execution of a malicious program executing on the processor core in response to the security violation.
  - 13. The method of claim 10, further comprising:
    - recognizing as the security violation an attempted access of a non-privileged resource by a privileged resource of the computing system; and
      
      blocking access to the non-privileged resource.
  - 14. The method of claim 10, further comprising:
    - recognizing as the security violation an attempted access of a privileged resource by a non-privileged resource of the computing system; and
      
      blocking access to the privileged resource.
  - 15. The method of claim 10, further comprising recognizing as the security violation an instruction abort sequence presented to the processor core.
  - 16. The method of claim 10, further comprising activating a visual indicator to signal the user that the security violation has been detected.
  - 17. The method of claim 10, further comprising activating an audible indicator to signal the user that the security violation has been detected.

18. A computing system, comprising:
- a processor core coupled to a primary bus; and
  
  a monitoring system coupled to the primary bus, the monitoring system tracks an activity on the primary bus;
  
  wherein the monitoring system recognizes a security violation comprising the activity on the primary bus caused by a program executing on the processor core; and
  
  wherein the monitoring system blocks completion of the activity by causing a flush of the processor core.
- View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 19. The computing system of claim 18, wherein causing a flush of the processor core comprises flushing a stage within the processor core, the stage comprising at least one of the group consisting of a prefetch stage, a prediction stage, or a pipeline stage.
  - 20. The computing system of claim 18, wherein the monitoring system further activates an interrupt signal to the processor core that triggers execution of security response software that blocks execution of the program.
  - 21. The computing system of claim 20, wherein the processor core operates in a secure mode and a non-secure mode;
    - and wherein the processor core further enters into a secure mode upon execution of the security response software if the security violation occurs while in the non-secure mode.
  - 22. The computing system of claim 18, further comprising:
    - a secure component coupled to the primary bus;
      
      wherein the processor core operates in a secure and a non-secure mode; and
      
      wherein the security violation further comprises an attempt to access the secure component while in the non-secure mode.
  - 23. The computing system of claim 22, wherein the secure component comprises at least one of the group consisting of a direct memory access controller, a processor pipeline, or a memory.
  - 24. The computing system of claim 18, further comprising:
    - a non-secure component coupled to the primary bus;
      
      wherein the processor core operates in a secure and a non-secure mode; and
      
      wherein the security violation comprises attempting to access the non-secure component while in the secure mode.
  - 25. The computing system of claim 24, wherein the non-secure component comprises at least one of the group consisting of an external memory, a global positioning system receiver, a universal bus serial interface, a camera interface, a user interface, a display, or a modem.
  - 26. The computing system of claim 18, wherein the security violation further comprises presenting an instruction abort sequence to the processor core.
  - 27. The computing system of claim 18, further comprising an attack indicator, wherein the recognition of the security violation causes the attack indicator to be activated.
  - 28. The computing system of claim 18, wherein the processor core comprises at least one of the group consisting of an ARM processor, a digital signal processor, or a graphics display processor.

29. A computing system, comprising:
- a monitoring system;
  
  a plurality of computing system components; and
  
  a firewall system, the firewall system monitors an attempted access to at least one of the plurality of system components, and couples between the plurality of computing system components and the monitoring system;
  
  wherein the firewall system recognizes as a security violation a violation of at least one of a plurality of stored firewall constraints; and
  
  wherein the firewall system blocks the attempted access if the attempted access is recognized as the security violation.
- View Dependent Claims (30, 31)
- - 30. The computing system of claim 29, wherein the firewall system signals the monitoring system that the security violation has occurred.
  - 31. The computing system of claim 29, further comprising an attack indicator, wherein the recognition of the security violation causes the attack indicator to be activated.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Texas Instruments, Inc.
Original Assignee
Texas Instruments, Inc.
Inventors
Azema, Jerome Laurent, Conti, Gregory Remy Philippe

Granted Patent

US 8,220,045 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/22
CPC Class Codes

G06F 21/554   involving event detection a...

G06F 21/74   operating in dual or compar...

G06F 21/85   interconnection devices, e....

System and method of identifying and preventing security violations within a computing system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

91 Citations

31 Claims

Specification

Solutions

Use Cases

Quick Links

System and method of identifying and preventing security violations within a computing system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

91 Citations

31 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links