MICROPROCESSOR HAVING A SECURE EXECUTION MODE WITH PROVISIONS FOR MONITORING, INDICATING, AND MANAGING SECURITY LEVELS
First Claim
1. An apparatus providing for a secure execution environment, comprising:
- a microprocessor, configured to execute non-secure application programs and a secure application program, wherein said non-secure application programs are accessed from a system memory via a system bus, and wherein said secure application program is executed in a secure execution mode, said microprocessor comprising;
a watchdog manager, configured to dynamically monitor physical and operating environments of said microprocessor by noting and evaluating data communicated by a plurality of monitors, and configured to classify said data to indicate a security level associated with execution of said secure application program, and configured to direct secure execution mode logic within said microprocessor to perform responsive actions in accordance with said security level, wherein said plurality of monitors operates independently of execution of said secure application program.a secure non-volatile memory, coupled to said microprocessor via a private bus, configured to store said secure application program, wherein transactions over said private bus between said microprocessor and said secure non-volatile memory are isolated from said system bus and corresponding system bus resources within said microprocessor.
1 Assignment
0 Petitions
Accused Products
Abstract
An apparatus providing for a secure execution environment including a microprocessor and a secure non-volatile memory. The microprocessor executes non-secure application programs and a secure application program. The non-secure application programs are accessed from a system memory via a system bus, and the secure application program is executed in a secure execution mode. The microprocessor has a watchdog manager that monitors environments of the microprocessor by noting and evaluating data communicated by a plurality of monitors, and that classifies the data to indicate a security level associated with execution of the secure application program, and that directs secure execution mode logic to perform responsive actions in accordance with the security level. The secure non-volatile memory is coupled to the microprocessor via a private bus, and stores the secure application program. Transactions over the private bus are isolated from the system bus and corresponding system bus resources within the microprocessor.
-
Citations
24 Claims
-
1. An apparatus providing for a secure execution environment, comprising:
-
a microprocessor, configured to execute non-secure application programs and a secure application program, wherein said non-secure application programs are accessed from a system memory via a system bus, and wherein said secure application program is executed in a secure execution mode, said microprocessor comprising; a watchdog manager, configured to dynamically monitor physical and operating environments of said microprocessor by noting and evaluating data communicated by a plurality of monitors, and configured to classify said data to indicate a security level associated with execution of said secure application program, and configured to direct secure execution mode logic within said microprocessor to perform responsive actions in accordance with said security level, wherein said plurality of monitors operates independently of execution of said secure application program. a secure non-volatile memory, coupled to said microprocessor via a private bus, configured to store said secure application program, wherein transactions over said private bus between said microprocessor and said secure non-volatile memory are isolated from said system bus and corresponding system bus resources within said microprocessor. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A microprocessor apparatus, for executing secure code within a secure execution environment, the microprocessor apparatus comprising:
-
a secure non-volatile memory, configured to store a secure application program; and a microprocessor, coupled to said secure non-volatile memory via a private bus, configured to execute non-secure application programs and said secure application program, wherein said secure application program is executed in a secure execution mode, said microprocessor comprising; a watchdog manager, configured to dynamically monitor physical and operating environments of said microprocessor by noting and evaluating data communicated by a plurality of monitors, and configured to classify said data to indicate a security level associated with execution of said secure application program, and configured to direct secure execution mode logic within said microprocessor to perform responsive actions in accordance with said security level, wherein said plurality of monitors operates independently of execution of said secure application program. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A method for executing secure code within a secure execution environment, the method comprising:
-
providing a secure non-volatile memory for storage of the secure code, wherein the secure code is within the secure non-volatile memory via private transactions accomplished over a private bus that is coupled between the secure non-volatile memory and a microprocessor, wherein the private bus is isolated from all system bus resources within the microprocessor and external to the microprocessor, and wherein the private bus is observable and accessible exclusively by secure execution logic within the microprocessor; first monitoring physical and operating environments of the microprocessor by noting and evaluating data communicated by a plurality of monitors, wherein the plurality of monitors operates independently of execution of the secure code; classifying the data to indicate a security level associated with execution of the secure code; and performing responsive actions in accordance with the security level. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
-
Specification