Secure Environment Management during Switches between Different Modes of Multicore Systems

US 20120297202A1
Filed: 01/21/2011
Published: 11/22/2012
Est. Priority Date: 01/22/2010
Status: Active Grant

First Claim

Patent Images

1-15. -15. (canceled)

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention relates to the switching from a first mode of operation to a second mode, of a first and a second cores of a processor of a processing device further comprising a controller. The controller sends a first message to the cores. Upon reception of the first message, sensible data handled by the cores are stored securely. The second core sends, to the first core, a second message indicating the completion of the step of storing its sensible data. Upon reception of the second message, the first core stores securely, in a storage unit, other sensible data, and, when finished, sends to the controller a third message. Upon reception of the third message, the controller sends to the first core a fourth message. Then, the first core sends a fifth message to the second core. Upon reception of the fourth and the fifth messages, the cores enter into the second mode.

Citations

30 Claims

1-15. -15. (canceled)

16. A method of managing switching from a first mode of operation to a second mode of a first core and at least one second core, both included in a processor of a processing device, the processing device and the first and second cores being configured for securely handling sensitive data when being in the first mode, the processing device further comprising a controller configured for controlling switching to the second mode, the processor being coupled to a storage unit adapted to ensure persistency of data therein during periods of time when the first and second cores are in the second mode, the method comprising:
- sending, by the controller to the first core and to the second core, a first message;
  
  upon reception of the first message by the first and second core respectively, first storing securely sensitive data handled by the first core, and second storing securely sensitive data handled by the second core;
  
  sending, by the second core to the first core, a second message indicating completion of the second storing;
  
  upon reception of the second message by the first core, securely storing by the first core, in the storage unit, other sensitive data;
  
  sending, by the first core to the controller, a third message indicating completion of the securely storing;
  
  upon reception of the third message by the controller, sending by the controller to the first core a fourth message to acknowledge reception of the third message;
  
  upon reception of the fourth message by the first core, sending by the first core to the second core a fifth message;
  
  upon reception of the fourth and the fifth messages by the first and second cores respectively, entering by the first and the second cores into the second mode.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 17. The method of claim 16, wherein at least one of the first, second, and third storings are performed by:
    - collecting the sensitive data to be stored;
      
      encrypting, based on at least one first set of data, the collected sensitive data;
      
      storing the first set of data in a secure memory included in the processor, the secure memory being persistent during the periods of time when the first and second cores are in the second mode;
      
      storing, in the storage unit, the encrypted sensitive data.
  - 18. The method of claim 17, wherein while collecting the sensitive data, only sensitive data identified as mandatory to store are collected.
  - 19. The method of claim 17, wherein while collecting the sensitive data, only sensitive data that are not already stored are collected.
  - 20. The method of claim 17, further comprising splitting the collected sensitive data into subsets of sensitive data before encrypting the collected sensitive data.
  - 21. The method of claim 20, wherein while encrypting the collected sensitive data, a respective first set of data is used to encrypt each subset of sensitive data.
  - 22. The method of claim 21, wherein only a seed value used to generate the respective first set of data with a crypto-algorithm is stored in the secure memory.
  - 23. The method of claim 17, further comprising generating a hash value by applying a cryptographic hash function to the encrypted sensitive data or to each of an encrypted subset, and storing the generated hash value in the secure memory.
  - 24. The method of claim 17, further comprising, when switching from the second mode to the first mode of operation:
    - retrieving the encrypted sensitive data or subsets of the encrypted sensitive data stored in the storage unit;
      
      retrieving the first set of data stored in the secure memory;
      
      decrypting the retrieved encrypted sensitive data or the subsets using the retrieved first set of data; and
      
      restoring the decrypted sensitive data.
  - 25. The method of claim 23, further comprising:
    - retrieving hash values stored in the secure memory;
      
      calculating a hash value for the retrieved encrypted sensitive data or for each encrypted subset; and
      
      comparing the hash values retrieved from the secure memory to the calculated hash value;
      
      if the calculated hash value and the hash value retrieved from the secure memory mismatch, declaring corrupted or changed the corresponding retrieved encrypted sensitive data or the corresponding encrypted subset.

26. A processing device, comprising:
- a processor having a first core and at least one second core;
  
  a controller configured for managing switching from a first mode of operation to a second mode of operation of the first and second cores;
  
  the processing device and the first and second cores being configured for securely handling sensitive data when in the first mode, the processor being connectable to a storage unit configured for ensuring persistency of data therein during periods of time when the first and the second cores are in the second mode;
  
  wherein the controller is configured for;
  
  sending, to the first core and to the second core, a first message; and
  
  upon reception of a third message, sending to the first core a fourth message to acknowledge reception of the third message;
  
  the first core is configured for;
  
  upon reception of the first message, securely storing sensitive data handled by the first core;
  
  upon reception of a second message, securely storing other sensitive data in the storage unit;
  
  sending the third message to the controller, indicating completion of storing the sensitive data handled by the processing device;
  
  upon reception of the fourth message, sending a fifth message to the second core; and
  
  upon reception of the fourth messages and having sent the fifth message, entering the second mode; and
  
  the second core is configured for;
  
  upon reception of the first message, securely storing sensitive data handled by the second core;
  
  sending the second message to the first core, indicating completion of storing the sensitive data handled by the second core; and
  
  upon reception of the fifth message, entering the second mode.
- View Dependent Claims (27, 28, 29)
- - 27. The processing device of claim 26, wherein the first core and/or the second core are configured for securely storing the sensitive data by:
    - collecting the sensitive data to be stored;
      
      encrypting collected sensitive data based on at least one first set of data;
      
      storing the first set of data in a secure memory in the processor, the secure memory being persistent during the periods of time when the first and second cores are in the second mode; and
      
      storing the encrypted sensitive data in the storage unit.
  - 28. The processing device of claim 26, further including the storage unit configured for ensuring persistency of data therein during periods of time when the first and second cores are in the second mode.
  - 29. An electronic device comprising a processing device according to claim 26.

30. A non-transitory computer readable storage medium, having stored thereon a computer program comprising program instructions for managing switching a first core and at least one second core from a first mode of operation to a second mode of operation, the first and second cores being included in a processor of a processing device, the processing device and the first and second cores being configured for securely handling sensitive data when in the first mode, the processing device further including a controller configured for controlling switching to the second mode, the processor being coupled to a storage unit configured for ensuring persistency of data therein during periods of time when the first and the second cores are in the second mode, the computer program being loadable into a data-processing unit and when executed causing the data-processing unit to carry out a method that comprises:
- sending a first message by the controller to the first core and to the second core;
  
  upon reception of the first message by the first and second core respectively;
  
  first storing securely sensitive data handled by the first core; and
  
  second storing securely sensitive data handled by the second core;
  
  sending a second message by the second core to the first core, the second message indicating completion of the second storing;
  
  upon reception of the second message by the first core, third storing securely, by the first core in the storage unit, other sensitive data;
  
  sending a third message by the first core to the controller, the third message indicating completion of the third storing;
  
  upon reception of the third message by the controller, sending, by the controller to the first core, a fourth message acknowledging reception of the third message;
  
  upon reception of the fourth message by the first core, sending, by the first core to the second core, a fifth message; and
  
  upon reception of the fourth and the fifth messages by the first and second cores respectively, entering the second mode by the first and the second cores.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
ST-Ericcson SA (Telefonaktiebolaget LM Ericsson)
Original Assignee
ST-Ericcson SA (Telefonaktiebolaget LM Ericsson)
Inventors
Gallet, Gilles, Malbranche, Eric, Guene, Mickael, Denat, Franck

Granted Patent

US 8,862,898 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/189
CPC Class Codes

G06F 1/3203   Power management, i.e. even...

G06F 1/3243   Power saving in microcontro...

G06F 21/74   operating in dual or compar...

G06F 21/81   by operating on the power s...

Y02D 10/00   Energy efficient computing,...

Secure Environment Management during Switches between Different Modes of Multicore Systems

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

Secure Environment Management during Switches between Different Modes of Multicore Systems

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links