METHOD OF SECURE MANAGEMENT OF A MEMORY SPACE FOR MICROCONTROLLER
1 Assignment
0 Petitions
Accused Products
Abstract
A method of managing an electronic microcontroller system, the microcontroller system including: two processors with a first processor configured for execution of a nonsecure application exhibiting a nonguaranteed level of functional security and integrity, and a second processor dedicated to execution of a secure application implementing code and data, and involving a guaranteed level of functional security and integrity, the secure application to implement a security function; and a mechanism to access to a shared memory space. The first processor includes a unit for managing the memory configured to implement a write access control, to manage write access to the shared memory space, that is not modifiable when the secure application implements its security function.
-
Citations
8 Claims
-
1-4. -4. (canceled)
-
5. A method of management of an electronic microcontroller system, the microcontroller system including:
- first and second processors, the first processor configured for execution of a non-secure application, exhibiting a non-guaranteed level of functional security and integrity, and a second processor dedicated to execution of a secure application, implementing code and data, and involving a guaranteed level of functional security and integrity, the secure application able to implement a security function; and
means of access to a shared memory space;
the first processor including a memory management unit configured to implement a check of write-access, to manage write-access to the shared memory space, to be non-modifiable when the secure application implements its security function,the management method ensuring check of write-access rendered non-modifiable and comprising; apportionment of the shared memory space between a memory area allocated to the secure application and a memory area allocated to the non-secure application; implementation of a buffer for anticipation of a translation of the addresses; loading into the buffer for anticipation of the translation of the addresses of a set of rules of access to the shared memory space including a rule prohibiting writing by the non-secure application in a reserved area of the memory area allocated to the secure application, the execution of the rule prohibiting writing being checked by the secure application; copying into the shared memory space of an image of the buffer for the anticipation of the translation of the addresses; loading into the image of the buffer for the anticipation of the translation of the addresses of a rule prohibiting writing in the buffer for the anticipation of the translation of the images; implementation, by the memory management unit, of access rules contained in the image of the buffer for the anticipation of the translation of the addresses. - View Dependent Claims (6, 7, 8)
- first and second processors, the first processor configured for execution of a non-secure application, exhibiting a non-guaranteed level of functional security and integrity, and a second processor dedicated to execution of a secure application, implementing code and data, and involving a guaranteed level of functional security and integrity, the secure application able to implement a security function; and
Specification
-
- Resources
-
Current AssigneeSchneider Electric Industries SAS (Schneider Electric SE)
-
Original AssigneeSchneider Electric Industries SAS (Schneider Electric SE)
-
InventorsChapier, Pascal, Jaraudias, Patrice
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current711/152
-
CPC Class CodesG06F 12/1036 for multiple virtual addres...G06F 12/145 the protection being virtua...G06F 12/1491 in a hierarchical protectio...G06F 21/64 Protecting data integrity, ...G06F 21/74 operating in dual or compar...G06F 21/79 in semiconductor storage me...G06F 2221/2147 Locking files
