Systems and methods for control flow error detection in reduced instruction set computer processors

US 5,974,529 A
Filed: 05/12/1998
Issued: 10/26/1999
Est. Priority Date: 05/12/1998
Status: Expired due to Term

First Claim

Patent Images

1. A method for control flow error detection in a reduced instruction set computer (RISC) processing system, comprising steps of:

receiving a signature monitoring instruction;

receiving an instruction;

computing a current signature;

computing a new current signature based on the current signature and the instruction, in response to the signature monitoring instruction;

generating a reference signature based on the instruction;

comparing the new current signature and the reference signature to detect if a control flow error has occurred;

storing the current signature in a current signature memory device;

encountering a branch; and

if the branch is taken, then storing the current signature in a saved signature memory device, and resetting the stored current signature to a new current signature value associated with a target instruction occurring first in the branch.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An instruction flow monitoring mechanism performs control flow error detection in a reduced instruction set computer (RISC) processor using signature monitoring. The signature monitoring is integrated into the RISC processor such that the instruction set of the RISC processor is enhanced to perform signature checking under all execution conditions. A signature monitor instruction causes the instruction flow to be checked for errors by comparing a pre-computed reference signature with a current signature and raising an error condition if the two signatures are unequal. The instruction also initializes the current signature.

92 Citations

View as Search Results

26 Claims

1. A method for control flow error detection in a reduced instruction set computer (RISC) processing system, comprising steps of:
- receiving a signature monitoring instruction;
  
  receiving an instruction;
  
  computing a current signature;
  
  computing a new current signature based on the current signature and the instruction, in response to the signature monitoring instruction;
  
  generating a reference signature based on the instruction;
  
  comparing the new current signature and the reference signature to detect if a control flow error has occurred;
  
  storing the current signature in a current signature memory device;
  
  encountering a branch; and
  
  if the branch is taken, then storing the current signature in a saved signature memory device, and resetting the stored current signature to a new current signature value associated with a target instruction occurring first in the branch.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, further comprising a step of generating an error message based on said step of comparing the current signature and the reference signature.
  - 3. The method of claim 1, wherein said step of generating the reference signature includes the step of processing the instruction utilizing a software tool to generate machine code.
  - 4. The method of claim 3, wherein the software tool inserts the signature monitoring instruction at a location selected from a group consisting of a beginning of a program, a beginning of an interrupt handling routine, and a location immediately after a branch instruction in the program.
  - 5. The method of claim 1, further comprising the steps of:
    - storing the current signature in a current signature memory device;
      
      encountering a branch instruction; and
      
      if the branch is not taken, then utilizing the stored current signature to generate a new current signature.
  - 6. The method of claim 1, wherein upon returning from the branch, resetting the signature value stored in the current signature memory device to the signature value stored in the saved signature memory device.
  - 7. The method of claim 1, wherein said step of computing the current signature comprises a step of generating an encoding of the instruction using a cyclic redundancy code technique.
  - 8. The method of claim 1, wherein said step of computing the current signature comprises a step of executing a checksum operation on the instruction.
  - 9. The method of claim 1, further comprising a step of encoding the instruction prior to said step of computing the current signature.
  - 10. The method of claim 1, further comprising a step of inserting the signature monitoring instruction into an instruction flow of the RISC processing system.
  - 11. The method of claim 10, wherein said step of inserting the signature monitor instruction into an instruction flow comprises a step of inserting a signature monitoring instruction which compares the current signature and the reference signature.
  - 12. The method of claim 10, wherein said step of inserting the signature monitor instruction into an instruction flow comprises a step of inserting a signature monitoring instruction which includes a new signature based on a branch instruction of a branch.
  - 13. The method of claim 10, wherein said step of inserting the signature monitor instruction into an instruction flow comprises a step of inserting a signature monitoring instruction which includes a new signature.
  - 14. The method of claim 10, wherein said step of inserting the signature monitor instruction into an instruction flow comprises a step of inserting a signature monitoring instruction which compares the current signature and the reference signature, and includes a new signature.
  - 15. The method of claim 10, wherein said step of inserting the signature monitor instruction into an instruction flow comprises a step of inserting a signature monitoring instruction which performs no operation.

16. A system for control flow error detection in a reduced instruction set computer (RISC) processing system, wherein RISC processing system includes a memory device, comprising:
- means for receiving an instruction and a signature monitoring instruction;
  
  means for retrieving a new signature from said memory device;
  
  means for generating a current signature based on said new signature and said instruction wherein said means for generating a current signature is responsive to the signature monitor instruction;
  
  means for generating a reference signature based on said instruction;
  
  means for comparing said current signature and said reference signature; and
  
  means for resetting the current signature, upon entering a branch, to a new current signature value associated with a target instruction in the branch.
- View Dependent Claims (17, 18, 19, 20, 21, 22)
- - 17. The system of claim 16, further comprising means for encoding said instruction.
  - 18. The system of claim 16, wherein said means for generating a reference signature comprises a software tool for processing said instruction.
  - 19. The system of claim 16, wherein said means for generating a new current signature includes means for generating a cyclical redundant code utilizing said instruction and said current signature.
  - 20. The system of claim 16, wherein said means for generating a current signature includes means for executing a checksum operation utilizing said instruction and said new signature.
  - 21. The system of claim 16, further comprising means for generating an error message based on an output of said means for comparing.
  - 22. The system of claim 16, further comprising means for inserting said signature monitoring instruction into an instruction stream of said RISC processing system.

23. A system for control flow error detection in a reduced instruction set computer (RISC) processing system, wherein said RISC processing system receives an instruction flow including an instruction, comprising:
- a reference signature generation mechanism that generates a signature monitoring instruction that is inserted into said instruction flow, and wherein said reference signature generation mechanism further generates a reference signature based on said instruction;
  
  a current signature generation mechanism that generates a first current signature utilizing said instruction and a prior current signature previously generated by said current signature generation mechanism, wherein said current signature generation mechanism generates said first current signature in response to said signature monitoring instruction;
  
  a current signature register for receiving said first current signature from said current signature generation mechanism and for receiving a second current signature associated with a target instruction in a branch; and
  
  a comparator that compares said first current signature from said current signature register and said reference signature from said reference signature generation mechanism if a branch is not taken in order to detect errors in said construction flow, and compare said second current signature from said current signature register and said reference signature from said reference signature generation mechanism if a branch is taken in order to detect errors in said instruction flow.
- View Dependent Claims (24, 25)
- - 24. The system of claim 23, further including a saved signature register that saves said current signature for use in returning from a branch.
  - 25. The system of claim 23, wherein said reference signature generation mechanism comprises a software tool for processing said instruction to generate said reference signature.

26. A method for control flow error detection in a reduced instruction set computer (RISC) processing system, comprising steps of:
- receiving a signature monitoring instruction;
  
  receiving an instruction;
  
  computing a current signature;
  
  computing a new current signature based on the current signature and the instruction, in response to the signature monitoring instruction;
  
  generating a reference signature based on the instruction;
  
  comparing the new current signature and the reference signature to detect if a control flow error has occurred;
  
  storing the current signature in a current signature memory device;
  
  encountering a branch instruction; and
  
  if the branch is not taken, then utilizing the stored current signature to generate a new current signature.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Mcdonnell Douglas Corporation (The Boeing Co.), TRW Limited (Zeppelin - Stiftung der Stadt Friedrichshafen)
Original Assignee
Mcdonnell Douglas Corporation (The Boeing Co.), TRW Limited (Zeppelin - Stiftung der Stadt Friedrichshafen)
Inventors
Zumkehr, John F., Abouelnaga, Amir A.
Primary Examiner(s)
Pan, Daniel H.

Application Number

US09/076,361
Time in Patent Office

532 Days
Field of Search

395/183.11, 395/183.15, 395/185.02, 395/184.04, 395/185.05, 395/185.06, 395/185.07, 395/595, 712/41, 712/42, 712/206, 712/234, 712/239, 714/6, 714/45, 714/48, 714/51
US Class Current

712/41
CPC Class Codes

G06F 11/28   by checking the correct ord...

G06F 11/362   Software debugging

G06F 9/3005   to perform operations for f...

Systems and methods for control flow error detection in reduced instruction set computer processors

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

92 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for control flow error detection in reduced instruction set computer processors

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

92 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links