Trusted system clock
First Claim
1. For use with a system clock that keeps a system time, a method comprisingstoring an indication that an update of the system time is pending,detecting a possible attack against the system clock based upon receiving a system timer interrupt while the stored indication indicates that the update of the system time remains pending, andupdating a status store to indicate a possible attack against the system clock.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, apparatus and computer readable medium are described that attempt increase trust in a system time provided by a system clock. In some embodiments, a detector detects activities that may be associated with attacks against the system clock. Based upon whether the detector detects a possible attack against the system clock, the computing device may determine whether or not to trust the system time provided by the system clock.
144 Citations
37 Claims
-
1. For use with a system clock that keeps a system time, a method comprising
storing an indication that an update of the system time is pending, detecting a possible attack against the system clock based upon receiving a system timer interrupt while the stored indication indicates that the update of the system time remains pending, and updating a status store to indicate a possible attack against the system clock.
-
10. A chipset comprising
a status store to indicate whether a possible attack against a system clock was detected, a detector to detect a possible attack against the system clock and to update the status store based upon whether a possible attack against the system clock was detected, and an update store to store an indication that indicates whether an update to the system clock is pending, wherein the detector detects a possible attack against the system clock based upon the stored indication of the update store indicating an update to the system clock is pending upon receipt of system timer interrupts used to update the system clock.
-
17. A computing device comprising
memory to store an interrupt service routine for system timer interrupts, a system timer to generate system timer interrupts that invoke execution of the interrupt service routine, a processor to update a system time of a system clock in response to executing the interrupt service routine, an update store to store an indication that indicates whether an update to the system clock is pending, and a detector to detect a possible attack against the system clock based upon the stored indication of the update store indicating an update to the system clock is pending upon receipt of system timer interrupts.
-
25. A machine-readable medium comprising a plurality of instructions that in response to being executed result in a computing device
updating a system time of a system clock and an update store used to indicate a pending update of the system clock in response to handling a system timer interrupt, determining that an attack against the system clock of the computing device has been detected based upon a count value of the update store that is indicative of a number generated system timer interrupts since a previous update of the system time of the system clock, and responding to the attack against the system clock.
-
33. An apparatus comprising
an update store to store an indication that indicates whether an update to a system clock is pending, and detection logic to detect a possible attack against the system clock based upon the stored indication of the update store and one or more system timer interrupts used to invoke an update of the system clock, wherein the detection logic determines that a possible attack against the system clock has occurred if a system timer interrupt is received while the update store indicates an update to the system clock is pending.
Specification