Secure and backward-compatible processor and secure software execution thereon

US 7,322,042 B2
Filed: 02/07/2003
Issued: 01/22/2008
Est. Priority Date: 02/07/2003
Status: Active Grant

First Claim

Patent Images

1. A method including steps ofperforming application software by a single-processor processing unit;

verifying that said single-processor processing unit is authorized to perform said application software;

distinguishing for said single-processor processing unit between a monitored mode and a secure mode;

switching from said monitored mode to said secure mode in response to a non-maskable interrupt (NMI) signal;

whereinin said monitored mode said single-processor processing unit is capable of performing said application software transparently to said application software,in said secure mode said single-processor processing unit is capable of verifying, using persistent memory internal to the single-processor processing unit, that said single-processor processing unit is authorized to perform said application software,wherein said single-processor processing unit performs the application software and verifies that said single-processor processing unit is authorized to perform said application software.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secure processor assuring application software is executed securely, and assuring only authorized software is executed, monitored modes and secure modes of operation. The former executes application software transparently to that software. The latter verifies execution of the application software is authorized, performs any extraordinary services required by the application software, and verifies the processor has obtained rights to execute the content. The secure processor (1) appears hardware-identical to an ordinary processor, with the effect that application software written for ordinary processors can be executed on the secure processor without substantial change, (2) needs only a minimal degree of additional hardware over and above those portions appearing hardware-identical to an ordinary processor. The secure processor operates without substantial reduction in speed or other resources available to the application software. Functions operating in secure mode might reside in an on-chip non-volatile memory, or might be loaded from external storage with authentication.

Citations

115 Claims

1. A method including steps ofperforming application software by a single-processor processing unit;
- verifying that said single-processor processing unit is authorized to perform said application software;
  
  distinguishing for said single-processor processing unit between a monitored mode and a secure mode;
  
  switching from said monitored mode to said secure mode in response to a non-maskable interrupt (NMI) signal;
  
  whereinin said monitored mode said single-processor processing unit is capable of performing said application software transparently to said application software,in said secure mode said single-processor processing unit is capable of verifying, using persistent memory internal to the single-processor processing unit, that said single-processor processing unit is authorized to perform said application software,wherein said single-processor processing unit performs the application software and verifies that said single-processor processing unit is authorized to perform said application software.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. A method as in claim 1, including steps ofin said monitored mode, performing by a portion of said single-processor processing unit instructions substantially identically to those performable by a semiconductor die for an ordinary processor otherwise not responsive to said secure mode.
  - 3. A method as in claim 1, including steps ofin said secure mode, performing by said single-processor processing unit extraordinary services requested by, and authorized for, said application software.
  - 4. A method as in claim 1, including steps ofinterrupting said monitored mode and entering said secure mode in response to at least one of a plurality of techniques;
    - andwhen in said secure mode, determining by which technique said secure mode was entered.
  - 5. A method as in claim 1, including steps ofgenerating the NMI signal using a timer, reset, or other programming.
  - 6. A method as in claim 1, including steps ofin said secure mode, exiting said secure mode and performing said application software in said monitored mode.
  - 7. A method as in claim 6, including steps ofperforming said application software without substantial change in original code for that application software,whereby the application software sees a processor environment that is not substantially different from an ordinary processor.
  - 8. A method as in claim 6, including steps ofwhen said application software needs services the secure processor oversees, the application software generates an interrupt, causing the secure mode to be re-entered, the services to be delivered to the application software, and the secure mode to be exited, whereby the application software can continue to execute in monitored mode.
  - 9. A method as in claim 1, including steps of performing instructions in said secure mode in a power-on state.
  - 10. A method as in claim 9, including steps ofin response to said power-on state, performing secure code maintained in a persistent memory internal to a chip including said single-processor processing unit, said steps of performing secure code including steps ofloading additional code from one or more trusted sources;
    - verifying authenticity of said trusted sources; and
      
      verifying content integrity of said additional code.
  - 11. A method as in claim 9, including steps ofin response to said power-on state, performing secure code maintained in a persistent memory internal to a chip including said single-processor processing unit, said steps of performing secure code including steps ofloading additional code from one or more trusted sources;
    - verifying authenticity of said trusted sources; and
      
      verifying content integrity of said additional code;
      
      wherein said steps of verifying authenticity and content integrity are performed in response to said persistent memory internal to said chip.
  - 12. A method as in claim 9, including steps ofin response to said power-on state, performing secure code maintained in a persistent memory internal to a chip including said single-processor processing unit, said steps of performing secure code including steps ofloading additional code from one or more trusted sources;
    - verifying authenticity of said trusted sources;
      
      verifying content integrity of said additional code;
      
      whereinsaid steps of verifying authenticity and content integrity are performed in response to said persistent memory internal to said chip, andsaid persistent memory internal to said chip includes at least one of;
      
      encryption keys, secure hash values, or other data for verification of said trusted sources and authentication of said additional code.
  - 13. A method as in claim 1, wherein said application software includes at least one instruction for execution in said secure mode.
  - 14. A method as in claim 13, wherein said at least one instruction for execution in said secure mode includes an additional function performable by said single-processor processing unit on behalf of a set of secure kernel code.
  - 15. A method as in claim 13, wherein said at least one instruction for execution in said secure mode includes an additional function performable by said single-processor processing unit on behalf of a set of secure kernel code, said additional function including authenticating additional secure kernel code.
  - 16. A method as in claim 1, wherein said steps of verifying include performing a set of secure software, said set of secure software including determining whether said single-processor processing unit is authorized to perform a set of additional secure software for execution in said secure mode.
  - 17. A method as in claim 16, wherein said additional secure software includesat least one function for loading additional secure software;
    - andat least one function for verifying that said single-processor processing unit is authorized to perform said additional secure software.
  - 18. A method as in claim 16, wherein said additional secure software includesat least one function for loading application software;
    - andat least one function for verifying that said single-processor processing unit is authorized to perform said application software.

19. A method including steps ofperforming instructions by a single-processor processing unit, said single-processor processing unit including a security signal having at least a secure mode and a monitored mode;
- switching from said monitored mode to said secure mode in response to a non-maskable interrupt (NMI) signal;
  
  accessing, by said single-processor processing unit, at least one secure function in response to said security signal when said security signal indicates said secure mode, and refusing to access said secure function in response to said security signal when said security signal indicates said monitored mode;
  
  wherein said secure function includes steps of recording external instructions in response to an external source, a measure of trustworthiness of said external source being verifiable by said single-processor processing unit, using persistent memory internal to the single-processor processing unit;
  
  wherein said performing instructions and said accessing at least one secure function are performed by said single-processor processing unit.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
- - 20. A method as in claim 19, including steps of allowing said single-processor processing unit to access at least one secure circuit coupled to said single-processor processing unit only when said security signal indicates said secure mode.
  - 21. A method as in claim 19, including steps ofperforming a set of application code maintained in memory or mass storage, said memory or mass storage coupled to said single-processor processing unit, said steps of performing being done without substantial change from said application code being performed on a substantially identical non-secure processing unit not responsive to said security signal.
  - 22. A method as in claim 19, including steps ofperforming, by said single-processor processing unit, a set of application code maintained in memory or mass storage, coupled to said single-processor processing unit, when said single-processor processing unit is operating in said monitored mode.
  - 23. A method as in claim 19, wherein said one secure function includes steps ofreceiving said external instructions from said external source;
    - andverifying said external instructions as substantially accurate.
  - 24. A method as in claim 19, including steps ofmonitoring access by said single-processor processing unit to an external device;
    - said steps of monitoring being responsive to said security signal and to a set of access rules, wherein when said single-processor processing unit attempts to access said external device in violation of said access rules, performing at least one secure function in response thereto.
  - 25. A method as in claim 24, wherein said steps of monitoring are responsive to access by said single-processor processing unit, in response to at least one ofa number of accesses requested by said single-processor processing unit;
    - a number of instructions which said single-processor processing unit performs;
      
      a parameter set by said single-processor processing unit which operating in said secure mode;
      
      oran interval during which said single-processor processing unit is operating.
  - 26. A method as in claim 19, including steps of maintaining a set of secure information for read-only access by said single-processor processing unit.
  - 27. A method as in claim 26, wherein said steps of maintaining include steps of reading said set of secure information from a non-volatile memory.
  - 28. A method as in claim 26, wherein said steps of maintaining include steps of reading said set of secure information from a non-volatile memory, and including steps of disabling writing of said non-volatile memory when said secure processor is packaged.
  - 29. A method as in claim 26, wherein said steps of maintaining include steps of reading said set of secure information from a non-volatile memory, and including steps of disabling writing of said non-volatile memory when said secure processor is packaged, said steps of disabling including making substantially inaccessible a non-bonded pin.
  - 30. A method as in claim 26, wherein said steps of maintaining include steps of reading said set of secure information from a non-volatile memory, and wherein said set of secure information is unique to said secure processor.
  - 31. A method as in claim 19, wherein said one secure function includes steps ofreceiving said external instructions from said external source;
    - constructing data responsive to said external instructions; and
      
      comparing said data responsive to said external instructions with at least some of said secure information, whereby said single-processor processing unit is capable of verifying that said external instructions are accurate.
  - 32. A method as in claim 31, whereinsaid steps of constructing include determining a computed signature value in response to said external instructions;
    - andsaid steps of comparing include attempting to match said computed signature value against a recorded signature value included in said secure information.
  - 33. A method as in claim 31, wherein said steps of receiving include at least one ofreceiving a set of messages, said set of messages collectively including said external instructions;
    - orreceiving a set of storage media, said set of storage media collectively including said external instructions.
  - 34. A method as in claim 19, wherein said one secure function includes steps ofrequesting said external instructions from said external source;
    - sending data responsive to said secure information to said external source, whereby said external source is capable of verifying that said single-processor processing unit is authorized to perform said external instructions; and
      
      receiving said external instructions from said external source.
  - 35. A method as in claim 34, wherein said external instructions include at least one of:
    - application software, additional secure code.

36. A method embodied on a single processor, including steps ofperforming instructions on a processor, said processor having a secure mode and a monitored mode;
- wherein when said processor executes in said secure mode, said processor has access to at least one secure function to which said processor does not have access to when said processor executes in said monitored mode;
  
  wherein said processor executes in said secure mode during an interrupted state, said interrupted state being responsive to a non-maskable interrupt (NMI);
  
  wherein when said processor enters said secure mode, said processor transfers control to a set of secure code, said secure code not being alterable when said processor executes in said monitored mode; and
  
  wherein a set of said secure code associated with said startup state includes instructions performable by said processor and directing said processor to add external instructions to secure code in response to an external source of said external instructions, a measure of trustworthiness of said external source being verifiable by said processor in response to a set of secure information;
  
  wherein said single processor performs the instructions and has access to the at least one secure function.

37. Apparatus includinga single-processor processing unit capable of performing application software, and capable of verifying that said single-processor processing unit is authorized to perform said application software;
- said single-processor processing unit having a monitored mode and a secure mode, wherein in said monitored mode said single-processor processing unit is capable of performing said application software transparently to said application software, and wherein in said secure mode said single-processor processing unit is capable of verifying, using persistent memory internal to the single-processor processing unit, that said single-processor processing unit is authorized to perform said application software;
  
  a secure mode switch that generates a non-maskable interrupt (NMI) signal, wherein the single-processor processing unit enters secure mode in response to the NMI signal;
  
  wherein said single-processor processing unit performs the application software and verifies that said single-processor processing unit is authorized to perform said application software.
- View Dependent Claims (38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54)
- - 38. Apparatus as in claim 37, wherein a portion of said single-processor processing unit capable of performing instructions in said monitored mode is substantially identical to a semiconductor die for an ordinary processor otherwise not responsive to said secure mode.
  - 39. Apparatus as in claim 37, wherein in said secure mode said single-processor processing unit is capable of performing extraordinary services requested by, and authorized for, said application software.
  - 40. Apparatus as in claim 37, wherein said single-processor processing unit is capable of interrupting said monitored mode and entering said secure mode in response to at least one of a plurality of techniques, wherein when in said secure mode said single-processor processing unit is capable of determining by which technique said secure mode was entered.
  - 41. Apparatus as in claim 37, wherein said single-processor processing unit is capable of interrupting said monitored mode and entering said secure mode in response to at least one of:
    - an interrupt, a reset signal, or a timer.
  - 42. Apparatus as in claim 37, wherein in said secure mode said single-processor processing unit is capable of exiting said secure mode and performing said application software in said monitored mode.
  - 43. Apparatus as in claim 42, wherein said application software executes without substantial change in original code for that application software, whereby the application software sees a processor environment that is not substantially different from an ordinary processor.
  - 44. Apparatus as in claim 42, wherein when said application software needs services the secure processor oversees, the application software generates an interrupt, causing the secure mode to be re-entered, the services to be delivered to the application software, and the secure mode to be exited, whereby the application software can continue to execute in monitored mode.
  - 45. Apparatus as in claim 37, wherein said application software includes at least one instruction for execution in said secure mode.
  - 46. Apparatus as in claim 45, wherein said at least one instruction for execution in said secure mode includes an additional function performable by said single-processor processing unit on behalf of a set of secure kernel code.
  - 47. Apparatus as in claim 45, wherein said at least one instruction for execution in said secure mode includes an additional function performable by said single-processor processing unit on behalf of a set of secure kernel code, said additional function including authenticating additional secure kernel code.
  - 48. Apparatus as in claim 37, wherein said single-processor processing unit is capable of performing secure software, said secure software including at least one function for authenticating additional software for execution in said secure mode.
  - 49. Apparatus as in claim 48, wherein said secure software includesat least one function for loading additional secure software;
    - andat least one function for verifying that said single-processor processing unit is authorized to perform said additional secure software.
  - 50. Apparatus as in claim 48, wherein said secure software includesat least one function for loading application software;
    - andat least one function for verifying that said single-processor processing unit is authorized to perform said application software.
  - 51. Apparatus as in claim 37, wherein said single-processor processing unit performs instructions in said secure mode in a power-on state.
  - 52. Apparatus as in claim 51, wherein said single-processor processing unit, in response to said power-on state, performs secure code maintained in a persistent memory internal to a chip including said single-processor processing unit, wherein said secure code includes instructions directing said single-processor processing unit to perform steps ofloading additional code from one or more trusted sources;
    - verifying authenticity of said trusted sources; and
      
      verifying content integrity of said additional code.
  - 53. Apparatus as in claim 51, wherein said single-processor processing unit, in response to said power-on state, performs secure code maintained in a persistent memory internal to a chip including said single-processor processing unit, wherein said secure code includes instructions directing said single-processor processing unit to perform steps ofloading additional code from one or more trusted sources;
    - verifying authenticity of said trusted sources; and
      
      verifying content integrity of said additional code;
      
      wherein said steps of verifying authenticity and content integrity are performed in response to said persistent memory internal to said chip.
  - 54. Apparatus as in claim 51, wherein said single-processor processing unit, in response to said power-on state, performs secure code maintained in a persistent memory internal to a chip including said single-processor processing unit, wherein said secure code includes instructions directing said single-processor processing unit to perform steps ofloading additional code from one or more trusted sources;
    - verifying authenticity of said trusted sources; and
      
      verifying content integrity of said additional code;
      
      whereinsaid steps of verifying authenticity and content integrity are performed in response to said persistent memory internal to said chip, andsaid persistent memory internal to said chip includes at least one of;
      
      encryption keys, secure hash values, or other data for verification of said trusted sources and authentication of said additional code.

55. Apparatus includinga single-processor processing unit capable of performing instructions;
- a security signal having at least a secure mode and a monitored mode;
  
  a circuit for switching from said monitored mode to said secure mode in response to a non-maskable interrupt (NMI) signal;
  
  said single-processor processing unit being responsive to said security signal, wherein said single-processor processing unit has access to at least one secure function when performing instructions in said secure mode that said single-processor processing unit does not have access to when performing instructions in said monitored mode;
  
  wherein at least one said secure function includes instructions directing said single-processor processing unit to record external instructions in response to an external source, a measure of trustworthiness of said external source being verifiable by said single-processor processing unit;
  
  wherein said single processor performs instructions and has access to the at least one secure function.
- View Dependent Claims (56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84)
- - 56. Apparatus as in claim 55, includinga security element responsive to said security signal and coupled to at least one secure circuit coupled to said single-processor processing unit, wherein said security element allows said single-processor processing unit to access said secure circuit only when said security signal indicates said secure mode.
  - 57. Apparatus as in claim 55, includinga set of application code maintained in memory or mass storage, coupled to said single-processor processing unit;
    - whereby said single-processor processing unit performs said application code in said monitored mode.
  - 58. Apparatus as in claim 55, includinga set of application code maintained in memory or mass storage, coupled to said single-processor processing unit, said application code being capable of being performed on a substantially identical non-secure processing unit not responsive to said security signal;
    - whereby said single-processor processing unit is capable of performing said application code without substantial change, in response to said security signal indicating said secure mode.
  - 59. Apparatus as in claim 55, wherein said one secure function includes instructions directing said single-processor processing unit to perform steps ofreceiving said external instructions from said external source;
    - andverifying said external instructions as accurate.
  - 60. Apparatus as in claim 55, includinga monitoring circuit coupled to said single-processor processing unit, said monitoring circuit capable of monitoring access by said single-processor processing unit to an external device;
    - said monitoring circuit being responsive to said security signal and to a set of access rules, wherein when said single-processor processing unit attempts to access said external device in violation of said access rules, said monitoring circuit is capable of performing at least one secure function in response thereto.
  - 61. Apparatus as in claim 60, wherein said monitoring circuit is responsive to access by said by said single-processor processing unit, in response to at least one ofa number of accesses requested by said single-processor processing unit;
    - a number of instructions which said single-processor processing unit performs;
      
      a parameter set by said single-processor processing unit which operating in said secure mode;
      
      oran interval during which said single-processor processing unit is operating.
  - 62. Apparatus as in claim 55, including a set of secure information available for read-only access by said single-processor processing unit.
  - 63. Apparatus as in claim 62, wherein said set of secure information includes information maintained in a non-volatile memory.
  - 64. Apparatus as in claim 62, wherein said set of secure information includes information maintained in a non-volatile memory and unique to said secure processor.
  - 65. Apparatus as in claim 62, wherein said set of secure information includes information maintained in a non-volatile memory, said non-volatile memory having a circuit capable of enabling writing of said non-volatile memory, said circuit being disabled when said secure processor is packaged.
  - 66. Apparatus as in claim 62, wherein said set of secure information includes information maintained in a non-volatile memory, said non-volatile memory having a circuit capable of enabling writing of said non-volatile memory, said circuit including a pin which is substantially inaccessible when said secure processor is packaged.
  - 67. Apparatus as in claim 66, wherein said set of secure information includes an identity value substantially unique to said chip, or a set of private key information substantially unique to said chip;
    - whereby said chip can assure that a selected set of content or software can only be executed by said chip when said chip is authorized to consume said content or execute said software.
  - 68. Apparatus as in claim 67, wherein said chip can verify authenticity of a purchase receipt or license or other digital rights management data, whereby said chip can verify that a selected set of content or software is authentic and authorized for said chip.
  - 69. Apparatus as in claim 68, wherein said secure chip is capable of permitting consumption of said content or execution of said software in response to an attempt to verify authenticity of a purchase receipt or license or other digital rights management data.
  - 70. Apparatus as in claim 68, wherein said receipt includesinformation sufficient to substantially identify said chip;
    - information sufficient to substantially identify an identity value substantially unique to said content or software.
  - 71. Apparatus as in claim 66, including means for combining said key information and said substantially unique identity value, with the effect of implementing a digital rights management scheme for enforcing intellectual property.
  - 72. Apparatus as in claim 66, wherein at least a portion of said secure information is digitally signed using either a public key/secret private key system or a symmetric encryption/decryption key.
  - 73. Apparatus as in claim 72, wherein said secure chip is capable of permitting consumption of said content or execution of said software in response to verifying said digital signature.
  - 74. Apparatus as in claim 66, wherein at least a portion of said secure information is encrypted using either a public key/secret private key system or a symmetric encryption/decryption key.
  - 75. Apparatus as in claim 74, wherein said secure chip is capable of permitting consumption of said content or execution of said software in response to an attempt to decrypt said portion of said secure information.
  - 76. Apparatus as in claim 55, wherein said one secure function includes instructions directing said single-processor processing unit to perform steps ofreceiving said external instructions from said external source;
    - constructing data responsive to said external instructions; and
      
      comparing said data responsive to said external instructions with at least some of said secure information, whereby said single-processor processing unit is capable of verifying that said external instructions are accurate.
  - 77. Apparatus as in claim 76, whereinsaid steps of constructing include determining a computed signature value in response to said external instructions;
    - andsaid steps of comparing include attempting to match said computed signature value against a recorded signature value included in said secure information.
  - 78. Apparatus as in claim 76, wherein said steps of receiving include at least one ofreceiving a set of messages, said set of messages collectively including said external instructions;
    - orreceiving a set of storage media, said set of storage media collectively including said external instructions.
  - 79. Apparatus as in claim 55, wherein said one secure function includes instructions directing said single-processor processing unit to perform steps ofrequesting said external instructions from said external source;
    - sending data responsive to said secure information to said external source, whereby said external source is capable of verifying that said single-processor processing unit is authorized to perform said external instructions; and
      
      receiving said external instructions from said external source.
  - 80. Apparatus as in claim 79, wherein said external instructions include at least one of:
    - application software, additional secure code.
  - 81. Apparatus as in claim 55, whereinsaid security signal is responsive to either a reset state or an interrupt state, said interrupt state being responsive to either a non-maskable interrupt or a timer interrupt;
    - andin response to said security signal, said single-processor processing unit transfers control to said secure function, said secure function not being alterable when said single-processor processing unit performs instructions in said monitored mode.
  - 82. Apparatus as in claim 81, wherein, in response to said secure function, said single-processor processing unit transfers control to an exit function, said exit function being capable of removing any secure information from use by said single-processor processing unit when in said monitored mode.
  - 83. Apparatus as in claim 81,wherein said single-processor processing unit is capable of passing parameters for said secure function,whereby in response to said non-maskable interrupt, said secure function performs at least one said secure function at the behest of application software, said application software being performed by said single-processor processing unit in said monitored mode.
  - 84. Apparatus as in claim 81,wherein said single-processor processing unit is capable of passing parameters for said secure function,whereby in response to said non-maskable interrupt, said secure function performs at least one said secure function at the behest of application software, said application software being performed by said single-processor processing unit in said monitored mode;
    - andwherein said secure function includes at least one of the following functions;
      
      a cryptographic authentication function, a cryptographic signature function, a cryptographically secure function, an encryption or decryption function, a function including an encryption or decryption key, a secure hash function.

85. Memory or mass storage in a processing unit including instructions capable of being interpreted by a computing device to perform steps ofperforming application software by a single-processor processing unit;
- verifying, using persistent memory internal to the single-processor processing unit, that said single-processor processing unit is authorized to perform said application software;
  
  distinguishing for said single-processor processing unit between a monitored mode and a secure mode, wherein in said monitored mode said single-processor processing unit is capable of performing said application software transparently to said application software, and wherein in said secure mode said single-processor processing unit is capable of verifying that said single-processor processing unit is authorized to perform said application software,switching from said monitored mode to said secure mode in response to a non-maskable interrupt (NMI) signal;
  
  wherein said single processor performs the application software and verifies that said single-processor processing unit is authorized to perform said application software.
- View Dependent Claims (86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99)
- - 86. Memory or mass storage as in claim 85, including instructions capable of being interpreted by a computing device to perform steps ofin said monitored mode, performing by a portion of said single-processor processing unit instructions substantially identically to those performable by a semiconductor die for an ordinary processor otherwise not responsive to said secure mode.
  - 87. Memory or mass storage as in claim 85, including instructions capable of being interpreted by a computing device to perform steps ofin said secure mode, performing by said single-processor processing unit extraordinary services requested by, and authorized for, said application software.
  - 88. Memory or mass storage as in claim 85, including instructions capable of being interpreted by a computing device to perform steps ofinterrupting said monitored mode and entering said secure mode in response to at least one of a plurality of techniques;
    - andwhen in said secure mode, determining by which technique said secure mode was entered.
  - 89. Memory or mass storage as in claim 85, including instructions capable of being interpreted by a computing device to perform steps ofinterrupting said monitored mode and entering said secure mode in response to at least one of:
    - an interrupt, a reset signal, or a timer.
  - 90. Memory or mass storage including instructions capable of being interpreted by a computing device to perform steps as in claim 85, including steps of in said secure mode, exiting said secure mode and performing said application software in said monitored mode.
  - 91. Memory or mass storage as in claim 90, including instructions capable of being interpreted by a computing device to perform steps ofperforming said application software without substantial change in original code for that application software, whereby the application software sees a processor environment that is not substantially different from an ordinary processor.
  - 92. Memory or mass storage as in claim 90, including instructions capable of being interpreted by a computing device to perform steps ofwhen said application software needs services the secure processor oversees, the application software generates an interrupt, causing the secure mode to be re-entered, the services to be delivered to the application software, and the secure mode to be exited, whereby the application software can continue to execute in monitored mode.
  - 93. Memory or mass storage as in claim 85, including instructions capable of being interpreted by a computing device to perform steps ofperforming instructions in said secure mode in a power-on state.
  - 94. Memory or mass storage as in claim 93, including instructions capable of being interpreted by a computing device to perform steps ofin response to said power-on state, performing secure code maintained in a persistent memory internal to a chip including said single-processor processing unit, said steps of performing secure code including steps ofloading additional code from one or more trusted sources;
    - verifying authenticity of said trusted sources; and
      
      verifying content integrity of said additional code.
  - 95. Memory or mass storage as in claim 93, including instructions capable of being interpreted by a computing device to perform steps ofin response to said power-on state, performing secure code maintained in a persistent memory internal to a chip including said single-processor processing unit, said steps of performing secure code including steps ofloading additional code from one or more trusted sources;
    - verifying authenticity of said trusted sources; and
      
      verifying content integrity of said additional code;
      
      wherein said steps of verifying authenticity and content integrity are performed in response to said persistent memory internal to said chip.
  - 96. Memory or mass storage as in claim 93, including instructions capable of being interpreted by a computing device to perform steps ofin response to said power-on state, performing secure code maintained in a persistent memory internal to a chip including said single-processor processing unit, said steps of performing secure code including steps ofloading additional code from one or more trusted sources;
    - verifying authenticity of said trusted sources; and
      
      verifying content integrity of said additional code;
      
      whereinsaid steps of verifying authenticity and content integrity are performed in response to said persistent memory internal to said chip; and
      
      said persistent memory internal to said chip includes at least one of;
      
      encryption keys, secure hash values, or other data for verification of said trusted sources and authentication of said additional code.
  - 97. Memory or mass storage as in claim 85, wherein said application software includes at least one instruction for execution in said secure mode.
  - 98. Memory or mass storage as in claim 97, wherein said at least one instruction for execution in said secure mode includes an additional function performable by said single-processor processing unit on behalf of a set of secure kernel code.
  - 99. Memory or mass storage as in claim 97, wherein said at least one instruction for execution in said secure mode includes an additional function performable by said single-processor processing unit on behalf of a set of secure kernel code, said additional function including authenticating additional secure kernel code.

100. Memory or mass storage in a processing unit including instructions capable of being interpreted by a computing device to perform steps ofperforming instructions by a single-processor processing unit, said single-processor processing unit including a security signal having at least a secure mode and a monitored mode;
- switching from said monitored mode to said secure mode in response to a non-maskable interrupt (NMI) signal;
  
  accessing, by said single-processor processing unit, at least one secure function in response to said security signal when said security signal indicates said secure mode, and refusing to access said secure function in response to said security signal when said security signal indicates said monitored mode;
  
  wherein said secure function includes steps of recording external instructions in response to an external source, a trustworthiness of said external source being verifiable by said single-processor processing unit,wherein said single processor performs instructions and has access to the at least one secure function.
- View Dependent Claims (101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114)
- - 101. Memory or mass storage as in claim 100, including instructions capable of being interpreted by a computing device to perform steps ofallowing said single-processor processing unit to access at least one secure circuit coupled to said single-processor processing unit only when said security signal indicates said secure mode.
  - 102. Memory or mass storage as in claim 100, including instructions capable of being interpreted by a computing device to perform steps ofperforming a set of application code maintained in memory or mass storage, said memory or mass storage coupled to said single-processor processing unit, said steps of performing being done without substantial change from said application code being performed on a substantially identical non-secure processing unit not responsive to said security signal.
  - 103. Memory or mass storage as in claim 100, including instructions capable of being interpreted by a computing device to perform steps ofperforming, by said single-processor processing unit, a set of application code maintained in memory or mass storage, coupled to said single-processor processing unit, when said single-processor processing unit is operating in said monitored mode.
  - 104. Memory or mass storage as in claim 100, wherein said one secure function includes steps ofrequesting said external instructions from said external source;
    - sending data responsive to said secure information to said external source, whereby said external source is capable of verifying that said single-processor processing unit is authorized to perform said external instructions; and
      
      receiving said external instructions from said external source.
  - 105. Memory or mass storage as in claim 100, including instructions capable of being interpreted by a computing device to perform steps ofmonitoring access by said single-processor processing unit to an external device;
    - said steps of monitoring being responsive to said security signal and to a set of access rules, wherein when said single-processor processing unit attempts to access said external device in violation of said access rules, performing at least one secure function in response thereto.
  - 106. Memory or mass storage as in claim 105, wherein said steps of monitoring are responsive to access by said by said single-processor processing unit, in response to at least one ofa number of accesses requested by said single-processor processing unit;
    - a number of instructions which said single-processor processing unit performs;
      
      a parameter set by said single-processor processing unit which operating in said secure mode;
      
      oran interval during which said single-processor processing unit is operating.
  - 107. Memory or mass storage as in claim 100, including instructions capable of being interpreted by a computing device to perform steps of maintaining a set of secure information for read only access by said single-processor processing unit.
  - 108. Memory or mass storage as in claim 107, wherein said steps of maintaining include steps of reading said set of secure information from a non-volatile memory.
  - 109. Memory or mass storage as in claim 107, wherein said steps of maintaining include steps of reading said set of secure information from a non-volatile memory, and including steps of disabling writing of said non-volatile memory when said secure processor is packaged.
  - 110. Memory or mass storage as in claim 107, wherein said steps of maintaining include steps of reading said set of secure information from a non-volatile memory, and including steps of disabling writing of said non-volatile memory when said secure processor is packaged, said steps of disabling including making substantially inaccessible a non-bonded pin.
  - 111. Memory or mass storage as in claim 107, wherein said steps of maintaining include steps of reading said set of secure information from a non-volatile memory, and wherein said set of secure information is unique to said secure processor.
  - 112. Memory or mass storage as in claim 100, wherein said one secure function includes steps ofreceiving said external instructions from said external sourceconstructing data responsive to said external instructions;
    - andcomparing said data responsive to said external instructions with at least some of said secure information, whereby said single-processor processing unit is capable of verifying that said external instructions are accurate.
  - 113. Memory or mass storage as in claim 112, whereinsaid steps of constructing include determining a computed signature value in response to said external instructions;
    - and said steps of comparing include attempting to match said computed signature value against a recorded signature value included in said secure information.
  - 114. Memory or mass storage as in claim 112, wherein said steps of receiving include at least one ofreceiving a set of messages, said set of messages collectively including said external instructions;
    - orreceiving a set of storage media, said set of storage media collectively including said external instructions.

115. Memory or mass storage in a processing unit including instructions capable of being interpreted by a computing device to perform steps ofperforming instructions on a processor, said processor having a secure mode and a monitored mode;
- wherein when said processor executes in said secure mode, said processor has access to at least one secure function for which said processor does not have access to when said processor executes in said monitored mode;
  
  wherein said processor executes in said secure mode during an interrupted state, said interrupted state being responsive to a non-maskable interrupt (NMI);
  
  wherein when said processor enters said secure mode, said processor transfers control to a set of secure code, said secure code not being alterable when said processor executes in said monitored mode;
  
  wherein a set of said secure code associated with said startup state includes instructions performable by said processor and directing said processor to add external instructions to secure code in response to an external source of said external instructions, a trustworthiness of said external source being verifiable by said processor in response to a set of secure information,wherein said single processor performs instructions and has access to the at least one secure function.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Samsung Electronics Co. Ltd.
Original Assignee
Broadon Communications Corp. (Acer, Inc.)
Inventors
Srinivasan, Pramila, Saperstein, William, Berndt, Frank, Yen, Wei, Princen, John, Blythe, David
Primary Examiner(s)
REVAK, CHRISTOPHER A

Application Number

US10/360,827
Publication Number

US 20040158742A1
Time in Patent Office

1,810 Days
Field of Search

None
US Class Current

726/17
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/51   at application loading time...

G06F 21/52   during program execution, e...

G06F 21/71   to assure secure computing ...

G06F 21/73   by creating or determining ...

G06F 21/74   operating in dual or compar...

Secure and backward-compatible processor and secure software execution thereon

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

115 Claims

Specification

Solutions

Use Cases

Quick Links

Secure and backward-compatible processor and secure software execution thereon

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

115 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links