Software self-checking systems and methods
First Claim
Patent Images
1. A method of creating a self-checking software program, the program being embodied on a computer-readable medium, the method comprising:
- (a) inserting multiple self-checking code sequences into the program'"'"'s source code;
(a)(1) compiling the program'"'"'s source code to form object code;
(a)(2) rearranging basic blocks of the program'"'"'s object code such that the distribution of the multiple self-checking code sequences is changed;
(b) inserting a plurality of correctors into the rearranged object code;
(c) assigning the self-checking code sequences to overlapping portions of the program, each of said portions containing at least one corrector, and at least some of said portions containing at least part of one or more of said self-checking code sequences, wherein each self-checking code sequence is operable to calculate a function of at least one of said portions; and
(d) assigning values to the correctors, the value of each corrector being chosen such that the function calculated by a self-checking code sequence assigned to a given portion of the program containing a given corrector results in a predefined value when the given portion has not been improperly modified.
3 Assignments
0 Petitions
Accused Products
Abstract
Software self-checking mechanisms are described for improving software tamper resistance and/or reliability. Redundant tests are performed to detect modifications to a program while it is running. Modifications are recorded or reported. Embodiments of the software self-checking mechanisms can be implemented such that they are relatively stealthy and robust, and so that it they are compatible with copy-specific static watermarking and other tamper-resistance techniques.
157 Citations
26 Claims
-
1. A method of creating a self-checking software program, the program being embodied on a computer-readable medium, the method comprising:
-
(a) inserting multiple self-checking code sequences into the program'"'"'s source code; (a)(1) compiling the program'"'"'s source code to form object code; (a)(2) rearranging basic blocks of the program'"'"'s object code such that the distribution of the multiple self-checking code sequences is changed; (b) inserting a plurality of correctors into the rearranged object code; (c) assigning the self-checking code sequences to overlapping portions of the program, each of said portions containing at least one corrector, and at least some of said portions containing at least part of one or more of said self-checking code sequences, wherein each self-checking code sequence is operable to calculate a function of at least one of said portions; and (d) assigning values to the correctors, the value of each corrector being chosen such that the function calculated by a self-checking code sequence assigned to a given portion of the program containing a given corrector results in a predefined value when the given portion has not been improperly modified. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method of creating a dynamic self-checking program, the program being embodied on a computer-readable medium, the method comprising:
-
inserting self-checking code into the program'"'"'s source code, the self-checking code being operable to perform dynamic integrity checks on overlapping intervals of the program, at least some of the overlapping intervals including portions of the self-checking code; compiling the program'"'"'s source code to form object code; rearranging basic blocks of the program'"'"'s object code such that the distribution of the multiple self-checking code sequences is changed inserting a plurality of corrector values into the rearranged object code, the inserted corrector values being chosen such that the dynamic integrity checks performed by the self-checking code result in a predefined value or values when the program has not been improperly modified.
-
-
15. A self-checking program stored in a non-volatile memory, the program comprising:
-
a first code sequence configured to perform a first integrity check on a first portion of the program while the program is running; a first corrector contained within the first portion of the program, the first corrector being assigned a value such that computation of a first hash function results in a first predefined value when the first portion of the program has not been improperly modified; a second code sequence configured to perform a second integrity check on a second portion of the program while the program is running; wherein the first portion of the program and the second portion of the program overlap at least in part, and wherein the integrity of the first code sequence is checked by at least one code sequence and the integrity of the second code sequence is checked by at least one code sequence. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
Specification