System and method of identifying and preventing security violations within a computing system

US 8,220,045 B2
Filed: 10/08/2004
Issued: 07/10/2012
Est. Priority Date: 07/23/2004
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

monitoring on a core bus coupled to a processor core at least one of voltage levels, clock frequencies, hardware fault injection and test and debug activity associated with an electronic apparatus;

identifying unauthorized manipulation of at least one of said voltage levels, clock frequencies, hardware fault injection and test and debug activity as a security violation; and

preventing execution of an instruction within the processor core in response to the security violation.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method of identifying and preventing security violations within a computing system. Some exemplary embodiments may be a method comprising monitoring activity on a core bus coupled to a processor core (the processor core operating in a computing system), identifying activity on the core bus as a security violation, and preventing execution of an instruction within the processor core in response to the security violation.

Citations

21 Claims

1. A method, comprising:
- monitoring on a core bus coupled to a processor core at least one of voltage levels, clock frequencies, hardware fault injection and test and debug activity associated with an electronic apparatus;
  
  identifying unauthorized manipulation of at least one of said voltage levels, clock frequencies, hardware fault injection and test and debug activity as a security violation; and
  
  preventing execution of an instruction within the processor core in response to the security violation.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, further comprising:
    - identifying a software program executing on the processor core as causing the security violation; and
      
      preventing the software program from executing.
  - 3. The method of claim 1, further comprising activating a visual indicator to notify the user that the security violation has been detected.
  - 4. The method of claim 1, further comprising activating a visual indicator to notify the user that the security violation has been neutralized.
  - 5. The method of claim 1, further comprising activating an audible indicator to notify the user that the security violation has been detected.

6. A method, comprising:
- monitoring activity on a core bus coupled to a processor core, the processor core operating in a computing system;
  
  identifying activity on the core bus as a security violation;
  
  identifying as the security violation software initiating an attempted access of a non-privileged resource by a privileged resource of the computing system;
  
  preventing access to the non-privileged resource; and
  
  preventing future execution of the software.

7. A method, comprising:
- tracking activity on a core bus of a processor core of a computing system;
  
  recognizing activity on the core bus as a security violation said activity comprising more than one of instruction bus signals, data bus signals, status signals and control signals;
  
  recognizing as the security violation an attempted access of a privileged resource by a non-privileged resource of the computing system;
  
  asserting an interrupt signal to the processor core in response to the security violation;
  
  executing security response software in response to the asserted interrupt signal;
  
  blocking execution of an instruction within the processor core in response to execution of the security response software; and
  
  preventing future execution of a program requesting the attempted access.

8. A method, comprising:
- tracking activity on a core bus of a processor core of a computing system;
  
  recognizing activity on the core bus as a security violation said activity comprising more than one of instruction bus signals, data bus signals, status signals and control signals;
  
  recognizing as the security violation an attempted access of a privileged resource by a non-privileged resource of the computing system;
  
  asserting an interrupt signal to the processor core in response to the security violation;
  
  executing security response software in response to the asserted interrupt signal;
  
  ending execution of a program requesting the attempted access in response to the security violation; and
  
  preventing future execution of the program requesting the attempted access.

9. A method, comprising:
- tracking activity on a core bus of a processor core of a computing system;
  
  recognizing activity on the core bus as a security violation said activity comprising more than one of instruction bus signals, data bus signals, status signals and control signals;
  
  recognizing as the security violation an attempted access of a privileged resource by a non-privileged resource of the computing system;
  
  asserting an interrupt signal to the processor core in response to the security violation;
  
  executing security response software in response to the asserted interrupt signal;
  
  activating a visual indicator to signal the user that the security violation has been detected; and
  
  preventing future execution of a program requesting the attempted access.

10. A method, comprising:
- tracking activity on a core bus of a processor core of a computing system;
  
  recognizing activity on the core bus as a security violation said activity comprising more than one of instruction bus signals, data bus signals, status signals and control signals;
  
  recognizing as the security violation an attempted access of a privileged resource by a non-privileged resource of the computing system;
  
  asserting an interrupt signal to the processor core in response to the security violation;
  
  executing security response software in response to the asserted interrupt signal;
  
  activating an audible indicator to signal the user that the security violation has been detected; and
  
  preventing future execution of a program requesting the attempted access.

11. A computing system, comprising:
- a processor core coupled to a primary bus; and
  
  a monitoring system coupled to the primary bus, the monitoring system tracks an activity on the primary bus;
  
  wherein the monitoring system recognizes as a security violation activity on the primary bus caused by a program executing on the processor core;
  
  wherein the monitoring system blocks completion of activity initiated by the program by causing a flush of the processor core; and
  
  wherein the monitoring system blocks future execution of the program.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The computing system of claim 11, wherein causing a flush of the processor core comprises flushing a stage within the processor core, the stage comprising at least one of the group consisting of a prefetch stage, a prediction stage, or a pipeline stage.
  - 13. The computing system of claim 11, wherein the monitoring system further activates an interrupt signal to the processor core that triggers execution of security response software that blocks execution of the program.
  - 14. The computing system of claim 13,wherein the processor core operates in a secure mode and a non-secure mode;
    - andwherein the processor core further enters into a secure mode upon execution of the security response software if the security violation occurs while in the non-secure mode.
  - 15. The computing system of claim 11, further comprising:
    - a secure component coupled to the primary bus;
      
      wherein the processor core operates in a secure and a non-secure mode; and
      
      wherein the security violation further comprises an attempt to access the secure component while in the non-secure mode.
  - 16. The computing system of claim 15, wherein the secure component comprises at least one of the group consisting of a direct memory access controller, a processor pipeline, or a memory.
  - 17. The computing system of claim 11, further comprising:
    - a non-secure component coupled to the primary bus;
      
      wherein the processor core operates in a secure and a non-secure mode; and
      
      wherein the security violation comprises attempting to access the non-secure component while in the secure mode.
  - 18. The computing system of claim 17, wherein the non-secure component comprises at least one of the group consisting of an external memory, a global positioning system receiver, a universal bus serial interface, a camera interface, a user interface, a display, or a modem.
  - 19. The computing system of claim 11, further comprising an attack indicator, wherein the recognition of the security violation causes the attack indicator to be activated.
  - 20. The computing system of claim 11, wherein the processor core comprises at least one of the group consisting of an ARM processor, a digital signal processor, or a graphics display processor.

21. A computing system, comprising:
- a processor core coupled to a primary bus; and
  
  a monitoring system coupled to the primary bus, the monitoring system tracks an activity on the primary bus;
  
  wherein the monitoring system recognizes as a security violation activity caused by a program presenting an instruction abort sequence to the processor core;
  
  wherein the monitoring system blocks completion of the activity by causing a flush of the processor core; and
  
  wherein the monitoring system blocks future execution of the program.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Texas Instruments, Inc.
Original Assignee
Texas Instruments, Inc.
Inventors
Conti, Gregory Remy Philippe, Azema, Jerome Laurent
Primary Examiner(s)
Dinh, Minh

Application Number

US10/961,344
Publication Number

US 20060021035A1
Time in Patent Office

2,832 Days
Field of Search

None
US Class Current

726/17
CPC Class Codes

G06F 21/554   involving event detection a...

G06F 21/74   operating in dual or compar...

G06F 21/85   interconnection devices, e....

System and method of identifying and preventing security violations within a computing system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

System and method of identifying and preventing security violations within a computing system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links