Microprocessor apparatus for secure on-die real-time clock
First Claim
1. An apparatus providing for a secure execution environment, comprising:
- a microprocessor, configured to execute non-secure application programs and a secure application program, wherein said secure application program comprises instructions from a host architecture instruction set, and wherein said microprocessor encrypts said secure application program using a processor unique key to store an encrypted version of said secure application program in a secure non-volatile memory that is coupled to said microprocessor via a private bus, and wherein said non-secure application programs are accessed from a system memory via a system bus and said secure application program is accessed from said secure non-volatile memory, said microprocessor comprising;
a secure real time clock, configured to provide a persistent time, wherein said secure real time clock is only visible and accessible by said secure application program when said microprocessor is executing in a secure mode; and
an external crystal, coupled to said secure real time clock within said microprocessor, configured to cause an oscillator within said secure real time clock to generate an oscillating output voltage that is proportional to the frequency of said external crystal.
1 Assignment
0 Petitions
Accused Products
Abstract
An apparatus including a microprocessor and an external crystal. The microprocessor executes non-secure application programs and a secure application program, where the secure application program comprises instructions from a host architecture instruction set, and where the non-secure application programs are accessed from a system memory via a system bus and the secure application program is accessed from a secure non-volatile memory via a private bus coupled to the microprocessor. The microprocessor has a secure real time clock that provides a persistent time, where the secure real time clock is only visible and accessible by the secure application program when the microprocessor is executing in a secure mode. The external crystal is coupled to the secure real time clock within the microprocessor and is configured to cause an oscillator within the secure real time clock to generate an oscillating output voltage that is proportional to the frequency of the external crystal.
-
Citations
25 Claims
-
1. An apparatus providing for a secure execution environment, comprising:
-
a microprocessor, configured to execute non-secure application programs and a secure application program, wherein said secure application program comprises instructions from a host architecture instruction set, and wherein said microprocessor encrypts said secure application program using a processor unique key to store an encrypted version of said secure application program in a secure non-volatile memory that is coupled to said microprocessor via a private bus, and wherein said non-secure application programs are accessed from a system memory via a system bus and said secure application program is accessed from said secure non-volatile memory, said microprocessor comprising; a secure real time clock, configured to provide a persistent time, wherein said secure real time clock is only visible and accessible by said secure application program when said microprocessor is executing in a secure mode; and an external crystal, coupled to said secure real time clock within said microprocessor, configured to cause an oscillator within said secure real time clock to generate an oscillating output voltage that is proportional to the frequency of said external crystal. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A microprocessor apparatus, for executing secure code within a secure execution environment, the microprocessor apparatus comprising:
-
a secure non-volatile memory, configured to store an encrypted version of a secure application program, wherein said secure application program comprises instructions from a host architecture instruction set; a microprocessor, coupled to said secure non-volatile memory via a private bus, configured to encrypt said secure application program using a processor unique key to store said encrypted version of said secure application program in said secure non-volatile memory, and configured to execute non-secure application programs and said secure application program, said microprocessor comprising; a secure real time clock, configured to provide a persistent time, wherein said secure real time clock is only visible and accessible by said secure application program when said microprocessor is executing in a secure mode; and an external crystal, coupled to said secure real time clock within said microprocessor, configured to cause an oscillator within said secure real time clock to generate an oscillating output voltage that is proportional to the frequency of said external crystal. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. A method for executing secure code within a secure execution environment, the method comprising:
-
encrypting the secure code using a processor unique key; storing the secure code in a secure non-volatile memory over a private bus for execution by a microprocessor that is coupled to the secure non-volatile memory, wherein the secure code comprises instructions from a host architecture instruction set, and wherein the private bus is isolated from all system bus resources within the microprocessor and external to the microprocessor, and wherein the private bus is observable and accessible exclusively by secure execution logic within the microprocessor; fetching the secure code from a secure non-volatile memory; via a secure real time clock within the microprocessor, providing a persistent time, wherein the secure real time clock is only visible and accessible by the secure code; and coupling an external crystal to the microprocessor that causes an oscillator within the real time clock to generate an oscillating output voltage that is proportional to the frequency of the external crystal. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25)
-
Specification