US20080115132A1 - Data processing device and method for monitoring correct operation of a data processing device - Google Patents

Data processing device and method for monitoring correct operation of a data processing device Download PDF

Info

Publication number
US20080115132A1
US20080115132A1 US11/609,253 US60925306A US2008115132A1 US 20080115132 A1 US20080115132 A1 US 20080115132A1 US 60925306 A US60925306 A US 60925306A US 2008115132 A1 US2008115132 A1 US 2008115132A1
Authority
US
United States
Prior art keywords
state
subsystem
operating sequence
partial operating
continuation point
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
US11/609,253
Other versions
US7689874B2 (en
US20100042995A9 (en
Inventor
Robin Boch
Gerd Dirscherl
Stefan Erdmenger
Udo Kriebel
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Infineon Technologies AG
Original Assignee
Infineon Technologies AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Infineon Technologies AG filed Critical Infineon Technologies AG
Assigned to INFINEON TECHNOLOGIES AG reassignment INFINEON TECHNOLOGIES AG ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: ERDMENGER, STEFAN, KRIEBEL, UDO, BOCH, ROBIN, DIRSCHERL, GERD
Publication of US20080115132A1 publication Critical patent/US20080115132A1/en
Publication of US20100042995A9 publication Critical patent/US20100042995A9/en
Application granted granted Critical
Publication of US7689874B2 publication Critical patent/US7689874B2/en
Active legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/28Error detection; Error correction; Monitoring by checking the correct order of processing

Definitions

  • Data processing devices are controlled using programs which includes a sequence of instructions that can be executed in order to achieve a particular functionality.
  • the high flexibility of data processing devices is based on the fact that, in programs, individual steps can be executed not only sequentially but also with branches in the sequence.
  • the correct program flow that is the correct order in which the individual instructions are executed, is required.
  • Unexpected changes in the sequence lead to incorrect results or even to operation of the data processing device being stopped. Such changes may be caused, for example, by faults in the hardware or in the programs.
  • external attacks in which the correct operation of a data processing device is deliberately disrupted in order to gain an advantage are conceivable.
  • faults during the operation of a data processing device In order to avoid faults during the operation of a data processing device, hardware and software are verified, that is, they are checked for the correct method of operation. Unfortunately, some faults remain undiscovered during verification since not all possible situations can be covered. These include, in particular, limiting cases which occur when different parts of a program interact, in which case it is not possible to verify the individual parts together. Faults in the program flow may result in failure of the data processing device or in security gaps which can be exploited.
  • External attacks which influence the operation of a data processing device may be detected using suitable hardware measures.
  • suitable hardware measures include checkpoint registers, in which values are compared with expected values during operation, glitch sensors, which detect very brief voltage dips or increases in the current or clock supply, frequency sensors, which are used to detect changes in the clock frequency, in particular underfrequencies, or single-step operation, and light sensors, which can be used to detect manipulation of the chip during optical analysis.
  • Hardware measures can be used only in specialized safety processors, the use of analog sensors frequently requiring redesign, in particular.
  • FIG. 1 shows a block diagram of an exemplary embodiment of the data processing device according to the invention
  • FIG. 2 shows a principle on which the invention is based
  • FIG. 3 shows a program section for an exemplary embodiment
  • FIG. 4 shows an exemplary state diagram for the operation of a data processing device according to the invention.
  • a method for monitoring the correct operation of a data processing device having the steps of changing a subsystem from an authorized state to an unauthorized state before a partial operating sequence is executed, the unauthorized state not interfering with the execution of the partial operating sequence as long as the state of the subsystem is not being evaluated, executing the partial operating sequence, resetting the subsystem state from the unauthorized state to the authorized state after the partial operating sequence has been executed, and evaluating the subsystem state.
  • the subsystem state is reset from the unauthorized state to the authorized state before evaluation. During evaluation, the subsystem state is then in an authorized state. If, in contrast, the partial operating sequence is disrupted and is not ended correctly, the subsystem is still in an unauthorized state. This unauthorized state is detected by evaluating the subsystem state and the necessary measures, for example adjusting the operation of the data processing device, are taken.
  • the data processing device carries out the abovementioned steps during operation. If the evaluation of the subsystem state revealed an authorized state, the data processing device continues operation at a continuation point for the partial operating sequence.
  • Operation of the data processing device may include a plurality of partial operating sequences, the process being continued, after the subsystem state has been evaluated, only if the subsystem is in an authorized state. This ensures that the partial operating sequence has been fully executed correctly, and operation of the data processing device is continued only if no unexpected interruptions in the partial operating sequence have occurred.
  • the subsystem state is described by a continuation point.
  • the subsystem state is in an authorized state or an unauthorized state.
  • the continuation point in the authorized state, is the continuation point for the partial operating sequence.
  • the continuation point for the partial operating sequence is modified before the partial operating sequence is executed and, after the latter has been successfully executed, is reset again to the correct continuation point for the partial operating sequence. If the partial operating sequence is disrupted in any way, with the result that the continuation point is not reset from an unauthorized continuation point to the authorized continuation point for the partial operating sequence, the unauthorized continuation point is detected when evaluating the subsystem state.
  • the continuation point in the unauthorized state, is an invalid continuation point which does not correspond to the continuation point for the partial operating sequence.
  • An invalid continuation point can be detected when evaluating the subsystem state, the continuation point being selected in such a manner that operation of the data processing device is ended or interrupted in a determinate manner.
  • the invalid continuation point is reversibly determined from the continuation point for the partial operating sequence.
  • instructions for changing the subsystem state from an authorized state to an unauthorized state before the partial operating sequence to be monitored, instructions for resetting the subsystem state from the unauthorized state to the authorized state, and instructions for evaluating the subsystem state after the partial operating sequence to be monitored are inserted into a program which controls the partial operating sequence.
  • the method for monitoring the correct operation of the data processing device can be implemented by inserting the appropriate instructions into the program which controls the partial operating sequence.
  • the instructions are automatically inserted into the program when compiling or interpreting the program.
  • the method can be used for any desired data processing devices without great expenditure.
  • the method is thus independent of the platform and application program.
  • the continuation point is a return address of the program which controls the partial operating sequence.
  • the invalid continuation point is a return address which is generated by adding a constant or a random number from the return address of the program for controlling the partial operating sequence.
  • the constant or random number is selected in such a manner than an invalid return address which results in a fault during return is generated.
  • the fault can be triggered, for example, by access to a nonexistent memory area.
  • the subsystem state is evaluated using a memory management unit or a memory protection unit.
  • a memory management unit or a memory protection unit can be used to detect whether the address is valid and authorized or invalid and unauthorized. In this case, it is advantageous that there is no need for an additional memory for storing the subsystem state and that memory management units or memory protection units are present in most hardware platforms of data processing devices.
  • the unauthorized state triggers an alarm, an abort, a fault, an exception or a trap in the data processing device.
  • State monitoring mechanisms which are already present in the data processing device can thus be used to monitor correct operation without the need for additional hardware expenditure.
  • State monitoring mechanisms are intended to mean all mechanisms in the data processing device which are suitable for triggering an alarm, an abort, a fault, an exception or a trap.
  • the unauthorized state interrupts operation of the data processing device during evaluation.
  • a data processing device which includes a processor, a subsystem which can assume an authorized state and an unauthorized state, a sequence controller, a modification device for modifying a continuation point, a continuation point memory for storing a continuation point, and an evaluation unit for evaluating a state of the subsystem.
  • the sequence controller is designed in such a manner that it stores a continuation point for a partial operating sequence in the continuation point memory before the partial operating sequence is executed by the processor, uses the modification device to change the continuation point in such a manner that, when a state of the subsystem is being evaluated by the evaluation unit, an unauthorized state is detected, uses the modification device to reverse the change in the continuation point after the partial operating sequence has been executed by the processor and changes the subsystem state from the unauthorized state to the authorized state, and evaluates the state of the subsystem in the evaluation unit.
  • the sequence controller modifies the partial operating sequence in such a manner that the continuation point for the latter is first of all changed in such a manner that it would lead to an unauthorized state during evaluation. Given the correct sequence of the partial operating sequence, this change is reversed, with the result that no unauthorized state is detected during evaluation. If, in contrast, the partial operating sequence is not ended properly, the change in the continuation point is not reversed either, with the result that the subsystem remains in the invalid state.
  • the continuation point is a return address of a program which controls the partial operating sequence.
  • the authorized state corresponds to the correct return address of the program, while the unauthorized state corresponds to an illegal return address.
  • the evaluation unit is a memory management unit or a memory protection unit of the processor.
  • the memory management unit or memory protection unit is responsible for memory management.
  • a valid or authorized return address results in the next instruction being executed after the partial operating sequence, while an illegal, invalid or unauthorized return address results in a fault message. This makes it possible to use the already existing hardware of the processor to implement an evaluation unit which can be used to monitor the operation of the data processing device.
  • the sequence controller is implemented using the processor.
  • a separate processor is thus not needed for the sequence controller; the latter can be implemented using the already existing processor of the data processing device.
  • the subsystem is implemented using the processor.
  • the subsystem can assume an authorized state and an unauthorized state and can be implemented as such using system registers in which system states are stored.
  • System registers are used to store the states of alarms, aborts, faults, exceptions and traps which have been detected by the processor.
  • the modification device and the continuation point memory are implemented using software which runs on the processor.
  • the modification device and the continuation point memory are implemented using software which is executed in the processor.
  • the continuation point memory may be, for example, a variable whose value is modified using an appropriate programming instruction.
  • FIG. 1 shows an exemplary embodiment of the data processing device according to the invention having a processor P for executing an operating sequence BA.
  • the operating sequence BA may include a plurality of partial operating sequences TB.
  • a sequence controller AS drives a modification device M in such a manner that it reads in a continuation point FS for the partial operating sequence TB.
  • the continuation point FS is intended to mean that point in the operating sequence BA which is executed by the processor P after the partial operating sequence TB has been processed.
  • the modification device M the continuation point FS is modified and a new, unauthorized continuation point FS′ is generated.
  • the continuation point FS is described by a number, for example a return address, this may be effected using an adder A which adds a modification constant MK, which is stored in a constant memory C, to the continuation point FS.
  • the modification constant MK may be a constant or a random number.
  • Each partial operating sequence TB is associated with its own modification constant MK, the modification constants MK of different partial operating sequences TB differing from one another.
  • the unauthorized continuation point FS′ is stored in a continuation point memory F.
  • the modification to the continuation point FS can be reversed again in the modification device M by the contents of the continuation point memory F being supplied to the adder A again, in which case, however, the latter no longer adds the modification constant MK but rather subtracts it.
  • the modification constant MK It is essential for the choice of the modification constant MK that the latter is selected in such a manner that an unauthorized continuation point FS′ is generated.
  • An unauthorized continuation point FS′ results in an unauthorized state of the subsystem T.
  • the partial operating sequence TB is executed by the processor P.
  • the sequence controller AS drives the modification device M again but in such a manner that the modification to the continuation point FS is reversed by means of subtraction, as described above, and an authorized continuation point FS is output at the output of the modification device M.
  • An authorized continuation point FS is, for example, that point in the operating sequence BA which is intended to be executed by the processor after the partial operating sequence TB has been executed correctly.
  • the authorized continuation point FS or the unauthorized continuation point FS′ results in an authorized or an unauthorized state.
  • the state of the subsystem T is evaluated using the evaluation unit AE after the partial operating sequence TB and the sequence control AS have been executed. In the case of an authorized state, processing of the operating sequence BA is continued with the next partial operating sequence TB. If, in contrast, an unauthorized state of the subsystem T is detected, that is, the unauthorized continuation point FS′ has not been reset or has been incorrectly reset and the partial operating sequence TB has not been ended properly.
  • the reasons for this may be, for example, an attack in which the instruction counter of the processor P has been manipulated.
  • the evaluation unit AE outputs a signal which stops the processor P of the data processing device.
  • the evaluation unit AE is part of the processor P. Particularly if the continuation point FS is denoted using a return address, the memory management unit or the memory protection unit of the processor P can be used for this purpose. An unauthorized return address is detected as a fault by these units.
  • the sequence controller AS is implemented, within the processor P, together with a corresponding program.
  • the modification device M may also use registers of the processor P and the arithmetic unit of the latter to modify the continuation point FS.
  • the subsystem T may be implemented using system states of the processor P. In this case, the states are detected by the hardware of the processor P and can access processor-internal fault detection mechanisms.
  • Fault detection mechanisms of this type may be, for example, faults, traps, aborts or interrupts which change the normal operating sequence BA. It is particularly advantageous in these embodiments that there is no need for additional hardware for the modification device M, the subsystem T, the sequence controller AS and the evaluation device AE. Furthermore, system states of this type are available on virtually all hardware platforms and do not require any explicit checking by means of software, with the result that the operating sequence is encumbered only with very little overhead in order to monitor correct operation.
  • FIG. 2 shows the principle of the method for monitoring the correct operation of the data processing device.
  • the operating sequence BA is effected in a plurality of partial operating sequences TB.
  • the left-hand part of the figure shows three partial operating sequences TB 1 , TB 2 and TB 3 which follow one another sequentially.
  • the right-hand side of FIG. 2 shows, by way of example, the modification in the sequence of the partial operating sequence TB 2 which is executed after the partial operating sequence TB 1 has been executed.
  • the partial operating sequence TB 2 on the left-hand side is replaced with four steps.
  • a subsystem state is changed to an unauthorized state.
  • the partial operating sequence TB 2 is executed.
  • each of the partial operating sequences TB 1 , TB 2 and TB 3 can be modified in the manner described above.
  • the subsystem state is reset to the authorized state again only when a partial operating sequence has been executed correctly. Evaluating the subsystem state can thus detect whether the operating sequence BA has been manipulated.
  • a further partial operating sequence can be started and executed as part of one of the partial operating sequences. This further partial operating sequence can also be correspondingly modified, in which case it is necessary to buffer-store the continuation point for the original partial operating sequence and to restore it again after the further partial operating sequence has been executed.
  • FIG. 3 shows one implementation of a partial operating sequence TB in the form of a subroutine.
  • the continuation point FS is the return address of the subroutine and the modification device M containing the adder A and the constant memory C as well as the continuation point memory F is implemented together with the sequence controller AS using the processor P with an appropriate program, the subsystem T being implemented using a system state of the processor P and the return address being evaluated in a memory management unit or a memory protection unit of the processor P.
  • the left-hand side of FIG. 3 shows proper operation.
  • the partial operating sequence TB is executed by the subroutine 1 .
  • the return address RA of the subroutine 1 denotes the continuation point FS, that is to say that point at which execution of the operating sequence BA is continued after the subroutine 1 has ended.
  • the return address RA is modified by adding a constant C 1 to it.
  • the subroutine instructions are then executed. If a fault or an attack does not occur, the return address RA is reset to the original value again by subtracting the constant C 1 again. Return to the continuation point is then effected using the return instruction, so that further instructions or subroutines can be executed.
  • FIG. 3 illustrates the fault or attack.
  • a jump is made to a subroutine 2 as a result of an attack.
  • the return address RA remains unchanged but was previously modified by entry into the subroutine 1 .
  • a return to this address gives rise to an exception in the memory management unit or memory protection unit of the processor P and the attack or fault can be detected.
  • the constants C 1 and C 2 can be selected in such a manner that the resultant return addresses point to a nonexistent memory area. They may also point to a memory area which, although being present, does not contain any executable code. Furthermore, the constants C 1 and C 2 can be selected in such a manner that the return addresses refer to an area for which there are no access rights. Another possible way of selecting the constants C 1 and C 2 is for the modified return addresses RA to point, beyond the boundaries of a memory area, to another memory area if such a change in memory areas can be detected by the processor. They may also be selected in such a manner that the modified return address RA points, for example, to the middle of an instruction having a length of four bytes and thus triggers a fault.
  • modification constants C 1 and C 2 are selected to be zero, the correct operation of the data processing device cannot be monitored.
  • the constants for different subroutines must also be selected to be different so that unintentional resetting by another subroutine is precluded.
  • FIG. 4 shows a state diagram for the exemplary embodiment in FIG. 3 .
  • Three states 1 , 2 and 3 are shown, state 1 representing an authorized return address RA, state 2 representing an unauthorized return address RA and state 3 representing the presence of an unauthorized state.
  • state 1 representing an authorized return address RA
  • state 2 representing an unauthorized return address RA
  • state 3 representing the presence of an unauthorized state.
  • state 1 representing an authorized return address RA
  • state 2 representing an unauthorized return address RA
  • state 3 representing the presence of an unauthorized state.
  • From state 1 one lands in state 1 again via the transition 4 , the transition 4 being characterized by a jump back from a subroutine in which the return address RA was not modified.
  • the transition 5 from the state 1 to the state 2 occurs when the return address RA of the subroutine which is running is modified.
  • the transition 6 in which the return address RA is reset again, again results in an authorized return address RA and in state 1 .
  • State 2 is retained during the transitions 7 and 8 in which the return address RA is reset using an incorrect constant or a further subroutine is branched to on account of an attack or a fault.
  • the transition from the state 2 to the exception 3 is achieved by means of the transitions 9 and 10 , transition 9 representing a return, that is to say evaluation of the subsystem state, and the transition 10 representing a direct attack or fault.
  • the transitions 11 and 12 are also shown.
  • the further subroutine is called in the transition 11 , its return address is first of all unchanged and is thus authorized, with the result that the state 1 is reached with an authorized return address.
  • the return address of the further subroutine is then modified in the transition 5 in such a manner that an unauthorized return address is obtained and state 2 is assumed again.
  • Transition 12 represents the situation in which there is a state with an authorized return address and a return to the caller of the current subroutine is executed. In this case, the return address of the caller is restored, which address was changed to an unauthorized value at an earlier point in time by transition 5 .
  • the invention can be used to monitor the operation of a data processing device without the need for hardware measures, for example sensors. Since mechanisms which exist in any hardware architecture are used to detect unauthorized states, it is possible to dispense with storing additional states. Since there is no need for any testing instructions either, very little programming complexity, which can also be automated, results. Monitoring without specialized hardware and without being restricted to specific applications or hardware platforms is thus possible.

Abstract

A method for monitoring the correct operations of a data processing device including changing a subsystem from an authorized state to an unauthorized state, executing the partial operating sequence, and resetting any subsystem state from the unauthorized state to the authorized state.

Description

    CROSS-REFERENCE TO RELATED APPLICATION
  • This application claims priority to German Patent Application Serial No. 10 2006 035 662.4, filed Jul. 31, 2006, and which is incorporated herein by reference in its entirety.
  • BACKGROUND
  • Data processing devices are controlled using programs which includes a sequence of instructions that can be executed in order to achieve a particular functionality. The high flexibility of data processing devices is based on the fact that, in programs, individual steps can be executed not only sequentially but also with branches in the sequence. For a data processing device to operate correctly, the correct program flow, that is the correct order in which the individual instructions are executed, is required. Unexpected changes in the sequence lead to incorrect results or even to operation of the data processing device being stopped. Such changes may be caused, for example, by faults in the hardware or in the programs. Furthermore, external attacks in which the correct operation of a data processing device is deliberately disrupted in order to gain an advantage are conceivable.
  • In order to avoid faults during the operation of a data processing device, hardware and software are verified, that is, they are checked for the correct method of operation. Unfortunately, some faults remain undiscovered during verification since not all possible situations can be covered. These include, in particular, limiting cases which occur when different parts of a program interact, in which case it is not possible to verify the individual parts together. Faults in the program flow may result in failure of the data processing device or in security gaps which can be exploited.
  • External attacks which influence the operation of a data processing device may be detected using suitable hardware measures. These include checkpoint registers, in which values are compared with expected values during operation, glitch sensors, which detect very brief voltage dips or increases in the current or clock supply, frequency sensors, which are used to detect changes in the clock frequency, in particular underfrequencies, or single-step operation, and light sensors, which can be used to detect manipulation of the chip during optical analysis. Hardware measures can be used only in specialized safety processors, the use of analog sensors frequently requiring redesign, in particular.
  • DESCRIPTION OF THE DRAWINGS
  • FIG. 1 shows a block diagram of an exemplary embodiment of the data processing device according to the invention;
  • FIG. 2 shows a principle on which the invention is based;
  • FIG. 3 shows a program section for an exemplary embodiment; and
  • FIG. 4 shows an exemplary state diagram for the operation of a data processing device according to the invention.
  • DESCRIPTION OF THE INVENTION
  • In an embodiment a method for monitoring the correct operation of a data processing device, the method having the steps of changing a subsystem from an authorized state to an unauthorized state before a partial operating sequence is executed, the unauthorized state not interfering with the execution of the partial operating sequence as long as the state of the subsystem is not being evaluated, executing the partial operating sequence, resetting the subsystem state from the unauthorized state to the authorized state after the partial operating sequence has been executed, and evaluating the subsystem state.
  • If the partial operating sequence is fully executed properly, the subsystem state is reset from the unauthorized state to the authorized state before evaluation. During evaluation, the subsystem state is then in an authorized state. If, in contrast, the partial operating sequence is disrupted and is not ended correctly, the subsystem is still in an unauthorized state. This unauthorized state is detected by evaluating the subsystem state and the necessary measures, for example adjusting the operation of the data processing device, are taken.
  • In an embodiment, the data processing device carries out the abovementioned steps during operation. If the evaluation of the subsystem state revealed an authorized state, the data processing device continues operation at a continuation point for the partial operating sequence.
  • Operation of the data processing device may include a plurality of partial operating sequences, the process being continued, after the subsystem state has been evaluated, only if the subsystem is in an authorized state. This ensures that the partial operating sequence has been fully executed correctly, and operation of the data processing device is continued only if no unexpected interruptions in the partial operating sequence have occurred.
  • In an embodiment, the subsystem state is described by a continuation point.
  • Depending on the continuation point, the subsystem state is in an authorized state or an unauthorized state.
  • In an embodiment, in the authorized state, the continuation point is the continuation point for the partial operating sequence.
  • In order to monitor the correct operation of the data processing device, the continuation point for the partial operating sequence is modified before the partial operating sequence is executed and, after the latter has been successfully executed, is reset again to the correct continuation point for the partial operating sequence. If the partial operating sequence is disrupted in any way, with the result that the continuation point is not reset from an unauthorized continuation point to the authorized continuation point for the partial operating sequence, the unauthorized continuation point is detected when evaluating the subsystem state.
  • In an embodiment, in the unauthorized state, the continuation point is an invalid continuation point which does not correspond to the continuation point for the partial operating sequence.
  • An invalid continuation point can be detected when evaluating the subsystem state, the continuation point being selected in such a manner that operation of the data processing device is ended or interrupted in a determinate manner.
  • In an embodiment, the invalid continuation point is reversibly determined from the continuation point for the partial operating sequence.
  • In order to change the subsystem from an authorized state to an unauthorized state before the partial operating sequence is executed, and in order to change the subsystem state from the unauthorized state to the authorized state after the partial operating sequence has been executed, it is necessary for the continuation point for the partial operating sequence to be able to be determined from the invalid continuation point.
  • In an embodiment, instructions for changing the subsystem state from an authorized state to an unauthorized state before the partial operating sequence to be monitored, instructions for resetting the subsystem state from the unauthorized state to the authorized state, and instructions for evaluating the subsystem state after the partial operating sequence to be monitored are inserted into a program which controls the partial operating sequence.
  • The method for monitoring the correct operation of the data processing device can be implemented by inserting the appropriate instructions into the program which controls the partial operating sequence.
  • In an embodiment, the instructions are automatically inserted into the program when compiling or interpreting the program.
  • As a result of the fact that the instructions which are needed to monitor the correct operation of the data processing device are automatically inserted into the program which controls the partial operating sequence, the method can be used for any desired data processing devices without great expenditure. In particular, the method is thus independent of the platform and application program.
  • In an embodiment, the continuation point is a return address of the program which controls the partial operating sequence.
  • As a result of the use of a return address to represent the subsystem state, there is no need to explicitly check the subsystem state since the return address is automatically evaluated during the partial operating sequence, with the result that the method can be implemented with very little overhead.
  • In an embodiment, the invalid continuation point is a return address which is generated by adding a constant or a random number from the return address of the program for controlling the partial operating sequence.
  • In this case, the constant or random number is selected in such a manner than an invalid return address which results in a fault during return is generated. In this case, the fault can be triggered, for example, by access to a nonexistent memory area.
  • In an embodiment, in order to reset the subsystem state from the unauthorized state to the authorized state after the partial operating sequence has been executed, addition of the constant or of the random number is reversed.
  • As a result of the addition being reversed, the correct return address of the program which controls the partial operating sequence is obtained again and does not cause a fault during evaluation, that is to say during return.
  • In an embodiment, the subsystem state is evaluated using a memory management unit or a memory protection unit.
  • If the subsystem state is denoted using a return address, a memory management unit or a memory protection unit can be used to detect whether the address is valid and authorized or invalid and unauthorized. In this case, it is advantageous that there is no need for an additional memory for storing the subsystem state and that memory management units or memory protection units are present in most hardware platforms of data processing devices.
  • In an embodiment, the unauthorized state triggers an alarm, an abort, a fault, an exception or a trap in the data processing device.
  • State monitoring mechanisms which are already present in the data processing device can thus be used to monitor correct operation without the need for additional hardware expenditure. State monitoring mechanisms are intended to mean all mechanisms in the data processing device which are suitable for triggering an alarm, an abort, a fault, an exception or a trap.
  • In an embodiment, the unauthorized state interrupts operation of the data processing device during evaluation.
  • If, for example, an attempt is made to execute an unauthorized branch in the data processing device, as a result of which the subsystem state cannot be reset from the unauthorized state to the authorized state, this is indicated by interrupting operation. This makes it possible to detect faults and attacks and to protect security-sensitive data.
  • There is also provided a data processing device which includes a processor, a subsystem which can assume an authorized state and an unauthorized state, a sequence controller, a modification device for modifying a continuation point, a continuation point memory for storing a continuation point, and an evaluation unit for evaluating a state of the subsystem. In this case, the sequence controller is designed in such a manner that it stores a continuation point for a partial operating sequence in the continuation point memory before the partial operating sequence is executed by the processor, uses the modification device to change the continuation point in such a manner that, when a state of the subsystem is being evaluated by the evaluation unit, an unauthorized state is detected, uses the modification device to reverse the change in the continuation point after the partial operating sequence has been executed by the processor and changes the subsystem state from the unauthorized state to the authorized state, and evaluates the state of the subsystem in the evaluation unit.
  • The sequence controller modifies the partial operating sequence in such a manner that the continuation point for the latter is first of all changed in such a manner that it would lead to an unauthorized state during evaluation. Given the correct sequence of the partial operating sequence, this change is reversed, with the result that no unauthorized state is detected during evaluation. If, in contrast, the partial operating sequence is not ended properly, the change in the continuation point is not reversed either, with the result that the subsystem remains in the invalid state.
  • In an embodiment, the continuation point is a return address of a program which controls the partial operating sequence.
  • The authorized state corresponds to the correct return address of the program, while the unauthorized state corresponds to an illegal return address.
  • In an embodiment, the evaluation unit is a memory management unit or a memory protection unit of the processor.
  • The memory management unit or memory protection unit is responsible for memory management. A valid or authorized return address results in the next instruction being executed after the partial operating sequence, while an illegal, invalid or unauthorized return address results in a fault message. This makes it possible to use the already existing hardware of the processor to implement an evaluation unit which can be used to monitor the operation of the data processing device.
  • In an embodiment, the sequence controller is implemented using the processor.
  • A separate processor is thus not needed for the sequence controller; the latter can be implemented using the already existing processor of the data processing device.
  • In an embodiment, the subsystem is implemented using the processor.
  • The subsystem can assume an authorized state and an unauthorized state and can be implemented as such using system registers in which system states are stored. System registers are used to store the states of alarms, aborts, faults, exceptions and traps which have been detected by the processor.
  • In an embodiment, the modification device and the continuation point memory are implemented using software which runs on the processor.
  • The modification device and the continuation point memory are implemented using software which is executed in the processor. The continuation point memory may be, for example, a variable whose value is modified using an appropriate programming instruction.
  • FIG. 1 shows an exemplary embodiment of the data processing device according to the invention having a processor P for executing an operating sequence BA. The operating sequence BA may include a plurality of partial operating sequences TB. At a point in time T1 at which one of the partial operating sequences TB begins, a sequence controller AS drives a modification device M in such a manner that it reads in a continuation point FS for the partial operating sequence TB. The continuation point FS is intended to mean that point in the operating sequence BA which is executed by the processor P after the partial operating sequence TB has been processed. In the modification device M, the continuation point FS is modified and a new, unauthorized continuation point FS′ is generated. If the continuation point FS is described by a number, for example a return address, this may be effected using an adder A which adds a modification constant MK, which is stored in a constant memory C, to the continuation point FS. The modification constant MK may be a constant or a random number. Each partial operating sequence TB is associated with its own modification constant MK, the modification constants MK of different partial operating sequences TB differing from one another. The unauthorized continuation point FS′ is stored in a continuation point memory F. The modification to the continuation point FS can be reversed again in the modification device M by the contents of the continuation point memory F being supplied to the adder A again, in which case, however, the latter no longer adds the modification constant MK but rather subtracts it. It is essential for the choice of the modification constant MK that the latter is selected in such a manner that an unauthorized continuation point FS′ is generated. An unauthorized continuation point FS′ results in an unauthorized state of the subsystem T. After the continuation point has been generated, the partial operating sequence TB is executed by the processor P. After the partial operating sequence TB has been executed, the sequence controller AS drives the modification device M again but in such a manner that the modification to the continuation point FS is reversed by means of subtraction, as described above, and an authorized continuation point FS is output at the output of the modification device M. An authorized continuation point FS is, for example, that point in the operating sequence BA which is intended to be executed by the processor after the partial operating sequence TB has been executed correctly. In the subsystem T, the authorized continuation point FS or the unauthorized continuation point FS′ results in an authorized or an unauthorized state. The state of the subsystem T is evaluated using the evaluation unit AE after the partial operating sequence TB and the sequence control AS have been executed. In the case of an authorized state, processing of the operating sequence BA is continued with the next partial operating sequence TB. If, in contrast, an unauthorized state of the subsystem T is detected, that is, the unauthorized continuation point FS′ has not been reset or has been incorrectly reset and the partial operating sequence TB has not been ended properly. The reasons for this may be, for example, an attack in which the instruction counter of the processor P has been manipulated. In this case, the evaluation unit AE outputs a signal which stops the processor P of the data processing device.
  • In one embodiment, the evaluation unit AE is part of the processor P. Particularly if the continuation point FS is denoted using a return address, the memory management unit or the memory protection unit of the processor P can be used for this purpose. An unauthorized return address is detected as a fault by these units. In another design, the sequence controller AS is implemented, within the processor P, together with a corresponding program. In the same manner, the modification device M may also use registers of the processor P and the arithmetic unit of the latter to modify the continuation point FS. Furthermore, the subsystem T may be implemented using system states of the processor P. In this case, the states are detected by the hardware of the processor P and can access processor-internal fault detection mechanisms. Fault detection mechanisms of this type may be, for example, faults, traps, aborts or interrupts which change the normal operating sequence BA. It is particularly advantageous in these embodiments that there is no need for additional hardware for the modification device M, the subsystem T, the sequence controller AS and the evaluation device AE. Furthermore, system states of this type are available on virtually all hardware platforms and do not require any explicit checking by means of software, with the result that the operating sequence is encumbered only with very little overhead in order to monitor correct operation.
  • FIG. 2 shows the principle of the method for monitoring the correct operation of the data processing device. In this case, it is assumed that the operating sequence BA is effected in a plurality of partial operating sequences TB. The left-hand part of the figure shows three partial operating sequences TB1, TB2 and TB3 which follow one another sequentially. The right-hand side of FIG. 2 shows, by way of example, the modification in the sequence of the partial operating sequence TB2 which is executed after the partial operating sequence TB1 has been executed. In this case, the partial operating sequence TB2 on the left-hand side is replaced with four steps. In the first step, a subsystem state is changed to an unauthorized state. In the second step, the partial operating sequence TB2 is executed. The subsystem state is subsequently reset to an authorized state and the subsystem state is finally evaluated. In this case, each of the partial operating sequences TB1, TB2 and TB3 can be modified in the manner described above. As explained in connection with FIG. 1, the subsystem state is reset to the authorized state again only when a partial operating sequence has been executed correctly. Evaluating the subsystem state can thus detect whether the operating sequence BA has been manipulated. It is also possible for a further partial operating sequence to be started and executed as part of one of the partial operating sequences. This further partial operating sequence can also be correspondingly modified, in which case it is necessary to buffer-store the continuation point for the original partial operating sequence and to restore it again after the further partial operating sequence has been executed.
  • FIG. 3 shows one implementation of a partial operating sequence TB in the form of a subroutine. It is assumed below that the continuation point FS is the return address of the subroutine and the modification device M containing the adder A and the constant memory C as well as the continuation point memory F is implemented together with the sequence controller AS using the processor P with an appropriate program, the subsystem T being implemented using a system state of the processor P and the return address being evaluated in a memory management unit or a memory protection unit of the processor P.
  • The left-hand side of FIG. 3 shows proper operation. The partial operating sequence TB is executed by the subroutine 1. In this case, the return address RA of the subroutine 1 denotes the continuation point FS, that is to say that point at which execution of the operating sequence BA is continued after the subroutine 1 has ended. In a first instruction, the return address RA is modified by adding a constant C1 to it. By way of example, the return address is selected to be RA=0x02001158 and C1=0x17400000. The modified return address then results as RA=0x19401158. The subroutine instructions are then executed. If a fault or an attack does not occur, the return address RA is reset to the original value again by subtracting the constant C1 again. Return to the continuation point is then effected using the return instruction, so that further instructions or subroutines can be executed.
  • The right-hand side of FIG. 3 illustrates the fault or attack. Before the subroutine 1 is ended and before the return address RA is reset, a jump is made to a subroutine 2 as a result of an attack. In this case, the return address RA remains unchanged but was previously modified by entry into the subroutine 1. After the instructions in the subroutine 2 have been executed, an attempt is made to reset the return address RA by subtracting the constant C2=0x14340000 which is associated with the subroutine 2. However, the unauthorized return address RA=0x050C1158 is obtained. A return to this address gives rise to an exception in the memory management unit or memory protection unit of the processor P and the attack or fault can be detected.
  • The constants C1 and C2 can be selected in such a manner that the resultant return addresses point to a nonexistent memory area. They may also point to a memory area which, although being present, does not contain any executable code. Furthermore, the constants C1 and C2 can be selected in such a manner that the return addresses refer to an area for which there are no access rights. Another possible way of selecting the constants C1 and C2 is for the modified return addresses RA to point, beyond the boundaries of a memory area, to another memory area if such a change in memory areas can be detected by the processor. They may also be selected in such a manner that the modified return address RA points, for example, to the middle of an instruction having a length of four bytes and thus triggers a fault. If, in contrast, the modification constants C1 and C2 are selected to be zero, the correct operation of the data processing device cannot be monitored. The constants for different subroutines must also be selected to be different so that unintentional resetting by another subroutine is precluded.
  • FIG. 4 shows a state diagram for the exemplary embodiment in FIG. 3. Three states 1, 2 and 3 are shown, state 1 representing an authorized return address RA, state 2 representing an unauthorized return address RA and state 3 representing the presence of an unauthorized state. From state 1, one lands in state 1 again via the transition 4, the transition 4 being characterized by a jump back from a subroutine in which the return address RA was not modified. The transition 5 from the state 1 to the state 2 occurs when the return address RA of the subroutine which is running is modified. The transition 6, in which the return address RA is reset again, again results in an authorized return address RA and in state 1. State 2 is retained during the transitions 7 and 8 in which the return address RA is reset using an incorrect constant or a further subroutine is branched to on account of an attack or a fault. The transition from the state 2 to the exception 3 is achieved by means of the transitions 9 and 10, transition 9 representing a return, that is to say evaluation of the subsystem state, and the transition 10 representing a direct attack or fault. Furthermore, the transitions 11 and 12 are also shown. When the further subroutine is called in the transition 11, its return address is first of all unchanged and is thus authorized, with the result that the state 1 is reached with an authorized return address. The return address of the further subroutine is then modified in the transition 5 in such a manner that an unauthorized return address is obtained and state 2 is assumed again. Transition 12 represents the situation in which there is a state with an authorized return address and a return to the caller of the current subroutine is executed. In this case, the return address of the caller is restored, which address was changed to an unauthorized value at an earlier point in time by transition 5.
  • The invention can be used to monitor the operation of a data processing device without the need for hardware measures, for example sensors. Since mechanisms which exist in any hardware architecture are used to detect unauthorized states, it is possible to dispense with storing additional states. Since there is no need for any testing instructions either, very little programming complexity, which can also be automated, results. Monitoring without specialized hardware and without being restricted to specific applications or hardware platforms is thus possible.

Claims (22)

1. A method for monitoring correct operation of a data processing device, comprising:
changing a subsystem from an authorized state to an unauthorized state before a partial operating sequence is executed, the unauthorized state not interfering with the execution of the partial operating sequence as long as the state of the subsystem is not being evaluated;
executing the partial operating sequence;
resetting the subsystem state from the unauthorized state to the authorized state after the partial operating sequence has been executed; and
evaluating the subsystem state.
2. The method as claimed in claim 1, wherein the data processing device executes as if the evaluation of the subsystem state revealed an authorized state, and continues operation at a continuation point for the partial operating sequence.
3. The method as claimed in claim 1, wherein the subsystem state is described by a continuation point.
4. The method as claimed in claim 3, wherein in the authorized state, the continuation point is the continuation point for the partial operating sequence.
5. The method as claimed in claim 3, wherein in the unauthorized state, the continuation point is an unauthorized continuation point which does not correspond with the continuation point for the partial operating sequence.
6. The method as claimed in claim 5, wherein the unauthorized continuation point is reversibly determined from the continuation point for the partial operating sequence.
7. A method for monitoring a correct operation of a data processing device, the method comprising:
inserting instructions for changing a subsystem state from an authorized state to an unauthorized state before a partial operating sequence to be monitored;
inserting instructions for resetting the subsystem state from the unauthorized state to the authorized state;
inserting instructions for evaluating the subsystem state after the partial operating sequence to be monitored into a program which controls the partial operating sequence; and
executing the partial operating sequence.
8. The method as claimed in claim 7, wherein the instructions are automatically inserted into the program when compiling or interpreting the program.
9. The method as claimed in claim 7, wherein the continuation point is a return address of the program which controls the partial operating sequence.
10. The method as claimed in claim 7, wherein an unauthorized continuation point is a return address which is generated by adding a constant or a random number from the return address of the program in order to control the partial operating sequence.
11. The method as claimed in claim 10, wherein in order to reset the subsystem state from the unauthorized state to the authorized state after the partial operating sequence has been executed, the method further comprises adding of the constant or of the random number is reversed.
12. The method as claimed in claim 11, wherein the subsystem state is evaluated using a memory management unit or a memory protection unit.
13. The method as claimed in claim 12, wherein the unauthorized state triggers an alarm, an abort, a fault, an exception, or a trap in the data processing device.
14. The method as claimed in claim 13, wherein the unauthorized state interrupts operation of the data processing device during evaluation.
15. A data processing device comprising:
a processor;
a subsystem which can assume an authorized state and an unauthorized state;
a sequence controller;
a modification device for modifying a continuation point;
a continuation point memory for storing the continuation point; and
an evaluation unit for evaluating a state of the subsystem,
wherein the sequence controller:
stores a continuation point for a partial operating sequence in the continuation point memory before the partial operating sequence is executed by the processor,
uses the modification device to change the continuation point such that, when a state of the subsystem is being evaluated by the evaluation unit, an unauthorized state is detected,
uses the modification device to reverse the change in the continuation point after the partial operating sequence has been executed by the processor and to change the subsystem state from the unauthorized state to the authorized state, and
evaluates the state of the subsystem in the evaluation unit.
16. The data processing device as claimed in claim 15, wherein the continuation point is a return address of a program which controls the partial operating sequence.
17. The data processing device as claimed in claim 15, wherein the evaluation unit is a memory management unit or a memory protection unit of the processor.
18. The data processing device as claimed in claim 15, wherein the sequence controller is implemented using the processor.
19. The data processing device as claimed in claim 15, wherein the subsystem is implemented using the processor.
20. The data processing device as claimed in claim 15, wherein the modification device and the continuation point memory are implemented using software which runs on the processor.
21. A data processing device comprising:
a processor;
a subsystem which can assume an authorized state and an unauthorized state;
a modification means for modifying a continuation point;
an evaluation unit for evaluating a state of the subsystem; and
a sequence controlling means for storing a continuation point for a partial operating sequence in a continuation point memory before the partial operating sequence is executed by the processor, for using the modification means to change the continuation point such that, when a state of the subsystem is being evaluated by the evaluation unit, an unauthorized state is detected, for using the modification means to reverse the change in the continuation point after the partial operating sequence has been executed by the processor and to change the subsystem state from the unauthorized state to the authorized state, and for evaluating the state of the subsystem in the evaluation unit.
22. A data processing device comprising:
means for changing a subsystem from an authorized state to an unauthorized state before a partial operating sequence is executed, the unauthorized state not interfering with the execution of the partial operating sequence as long as the state of the subsystem is not being evaluated;
means for executing the partial operating sequence;
means for resetting the subsystem state from the unauthorized state to the authorized state after the partial operating sequence has been executed; and
means for evaluating the subsystem state.
US11/609,253 2006-07-31 2006-12-11 Data processing device and method for monitoring correct operation of a data processing device Active 2028-06-15 US7689874B2 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
DE102006035662 2006-07-31
DE102006035662A DE102006035662A1 (en) 2006-07-31 2006-07-31 Monitoring correct operation of data processing unit, displaces subsystem from allowed state into non-allowed state before executing partial operational run
DE102006035662.4 2006-07-31

Publications (3)

Publication Number Publication Date
US20080115132A1 true US20080115132A1 (en) 2008-05-15
US20100042995A9 US20100042995A9 (en) 2010-02-18
US7689874B2 US7689874B2 (en) 2010-03-30

Family

ID=38921845

Family Applications (1)

Application Number Title Priority Date Filing Date
US11/609,253 Active 2028-06-15 US7689874B2 (en) 2006-07-31 2006-12-11 Data processing device and method for monitoring correct operation of a data processing device

Country Status (2)

Country Link
US (1) US7689874B2 (en)
DE (1) DE102006035662A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150249679A1 (en) * 2012-02-17 2015-09-03 Gemalto Sa Method and device for protecting an electronic device against fault attack(s)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP5225003B2 (en) * 2008-10-01 2013-07-03 キヤノン株式会社 MEMORY PROTECTION METHOD, INFORMATION PROCESSING DEVICE, MEMORY PROTECTION PROGRAM, AND RECORDING MEDIUM CONTAINING MEMORY PROTECTION PROGRAM
US8918885B2 (en) * 2012-02-09 2014-12-23 International Business Machines Corporation Automatic discovery of system integrity exposures in system code
US10425229B2 (en) * 2016-02-12 2019-09-24 Microsoft Technology Licensing, Llc Secure provisioning of operating systems

Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3806716A (en) * 1972-07-17 1974-04-23 Sperry Rand Corp Parity error recovery
US4322791A (en) * 1976-12-23 1982-03-30 Tokyo Shibaura Electric Co., Ltd. Error display systems
US4639881A (en) * 1982-06-01 1987-01-27 M.A.N.-Roland Druckmaschinen Ag. Data input unit and method for printing machines
US4937777A (en) * 1987-10-07 1990-06-26 Allen-Bradley Company, Inc. Programmable controller with multiple task processors
US5027358A (en) * 1989-11-09 1991-06-25 At&T Bell Laboratories Switch-adjunct communications protocol
US5301325A (en) * 1991-03-07 1994-04-05 Digital Equipment Corporation Use of stack depth to identify architechture and calling standard dependencies in machine code
US5983370A (en) * 1996-10-30 1999-11-09 Texas Instruments Incorporated Four state token passing alignment fault state circuit for microprocessor address misalignment fault generation having combined read/write port
US6000028A (en) * 1996-01-29 1999-12-07 Digital Equipment Corporation Means and apparatus for maintaining condition codes in an unevaluated state
US6167479A (en) * 1998-08-03 2000-12-26 Unisys Corporation System and method for testing interrupt processing logic within an instruction processor
US20010007124A1 (en) * 1999-12-24 2001-07-05 Matsushita Electric Industrial Co., Ltd. Program modification device
US6374350B1 (en) * 1998-02-20 2002-04-16 Intel Corporation System and method of maintaining and utilizing multiple return stack buffers
US6701460B1 (en) * 1999-10-21 2004-03-02 Sun Microsystems, Inc. Method and apparatus for testing a computer system through software fault injection
US6704894B1 (en) * 2000-12-21 2004-03-09 Lockheed Martin Corporation Fault insertion using on-card reprogrammable devices
US20050229044A1 (en) * 2003-10-23 2005-10-13 Microsoft Corporation Predicate-based test coverage and generation

Patent Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3806716A (en) * 1972-07-17 1974-04-23 Sperry Rand Corp Parity error recovery
US4322791A (en) * 1976-12-23 1982-03-30 Tokyo Shibaura Electric Co., Ltd. Error display systems
US4639881A (en) * 1982-06-01 1987-01-27 M.A.N.-Roland Druckmaschinen Ag. Data input unit and method for printing machines
US4937777A (en) * 1987-10-07 1990-06-26 Allen-Bradley Company, Inc. Programmable controller with multiple task processors
US5027358A (en) * 1989-11-09 1991-06-25 At&T Bell Laboratories Switch-adjunct communications protocol
US5301325A (en) * 1991-03-07 1994-04-05 Digital Equipment Corporation Use of stack depth to identify architechture and calling standard dependencies in machine code
US6000028A (en) * 1996-01-29 1999-12-07 Digital Equipment Corporation Means and apparatus for maintaining condition codes in an unevaluated state
US5983370A (en) * 1996-10-30 1999-11-09 Texas Instruments Incorporated Four state token passing alignment fault state circuit for microprocessor address misalignment fault generation having combined read/write port
US6374350B1 (en) * 1998-02-20 2002-04-16 Intel Corporation System and method of maintaining and utilizing multiple return stack buffers
US6167479A (en) * 1998-08-03 2000-12-26 Unisys Corporation System and method for testing interrupt processing logic within an instruction processor
US6701460B1 (en) * 1999-10-21 2004-03-02 Sun Microsystems, Inc. Method and apparatus for testing a computer system through software fault injection
US20010007124A1 (en) * 1999-12-24 2001-07-05 Matsushita Electric Industrial Co., Ltd. Program modification device
US6704894B1 (en) * 2000-12-21 2004-03-09 Lockheed Martin Corporation Fault insertion using on-card reprogrammable devices
US20050229044A1 (en) * 2003-10-23 2005-10-13 Microsoft Corporation Predicate-based test coverage and generation

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150249679A1 (en) * 2012-02-17 2015-09-03 Gemalto Sa Method and device for protecting an electronic device against fault attack(s)

Also Published As

Publication number Publication date
US7689874B2 (en) 2010-03-30
US20100042995A9 (en) 2010-02-18
DE102006035662A1 (en) 2008-02-14

Similar Documents

Publication Publication Date Title
US11113384B2 (en) Stack overflow protection by monitoring addresses of a stack of multi-bit protection codes
CA2984386C (en) Method and execution environment for the secure execution of program instructions
US9092618B2 (en) Method and device for making secure execution of a computer programme
US8843761B2 (en) Method and apparatus for protection of a program against monitoring flow manipulation and against incorrect program running
EP2946330B1 (en) Method and system for protecting computerized systems from malicious code
KR102160916B1 (en) Data processing apparatus and method using secure domain and less secure domain
EP2979211B1 (en) Protecting software application
KR101671795B1 (en) Computer system and method for preventing dynamic link library injection attack
KR102192835B1 (en) Security protection of software libraries in a data processing apparatus
US7954153B2 (en) Secured coprocessor comprising an event detection circuit
US7689874B2 (en) Data processing device and method for monitoring correct operation of a data processing device
KR101861952B1 (en) Anti-debugging method for preventing software break point and apparatus therefor
Chekole et al. Cima: Compiler-enforced resilience against memory safety attacks in cyber-physical systems
JP2009129463A (en) Processing method of temporary error in real time system of vehicle controller
US11614988B2 (en) Variable memory diagnostics
US20100125830A1 (en) Method of Assuring Execution for Safety Computer Code
US7634640B2 (en) Data processing apparatus having program counter sensor
US8141145B2 (en) Method to control the execution of a program by a microcontroller
KR101028935B1 (en) Method for the secure checking of a memory region of a microcontroller in a control device and control device with a protected microcontroller
EP3376423A1 (en) Self-adaptive countermeasures
US8763138B2 (en) Method and device for security loading a memory and an associated memory
US20060248589A1 (en) Memory device and an arrangement for protecting software programs against inadvertent execution
Beckschulze et al. A comparison of dual-core approaches for safety-critical automotive applications
CN115130113A (en) Vulnerability analysis method, system and medium for automobile ECU firmware
CN111078458A (en) Electronic control unit, software compatibility detection method and device thereof, and automobile

Legal Events

Date Code Title Description
AS Assignment

Owner name: INFINEON TECHNOLOGIES AG, GERMANY

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:BOCH, ROBIN;DIRSCHERL, GERD;ERDMENGER, STEFAN;AND OTHERS;SIGNING DATES FROM 20061220 TO 20070122;REEL/FRAME:018969/0399

Owner name: INFINEON TECHNOLOGIES AG,GERMANY

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:BOCH, ROBIN;DIRSCHERL, GERD;ERDMENGER, STEFAN;AND OTHERS;SIGNING DATES FROM 20061220 TO 20070122;REEL/FRAME:018969/0399

Owner name: INFINEON TECHNOLOGIES AG, GERMANY

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:BOCH, ROBIN;DIRSCHERL, GERD;ERDMENGER, STEFAN;AND OTHERS;REEL/FRAME:018969/0399;SIGNING DATES FROM 20061220 TO 20070122

FEPP Fee payment procedure

Free format text: PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

STCF Information on status: patent grant

Free format text: PATENTED CASE

FPAY Fee payment

Year of fee payment: 4

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 8TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1552)

Year of fee payment: 8

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 12TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1553); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

Year of fee payment: 12