CODE FLOW PROTECTION WITH ERROR PROPAGATION

The present invention relates to an execution system having at least a central processing unit (CPU), a system memory (SM) storing a genuine program (cGC) having ciphered instructions (CI) stored at determined addresses and a secure agent component (SAC) dedicated to the protection of the execution...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: CHAMSKI, Zbigniew, COULON, Jean-Roch, SINTZOFF, André
Format: Patent
Sprache:eng ; fre ; ger
Schlagworte:
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The present invention relates to an execution system having at least a central processing unit (CPU), a system memory (SM) storing a genuine program (cGC) having ciphered instructions (CI) stored at determined addresses and a secure agent component (SAC) dedicated to the protection of the execution of the genuine program (cGC), said secure agent component (SAC) being inserted between the system memory (SM) and the central processing unit (CPU) and fetching the ciphered instructions (CI) occurring between system memory (SM) and the central processing unit (CPU), said secure agent component (SAC) comprising at least a signature register (SR) storing an instruction flow signature depending on previously executed instructions and a ciphering/deciphering module. Each fetched ciphered instruction (CI) is deciphered by executing a function depending on the ciphered instruction (CI) and on the instruction flow signature as stored in the signature register (SR) before sending the de-ciphered instruction (DI) to the central processing unit (CPU). A new instruction flow signature is determined depending on the instruction and on the instruction flow signature of the previous instruction in the instruction flow of the genuine program (cGC) before storing this new instruction flow signature in the signature register (SR).