IMPLEMENTING SECURE MAINTENANCE INCLUDING SECURE DEBUG

IMPLEMENTING SECURE MAINTENANCE INCLUDING SECURE DEBUG

Techniques and architecture are described to control a debug port access employing the debug image signed offline by a challenge/response mechanism, where the signed image itself is tied to an ECID of a chip together with debug lifecycle information coming from fuses and a hash of a loader being deb...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Singh, Chandan, Shroff, Chirag, Kothapally, Srinivas, Licht, Ofer
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Techniques and architecture are described to control a debug port access employing the debug image signed offline by a challenge/response mechanism, where the signed image itself is tied to an ECID of a chip together with debug lifecycle information coming from fuses and a hash of a loader being debugged. All these inputs form a nonce (the debug image) that ties the debug image to the hardware being debugged and is restricted to the current debug lifecycle. The cryptographically signed debug image is authenticated by a boot image (or the chip) with a public key in the debug image. The debug image may be expanded to secure maintenance using a secure maintenance blob or "firmware maintenance certificate or nonce." The secure maintenance blob also includes a natural attribute list of low-level features to be enabled upon verification of the secure maintenance blob.