1. Field of the Invention
The present invention generally relates to remote debugging of failed computer machines, and more particularly to methods and systems for remotely debugging a failed computer machine with improved protection of information generated during the debug session.
2. Description of the Related Art
Unless otherwise indicated herein, the approaches described in this section are not prior art to the claims in this application and are not admitted to be prior art by inclusion in this section.
To service a malfunctioning client computer (also called “client machine” hereafter), debug tools have been recently developed to facilitate checking and correction operations performed on the processing chip or chipset of the failed client machine.
To illustrate, FIG. 1 is a simplified diagram of a conventional implementation for debugging a malfunctioning client machine. The debug tool includes a software-implemented debug application 102 installed in a host computer, also called “debugger machine” 104, which is coupled to a failed client machine 106 to debug via a connection link 108. The connection link 108 between the debugger machine 104 and the client machine 106 may be achieved via a direct test access port such as the JTAG interface developed by the Joint Test Action Group (“JTAG”), or remotely through a network connection such as a Local Area Network (“LAN”) or Internet connection. As the debug session proceeds, the debug application 102 may issue debug instructions to the client machine 106. Consequently, the client machine 106 may send certain status information back to the debugger machine 104 to generate debug files 110 for analysis. Because the transmitted information includes sensitive information about the internal configuration of the client machine 106, such as the configuration of chip registers, protection measures are required to make sure that they are only accessible to authorized users.
Currently, one implemented protection measure includes the request of a confidential key or password to the service engineer before the debug session starts. The debug session will be initiated only when a valid key is inputted by the service engineer. When the client machine 106 and the debugger machine 104 are coupled through a network connection, additional protections using encryption by digital signatures may also be applied on the packets of information transmitted via the connection link 108 to prevent interception from a rogue agent. As they are received by the debugger machine 104, the packets of information sent from the client machine 106 are assembled to generate a debug file 110 that can then be visualized on the debug application 102.
While the aforementioned implementation provides some degree of protection for sensitive information exchanged during the debug session, loopholes may still exist. For example, after the debug file 110 is assembled, the user usually needs to save the debug file 110 in a storage medium (not shown) before further analysis works are performed on its content. As a result, it is still possible for an unauthorized user who has access to the storage medium to copy and read the content of the debug file 110. Because the debug file 110 may contain sensitive information, it is desirable to restrict the access of the content of the debug file 110 to only authorized users.
Therefore, what is needed is a method and system that are capable of providing improved protections for the information content generated during a debug session, and address at least the problems set forth above.