Embedded circuits or System-on-Chip (SoC) devices refer to integrated chips, which include components of a computer or other electronic system. The chips may include digital, analog, mixed-signal, and often radio frequency functions—all on a single substrate. These chips also include a nonvolatile memory in communication with an on-chip controller. From time to time, customers may wish to store secret data, such as passwords, authentication keys, bank account details, or any other such confidential information in the nonvolatile memory.
One such embedded system is an Electronic Fund Transfer Point of Sale (EFTPOS) terminal often used by retail stores to receive payments made through debit or credit cards. These POS terminals are typically coupled to a financial institution via an electronic communication link. When the cashier swipes a card, the terminal reads an account number encoded on the card. The customer then, for identification purposes, enters a personal identification number (PIN) into a keypad device, and the terminal encrypts and sends this information to the financial institution, which debits the corresponding customer's account and returns a confirmation to the POS terminal. During this process, sensitive financial and identification information, together with encryption information, is entered and stored in the terminal's nonvolatile memory.
Unfortunately, hackers and thieves can easily obtain this information from the POS terminal. For example, a thief could steal a terminal and then download the contents of the secure memory, using any one of a number of programs. Alternatively, the thief could surreptitiously load a monitor program into the POS terminal of an unsuspecting merchant. The monitor program would then record and output sensitive information to the thief over time. Similarly, a hacker could use an onboard or external debugger to extract sensitive information. Debuggers can stop the execution of instructions, read/write memory contents, inject and execute new instructions, and cause the processor to output memory contents.
Due to such security threats, memory access control is a primary concern for devices that store confidential information. Access control systems should preferably grant access to trusted sources such as genuine software or controllers attempting to access the memory, yet deny access to suspicious software or malware. Moreover, as hackers can replicate genuine software in an attempt to extract confidential data from the memory, the access control system should be able to discern unauthorized software and prevent access. To provide these solutions, developers of the trusted computing group (TCG) have introduced an access control system—Trusted Platform Module (TPM).
A TPM is a computer chip (microcontroller) that can securely store artifacts used to authenticate a platform, such as an operating system, a driver, software, or firmware. These artifacts can include certificates, or encryption keys. The TPM can also store platform measurements that help ensure that the platform remains trustworthy. Authentication (ensuring that the platform can prove what it claims to be) and attestation (proving that a platform is trustworthy) are steps employed by the TMP to ensure safer computing in all environments.
Though a TPM offers a secure solution, it requires a separate controller chip installed on a protected device. This controller chip is expensive, increasing the overall device cost. For desktops and laptops, the percentage increase in cost may be marginal; but in smaller and less expensive electronic systems, the percentage increase in cost may be much higher. Moreover, for embedded circuits and SoCs that require a simple access control mechanism for their on-board memory, TPM may provide ‘too much of a solution.’
Therefore, there exists a need for a simple, easy to implement method and system to control access to data stored in nonvolatile memories, without adding expensive circuitry.