1. Field of the Invention
This invention relates in general to the field of instruction processing in computer systems, and more particularly to an apparatus and method in a CPU for predicting power consumption for executing instructions and counterbalancing or randomizing total power consumption for security purposes by turning on or shutting down selected subsystems.
2. Description of the Related Art
Early computers processed instructions, one at a time, with the instructions appearing on a data/address bus. The data/address bus was electrically visible to a test engineer such that probes could be directly attached to the bus, and the bus could be monitored to determine what instructions were executing. In fact, in embedded system design, it was common for a developer to utilize a test device, such as a state analyzer, to help test and debug his program.
For example, a developer would connect a state analyzer to the data/address bus of his computer, load his program into the memory of the computer, and then reset the computer so that it would begin processing his instructions. The state analyzer would record the instructions being executed on a clock-by-clock basis. The developer could examine the instructions recorded by the state analyzer, and could determine whether his program was executing as planned. In a similar manner, someone wanting to discover what program was operating on a computer could connect a state analyzer to the data/address bus, and could capture the program as it executed (i.e. reverse engineer the code).
With the advent of the microprocessor, testing of program code, and reverse engineering of program code, became more difficult. Early microprocessors utilized address and data buses to obtain their instructions and data from external memory such as ROM's and RAM's. Thus, a state analyzer could be coupled to the address and data buses of a microprocessor to capture the values appearing on the buses on a clock-by-clock basis. Software programs, called disassemblers, were then used to interpret the values appearing on the address and data buses, and convert them into the actual instructions that were being executed by the microprocessor. Thus, state analyzers, along with disassemblers, were used both by software developers for debugging, and by those interested in discovering what someone else had programmed.
As the complexity of microprocessors increased, so did the difficulty of testing (or reverse engineering) the instructions they were executing. For example, modern processors, although they have external data and address buses, cannot successfully be probed to determine what instructions are executing. This is because the values appearing on the address and data buses seldom relate to what the processor is doing at any one time.
More specifically, within a modern microprocessor are large areas of memory (or cache) for both data and instructions. When a processor needs data or instructions that are not already resident within the processor, the processor will request the data/instructions from external memory. It is common, however, for blocks of data/instructions, in addition to those particularly requested, to be transferred back to the processor. So, examination of the external data/address buses during the transfer does not provide any direct correlation to the instructions that are executing. In addition, as is most often the case, the data and instructions that are executing are already resident within internal cache. So, as they execute, there is no activity on the external address/data buses that provide any indication as to what is being executed.
Furthermore, most modern processors are capable of executing multiple instructions at the same time, using a technology referred to as “pipelining”. Although pipelining is beyond the scope of the present discussion, it suffices to say that pipelining in a microprocessor is similar to an assembly line, where an instruction proceeds thru several stages within a processor, each stage performing a certain operation. The instruction is preceded and followed by other instructions, in preceding and following stages in the pipeline. Thus, at any one time, a pipelined microprocessor is executing as many different instructions as there are stages in the pipeline (e.g., a 5 stage pipeline may be executing 5 different instructions).
So, since there is no longer a direct correlation between what appears on the data/address buses of a processor, and the instructions it is executing, and because multiple instructions are typically executing simultaneously, other methodologies have been developed for both software test, and reverse engineering. For software test, a common approach is the use of a simulator. The simulator utilizes a software model of the internal architecture of a processor (such as a VHDL model) to execute a particular program. A trace output from the simulator provides an indication to a developer of how his program should function within a fabricated processor. The simulator is a great tool for the developer, because s/he has access to the internal model of the processor.
The reverse engineer, however, has no access to the internal model of a processor that s/he is trying to decode. Such an internal model is highly proprietary, and closely guarded by the developer. But the reverse engineer has not been thwarted. Rather, a sophisticated science, referred to as “differential power analysis” (DPA), has been developed to speculate or determine the instruction flow within a processor.
In general, certain estimates can be made about the size and thus the power requirements of particular functional blocks (cache, ALU, Register, etc.) of a modern processor. Using these estimates, the total power consumed by a microprocessor can be monitored on a clock-by-clock basis, while the microprocessor is executing instructions. Analysis of the power consumed by the microprocessor, in conjunction with speculated power requirements associated with each of the instructions in the processor's instruction set, can often allow a reverse engineer to accurately speculate or determine the instructions being executed by a processor.
In many cases, such reverse engineering can have devastating consequences. For example, one modern application of a microprocessor is within a smart card. The smart card is much like a credit card. However, it contains a microprocessor that stores confidential information such as a person's bank account number, balance, medical history, social security number, etc. Thus, the developer of a smart card is very interested in preventing the information within the processor from being discovered. Differential power analysis applied to reverse engineer the processor can allow such confidential to be discovered, and utilized, to the detriment of the cardholder.
In view of the above, what is needed is an apparatus that may be used within a microprocessor, to prevent the reverse engineering of the program that is executing on the processor.
More specifically, what is needed is a power management apparatus that can disassociate the power that is consumed by a microprocessor, during instruction execution, from the actual power requirements of those instructions. Such an apparatus, in disassociating the power consumed by the microprocessor, from the instructions it is executing, would thwart a reverse engineer's attempt to discover confidential information using differential power analysis.
Moreover, what is needed is a power management apparatus that turns on or shuts down certain subsystems within the microprocessor, or subsystems that are external to but associated with the microprocessor (i.e., such as a system on a chip), for the purpose of disassociating the instantaneous power drain of the microprocessor from the instructions it is executing.