In the domain of secure data processing, it is necessary to provide a tamper-resistant environment within which the processing can occur in a secure manner without lowering too much the performance in terms of reliability and efficiency.
A well known solution used to solve security problems was focused on protecting in a secure manner the hardware device containing the software necessary for the device functioning. The notion of tamper-proof was limited to such hardware which was difficult to open or once opened would destroy the processor and memory chip on which the secure software resided. However, it is generally recognized that software techniques for achieving application security offer more flexibility and lower cost particularly when hardware and software protection are combined.
A typical system on which application programs run generally comprises processing units, a plurality of peripherals and memories. In most cases where security is required, data is encrypted to be kept secure, i.e. working data or executable processing instructions or code, is encrypted. Encryption is usually done within a security module associated to a user unit such as a pay television set top box, a mobile equipment, a personal computer or any other device requiring security for functioning with payload or sensitive services. The security module can be implemented in a variety of manners such as on a microprocessor card, on a smartcard or any electronic module in the form of a badge or key. These modules are generally portable and detachable from the host user unit and are designed to be tamper-proof. The most commonly used form has electrical contacts, but contactless versions of type ISO 14443 also exist. Another implementation of the security module consists either of a directly soldered integrated circuit inside the user unit or a circuit on a socket or connector such as a SIM (Subscriber Identity Module) module. The security module may also be integrated on a chip which has another function e.g. on a descrambling module or on a microprocessor module of a pay television set top box. The security module can also be implemented as software.
In spite of the use of security modules and advanced encryption techniques, secure processing systems still represent a significant attraction for attempts at breaching security. Techniques used to bypass security of such systems include, for example, the reverse engineering of the hardware involved or the dynamic or static analysis of software used therein and the subsequent tampering with such software. By static analysis it is meant some form of disassembly or decompilation of non-executing code. By dynamic analysis it is meant analyzing during running of the program, i.e. by observing signals at certain contacts of the chip. Such analysis may lead to tampering whereby the software is modified by, for example, performing a branch-jamming attack wherein an unconditional jump is introduced in place of a conditional jump thus forcing a branch to execute when the current conditions do not prescribe such execution. Typically, such an attack would force a program to bypass an authentication step like serial number or password checking for example.
High reliability applications provide arrangements where a pair of processors are executing the same program instructions and verify each other conformity of results. If an error is detected, a module for correcting the software error is activated. Some examples are disclosed in following documents:
U.S. Pat. No. 5,915,082A1 describes a lockstep processor system which has error isolation built into the system and provides, in a large number of instances of detected error, high speed recovery with only small changes to current lockstep processor systems. The lockstep processor system adds error detection, isolation, and recovery logic to one or more lockstep processor system functions; namely, control outputs, processor inputs, busses, memory address busses, and memory data busses. Each processor notifies the other processor if it has detected an error, isolates the failure, and initiates recovery actions. To ensure that the processors are synchronized from a cycle perspective, a common clock source is used to drive both processors.
U.S. Pat. No. 6,604,177B1 discloses a processing system including a pair of processor coupled in a lockstep arrangement. The pair of processors is coupled to a storage element that is external to the both of them. Each processor executes an instruction stream that is identical to that executed by the other. Dissimilar information can be exchanged between the processors by each writing the information they wish to exchange to a first storage location with identical instructions. Although both processors execute the write with the same address, the information written by one of the processors is redirected to a second storage location. Each processor then reads the first and second storage locations to retrieve information supplied by the other processor. Now each processor has a copy of the other's data while staying in lockstep.
WO2004/061666 describes a processor having first and second execution cores that operate in a redundant (FRC) mode, an FRC check unit to compare results from the first and second execution cores, and an error check unit to detect recoverable errors in the first and second cores. The error detector disables the FRC checker, responsive to detection of a recoverable error. If an error reaches error detector from either core, recovery module is activated to implement a recovery routine. Recovery can be implemented with relatively low latency by hardware, software, firmware or some combination of these.
U.S.2004/0186979A1, discloses a processor, having a first calculating unit, a second calculating unit and a control means for controlling the two calculating units such that they operate selectively in a high-security mode of operation processing complementary data or in a parallel mode of operation processing independent data or in a security mode of operation processing the same data, or that they are in a power-saving mode of operation, wherein one of the calculating units is switched off.
U.S. Pat. No. 6,615,366B1 describes a processor having dual execution cores that may be switched dynamically between operating in a high reliability mode and a high Performance mode. The execution cores process identical instructions in lock step, when the processor is operated in a high reliability mode. The execution cores may process different instructions when the processor is operated in a high performance mode. The processor may be switched dynamically between the high performance (HP) and high reliability (HR) modes. For one embodiment, the processor is switched between HP and HR modes under software control. Each execution core enters a ready state when it executes an HP-to-HR mode switch Instruction (S HR), and the processor switches from HP to HR mode when both execution cores have entered the ready state. For another embodiment, the processor includes a check unit that is activated in HR mode and deactivated in HP mode. The check unit compares the execution results generated by the first and second execution cores when it is activated, and signals an error when the execution results do not match. When an error is signaled, the processor may replay only the instructions that triggered the error and the issued operations that depend on it.
U.S. Pat. No. 6,199,171B1 discloses a method and implementing system for handling detected faults in a processor to improve reliability of a computer system. An exemplary fault-tolerant on-line transactional computer system includes first and second on-line transactional processors connected to an input/output processor through a system bus. Transaction results are stored in local processor buffers and at predetermined batch intervals, the stored transactions are compared. The matched transaction results are flushed to data store while unmatched transactions are re-executed. If the same errors do not occur during a re-execution, the errors are determined to be transient and the transaction results are flushed to storage.
U.S. Pat. No. 6,839,849B1 discloses a smart integrated circuit characterized by a main processor and an operating system executing a main program for constituting a main task-performing process, at least one secondary processor capable of concurrently executing at least one secondary program for constituting at least one task-performing process, power supply circuits common to the processors and means for ensuring that the secondary processor or processors with similar power and different operating signatures are executed concurrently with the main process by continuously or intermittently inducing, in the power supply circuits, power disturbances that are superimposed on those of the main process so as to produce a continuous or intermittent scrambling.
The above mentioned systems and methods are rather focused on high reliability and high performances than on high security involving software tamper proof features.