The present invention generally relates to processing systems, and relates in particular to computer processing systems that support a secure mode of operation for executing a secure code and/or for processing secure data.
Certain processing systems provide a safe mode or a secure mode of operation in which a processor may be operated such that it may manipulate sensitive files and/or run secure algorithms that are highly sensitive. The access to such a secure mode, however, is sometimes difficult to safeguard. If a threat is able to obtain secure mode access, then substantial damage may result in certain applications. Software safeguards that protect access to a secure mode may be avoided if certain software data is obtained by a hacker. Hardware safeguards that protect access to a secure mode may involve the use of a secure boot sequence that employs a secure kernel that is separate from the primary operating system. Such a system, however, adds significant cost to the processor.
Security in processing is essential not only to avoid malignant code such as viruses from damaging the operation of the processor, but also to provide confidentiality of data within the processor and confidentiality in encrypting data that is to be transmitted to other processors.
There is a need, therefore, for a processor that provides a secure mode of operation in a reliable and economical processing system.