The present application relates generally to an improved data processing apparatus and method and more specifically to mechanisms for secure dynamically reconfigurable logic.
As computers and consumer electronics devices become more connected, platform security becomes increasingly important for everyone from consumers to businesses. For consumers, privacy of data such as credit card numbers and social security numbers has always been of concern, but now new technologies such as voice-over-IP and personal video blogs bring new privacy concerns. And for entertainment content owners, piracy is a major concern as they move toward a virtual form of TV and movie content delivery.
Within this context, the Cell Broadband Engine (Cell BE) offers a processor security architecture that provides a robust foundation for the platform. Until now, because most processor architectures did not provide any security features, security architects relied on software-implemented approaches to provide protection. However, protecting software with software has a fundamental flaw in that the software with the protector role can be compromised as well. Therefore, processor hardware, which is intrinsically less vulnerable than software, needs to be re-thought and re-architected to support the security of the platform.
With the confusing array of security solutions available in the marketplace, it is helpful to clarify what attack model a design is intended to protect against. Although, the Cell BE processor does have defenses against physical attacks, the architecture's main focus is software-based attacks. These attacks can be unleashed simply by executing software code, and often times, the code is available for free from an Internet Web site. In contrast, physical attacks require obtaining extra hardware (such as a mod-chip), or expensive measuring equipment and also require skill in opening up the system to make the necessary changes. Because it is much easier for an individual to copy a software-based attack than a physical attack, a software-based attack will clearly become more widespread and hence more devastating when it is discovered. Furthermore, unlike physical attacks which require physical proximity to the target, software attacks can also be unleashed against a user by an external attacker through the platform's connectivity. Therefore, with software-based attacks, the user can be either the adversary (where the user's software manipulation leads to pirating of content), or the victim (where a virus exposes the user's private data).
While the Cell BE has a dynamically reconfigurable secure programming element, the dynamically reconfigurable secure programming element is limited because the dynamically reconfigurable secure programming element is a fixed-function processor which provides less flexibility than reconfigurable logic. Further, while secure reconfigurable logic exists, it is not dynamically reconfigurable to provide dynamically loadable secured functions within a data processing system. Current secure reconfigurable logic must typically be programmed in a trusted environment and must be returned to this trusted environment to be reconfigured. In practice this means that a trusted configurable logic is only configured once.