1. Technical Field
The present application relates generally to an improved data processing system and method. More specifically, the present application is directed to a secure power-on reset engine.
2. Description of Related Art
In the early development of processors for computing devices, the processors could be relatively easily initialized by the assertion of a simple reset signal that preset key latches or all of the latches inside the processor chip to a predefined value. Modern state-of-the-art Very Large Scale Integration (VLSI) chips have a vastly higher complexity than these early processors and, as a result, require extensive initialization to configure all the internal units of a chip as well as the chip's external interfaces.
Typically, such an initialization of a VLSI chip processor requires that an external help-processor, such as a Baseboard Management Controller (BMC), read data from persistent memory storage to setup the processor to enable instruction fetching. A software controlled initialization procedure then finishes the setup of the chip. This two step process requires additional hardware located in all of the units to allow initialization of the units while the chip is running.
This process for initializing a VLSI chip-based processor would be acceptable if security were not an issue. However, if a secure boot and execution of certified code is needed, then this process of initialization is not adequate since significant security holes exist. The use of an external help-processor to arbitrarily setup the chip to a state where it can fetch instructions can lead to the bypassing of other security mechanisms and the execution of compromised code. That is, the external help-processor may be configured to read data from a portion of memory that contains compromised data which may cause compromised code to be executed by the software controlled initialization procedure. In addition, the addition of the external help-processor and the persistent memory adds cost to the system.