1. Field of the Invention
The invention relates to security of SOC system chip, in particular to a bus monitor for enhancing security of SOC system and a realization method thereof.
2. Description of the Related Art
With the rapid development of society information, the focuses and researches on information security are greatly increased. Security SOC chips are widely applied in the information community, providing functions such as security storage of the clients' key information, electronic signature, identity verification and information encryption and decryption, etc. Because the security SOC chip is a core element of the system security control, the protection to the security SOC chip shall be carefully noticed. For the attacking means to the security SOC chip, the system shall be correspondingly provided with security strategies for copying with the attacking means, such as security initialization, storage encryption protection, storage completeness verification, bus protection. The purposes of the security strategies are commonly to ensure that the security SOC chip can be functioned in a security way. However, the security strategy is only to emphasize the protection behavior and not to pay much attention to protection effect, and several security measures are merely focused on certain independent protection behaviors, such as the memory protection can limit the protection to a particular zone in the memory. System security protection mechanism, for the most part, is essentially performed by a series of handling processes. For example, when a particular unpartitioned security program is executed, this security program shall be entirely protected by the security protection mechanism from being terminated or inserted by other programs. So far, in the security SOC chip, it is rarely to see the detection protection measure utilized to determine whether the serial functional behavior on the data transmission channel is abnormal. An experienced attacker often utilizes the program leakage to modify the functional behavior of the security chip by several common attacking ways, such as jump instruction attack, interruption attack and stack overflow attack, or directly performs fault attack to destroy the execution of the security initialization or security program to cause the chip functioned abnormally. To overcome the disadvantage above based on the conventional security protection strategy, the final reflected bus serial behavior of these security strategies shall be additionally detected. However, no security algorithm is directly provided to immediately monitor the system bus of the data transmission channel.
Thus, it is essential to solve the above problems to protect the security SOC chip by providing how to immediately monitor the system bus of the data transmission channel and how to determine whether the bus serial behavior is normal.