Field of the Invention
The invention lies in the electronics field. Specifically, the invention relates to an electronic data-processing device with a processing unit, such as a microprocessor, at least one data memory, and a bus running between the data memory and the processing unit. The invention also relates to an electronic data-processing system equipped with such a data-processing device.
Electronic data-processing devices of this generic type are frequently used for applications in which security is critical. The data memory is thereby used to store confidential data, monetary values and access authorizations, which are processed by the processing unit in response to an external request, for example.
Since the memory contains information to which, as far as possible, it should not be possible to gain access from outside, it is necessary to provide security measures against manipulation of the electronic data-processing device.
If an electronic data-processing device of the generic type is implemented as an integrated circuit, the circuit can be covered with various passivation layers. The passivation layers can then be applied such that removing a passivation layer results in the destruction of the data memory. Furthermore, the data memory can be buried in lower layers of the integrated circuit, so that it becomes more difficult to access.
A further possibility for protecting an electronic data-processing device against undesirable manipulation is to use sensors which sample operating conditions in the electronic data-processing device. As soon as a value sampled by a sensor lies outside a normal value, appropriate security measures are initiated which cause the electronic data-processing device to be deactivated or else cause the data memory to be erased.
In addition, there are also software sensors which monitor the operation of the processing unit for prohibited commands or for access to address ranges which are blocked for proper use. Furthermore, the access sequence can be monitored to ensure that it is correct.
Finally, it is also conventional practice to permit access only in a special manufacturing mode, and to use special hardware devices, such as severable connection tracks, to restrict memory access by the processing unit to the data memory.
Despite the security measures listed above, electronic data-processing devices of the generic type can occasionally be subjected to undesirable manipulation.