The ability to provide the relative security of trusted processing has become more important in computer and communications technologies, but the need still exists to maintain the flexibility and accessibility of non-trusted processing for most applications. One approach to integrating these two seemingly conflicting requirements is to provide a separate co-processor for the trusted processing. To make sure the trusted operations are not tampered with, the trusted code may be implemented in read-only memory (ROM) that is programmed during manufacturing and cannot be subsequently re-written. However, errors discovered later in the original code, as well as new requirements that are developed later, may create a need to modify the trusted code through the use of patches. This may create a problem because common methods of patching involve putting the patches in an external random access memory (RAM) and trapping execution of the code at certain locations to cause execution to branch to the patch RAM. The exposure of the patch RAM to malicious or inadvertent tampering may seriously compromise the integrity of the trusted ROM-based code.