To create a computing system (e.g., an information appliance) with a high degree of security, the core computations, and particularly those concerned with security, privacy, information integrity, financial transactions, and the like, need to be performed in a strongly tamper-resistant environment, such as the Secure Processing Unit (“SPU”) described in U.S. Pat. No. 5,892,900, entitled “Systems and Methods for Secure Transaction Management and Electronic Rights Protection,” issued on Apr. 6, 1999 (“the '900 patent”). In general, such an environment can be provided if the processing hardware and some internal memory is inside a physically tamper-resistant barrier, and contains software to manage internal functions appropriately.
For such tamper-resistant environments to be commercially practical, however, they should impose minimal additional cost beyond the cost of a similar, but non-secure, computing environment. Thus, for example, a problem with some conventional SPU designs is that the SPU is implemented as a separate chip, to be included in an information appliance along with the information appliance's general-purpose microcontroller. Recently, single-chip microcontrollers containing a processor, memory management unit, peripheral functions, control registers, and a significant amount of internal memory have become widely available. What is needed are systems and methods for efficiently enhancing the functionality of these components to implement an integrated secure processing unit.