A software program is typically developed in a high-level programming language that is descriptive. This development, writing of software, provides a source code version of the software program. A compiler compiles this source code version so as to obtain a machine code version of the software program. The machine code version is typically a sequence of instructions that can be executed by a programmable circuit. A machine code instruction is typically in the form of a series of bits, for example, 32 bits, that complies with a particular syntax.
Generally, the machine code version of a software program is commercialized, and accordingly disclosed, rather than the source code version, which may be kept confidential. For example, machine code may be commercialized together with a processor into which the machine code has been loaded. Machine code may also be commercialized individually by means of, for example, a storage medium in which the machine code is stored, or by means of a server from which the machine code can be downloaded.
However, machine code is vulnerable to so-called hacking. For example, a fraudulent person may disable or bypass a security function comprised in the machine code for the purpose of unauthorized cloning or unauthorized software upgrading. Hacking typically involves modifying the machine code so as to cause a processor, which executes the machine code, to carry out undesired actions. These actions may include revealing information about the machine code and any security function comprised therein, as well as modifying or bypassing security functions and otherwise modifying processor behavior. Such a deliberate modification of the machine code is often referred to as an “attack”, which may be of a physical or a logical nature. An example of a physical attack is exposing the processor that executes the machine code to strong light or another type of radiation. An example of a logical attack is inserting code through an addressable buffer memory within the processor. Other logical attacks may involve overflowing a buffer, or making use of a software bug, or both.
The international application published under number WO 2005/052795 describes a method of securing or verifying a program that can be executed in a data processing unit. An error code or check code is generated for each command in the program. The check code is added to each command. In a data processing unit, a verification of the check code is carried out immediately prior to the execution of the command. The command is executed in the data processing unit, once the authenticity of the command has been confirmed.