Field of the Invention
The present invention is directed in general to integrated circuit device security operation and design. In one aspect, the present invention relates to a method, computer program element, and apparatus for providing security assurance in a data processing system.
Description of the Related Art
With increasing use and interaction of computers and networks, security risks have been identified to be an industry-wide issue for the design and operation of computer systems. For example, sensitive security information that is stored on-chip may be protected by a security block, but this information can still be vulnerable due to security holes. Improper access, overwrites or a complete loss of information is possible by running malicious software, inducing faults and/or using a chip's test and debug interfaces to create unforeseen scenarios to attack an authentication or an encryption block in unexpected ways and thereby obtain unauthorized access to the security information. The prevention of unauthorized access to secure information remains a big challenge due to missing or incomplete specifications of how security blocks can be made vulnerable. This is due to the fact that chip manufacturers or security IP providers do not publish or spec out the circumstances under which a given security block can be compromised, rendering existing security verification processes fundamentally incomplete. As a result, the existing verification and design solutions make the detection and prevention of unauthorized access to sensitive security information extremely difficult at a practical level.