Frequently, embedded systems are attacked in order to manipulate them, for example, in order to increase the performance of an internal combustion engine by exchanging programs or data. Algorithms and methods have therefore been developed to protect embedded systems (ES) from being manipulated by third parties unauthorized to do so. To this end, cryptographic functions, for example, that are based on symmetric or asymmetric sets of keys are implemented in digital circuits in order to increase security. The use of OTP (one-time programmable) and ROM memory areas or switches (“fuses”) in digital circuits, such as, for example, microcontrollers, is also known.
A control device and method are described, for example, in German Patent No. DE 10131576. In the described microprocessor system and method, a check program is provided in a read-only memory, which check program is in a position to check the content of a rewritable memory for impermissible modifications. In the method, the central processing unit is first put in a position to carry out input and output operations that are necessary for the processing of instructions. After executing such a minimum program, or a boot routine of that kind, a code word, such as a check sum, is determined from at least a portion of the data in a rewritable memory.
A code word may be determined using more or less complicated mathematical encryption methods that do not permit an unauthorized person without exact knowledge of the encryption algorithm to determine the code word from the content of the rewritable memory.
Then the system compares the code word that was determined in this way to a comparison code word that is saved, for example, in the rewritable memory. If the code word and the comparison code word match each other, the program continues. If the code word and the comparison code word do not match, further operation of the microprocessor system is blocked. An authorized user who wants to modify the content of the rewritable memory thus determines, with the encryption algorithm that is known to him alone, a comparison code word from the program to be stored in the memory and then stores this in the memory. After executing the check program, the microprocessor system will then operate properly. An unauthorized modification of the memory content of the rewritable memory fails due to the fact that the encryption algorithm is not known, so that it is not possible to store a correct comparison code word in the rewritable memory. The check program recognizes that the code word and the comparison code word are different and blocks the microprocessor system from processing additional tasks.