Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
2000-02-25
2004-06-22
Hua, Ly V. (Department: 2135)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C713S165000, C380S029000, C340S870030, C340S571000, C340S005740
Reexamination Certificate
active
06754830
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Technical Field
The invention concerns generally the technology of protecting electronic circuits and their stored programs against unauthorized access. Especially the invention concerns the technology of preventing the unauthorized use of a certain interface to a processor.
2. Discussion of Related Art
A microprocessor (or “processor” for short) may comprise a so-called debug interface for providing extensive control over the operation of the processor. The debug interface can be used e.g. for uploading and downloading programs, reading the contents of the internal registers of the processor and performing step-by-step execution of stored programs. Generally it may be said that in a processor-controlled electronic device the debug interface offers a more or less direct access to all such functional features of the processor which may be proprietary to the manufacturer and/or authorized operator of the device. Manufacturers are therefore very eagerly looking for solutions which would prevent the unauthorized use of the debug interface. Depending on the structure of the processor there may also be other processor interfaces that should be similarly protected.
A brute force alternative for protecting an interface is to physically remove the external pins or sever the connections from them to the corresponding internal couplings in those devices which go from series production to the market. Thus the debug interface would be available only in prototypes and testing units. The disadvantage is clear: the debug interface is not available for example when a commercially available unit should be serviced or repaired.
SUMMARY OF INVENTION
It is an object of the present invention to provide a method and a coupling arrangement for preventing the unauthorized use of selected interfaces in a processor. It is also an object of the invention that the arrangement does not unnecessarily impede the authorized use of the protected interfaces. An additional object of the invention is to implement the protection without a large number of additional components.
The objects of the invention are achieved by associating the use of the debug interface with a change in a certain routine performed by the processor, arranging for the detection of such a change outside the processor and linking the detection with the disabling of a major part of the processor's operation if a certain enabling procedure has not been activated.
The method according to the invention is characterized in that it comprises the steps of
a) generating an indication of attempted use of the protected interface and
b) as a response to said indication, disabling at least a major part of the operation of the processor.
The invention also applies to a circuit arrangement which comprises a processor and within the processor a first interface. It is characterized in that for preventing the unauthorized use of the first interface it comprises
means for generating an indication of attempted use of the first interface and
means for responding to said indication by disabling at least a major part of the operation of the processor.
Additionally the invention applies to an electronic device which is characterized in that for preventing the unauthorized use of a certain first interface to a processor it comprises
means for generating an indication of attempted use of the first interface and
means for responding to said indication by disabling at least a major part of the operation of the processor.
A processor-controlled electronic device comprises also other components, among which there may be another circuit that is programmable in the sense that it can be arranged to wait for certain inputs and react to them with a certain response. According to the invention such an external circuit is arranged to act like a so-called watchdog: the processor the interface(s) of which should be protected has to regularly “pat the watchdog” or give a certain input to the external circuit in order to keep it from disabling at least a major part of the processor's operation. The processor is also arranged to associate the use of a protected interface with delaying or stalling the issuance of such inputs, so normally an attempt to use the protected interface will result in at least a major part of the processor's operation being disabled. An authorized user knows a secret command or procedure that will either keep the external circuit from reacting or override the reaction so that the processor remains operative.
The concept of “patting the watchdog” may also be understood in an inverse manner: under normal conditions the processor does not issue inputs to the external circuit, which keeps the processor enabled. An attempt to use the protected interface(s) causes the processor to issue an alarm to the external circuit which in turn disables at least a major part of the processor's operation. A release command or procedure is available for authorized users to keep the alarm from causing the disabling.
The novel features which are considered as characteristic of the invention are set forth in particular in the appended Claims. The invention itself, however, both as to its construction and its method of operation, together with additional objects and advantages thereof, will be best understood from the following description of specific embodiments when read in connection with the accompanying drawings.
REFERENCES:
patent: 4494114 (1985-01-01), Kaish
patent: 4791565 (1988-12-01), Dunham et al.
patent: 4901341 (1990-02-01), Carter et al.
patent: 5289540 (1994-02-01), Jones
patent: 5355414 (1994-10-01), Hale et al.
patent: 5406261 (1995-04-01), Glenn
patent: 5724027 (1998-03-01), Shipman et al.
patent: 6091946 (2000-07-01), Ahvenainen
patent: 6437308 (2002-08-01), Koh
patent: 0468535 (1992-01-01), None
Kaunisto Ismo
Laiho Kimmo
Hua Ly V.
Nokia Multimedia Terminals Oy
LandOfFree
Method and coupling arrangement for preventing unauthorized... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and coupling arrangement for preventing unauthorized..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and coupling arrangement for preventing unauthorized... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3345991