WO2006082985A2 - Methods and apparatus for providing a secure booting sequence in a processor - Google Patents

Methods and apparatus for providing a secure booting sequence in a processor Download PDF

Info

Publication number
WO2006082985A2
WO2006082985A2 PCT/JP2006/302095 JP2006302095W WO2006082985A2 WO 2006082985 A2 WO2006082985 A2 WO 2006082985A2 JP 2006302095 W JP2006302095 W JP 2006302095W WO 2006082985 A2 WO2006082985 A2 WO 2006082985A2
Authority
WO
WIPO (PCT)
Prior art keywords
processor
boot code
local memory
encrypted
processors
Prior art date
Application number
PCT/JP2006/302095
Other languages
French (fr)
Other versions
WO2006082985A3 (en
Inventor
Akiyuki Hatakeyama
Original Assignee
Sony Computer Entertainment Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sony Computer Entertainment Inc. filed Critical Sony Computer Entertainment Inc.
Publication of WO2006082985A2 publication Critical patent/WO2006082985A2/en
Publication of WO2006082985A3 publication Critical patent/WO2006082985A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2105Dual mode as a secondary aspect
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/12Details relating to cryptographic hardware or logic circuitry
    • H04L2209/125Parallelization or pipelining, e.g. for accelerating processing of cryptographic operations

Definitions

  • the present invention relates to methods and apparatus for providing a secure booting sequence in a processor, and preferably in a multi-processing system.
  • a plurality of sub-processors can operate in parallel (or at least in concert) to achieve desired processing results . It has also been contemplated to employ a modular structure in a multi-processing system, where the computing modules are accessible over a broadband network (such as the Internet ) and the computing modules may be shared among many users . Details regarding this modular structure may be found in U . S . Patent No . 6, 526, 491, the entire disclosure of which is hereby incorporated by reference .
  • the processor and its associated software are subj ect to outside influences such as intentional hacking and the like .
  • a conventional boot-up sequence includes a power-on-reset, importation of configuration data (e . g . , initial register data, base address information, etc . ) and boot code from a flash ROM, configuration of hardware registers , and booting up the processor.
  • configuration data and boot code may be shared among a number of processors for initial boot-up .
  • the boot code is not secure within the flash ROM and a hacker may easily tamper with the configuration data and the boot code prior to boot-up . This can have devastating consequences in a system where sensitive information is being processed.
  • the fact that the boot code may have been tampered with mitigates the effectiveness of any security measures taken after boot up . Indeed, without a secure boot any subsequent security measures cannot be fully trusted. If a hacker tampers with the booting sequence, a subsequent security measure may be usurped.
  • a processor be capable of reading secure (encrypted) boot code from a storage location (such as a secure flash ROM) and storing same into a local memory associated with the processor . The processor may then decrypt the boot code and continue booting up .
  • the processor that has been booted in a secure fashion may check/verify the boot code for associated processors (such as the processors in a multi-processing system) . After a secure boot-up, a processor may take other security steps , such as entering a secure mode of operation.
  • configuration data and boot code may be encrypted in a secure memory that is associated with a particular processor .
  • the encryption is preferably made using a trusted key (e . g . , a private key) that is not known to any unauthorized entities .
  • Trusted decryption code (and a decryption key) may also be stored in the same or a different secure memory (e . g. , a flash ROM) that is associated with the processor .
  • the decryption capability is preferably hardware-implemented (e . g . , software that is burned into the flash ROM or any other suitable hardware device) .
  • the trusted decryption code Once the trusted decryption code is invoked, it may be used to decrypt and verify the configuration data and boot code . Once the configuration data and boot code are decrypted and verified, the processor is booted.
  • the processor preferably includes a hardware- implemented security function that is invoked after boot- up to place the processor in a secure mode and to establish a secure processing environment . This may involve triggering a state in which no externally- initiated data access request into the processor will be responded to . In other words , the secure processor will not respond to any outside request for data, e . g . , a request to read the contents of the local memory or registers of the processor . Thus , when the processor enters a secure mode, it creates a trusted environment in which to launch further security measures . In a multi-processing system, the configuration data and boot code of the other processors are also subj ect to tampering .
  • the trusted environment of the processor having had a secure boot-up may be used to check the configuration data and boot code of the other processors during their boot-up sequences .
  • the secure configuration data and boot code that has been decrypted within the trusted processor may be compared with the configuration data and boot code read in by the other processors prior to their boot-up . If the configuration data and boot code are verified first, then the resultant boot-up of the other processors may be trusted.
  • the secure memory (containing the encrypted configuration data and boot code for the associated processor) may also include validity data
  • the validity data may be used in the comparison step prior to permitting boot-up of the other processors .
  • methods and apparatus provide for reading encrypted boot code from a storage medium into a local memory associated with a processor; decrypting the encrypted boot code ' using a trusted decryption function of the processor such that the boot code is verified as being authentic; and booting the processor using the boot code from the local memory .
  • Preferably verifying the authenticity of the boot code includes executing a hash function to produce a hash result and comparing the hash result with a predetermined hash value .
  • the predetermined hash value may be stored in encrypted form.
  • the methods and apparatus may also provide for : reading encrypted boot code from a storage medium into a local memory associated with a first of a plurality of processors ; decrypting the encrypted boot code using a trusted decryption function of the first processor such that the boot code is verified as being authentic; booting the first processor using the boot code from the local memory; and authenticating boot code for one or more of the other processors in the first processor prior to the one or more other processors booting up .
  • FIG . 1 is a diagram illustrating a processing system in accordance with one or more aspects of the present invention
  • FIG. 2 is a flow diagram illustrating process steps that may be carried out by the processing system of FIG . 1 in accordance with one or more aspects of the present invention
  • FIG . 3 is a diagram illustrating the structure of a multi-processing system having two or more sub-processors, one or more of which may include a processor having the capabilities of the processor of FIG . 1 in accordance with one or more further aspects of the present invention.
  • FIG . 4 is a flow diagram illustrating process steps that may be carried out by the processing system of FIG . 3 in accordance with one or more further aspects of the present invention .
  • FIG . 1 a processing system 100 suitable for employing one or more aspects of the present invention.
  • the apparatus 100 preferably includes a processor 102 , a local memory 104 , a system memory 106 (e . g. , a DRAM) , and a bus 108.
  • the processor 102 may be implemented utilizing any of the known technologies that are capable of requesting data from the system memory 106, and manipulating the data to achieve a desirable result .
  • the processor 102 may be implemented using any of the known microprocessors that are capable of executing software and/or firmware, including standard microprocessors , distributed microprocessors , etc .
  • the processor 102 may be a graphics processor that is capable of requesting and manipulating data, such as pixel data, including gray scale information, color information, texture data, polygonal information, video frame information, etc .
  • the local memory 104 is located in the same chip as the processor 102 ; however, the local memory 104 is preferably not a hardware cache memory in that there are preferably no on chip or off chip hardware cache circuits, cache registers, cache memory controllers, etc . to implement a hardware cache memory function .
  • the local memory 104 may be a cache memory and/or an additional cache memory may be employed. As on chip space is often limited, the size of the local memory 104 may be much smaller than the system memory 106.
  • the processor 102 preferably provides data access requests to copy data (which may include program data) from the system memory 106 over the bus 108 into the local memory 104 for . program execution and data manipulation.
  • the mechanism for facilitating data access may be implemented utilizing any of the known techniques , such as direct memory access (DMA) techniques .
  • DMA direct memory access
  • data is broadly construed to include any type of program code, application software, system level software, any type of data, a data stream, etc .
  • the apparatus 100 also preferably includes a storage medium, such as secure boot ROM 110 that is operatively coupled to the processor 102 , e . g . , through the bus 108.
  • the apparatus 100 also preferably includes a decryption unit 112 that is operatively coupled to the processor 102 and operable to decrypt information using a secure decryption key .
  • the processor 102 , the local memory 104, and the decryption unit 112 are disposed on a common integrated circuit . Thus, combinations of these elements may be referred to herein as "the processor 102. " In an alternative embodiment, the storage medium 110 may also be disposed on the common integrated circuit with one or more of the other elements .
  • the decryption unit is a hardware- implemented device, such as a permanently programmable device (e . g . , a flash ROM that has been programmed utilizing an algorithm defining a decryption process ) .
  • a permanently programmable device e . g . , a flash ROM that has been programmed utilizing an algorithm defining a decryption process
  • the use of a permanently programmable circuit to implement the decryption unit 112 is desirable to achieve a level of security in which the decryption function cannot be tampered with by external software manipulation .
  • the storage medium 110 is preferably a secure device, such as a permanently programmable ROM that contains encrypted boot code and/or other data useful in initializing and/or booting up a processor .
  • additional information may include configuration data (e . g . , data utilized to initialize hardware registers ) , base address data (e . g . , information utilized to setup addressing into the system memory 106 and/or the local memory 104 ) , etc .
  • configuration data e . g . , data utilized to initialize hardware registers
  • base address data e . g . , information utilized to setup addressing into the system memory 106 and/or the local memory 104
  • boot ROM 110 is preferably such that the encrypted boot code and/or other information may not be accessed by unauthorized entities .
  • the encrypted boot code is preferably established during the manufacture of the apparatus 100, whereby the boot code is encrypted utilizing a private encryption key.
  • FIG. 2 illustrates process steps that may be carried out by the apparatus 100 in accordance with one or more aspects of the present invention .
  • the processor 102 receives a power-on reset, which launches the boot-up sequence .
  • the processor 102 preferably reads the encrypted boot code from the boot ROM 110 into the local memory 104.
  • the decryption unit 112 is preferably operable to decrypt the encrypted boot code within the local memory 104 (action 204 ) .
  • the decryption process itself may verify the boot code (action 206) , or additional steps may be taken to achieve such verification .
  • the processor 102 and/or the decryption unit 112 may be operable to verify the authenticity of the boot code by executing a hash function to produce a hash result and to compare the hash result with a predetermined hash value . Assuming that the predetermined hash value is trusted, such comparison may provide assurance that a matching hash result indicates authentic boot code .
  • the predetermined hash value may be stored in encrypted form within the storage medium 110 or within some other storage medium, preferably a secure medium.
  • the processor 102 preferably automatically enters a secure mode of operation when the boot-up process has been completed.
  • the secure mode of operation is preferably hardware- implemented such that no external, unauthorized efforts to prevent the invocation of the secure mode will be permitted.
  • no requests for data stored in the local memory 104 (or any other memory devices, registers, etc . ) of the processor 102 will be serviced, thereby insuring a trusted environment in which to carry out sensitive operations .
  • the processor 102 may request the transfer of data from the system memory 106 into the local memory 104 or vice versa .
  • FIG . 3 is a diagram illustrating the structure of a multi-processing system IOOA having two or more sub- processors 102.
  • the concepts discussed hereinabove with respect to FIGS . 1-2 may be applied to the multiprocessing system IOOA, which includes a plurality of processors 102A-D, associated local memories 104A-D, and a main memory 106 interconnected by way of a bus 108.
  • processors 102 are illustrated by way of example, any number may be utilized without departing from the spirit and scope of the present invention .
  • the processors 102 may be implemented with any of the known technologies, and each processor may be of similar construction or of differing construction .
  • One or more of the processors 102 preferably includes the capabilities and elements of the processor 102 of FIG. 1. Others of the processors 102 need not include such capabilities , although having such capabilities would not depart from the spirit and scope of the present invention .
  • the apparatus IOOA also includes a boot ROM 114 , which is not necessarily a secure storage medium and does not necessarily contain encrypted boot code and configuration data; rather, it is contemplated that in a preferred embodiment the boot code and configuration data are in accordance with conventional techniques .
  • Each of the processors 102 may be of similar construction or of differing construction .
  • the processors may be implemented utilizing any of the known technologies that are capable of requesting data from the shared (or system) memory 106, and manipulating the data to achieve a desirable result .
  • the processors 102 may be implemented using any of the known microprocessors that are capable of executing software and/or firmware, including standard microprocessors , distributed microprocessors , etc .
  • one or more of the processors 102 may be a graphics processor that is capable of requesting and manipulating data, such as pixel data, including gray scale information, color information, texture data, polygonal information, video frame information, etc .
  • One or more of the processors 102 of the system 100 may take on the role as a main (or managing) processor .
  • the main processor may schedule and orchestrate the processing of data by the other processors .
  • the system memory 106 is preferably a dynamic random access memory (DRAM) coupled to the processors 102 through a memory interface circuit (not shown) .
  • DRAM dynamic random access memory
  • the system memory 106 may be implemented using other means , e . g . , a static random access memory (SRAM) , a magnetic random access memory (MRAM) , an optical memory, a holographic memory, etc .
  • SRAM static random access memory
  • MRAM magnetic random access memory
  • optical memory e.g holographic memory
  • Each processor 102 preferably includes a processor core and an associated one of the local memories 104 in which to execute programs . These components may be integrally disposed on a common semi-conductor substrate or may be separately disposed as may be desired by a designer .
  • the processor core is preferably implemented using a processing pipeline, in which logic instructions are processed in a pipelined fashion. Although the pipeline may be divided into any number of stages at which instructions are processed, the pipeline generally comprises fetching one or more instructions , decoding the instructions, checking for dependencies among the instructions, issuing the instructions, and executing the instructions .
  • the processor core may include an instruction buffer, instruction decode circuitry, dependency check circuitry, instruction issue circuitry, and execution stages .
  • Each local memory 104 is coupled to its associated processor core 102 via a bus and is preferably located on the same chip (same semiconductor substrate) as the processor core .
  • the local memory 104 is preferably not a traditional hardware cache memory in that there are no on- chip or off-chip hardware cache circuits , cache registers , cache memory controllers , etc . to implement a hardware cache memory function . As on chip space is often limited, the size of the local memory may be much smaller than the shared memory 106.
  • the processors 102 preferably provide data access requests to copy data (which may include program data) from the system memory 106 over the bus system 108 into their respective local memories 104 for program execution and data manipulation .
  • the mechanism for facilitating data access may be implemented utilizing any of the known techniques , for example the direct memory access (DMA) technique .
  • This function is preferably carried out by the memory interface circuit .
  • FIG . 4 which is a flow diagram illustrating one or more further process steps that may be carried out by the apparatus 10OA of FIG. 3, it is intended that action 210 follows action 208 of FIG . 2.
  • the processor that has booted in a secure fashion is preferably operable to authenticate the boot code for one or more of the other processors 102 prior to the one or more other processors booting up .
  • the other processors e . g .
  • the processors 102 that were not booted in a secure fashion as discussed hereinabove with respect to FIGS . 1-2 ) are prevented from moving forward in their boot-up processes until the processor that has been securely booted issues a signal indicating that such processes may move forward.
  • the boot code and other configuration data is read from the boot ROM 114 and stored in a hardware register (not shown) in each of the processors 102 , or alternatively in a common hardware register accessible by all such processors 102.
  • the processors 102 are not permitted to move forward in the boot process as discussed above with respect to action 210.
  • the processor 102 that has been securely booted reads the boot code and/or configuration data from the hardware storage location into its local memory 104.
  • the processor 102 verifies that the boot code and/or configuration data has not been tampered with .
  • the processor may verify the authenticity of the boot code by executing a hash function to produce a hash result in comparing the hash result with a predetermined hash value . Assuming that the predetermined hash value is trusted, the comparison of the predetermined hash value and the hash result may be relied upon in authenticating the boot code and/or configuration data .
  • the predetermined hash value is stored in a secure storage medium, preferably in encrypted form.
  • the boot information e . g. , part or all of the boot code and/or configuration data
  • the methods and apparatus described above may be achieved utilizing suitable hardware, such as that illustrated in the figures .
  • suitable hardware may be implemented utilizing any of the known technologies , such as standard digital circuitry, any of the known processors that are operable to execute software and/or firmware programs , one or more programmable digital devices or systems, such as programmable read only memories (PROMs ) , programmable array logic devices (PALs) , etc .
  • PROMs programmable read only memories
  • PALs programmable array logic devices
  • the apparatus illustrated in the figures are shown as being partitioned into certain functional blocks , such blocks may be implemented by way of separate circuitry and/or combined into one or more functional units .
  • the various aspects of the invention may be implemented by way of software and/or firmware program ( s ) that may be stored on suitable storage medium or media (such as floppy disk ( s ) , memory chip ( s ) , etc . ) for transportability and/or distribution .
  • suitable storage medium or media such as floppy disk ( s ) , memory chip ( s ) , etc .
  • various aspects of the present invention provide for encrypting configuration data and/or boot code and storing same in a secure memory that is associated with a particular processor .
  • Trusted decryption code may also be stored in the same or a different secure memory that is also associated with the processor .
  • the decryption capability is preferably hardware-implemented such that once the trusted decryption code is invoked, it may be used to decrypt and verify the configuration data and boot code . Once the configuration data and boot code are decrypted and verified, the processor is booted.
  • the present invention is applicable to a technology for secure booting.

Abstract

Methods and apparatus provide for: reading encrypted boot code from a storage medium into a local memory associated with a first of a plurality of processors; decrypting the encrypted boot code using a trusted decryption function of the first processor such that the boot code is verified as being authentic; booting the first processor using the boot code from the local memory; and authenticating boot code for one or more of the other processors in the first processor prior to the one or more other processors booting up.

Description

DESCRIPTION
METHODS AND APPARATUS FOR PROVIDING A SECURE BOOTING
SEQUENCE IN A PROCESSOR
TECHNICAL FIELD
The present invention relates to methods and apparatus for providing a secure booting sequence in a processor, and preferably in a multi-processing system.
RELATED ART
In recent years, there has been an insatiable desire for faster computer processing data throughputs because cutting-edge computer applications are becoming more and more complex, and are placing ever increasing demands on processing systems . Graphics applications are among those that place the highest demands on a processing system because they require such vast numbers of data accesses , data computations, and data manipulations in relatively short periods of time to achieve desirable visual results . Real-time, multimedia applications also place a high demand on processing systems ; indeed, they require extremely fast processing speeds , such as many thousands of megabits of data per second. While some processing systems employ a single processor to achieve fast processing speeds , others are implemented utilizing multi-processor architectures . In multi-processor systems , a plurality of sub-processors can operate in parallel (or at least in concert) to achieve desired processing results . It has also been contemplated to employ a modular structure in a multi-processing system, where the computing modules are accessible over a broadband network ( such as the Internet ) and the computing modules may be shared among many users . Details regarding this modular structure may be found in U . S . Patent No . 6, 526, 491, the entire disclosure of which is hereby incorporated by reference .
A problem arises , however, when a processing system is used over a network or is part of a shared resource . In particular, the processor and its associated software (such as the boot code) are subj ect to outside influences such as intentional hacking and the like . A conventional boot-up sequence includes a power-on-reset, importation of configuration data (e . g . , initial register data, base address information, etc . ) and boot code from a flash ROM, configuration of hardware registers , and booting up the processor. In a multi-processor system, the configuration data and boot code may be shared among a number of processors for initial boot-up . Unfortunately, the boot code is not secure within the flash ROM and a hacker may easily tamper with the configuration data and the boot code prior to boot-up . This can have devastating consequences in a system where sensitive information is being processed. The fact that the boot code may have been tampered with mitigates the effectiveness of any security measures taken after boot up . Indeed, without a secure boot any subsequent security measures cannot be fully trusted. If a hacker tampers with the booting sequence, a subsequent security measure may be usurped.
Accordingly, there are needs in the art for new methods and apparatus for providing secure boot up processes for single and multi-processing systems that ensure a trusted environment from which to launch further security measures .
DISCLOSURE OF THE INVENTION Aspects of the invention contemplate methods and apparatus for providing secure boot sequences for single and multi-processor systems . In particular, it is preferred that a processor be capable of reading secure (encrypted) boot code from a storage location (such as a secure flash ROM) and storing same into a local memory associated with the processor . The processor may then decrypt the boot code and continue booting up . In addition, the processor that has been booted in a secure fashion may check/verify the boot code for associated processors ( such as the processors in a multi-processing system) . After a secure boot-up, a processor may take other security steps , such as entering a secure mode of operation.
For example, in accordance with aspects of the invention, configuration data and boot code may be encrypted in a secure memory that is associated with a particular processor . The encryption is preferably made using a trusted key (e . g . , a private key) that is not known to any unauthorized entities . Trusted decryption code (and a decryption key) may also be stored in the same or a different secure memory (e . g. , a flash ROM) that is associated with the processor . The decryption capability is preferably hardware-implemented (e . g . , software that is burned into the flash ROM or any other suitable hardware device) . Once the trusted decryption code is invoked, it may be used to decrypt and verify the configuration data and boot code . Once the configuration data and boot code are decrypted and verified, the processor is booted.
In accordance with further aspects of the present invention, the processor preferably includes a hardware- implemented security function that is invoked after boot- up to place the processor in a secure mode and to establish a secure processing environment . This may involve triggering a state in which no externally- initiated data access request into the processor will be responded to . In other words , the secure processor will not respond to any outside request for data, e . g . , a request to read the contents of the local memory or registers of the processor . Thus , when the processor enters a secure mode, it creates a trusted environment in which to launch further security measures . In a multi-processing system, the configuration data and boot code of the other processors are also subj ect to tampering . Aspects of the invention contemplate that the trusted environment of the processor having had a secure boot-up may be used to check the configuration data and boot code of the other processors during their boot-up sequences . In one embodiment, the secure configuration data and boot code that has been decrypted within the trusted processor may be compared with the configuration data and boot code read in by the other processors prior to their boot-up . If the configuration data and boot code are verified first, then the resultant boot-up of the other processors may be trusted.
In another embodiment, the secure memory (containing the encrypted configuration data and boot code for the associated processor) may also include validity data
(e . g . , hash results , a complete copy, etc . ) associated with the configuration data and boot code for the other processors . The validity data may be used in the comparison step prior to permitting boot-up of the other processors .
In accordance with at least one aspect of the present invention, methods and apparatus provide for reading encrypted boot code from a storage medium into a local memory associated with a processor; decrypting the encrypted boot code 'using a trusted decryption function of the processor such that the boot code is verified as being authentic; and booting the processor using the boot code from the local memory . In this regard, it is preferred that neither the trusted decryption function nor the encrypted boot code may be tampered with by external software manipulation .
Preferably verifying the authenticity of the boot code includes executing a hash function to produce a hash result and comparing the hash result with a predetermined hash value . The predetermined hash value may be stored in encrypted form.
The methods and apparatus may also provide for : reading encrypted boot code from a storage medium into a local memory associated with a first of a plurality of processors ; decrypting the encrypted boot code using a trusted decryption function of the first processor such that the boot code is verified as being authentic; booting the first processor using the boot code from the local memory; and authenticating boot code for one or more of the other processors in the first processor prior to the one or more other processors booting up .
Other aspects , features, advantages, etc . will become apparent to one skilled in the art when the description of the invention herein is taken in conjunction with the accompanying drawings .
BRIEF DESCRIPTION OF THE DRAWINGS
For the purposes of illustrating the various aspects of the invention, there are shown in the drawings forms that are presently preferred, it being understood, however, that the invention is not limited to the precise arrangements and instrumentalities shown .
FIG . 1 is a diagram illustrating a processing system in accordance with one or more aspects of the present invention;
FIG. 2 is a flow diagram illustrating process steps that may be carried out by the processing system of FIG . 1 in accordance with one or more aspects of the present invention;
FIG . 3 is a diagram illustrating the structure of a multi-processing system having two or more sub-processors, one or more of which may include a processor having the capabilities of the processor of FIG . 1 in accordance with one or more further aspects of the present invention; and
FIG . 4 is a flow diagram illustrating process steps that may be carried out by the processing system of FIG . 3 in accordance with one or more further aspects of the present invention . DETAILED DESCRIPTION OF THE PRESENT INVENTION
With reference to the drawings, wherein like numerals indicate like elements, there is shown in FIG . 1 a processing system 100 suitable for employing one or more aspects of the present invention. For the purposes of brevity and clarity, the block diagram of FIG . 1 will be referred to and described herein as illustrating an apparatus 100 , it being understood, however, that the description may readily be applied to various aspects of a method with equal force . The apparatus 100 preferably includes a processor 102 , a local memory 104 , a system memory 106 (e . g. , a DRAM) , and a bus 108.
The processor 102 may be implemented utilizing any of the known technologies that are capable of requesting data from the system memory 106, and manipulating the data to achieve a desirable result . For example , the processor 102 may be implemented using any of the known microprocessors that are capable of executing software and/or firmware, including standard microprocessors , distributed microprocessors , etc . By way of example, the processor 102 may be a graphics processor that is capable of requesting and manipulating data, such as pixel data, including gray scale information, color information, texture data, polygonal information, video frame information, etc . Notably, the local memory 104 is located in the same chip as the processor 102 ; however, the local memory 104 is preferably not a hardware cache memory in that there are preferably no on chip or off chip hardware cache circuits, cache registers, cache memory controllers, etc . to implement a hardware cache memory function . In alternative embodiments , the local memory 104 may be a cache memory and/or an additional cache memory may be employed. As on chip space is often limited, the size of the local memory 104 may be much smaller than the system memory 106. The processor 102 preferably provides data access requests to copy data (which may include program data) from the system memory 106 over the bus 108 into the local memory 104 for . program execution and data manipulation. The mechanism for facilitating data access may be implemented utilizing any of the known techniques , such as direct memory access (DMA) techniques .
It is noted that as used herein, the term "data" is broadly construed to include any type of program code, application software, system level software, any type of data, a data stream, etc .
The apparatus 100 also preferably includes a storage medium, such as secure boot ROM 110 that is operatively coupled to the processor 102 , e . g . , through the bus 108. The apparatus 100 also preferably includes a decryption unit 112 that is operatively coupled to the processor 102 and operable to decrypt information using a secure decryption key . It is preferred that the processor 102 , the local memory 104, and the decryption unit 112 are disposed on a common integrated circuit . Thus, combinations of these elements may be referred to herein as "the processor 102. " In an alternative embodiment, the storage medium 110 may also be disposed on the common integrated circuit with one or more of the other elements . Preferably, the decryption unit is a hardware- implemented device, such as a permanently programmable device (e . g . , a flash ROM that has been programmed utilizing an algorithm defining a decryption process ) . The use of a permanently programmable circuit to implement the decryption unit 112 is desirable to achieve a level of security in which the decryption function cannot be tampered with by external software manipulation .
The storage medium 110 is preferably a secure device, such as a permanently programmable ROM that contains encrypted boot code and/or other data useful in initializing and/or booting up a processor . For example, such additional information may include configuration data (e . g . , data utilized to initialize hardware registers ) , base address data (e . g . , information utilized to setup addressing into the system memory 106 and/or the local memory 104 ) , etc . The security of the storage medium
(boot ROM) 110 is preferably such that the encrypted boot code and/or other information may not be accessed by unauthorized entities . For example, the encrypted boot code is preferably established during the manufacture of the apparatus 100, whereby the boot code is encrypted utilizing a private encryption key.
Reference is now made to both FIGS . 1 and 2 , where in general the apparatus 100 is preferably operable to permit the processor 102 to boot-up in a secure fashion during which unauthorized entities may not tamper with the boot process . Thus , the resulting initialized processor and related components may be trusted to launch further security measures . FIG . 2 illustrates process steps that may be carried out by the apparatus 100 in accordance with one or more aspects of the present invention . At action 200 , the processor 102 receives a power-on reset, which launches the boot-up sequence . At action 202 , the processor 102 preferably reads the encrypted boot code from the boot ROM 110 into the local memory 104. As the decryption unit 112 is preferably hardware- implemented, the decryption unit 112 is preferably operable to decrypt the encrypted boot code within the local memory 104 (action 204 ) . The decryption process itself may verify the boot code (action 206) , or additional steps may be taken to achieve such verification . For example, the processor 102 and/or the decryption unit 112 may be operable to verify the authenticity of the boot code by executing a hash function to produce a hash result and to compare the hash result with a predetermined hash value . Assuming that the predetermined hash value is trusted, such comparison may provide assurance that a matching hash result indicates authentic boot code . For example, the predetermined hash value may be stored in encrypted form within the storage medium 110 or within some other storage medium, preferably a secure medium. Once the boot code is verified, the processor 102 preferably boots up and completes its initialization process .
At action 208 , the processor 102 preferably automatically enters a secure mode of operation when the boot-up process has been completed. For example, the secure mode of operation is preferably hardware- implemented such that no external, unauthorized efforts to prevent the invocation of the secure mode will be permitted. In this secure mode of operation, no requests for data stored in the local memory 104 (or any other memory devices, registers, etc . ) of the processor 102 will be serviced, thereby insuring a trusted environment in which to carry out sensitive operations . Despite being in a secure mode, the processor 102 may request the transfer of data from the system memory 106 into the local memory 104 or vice versa .
The significance of this secure mode of operation will be discussed in further detail with respect to FIGS . 3 and 4. FIG . 3 is a diagram illustrating the structure of a multi-processing system IOOA having two or more sub- processors 102. The concepts discussed hereinabove with respect to FIGS . 1-2 may be applied to the multiprocessing system IOOA, which includes a plurality of processors 102A-D, associated local memories 104A-D, and a main memory 106 interconnected by way of a bus 108. Although four processors 102 are illustrated by way of example, any number may be utilized without departing from the spirit and scope of the present invention . The processors 102 may be implemented with any of the known technologies, and each processor may be of similar construction or of differing construction . One or more of the processors 102 preferably includes the capabilities and elements of the processor 102 of FIG. 1. Others of the processors 102 need not include such capabilities , although having such capabilities would not depart from the spirit and scope of the present invention . The apparatus IOOA also includes a boot ROM 114 , which is not necessarily a secure storage medium and does not necessarily contain encrypted boot code and configuration data; rather, it is contemplated that in a preferred embodiment the boot code and configuration data are in accordance with conventional techniques .
Each of the processors 102 may be of similar construction or of differing construction . The processors may be implemented utilizing any of the known technologies that are capable of requesting data from the shared (or system) memory 106, and manipulating the data to achieve a desirable result . For example, the processors 102 may be implemented using any of the known microprocessors that are capable of executing software and/or firmware, including standard microprocessors , distributed microprocessors , etc . By way of example, one or more of the processors 102 may be a graphics processor that is capable of requesting and manipulating data, such as pixel data, including gray scale information, color information, texture data, polygonal information, video frame information, etc . One or more of the processors 102 of the system 100 may take on the role as a main (or managing) processor . The main processor may schedule and orchestrate the processing of data by the other processors .
The system memory 106 is preferably a dynamic random access memory (DRAM) coupled to the processors 102 through a memory interface circuit (not shown) . Although the system memory 106 is preferably a DRAM, the memory 106 may be implemented using other means , e . g . , a static random access memory (SRAM) , a magnetic random access memory (MRAM) , an optical memory, a holographic memory, etc .
Each processor 102 preferably includes a processor core and an associated one of the local memories 104 in which to execute programs . These components may be integrally disposed on a common semi-conductor substrate or may be separately disposed as may be desired by a designer . The processor core is preferably implemented using a processing pipeline, in which logic instructions are processed in a pipelined fashion. Although the pipeline may be divided into any number of stages at which instructions are processed, the pipeline generally comprises fetching one or more instructions , decoding the instructions, checking for dependencies among the instructions, issuing the instructions, and executing the instructions . In this regard, the processor core may include an instruction buffer, instruction decode circuitry, dependency check circuitry, instruction issue circuitry, and execution stages .
Each local memory 104 is coupled to its associated processor core 102 via a bus and is preferably located on the same chip (same semiconductor substrate) as the processor core . The local memory 104 is preferably not a traditional hardware cache memory in that there are no on- chip or off-chip hardware cache circuits , cache registers , cache memory controllers , etc . to implement a hardware cache memory function . As on chip space is often limited, the size of the local memory may be much smaller than the shared memory 106. The processors 102 preferably provide data access requests to copy data (which may include program data) from the system memory 106 over the bus system 108 into their respective local memories 104 for program execution and data manipulation . The mechanism for facilitating data access may be implemented utilizing any of the known techniques , for example the direct memory access ( DMA) technique . This function is preferably carried out by the memory interface circuit . With reference to FIG . 4 , which is a flow diagram illustrating one or more further process steps that may be carried out by the apparatus 10OA of FIG. 3, it is intended that action 210 follows action 208 of FIG . 2. In general, the processor that has booted in a secure fashion is preferably operable to authenticate the boot code for one or more of the other processors 102 prior to the one or more other processors booting up . At action 210 , the other processors (e . g . , the processors 102 that were not booted in a secure fashion as discussed hereinabove with respect to FIGS . 1-2 ) , are prevented from moving forward in their boot-up processes until the processor that has been securely booted issues a signal indicating that such processes may move forward. By way of background, during the initial power-on reset (action 200, FIG. 2 ) in accordance with conventional techniques , the boot code and other configuration data is read from the boot ROM 114 and stored in a hardware register (not shown) in each of the processors 102 , or alternatively in a common hardware register accessible by all such processors 102. The processors 102 , however, are not permitted to move forward in the boot process as discussed above with respect to action 210.
At action 212 , the processor 102 that has been securely booted reads the boot code and/or configuration data from the hardware storage location into its local memory 104. At action 214 , the processor 102 verifies that the boot code and/or configuration data has not been tampered with . For example, the processor may verify the authenticity of the boot code by executing a hash function to produce a hash result in comparing the hash result with a predetermined hash value . Assuming that the predetermined hash value is trusted, the comparison of the predetermined hash value and the hash result may be relied upon in authenticating the boot code and/or configuration data . Preferably, the predetermined hash value is stored in a secure storage medium, preferably in encrypted form. At action 216, a determination is made as to whether the boot information (e . g. , part or all of the boot code and/or configuration data) is unaltered (e . g. , has not been tampered with by unauthorized entities ) . If the result of the determination is in the negative, then the process flow preferably advances to a failed state in which appropriate action is taken, such as preventing the other processors from booting and/or restarting the process to make an additional attempt at booting . If the result of the determination at action 216 is in the affirmative, then the process flow preferably advances to action 218 , where the other processors 102 are permitted to continue with the boot ' sequence and complete their initialization processes .
In accordance with at least one further aspect of the present invention, the methods and apparatus described above may be achieved utilizing suitable hardware, such as that illustrated in the figures . Such hardware may be implemented utilizing any of the known technologies , such as standard digital circuitry, any of the known processors that are operable to execute software and/or firmware programs , one or more programmable digital devices or systems, such as programmable read only memories (PROMs ) , programmable array logic devices (PALs) , etc . Furthermore, although the apparatus illustrated in the figures are shown as being partitioned into certain functional blocks , such blocks may be implemented by way of separate circuitry and/or combined into one or more functional units . Still further, the various aspects of the invention may be implemented by way of software and/or firmware program ( s ) that may be stored on suitable storage medium or media (such as floppy disk ( s ) , memory chip ( s ) , etc . ) for transportability and/or distribution .
As discussed above, various aspects of the present invention provide for encrypting configuration data and/or boot code and storing same in a secure memory that is associated with a particular processor . Trusted decryption code may also be stored in the same or a different secure memory that is also associated with the processor . The decryption capability is preferably hardware-implemented such that once the trusted decryption code is invoked, it may be used to decrypt and verify the configuration data and boot code . Once the configuration data and boot code are decrypted and verified, the processor is booted.
Advantageously, various aspects of the methods and apparatus of the present invention provide resistance to the tampering of boot code and increase the effectiveness of any security measures taken after boot up . This leads to higher reliability of trusted computing environments and increases the security of sensitive information . Although the invention herein has been described with reference to particular embodiments , it is to be understood that these embodiments are merely illustrative of the principles and applications of the present invention . It is therefore to be understood that numerous modifications may be made to the illustrative embodiments and that other arrangements may be devised without departing from the spirit and scope of the present invention as defined by the appended claims .
INDUSTRIAL APPLICABILITY The present invention is applicable to a technology for secure booting.

Claims

1. An apparatus, comprising : at least one processor and associated local memory capable of being operatively coupled to a main memory and being operable to request at least some data from the main memory for use in the local memory; a decryption unit operatively coupled to the . processor and operable to decrypt information using a secure decryption key; a storage medium containing encrypted boot code, where the encrypted boot code may not be accessed by unauthorized entities , wherein the processor is operable to read the encrypted boot code from the storage medium into the local memory, the decryption unit is operable to decrypt the encrypted boot code such that the boot code is verified as being authentic, and the processor is operable to boot up using the boot code from the local memory.
2. The apparatus of claim 1, wherein at least one of : the processor, the local memory, and the decryption unit are disposed on a common integrated circuit; and the processor, the local memory, the decryption unit, and the storage medium are disposed on a common integrated circuit .
3. The apparatus of claim 2, wherein the decryption unit is hardware-implemented using a permanently programmable circuit chip, which may not be tampered with by external software manipulation .
4. The apparatus of any one of claims 1-3, wherein the storage medium is operable to prevent tampering with the encrypted boot code by external software manipulation .
5. The apparatus of any one of claims 1-4, wherein the processor is further operable to verify the authenticity of the boot code by executing a hash function to produce a hash result and compare the hash result with a predetermined hash value .
6. The apparatus of claim 5 , wherein the predetermined hash value is stored in encrypted form within the storage medium.
7. The apparatus of any one of claims 1-6, wherein the processor is further operable to automatically enter into a secure mode of operation after boot up .
8. An apparatus, comprising : a plurality of processors, each with an associated local memory and capable of being operatively coupled to a common main memory, and each processor being operable to request at least some data from the main memory for use in its respective local memory, and at least one of the processors including a decryption unit that is operable to decrypt information using a secure decryption key; and a storage medium containing encrypted boot code, where the encrypted boot code may not be accessed by unauthorized entities , wherein : the at least one processor is operable to read the encrypted boot code from the storage medium into its local memory, the decryption unit is operable to decrypt the encrypted boot code such that the boot code is verified as being authentic, the at least one processor is operable to boot up using the boot code from the local memory, and the at least one processor is operable to authenticate boot code for one or more of the other processors prior to the one or more other processors booting up .
9. The apparatus of claim 8 , wherein the one or more other processors are operable to pause from booting up until a signal is provided from the at least one processor indicating that the boot code is authentic .
10. The apparatus of claim 8 or claim 9, wherein the at least one processor is operable to read the boot code for the one or more other processors into its local memory and to verify that it has not been tampered with in order to authenticate such boot code .
11. The apparatus of claim 10, wherein the at least one processor is operable to verify the authenticity of the boot code for the one or more other processors by executing a hash function to produce a hash result and comparing the hash result with a predetermined hash value .
12. The apparatus of claim 11, wherein the predetermined hash value is stored in encrypted form within the storage medium.
13. The apparatus of any one of claims 8-12 , wherein at least one of : the at least one processor, the local memory thereof, and the decryption unit are disposed on a common integrated circuit ; and the at least one processor, the local memory thereof, the decryption unit, and the storage medium are disposed on a common integrated circuit .
14. The apparatus of claim 13 , wherein the decryption unit is hardware-implemented using a permanently programmable circuit chip, which may not be tampered with by external software manipulation .
15. The apparatus of any one of claims 8-14 , wherein the storage medium is operable to prevent tampering with the encrypted boot code by external software manipulation .
16. The apparatus of claim 8 , wherein the at least one processor is further operable to verify the authenticity of the boot code for the at least one processor by executing a hash function to produce a hash result and comparing the hash result with a predetermined hash value ,
17. The apparatus of claim 16, wherein the predetermined hash value is stored in encrypted form within the storage medium.
18. The apparatus of any one of claims 8-17 , wherein the at least one processor is further operable to automatically enter into a secure mode of operation after boot up .
19. A method, comprising : reading encrypted boot code from a storage medium into a local memory associated with a processor; decrypting the encrypted boot code using a trusted decryption function of the processor such that the boot code is verified as being authentic; and booting the processor using the boot code from the local memory.
20. The method of claim 19 , wherein neither the trusted decryption function nor the encrypted boot code may be tampered with by external software manipulation .
21. The method of claim 19 or claim 20, wherein the step of verifying the authenticity of the boot code includes executing a hash function to produce a hash result and comparing the hash result with a predetermined hash value .
22. The method of claim 21, wherein the predetermined hash value is stored in encrypted form.
23. The method of any one of claims 19-22 , further comprising automatically entering a secure mode of operation after boot up .
24. A method, comprising: reading encrypted boot code from a storage medium into a local memory associated with a first of a plurality of processors ; decrypting the encrypted boot code using a trusted decryption function of the first processor such that the boot code is verified as being authentic; booting the first processor using the boot code from the local memory; and authenticating boot code for one or more of the other processors in the first processor prior to the one or more other processors booting up .
25. The method of claim 24 , further comprising preventing the one or more other processors from booting up until a signal is provided from the first processor indicating that the boot code is authentic .
26. The method of claim 24 or claim 25 , further comprising reading the boot code for the one or more other processors into the local memory of the first processor and verifying that it has not been tampered with in order to authenticate such boot code .
27. The method of claim 26, wherein the step of verifying the authenticity of the boot code for the one or more other processors includes executing a hash function to produce a hash result and comparing the hash result with a predetermined hash value .
28. The method of claim 27 , wherein the predetermined hash value is stored in encrypted form.
29. The method of claim 24 , wherein neither the trusted decryption function nor the encrypted boot code may be tampered with by external software manipulation .
30. The method of claim 24 , further comprising verifying the authenticity of the boot code for the first processor by executing a hash function to produce a hash result and comparing the hash result with a predetermined hash value .
31. The method of claim 30, wherein the predetermined hash value is stored in encrypted form.
32. The method of any one of claims 24-31 , wherein the first processor automatically enters into a secure mode of operation after boot up .
33. A storage medium containing a software program that is capable of causing a processor to perform actions, comprising : reading encrypted boot code from a storage medium into a local memory associated with the processor; decrypting the encrypted boot code using a trusted decryption function of the processor such that the boot code is verified as being authentic; and booting the processor using the boot code from the local memory.
34. A storage medium containing a software program that is capable of causing a processor to perform actions , comprising : reading encrypted boot code from a storage medium into a local memory associated with a first of a plurality of processors ; decrypting the encrypted boot code using a trusted decryption function of the first processor such that the boot code is verified as being authentic- booting the first processor using the boot code from the local memory; and authenticating boot code for one or more of the other processors in the first processor prior to the one or more other processors booting up .
PCT/JP2006/302095 2005-02-07 2006-02-01 Methods and apparatus for providing a secure booting sequence in a processor WO2006082985A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US65050605P 2005-02-07 2005-02-07
US60/650,506 2005-02-07

Publications (2)

Publication Number Publication Date
WO2006082985A2 true WO2006082985A2 (en) 2006-08-10
WO2006082985A3 WO2006082985A3 (en) 2006-10-26

Family

ID=36579287

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2006/302095 WO2006082985A2 (en) 2005-02-07 2006-02-01 Methods and apparatus for providing a secure booting sequence in a processor

Country Status (3)

Country Link
US (1) US7831839B2 (en)
JP (1) JP4489030B2 (en)
WO (1) WO2006082985A2 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070192610A1 (en) * 2006-02-10 2007-08-16 Chun Dexter T Method and apparatus for securely booting from an external storage device
US8683213B2 (en) 2007-10-26 2014-03-25 Qualcomm Incorporated Progressive boot for a wireless device

Families Citing this family (79)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8782654B2 (en) 2004-03-13 2014-07-15 Adaptive Computing Enterprises, Inc. Co-allocating a reservation spanning different compute resources types
US20070266388A1 (en) 2004-06-18 2007-11-15 Cluster Resources, Inc. System and method for providing advanced reservations in a compute environment
US20060026417A1 (en) * 2004-07-30 2006-02-02 Information Assurance Systems L.L.C. High-assurance secure boot content protection
US8176490B1 (en) 2004-08-20 2012-05-08 Adaptive Computing Enterprises, Inc. System and method of interfacing a workload manager and scheduler with an identity manager
CA2827035A1 (en) 2004-11-08 2006-05-18 Adaptive Computing Enterprises, Inc. System and method of providing system jobs within a compute environment
US9075657B2 (en) 2005-04-07 2015-07-07 Adaptive Computing Enterprises, Inc. On-demand access to compute resources
US8863143B2 (en) 2006-03-16 2014-10-14 Adaptive Computing Enterprises, Inc. System and method for managing a hybrid compute environment
US9231886B2 (en) 2005-03-16 2016-01-05 Adaptive Computing Enterprises, Inc. Simple integration of an on-demand compute environment
US7496692B2 (en) * 2005-10-18 2009-02-24 International Business Machines Corporation Validating chip configuration data
KR100625811B1 (en) * 2005-12-09 2006-09-18 엠텍비젼 주식회사 Method and apparatus for correcting code data error
JP4795812B2 (en) 2006-02-22 2011-10-19 富士通セミコンダクター株式会社 Secure processor
US20070288761A1 (en) * 2006-06-09 2007-12-13 Dale Jason N System and method for booting a multiprocessor device based on selection of encryption keys to be provided to processors
US7774616B2 (en) * 2006-06-09 2010-08-10 International Business Machines Corporation Masking a boot sequence by providing a dummy processor
US20070288738A1 (en) * 2006-06-09 2007-12-13 Dale Jason N System and method for selecting a random processor to boot on a multiprocessor system
US20070288740A1 (en) * 2006-06-09 2007-12-13 Dale Jason N System and method for secure boot across a plurality of processors
US7594104B2 (en) * 2006-06-09 2009-09-22 International Business Machines Corporation System and method for masking a hardware boot sequence
US7424398B2 (en) * 2006-06-22 2008-09-09 Lexmark International, Inc. Boot validation system and method
US20080046891A1 (en) * 2006-07-12 2008-02-21 Jayesh Sanchorawala Cooperative asymmetric multiprocessing for embedded systems
US8510859B2 (en) 2006-09-26 2013-08-13 Intel Corporation Methods and arrangements to launch trusted, co-existing environments
US8190869B2 (en) * 2007-04-17 2012-05-29 Lexmark International, Inc. Dual boot strategy to authenticate firmware in a computing device
US8041773B2 (en) 2007-09-24 2011-10-18 The Research Foundation Of State University Of New York Automatic clustering for self-organizing grids
US9069990B2 (en) 2007-11-28 2015-06-30 Nvidia Corporation Secure information storage system and method
US8661234B2 (en) * 2008-01-31 2014-02-25 Microsoft Corporation Individualized per device initialization of computing devices in avoidance of mass exploitation of vulnerabilities
KR101502032B1 (en) * 2008-03-06 2015-03-12 삼성전자주식회사 Processor apparatus having secure performance
US9613215B2 (en) * 2008-04-10 2017-04-04 Nvidia Corporation Method and system for implementing a secure chain of trust
WO2010113282A1 (en) * 2009-03-31 2010-10-07 富士通株式会社 A reconfigurable information processing device having a verification function and a control method therefor
US8245024B2 (en) * 2009-08-21 2012-08-14 Micron Technology, Inc. Booting in systems having devices coupled in a chained configuration
US9876735B2 (en) 2009-10-30 2018-01-23 Iii Holdings 2, Llc Performance and power optimized computer system architectures and methods leveraging power optimized tree fabric interconnect
US20110103391A1 (en) 2009-10-30 2011-05-05 Smooth-Stone, Inc. C/O Barry Evans System and method for high-performance, low-power data center interconnect fabric
US9077654B2 (en) 2009-10-30 2015-07-07 Iii Holdings 2, Llc System and method for data center security enhancements leveraging managed server SOCs
US9465771B2 (en) 2009-09-24 2016-10-11 Iii Holdings 2, Llc Server on a chip and node cards comprising one or more of same
US20130107444A1 (en) 2011-10-28 2013-05-02 Calxeda, Inc. System and method for flexible storage and networking provisioning in large scalable processor installations
US9069929B2 (en) 2011-10-31 2015-06-30 Iii Holdings 2, Llc Arbitrating usage of serial port in node card of scalable and modular servers
US9054990B2 (en) 2009-10-30 2015-06-09 Iii Holdings 2, Llc System and method for data center security enhancements leveraging server SOCs or server fabrics
US8599863B2 (en) 2009-10-30 2013-12-03 Calxeda, Inc. System and method for using a multi-protocol fabric module across a distributed server interconnect fabric
US9648102B1 (en) 2012-12-27 2017-05-09 Iii Holdings 2, Llc Memcached server functionality in a cluster of data processing nodes
US10877695B2 (en) 2009-10-30 2020-12-29 Iii Holdings 2, Llc Memcached server functionality in a cluster of data processing nodes
US9311269B2 (en) 2009-10-30 2016-04-12 Iii Holdings 2, Llc Network proxy for high-performance, low-power data center interconnect fabric
US11720290B2 (en) 2009-10-30 2023-08-08 Iii Holdings 2, Llc Memcached server functionality in a cluster of data processing nodes
US9680770B2 (en) 2009-10-30 2017-06-13 Iii Holdings 2, Llc System and method for using a multi-protocol fabric module across a distributed server interconnect fabric
US8429391B2 (en) 2010-04-16 2013-04-23 Micron Technology, Inc. Boot partitions in memory devices and systems
US8880866B2 (en) 2010-10-15 2014-11-04 Coherent Logix, Incorporated Method and system for disabling communication paths in a multiprocessor fabric by setting register values to disable the communication paths specified by a configuration
US20120179899A1 (en) * 2011-01-07 2012-07-12 International Business Machines Corporation Upgradeable processor enabling hardware licensing
US8850177B2 (en) * 2011-07-08 2014-09-30 Openpeak Inc. System and method for validating components during a booting process
WO2013012436A1 (en) 2011-07-18 2013-01-24 Hewlett-Packard Development Company, L.P. Reset vectors for boot instructions
US20130239214A1 (en) * 2012-03-06 2013-09-12 Trusteer Ltd. Method for detecting and removing malware
US8839004B1 (en) * 2012-04-16 2014-09-16 Ionu Security, Inc. Secure cloud computing infrastructure
US9367328B2 (en) * 2012-06-28 2016-06-14 Intel Corporation Out-of-band host OS boot sequence verification
CN103679059A (en) * 2012-08-29 2014-03-26 珠海扬智电子科技有限公司 Secure starting-up method and computer system
EP2912588A4 (en) 2012-10-25 2016-06-29 Intel Corp Anti-theft in firmware
KR102068485B1 (en) 2012-11-30 2020-01-21 삼성전자주식회사 Nonvolatile memory module and method for operating thereof
US9881161B2 (en) * 2012-12-06 2018-01-30 S-Printing Solution Co., Ltd. System on chip to perform a secure boot, an image forming apparatus using the same, and method thereof
US9070251B2 (en) * 2013-03-08 2015-06-30 Igt Multi-tiered static chain of trust
US9600291B1 (en) * 2013-03-14 2017-03-21 Altera Corporation Secure boot using a field programmable gate array (FPGA)
US10733288B2 (en) * 2013-04-23 2020-08-04 Hewlett-Packard Development Company, L.P. Verifying controller code and system boot code
US9830456B2 (en) * 2013-10-21 2017-11-28 Cisco Technology, Inc. Trust transference from a trusted processor to an untrusted processor
US9547767B2 (en) * 2013-11-13 2017-01-17 Via Technologies, Inc. Event-based apparatus and method for securing bios in a trusted computing system during execution
TWI560611B (en) * 2013-11-13 2016-12-01 Via Tech Inc Apparatus and method for securing bios
US10055588B2 (en) * 2013-11-13 2018-08-21 Via Technologies, Inc. Event-based apparatus and method for securing BIOS in a trusted computing system during execution
US9129113B2 (en) 2013-11-13 2015-09-08 Via Technologies, Inc. Partition-based apparatus and method for securing bios in a trusted computing system during execution
US9507942B2 (en) 2013-11-13 2016-11-29 Via Technologies, Inc. Secure BIOS mechanism in a trusted computing system
TWI595361B (en) * 2013-12-13 2017-08-11 祥碩科技股份有限公司 Electronic device and method for loading program code thereof
DE102014101836A1 (en) * 2014-02-13 2015-08-13 Fujitsu Technology Solutions Intellectual Property Gmbh Method for booting up a production computer system
CN106462707B (en) * 2014-04-28 2019-06-14 英特尔公司 Safety guidance calculates equipment
GB2540408B (en) * 2015-07-16 2021-09-15 Trw Ltd Electronic control units for vehicles
EP3316170B1 (en) 2016-10-31 2021-04-07 VIA Technologies, Inc. Fuse-enabled secure bios mechanism with override feature
EP3316169B1 (en) 2016-10-31 2021-04-07 VIA Technologies, Inc. Jtag-based secure bios mechanism in a trusted computing system
EP3316167B1 (en) 2016-10-31 2021-04-07 VIA Technologies, Inc. Programmable secure bios mechanism in a trusted computing system
EP3316168B1 (en) 2016-10-31 2021-04-07 VIA Technologies, Inc. Fuse-enabled secure bios mechanism in a trusted computing system
US10230527B2 (en) * 2017-04-19 2019-03-12 Continental Automotive Systems, Inc. Method and apparatus to quickly authenticate program using a security element
US10708061B2 (en) 2017-06-25 2020-07-07 Microsoft Technology Licensing, Llc Secure key storage for multi-core processor
US10402567B2 (en) 2017-06-25 2019-09-03 Microsoft Technology Licensing, Llc Secure boot for multi-core processor
US10503892B2 (en) 2017-06-25 2019-12-10 Microsoft Technology Licensing, Llc Remote attestation for multi-core processor
US10585671B2 (en) 2017-07-17 2020-03-10 International Business Machines Corporation Resource-based boot sequence
US11314868B2 (en) * 2018-08-31 2022-04-26 Fungible, Inc. Rapidly establishing a chain of trust in a computing system
FR3094520B1 (en) * 2019-03-25 2021-10-22 St Microelectronics Rousset Encryption and / or decryption key
JP7286381B2 (en) * 2019-04-01 2023-06-05 キヤノン株式会社 Information processing device and its control method
US11768611B2 (en) 2020-04-02 2023-09-26 Axiado Corporation Secure boot of a processing chip
CN111597560B (en) * 2020-05-18 2023-05-09 国网电力科学研究院有限公司 Safe and reliable module starting method and system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0606771A2 (en) * 1993-01-07 1994-07-20 International Business Machines Corporation Method and apparatus for providing enhanced data verification in a computer system
US5937063A (en) * 1996-09-30 1999-08-10 Intel Corporation Secure boot
US20030014653A1 (en) * 2001-07-10 2003-01-16 Peter Moller Memory device with data security in a processor
US20040064457A1 (en) * 2002-09-27 2004-04-01 Zimmer Vincent J. Mechanism for providing both a secure and attested boot

Family Cites Families (31)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH02311928A (en) * 1989-05-26 1990-12-27 Nec Corp Ciphering firmware system
US5491788A (en) * 1993-09-10 1996-02-13 Compaq Computer Corp. Method of booting a multiprocessor computer where execution is transferring from a first processor to a second processor based on the first processor having had a critical error
JPH07248921A (en) * 1994-03-09 1995-09-26 Hitachi Ltd Initial program loading method for parallel processor system
US5615263A (en) * 1995-01-06 1997-03-25 Vlsi Technology, Inc. Dual purpose security architecture with protected internal operating system
JP3580333B2 (en) 1996-04-10 2004-10-20 日本電信電話株式会社 How to equip the encryption authentication function
US6052780A (en) 1996-09-12 2000-04-18 Open Security Solutions, Llc Computer system and process for accessing an encrypted and self-decrypting digital information product while restricting access to decrypted digital information
US6185678B1 (en) * 1997-10-02 2001-02-06 Trustees Of The University Of Pennsylvania Secure and reliable bootstrap architecture
US6378072B1 (en) * 1998-02-03 2002-04-23 Compaq Computer Corporation Cryptographic system
US6754828B1 (en) * 1999-07-13 2004-06-22 Intel Corporation Algorithm for non-volatile memory updates
JP2001338271A (en) * 2000-03-23 2001-12-07 Matsushita Electric Ind Co Ltd Ic card and ic card utilizing system
US6938164B1 (en) * 2000-11-22 2005-08-30 Microsoft Corporation Method and system for allowing code to be securely initialized in a computer
JP2002169787A (en) 2000-11-30 2002-06-14 Matsushita Electric Ind Co Ltd Semiconductor device including plural processor parts
US6526491B2 (en) * 2001-03-22 2003-02-25 Sony Corporation Entertainment Inc. Memory protection system and method for computer architecture for broadband networks
US7093104B2 (en) * 2001-03-22 2006-08-15 Sony Computer Entertainment Inc. Processing modules for computer architecture for broadband networks
DE10131575A1 (en) * 2001-07-02 2003-01-16 Bosch Gmbh Robert Method for protecting a microcomputer system against manipulation of data stored in a memory arrangement of the microcomputer system
JP2003202929A (en) * 2002-01-08 2003-07-18 Ntt Docomo Inc Distribution method and distribution system
US7631196B2 (en) * 2002-02-25 2009-12-08 Intel Corporation Method and apparatus for loading a trustable operating system
JP2003256061A (en) * 2002-03-04 2003-09-10 Matsushita Electric Ind Co Ltd Built-in equipment
JP3866597B2 (en) * 2002-03-20 2007-01-10 株式会社東芝 Internal memory tamper resistant processor and secret protection method
US7069442B2 (en) 2002-03-29 2006-06-27 Intel Corporation System and method for execution of a secured environment initialization instruction
US6715085B2 (en) * 2002-04-18 2004-03-30 International Business Machines Corporation Initializing, maintaining, updating and recovering secure operation within an integrated system employing a data access control function
US20040003321A1 (en) * 2002-06-27 2004-01-01 Glew Andrew F. Initialization of protected system
JP4115759B2 (en) * 2002-07-01 2008-07-09 株式会社東芝 Method and program for using shared library in tamper resistant processor
JP4234380B2 (en) * 2002-09-10 2009-03-04 日鉱金属株式会社 Metal powder for powder metallurgy and iron-based sintered body
US7322042B2 (en) 2003-02-07 2008-01-22 Broadon Communications Corp. Secure and backward-compatible processor and secure software execution thereon
JP4501349B2 (en) * 2003-03-13 2010-07-14 ソニー株式会社 System module execution device
US7093147B2 (en) 2003-04-25 2006-08-15 Hewlett-Packard Development Company, L.P. Dynamically selecting processor cores for overall power efficiency
JPWO2004099981A1 (en) 2003-05-09 2006-07-13 富士通株式会社 Program loading method, load program, and multiprocessor
JP2004334789A (en) * 2003-05-12 2004-11-25 Canon Inc Information processor and information processing method
FR2862397A1 (en) * 2003-11-13 2005-05-20 St Microelectronics Sa Electronic apparatus booting method, involves extending secure domain to application processor, when application and boot-strap processors are authenticated, and booting operating system of processors to store data in protected part of RAM
JP4447977B2 (en) * 2004-06-30 2010-04-07 富士通マイクロエレクトロニクス株式会社 Secure processor and program for secure processor.

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0606771A2 (en) * 1993-01-07 1994-07-20 International Business Machines Corporation Method and apparatus for providing enhanced data verification in a computer system
US5937063A (en) * 1996-09-30 1999-08-10 Intel Corporation Secure boot
US20030014653A1 (en) * 2001-07-10 2003-01-16 Peter Moller Memory device with data security in a processor
US20040064457A1 (en) * 2002-09-27 2004-04-01 Zimmer Vincent J. Mechanism for providing both a secure and attested boot

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
BENNET YEE: "Using Secure Coprocessors" THESIS SUBMITTED TO THE SCHOOL OF COMPUTER SCIENCE FOR THE DEGREE OF DOCTOR OF PHILOSOPHY, May 1994 (1994-05), page COMPLETE, XP002387974 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070192610A1 (en) * 2006-02-10 2007-08-16 Chun Dexter T Method and apparatus for securely booting from an external storage device
US8291226B2 (en) * 2006-02-10 2012-10-16 Qualcomm Incorporated Method and apparatus for securely booting from an external storage device
US8683213B2 (en) 2007-10-26 2014-03-25 Qualcomm Incorporated Progressive boot for a wireless device

Also Published As

Publication number Publication date
JP4489030B2 (en) 2010-06-23
US7831839B2 (en) 2010-11-09
WO2006082985A3 (en) 2006-10-26
JP2006221632A (en) 2006-08-24
US20060179302A1 (en) 2006-08-10

Similar Documents

Publication Publication Date Title
US7831839B2 (en) Methods and apparatus for providing a secure booting sequence in a processor
US8185748B2 (en) Methods and apparatus for facilitating a secure processor functional transition
US20060179324A1 (en) Methods and apparatus for facilitating a secure session between a processor and an external device
US7958371B2 (en) Methods and apparatus for secure operating system distribution in a multiprocessor system
US9092632B2 (en) Platform firmware armoring technology
US8001390B2 (en) Methods and apparatus for secure programming and storage of data using a multiprocessor in a trusted mode
US20060190733A1 (en) Methods and apparatus for resource management in a processor
US20030126454A1 (en) Authenticated code method and apparatus
US20070180271A1 (en) Apparatus and method for providing key security in a secure processor
Mandt et al. Demystifying the secure enclave processor
US9208292B2 (en) Entering a secured computing environment using multiple authenticated code modules
US8799673B2 (en) Seamlessly encrypting memory regions to protect against hardware-based attacks
CN112148642A (en) Memory writes for ownership access in a core
CN106845249A (en) System and method for performing secured environment initialization instruction
JP2000516373A (en) Method and apparatus for secure processing of encryption keys
US8522030B2 (en) Verification and protection of genuine software installation using hardware super key
US8065526B2 (en) Methods and apparatus for content control using processor resource management
US20150264087A1 (en) Systems, Apparatuses, and Methods for Enforcing Security on a Platform
Van Aubel et al. Investigating SRAM pufs in large cpus and gpus
BR102015016831B1 (en) SAFE ARCHITECTURE FOR EMBARKED SYSTEMS

Legal Events

Date Code Title Description
NENP Non-entry into the national phase

Ref country code: DE

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 06713238

Country of ref document: EP

Kind code of ref document: A2

122 Ep: pct application non-entry in european phase

Ref document number: 06713238

Country of ref document: EP

Kind code of ref document: A2

WWW Wipo information: withdrawn in national office

Ref document number: 6713238

Country of ref document: EP