CA1213070A - Memory unit comprising a memory and a protection unit - Google Patents
Memory unit comprising a memory and a protection unitInfo
- Publication number
- CA1213070A CA1213070A CA000452806A CA452806A CA1213070A CA 1213070 A CA1213070 A CA 1213070A CA 000452806 A CA000452806 A CA 000452806A CA 452806 A CA452806 A CA 452806A CA 1213070 A CA1213070 A CA 1213070A
- Authority
- CA
- Canada
- Prior art keywords
- program
- address
- word
- processing system
- memory
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired
Links
- 230000004224 protection Effects 0.000 title claims abstract description 22
- 230000004048 modification Effects 0.000 claims abstract description 38
- 238000012986 modification Methods 0.000 claims abstract description 38
- 230000004907 flux Effects 0.000 claims description 5
- 238000000034 method Methods 0.000 claims 1
- 230000002349 favourable effect Effects 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/125—Restricting unauthorised execution of programs by manipulating the program code, e.g. source code, compiled code, interpreted code, machine code
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/123—Restricting unauthorised execution of programs by using dedicated hardware, e.g. dongles, smart cards, cryptographic processors, global positioning systems [GPS] devices
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Multimedia (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Technology Law (AREA)
- Radar, Positioning & Navigation (AREA)
- Remote Sensing (AREA)
- Storage Device Security (AREA)
Abstract
ABSTRACT:
In order to protect against illegal copying program words, which are stored in a memory (12), a memory unit (10) is provided with a protection unit (24) in addition to memory (12). The protection unit enables modification of the content of the program words which belong to a predetermined group before they are out-putted out the memory. The program words which belong to that predetermined group are program words which have a data word comprising an address part for addressing a further program word.
In order to protect against illegal copying program words, which are stored in a memory (12), a memory unit (10) is provided with a protection unit (24) in addition to memory (12). The protection unit enables modification of the content of the program words which belong to a predetermined group before they are out-putted out the memory. The program words which belong to that predetermined group are program words which have a data word comprising an address part for addressing a further program word.
Description
1~. 1091 The invention relates to a.data processing system comprising a data processor and a ~nory unit which ccmprises a protection unit and a memory for the storage of at least one program comprising a plurality of program words, said memory having a port for the exchange of program or information words,:each program word comprises a.data word and his respective address w~rd,.said protection unit ccmprises:
- recognition means having a first input connected to said port . and being provided for recognition out of the flux of program w~rds at.said port those ~hich belony to a predetermined group wherein the proyram w~rds cQmprise an address w~rd for addressing . a further prcgram word,.said reccg~lition means being further pro-vided for generating a command signal thereuFon;
~ first ~odification means,:having a second input connected to.said port and a third input connected to:said recognition means for receiving.said command signal,:said irst ~cdification means being provided for applyi~g under control of.said ccmmand signal a first modification operation on a received program word,.said first modi-ficatiGn means being oonnected to a first:data output of:said memory unit;
20 :said:data.processor ccmprises:
- a:data input connected to:said first.data ou~put for receiving data signals;
- a.program counter which is settable under control of received.data signals;
- a first address output cDnnected to a first a~dress input of the memory unit for supplying address signals in a seguence determined by:said prcgram counter.
Such a:data processin~ system being described in the Dutch .patent application nr~ 82 01 847:laid open to public inspection on 01-12-'83. m e m~mory unit comprises a.protection unit for protecting the program w~rds stored in the m~mory against illegal copying by u~-. authorized copiers.
De~ices which are controlled ~y a:data processor unit oomprise '''',~ ~
12~3~
PHA 1091 2 1.03.1984 a memory, for example, a RQM or a PROM, in which prograrns and other information (termed software), are stored in the form of program words for the execution of data processor operations. The design of such software is time consuming and is also expensive. Therefore, it is important to prevent unauthorized copying of such software.
When an information word which belongs to the predetermined grGup appears in the flux of information words at the port of the memory it is recognized by the recognition means which thereupon generates a cQmnand signal.
In the described system the information words kelonging to said predetermined group are information words which have a link to a further program word, which has to be addressed by the prcgram counter during the subsequent program step by the execution of the program. If the program is not normally executed, i.e. for example when the program is copied, that further program word will not be a~dressed. Thereupon the comrnand signal is confirmed and the first modification means are activated for applying a first mcdification opera-tion which consists of replacing the program word addressed during said subsequent program step by a nuissance word, which is unrelated to said program word. The nuissance word is outputted at the first date output of the memory unit. The consequent thereof is that the copied program has } cme useless } ause it contains at least one nuissance word which disturbs the execution of the program.
The present invention be distinguished from the described system by that the first mcdification operation is differently implemen-ted.
A data processing system according to the present invention is characterized in that said first ~odification operation being applied on the address part of said program w~rd upon which the command signal was generated, said protection unit further comprises second modification means, having a fourth input connected to said first address input and a second address output connected with said port, said second m~dification means keing provided for applying a second modificatiQn operation upon a received address signal in order to com-pensate for the first ~cdification operation.
The advantage of that data processing system is that there isalways scme difference ~et~een the flux of information ~ords at the port of the memory and the flux of data- and address signals ketween the 1~L3~
PHA 1091 3 29.02.1984 memory unit and the data processor notwithstanding that the program is copied or not. During a normal execution of the program, i.e. when the program is executed under control of the data processor and the instructions are executed according to the content of the program words, the second modification means will apply a second modification operation upon a received address signal. The second modification operation will compensate for the first modification operation so that the correct address w~rd will ke supplied to the port of the me~ory. The normal execution will thus not ke perturbed. However when o the program is copied, the modified program word, outputted at the first data output of the memory unit, will be included in the copied program, making the copied program useless.
A preferred emkodiment of the data prccessing system according to the invention is characterized in that, each of said program w~rds of said predetermined group comprises an instruction which acts on an equal-step progression of the program counter.
Instructions which act o~ an equal-step progression of the program counter are instructions which causes the program counter to increment (or decrement) with more than one unit step, such as for example JUMP
or GO-TO instructions. Those instructions have an address part which comprises information about the address of the subsequent prcgram word to ke addressed during the normal execution of the program. A modifica-tion of that address part applied by the first modification operation can efficiently disturb a copied program.
A further preferred e~*odiment of a data processing system according to the invention is characterized in that the program words of said predetermined group comprise an opcode part, said recognition means comprise an opcode decoder for decoding the o~code part of the program words.
Another preferred embodiment of a data processing system according to the invention is characterized in that said recognition means comprise an address decoder for deccding the address wordswhich kelong to said predetermined group.
Simple implementations of the recognition means are thus obtained.
It is favourable that said first and said second modification operation comprises the application of a mathematical operation.
The address part of a program ~ord -is generally composed of a numker of binary bits. Mathematical operations are easily applied thereon.
~2~ 3~
PHA 1091 4 29.02.1984 It is favourable that said first modification means comprise an adder for adding a value to said address part, and that said second n ~ ification means comprise a subtracting circuit for sukstracting said value from said address signal.
rrhis offers an easy and fast realization of the first and the second mcdification operation.
It is favourable that said first modification means comprise a random generator for generating said value, said random generator having an output connected with said second modification means for supplying said value.
When said value is generated by a random generator it will ke very difficult for an unauthorized copier to know ~nich value was added to the address part, because each time a different value can be generated.
The invention will now be descriked in detail with reference to the accompanying drawing in which the sole Figure represents a simplified block diagram of a preferred embodiment oE a data processing system according to the invention.
The data processing system illustrated in the Figure comprises a memory unit 10 and a data processor 14 for example a micro processor.
The memory unit comprises a memory 12, for example a RCM or a PRCM, and a protection unit 24. The data processor and the memo~y unit are connected to each other by means of an address bus 11 and a data bus 13.
The memory and the protection unit are cormected to each other by means Of an internal bus 23. The protection unit comprises recognition means 16 which have a first input connected to the internal kus. The protec-tion unit also comprises first modification means 17 which have a second input connected to the interna1 bus 23 and a first data output connected to the data bus 13, and second m~dification means 15 which have an address inp1t connected to the address bus 11 and an address output connected to the internal bus 23.
The memory 12 is used for the storage of at least one program which can be executed by the data processor. The program(s) comprises a plurality of program words. Each program word is genera]ly ccmposed of a num~er of binary bits. Each program word is stored at a respective ~emary location having his respective address. A port of the mem~ry is connected to the internal bus for supplying address w~rds to the memDry in order to fetch the resp~ctive program w~rds which belong to ~Z~3~3~0 PHA 1091 5 29.02.1984 that address word.
As suggested by his denomination the protection unit 24 serves to protect the program words, especially against illegal copying.
Therefore the protection unit provides tha-t for a number of program 5 words outputted at the terminal of th~ memory, a modification operation is applied thereon.
Several implementations are possible for the protection unit.
The operation of the data processing system will now be descril~ed with reference to a preferred elr~odiment for the protection unit. In this 10 preferred elr~odiment of the protection unit, the recognition means 16 comprise a jump instruction decoder 18 and a random nu~er generator 19.
The first modification means 17 co~lprise an adder 25 and the second modification means 15 comprise a subtracting circuit 26. 'Ihe random nurnker generator has an output connected via a line 20 to an input of 15 the adder and to an input of the sùbtracting circuit.
~ mong the program words stored in the men~ry there are the well known jump instructions which act on ~he equal-ste~
progression of the program counter. mese jump instructions are recognizable by their characteristic opcode (operational code) part.
20 The jump instruction decoder 18, which is an opcode decoder, decodes the opcode parts of the program ~ords outputted at the port of the meT~ry and supplied to the internal bus 23. When a jUlTp instruction is decoded, the jump instruction deccder generates a command signal which is supplied via line 21 to the random nu~er generator 19, to 25 the adder 25, even as to the subtracting circuit 26. Thereupon the random number generator 19 generates a random number which is supplied via line 20 to the aclder and the subtracting circuit.
The adder, which is connected to the internal bus 23, has also recei~ed the program ~rd which comprises the jump instruction. Under control 30 of the command signal the adder will add the random num~er to the address part (indicating the address to which to jump) of that jump instruction and produces a pseudo-jump address.
me dified program word with the pseudo-jump address is now transmitted via the data bus 13 to the data processor 14. There--35 upon the program c~}ter will indicate the program word at that pseudo-address. When the data processor 14 th~eafter addresses, via the address bus 11, the me~ry unit to acquire the program word at the pseudo-address, this address is transmitted to the subtracting circuit 26 of :
~2~3~7~) P~ 1091 6 29002.1984 the second modification means. After reception of the pseudo-address, the subtracting circuit substracts the random numker from the pseudo-address and transmits the thus obtained original address to the memory. The jump instruction is thus correctly executed.
Each subsequent program w~rd outputted from the ~emory 12 which is not a jump instruction is transmitted through the adder 25 onto data bus 13 without alteration. Since the program counter of the data processor, however, has been stepped forward to the pseudo-address, the second modification means 15 retains the random nw0ber for sub-traction from each of the addresses placed on address bus 11 by the data processor before transmission to the memory.
This continues until another jump instruction is provided on the port of the me~ory 12. When that occurs jump instruction decoder 18 again causes the random number generator 19 to operate to place another random number in adder 25 and subtracting circuit 26. The adder 25 operates as previously to place a pseuclo-jump address on the data bus 13. me second modification means 15 substitutes the new random number for the old random number in order to address the memory 12 properly when the data processor transmits the pseudo-jump address to the m~m2ry unit 10. In this way a predetermined group of information words in the form of jump instructions stored in some of the mem~ry locations of the memory 12 ca~se the first moclification means 17 to change those jump adclresses before transmission on the data bus 13.
Suppose now that the program w~rds stored in the mem~ry 12 are copied. The pseudo-addresses supplied on data bus 13 will than ke inco~porated in the copied program, making that copied program useless, kecause a wrong location in the program will ke addressed if the copied program is executed. Further if the copier addresses the memory unit after the output of the pseudo address, the supplied address will be m~dified by the second modification means. The copier will thus not know which location of the memory has been addressed. The copied program is thus totally useless.
In one form of the invention each jump instruction transmitted from the memory w~uld contain a binary 1 in one bit location. In all other mem3ry locations of the memory that bit location would contain a binary 0. In that embodiment the jump instruction decoder would take the form of a circuit which would respond to the binary 1 in the ~re-scriked bit location and would consequently cause the generation of ~2~3~7~1 PHA 1091 7 29.02.1984 the command signal as previously described.
In an alternative form, all jump instructions would be located in a particular section of the memory and the recognition means 16 w~uld comprise a comparator which would respond to the addresses in the locations in that section and cause the random number generator 19 to operate as previously described. The comparator is then for example connected to a storage element where said addresses are stored as identifier information in order to enable the comparison~ When all jump instructions are located in a particular section of the memory 12, then the recognition means could for example comprise an address decoder for decoding the addresses of that particular section.
Other types of recognition means are also known to those skilled in the art and could be substituted for those disclosed.
The recognition means could also react on other instructions than only the jump instructions, such as for example GC'TO instructions or any other instructions which act on an equal step progression of the program counter.
Several implementations are also possible for the first and the second modification means, which could for example comprise an 2D inverter, for inverting one of more bit locations in the address part of the jump instruction. For this implementation a random number generator is of course redundant.
In an alternative emkodiment the first modification means ~ould for example comprise a first address table, addressed by the address part of the jump instruction and comprising for each jump instruction a substitution address. The second modification means would then of course comprise a second address table, provided for restoring the original address part.
It is understood that various rnodifications to the a~ove descriked system of the invention will kecome apparent to those skilled in the art and that the arrangement described herein is for illustrative purposes and is not to be considered restrictive.
- recognition means having a first input connected to said port . and being provided for recognition out of the flux of program w~rds at.said port those ~hich belony to a predetermined group wherein the proyram w~rds cQmprise an address w~rd for addressing . a further prcgram word,.said reccg~lition means being further pro-vided for generating a command signal thereuFon;
~ first ~odification means,:having a second input connected to.said port and a third input connected to:said recognition means for receiving.said command signal,:said irst ~cdification means being provided for applyi~g under control of.said ccmmand signal a first modification operation on a received program word,.said first modi-ficatiGn means being oonnected to a first:data output of:said memory unit;
20 :said:data.processor ccmprises:
- a:data input connected to:said first.data ou~put for receiving data signals;
- a.program counter which is settable under control of received.data signals;
- a first address output cDnnected to a first a~dress input of the memory unit for supplying address signals in a seguence determined by:said prcgram counter.
Such a:data processin~ system being described in the Dutch .patent application nr~ 82 01 847:laid open to public inspection on 01-12-'83. m e m~mory unit comprises a.protection unit for protecting the program w~rds stored in the m~mory against illegal copying by u~-. authorized copiers.
De~ices which are controlled ~y a:data processor unit oomprise '''',~ ~
12~3~
PHA 1091 2 1.03.1984 a memory, for example, a RQM or a PROM, in which prograrns and other information (termed software), are stored in the form of program words for the execution of data processor operations. The design of such software is time consuming and is also expensive. Therefore, it is important to prevent unauthorized copying of such software.
When an information word which belongs to the predetermined grGup appears in the flux of information words at the port of the memory it is recognized by the recognition means which thereupon generates a cQmnand signal.
In the described system the information words kelonging to said predetermined group are information words which have a link to a further program word, which has to be addressed by the prcgram counter during the subsequent program step by the execution of the program. If the program is not normally executed, i.e. for example when the program is copied, that further program word will not be a~dressed. Thereupon the comrnand signal is confirmed and the first modification means are activated for applying a first mcdification opera-tion which consists of replacing the program word addressed during said subsequent program step by a nuissance word, which is unrelated to said program word. The nuissance word is outputted at the first date output of the memory unit. The consequent thereof is that the copied program has } cme useless } ause it contains at least one nuissance word which disturbs the execution of the program.
The present invention be distinguished from the described system by that the first mcdification operation is differently implemen-ted.
A data processing system according to the present invention is characterized in that said first ~odification operation being applied on the address part of said program w~rd upon which the command signal was generated, said protection unit further comprises second modification means, having a fourth input connected to said first address input and a second address output connected with said port, said second m~dification means keing provided for applying a second modificatiQn operation upon a received address signal in order to com-pensate for the first ~cdification operation.
The advantage of that data processing system is that there isalways scme difference ~et~een the flux of information ~ords at the port of the memory and the flux of data- and address signals ketween the 1~L3~
PHA 1091 3 29.02.1984 memory unit and the data processor notwithstanding that the program is copied or not. During a normal execution of the program, i.e. when the program is executed under control of the data processor and the instructions are executed according to the content of the program words, the second modification means will apply a second modification operation upon a received address signal. The second modification operation will compensate for the first modification operation so that the correct address w~rd will ke supplied to the port of the me~ory. The normal execution will thus not ke perturbed. However when o the program is copied, the modified program word, outputted at the first data output of the memory unit, will be included in the copied program, making the copied program useless.
A preferred emkodiment of the data prccessing system according to the invention is characterized in that, each of said program w~rds of said predetermined group comprises an instruction which acts on an equal-step progression of the program counter.
Instructions which act o~ an equal-step progression of the program counter are instructions which causes the program counter to increment (or decrement) with more than one unit step, such as for example JUMP
or GO-TO instructions. Those instructions have an address part which comprises information about the address of the subsequent prcgram word to ke addressed during the normal execution of the program. A modifica-tion of that address part applied by the first modification operation can efficiently disturb a copied program.
A further preferred e~*odiment of a data processing system according to the invention is characterized in that the program words of said predetermined group comprise an opcode part, said recognition means comprise an opcode decoder for decoding the o~code part of the program words.
Another preferred embodiment of a data processing system according to the invention is characterized in that said recognition means comprise an address decoder for deccding the address wordswhich kelong to said predetermined group.
Simple implementations of the recognition means are thus obtained.
It is favourable that said first and said second modification operation comprises the application of a mathematical operation.
The address part of a program ~ord -is generally composed of a numker of binary bits. Mathematical operations are easily applied thereon.
~2~ 3~
PHA 1091 4 29.02.1984 It is favourable that said first modification means comprise an adder for adding a value to said address part, and that said second n ~ ification means comprise a subtracting circuit for sukstracting said value from said address signal.
rrhis offers an easy and fast realization of the first and the second mcdification operation.
It is favourable that said first modification means comprise a random generator for generating said value, said random generator having an output connected with said second modification means for supplying said value.
When said value is generated by a random generator it will ke very difficult for an unauthorized copier to know ~nich value was added to the address part, because each time a different value can be generated.
The invention will now be descriked in detail with reference to the accompanying drawing in which the sole Figure represents a simplified block diagram of a preferred embodiment oE a data processing system according to the invention.
The data processing system illustrated in the Figure comprises a memory unit 10 and a data processor 14 for example a micro processor.
The memory unit comprises a memory 12, for example a RCM or a PRCM, and a protection unit 24. The data processor and the memo~y unit are connected to each other by means of an address bus 11 and a data bus 13.
The memory and the protection unit are cormected to each other by means Of an internal bus 23. The protection unit comprises recognition means 16 which have a first input connected to the internal kus. The protec-tion unit also comprises first modification means 17 which have a second input connected to the interna1 bus 23 and a first data output connected to the data bus 13, and second m~dification means 15 which have an address inp1t connected to the address bus 11 and an address output connected to the internal bus 23.
The memory 12 is used for the storage of at least one program which can be executed by the data processor. The program(s) comprises a plurality of program words. Each program word is genera]ly ccmposed of a num~er of binary bits. Each program word is stored at a respective ~emary location having his respective address. A port of the mem~ry is connected to the internal bus for supplying address w~rds to the memDry in order to fetch the resp~ctive program w~rds which belong to ~Z~3~3~0 PHA 1091 5 29.02.1984 that address word.
As suggested by his denomination the protection unit 24 serves to protect the program words, especially against illegal copying.
Therefore the protection unit provides tha-t for a number of program 5 words outputted at the terminal of th~ memory, a modification operation is applied thereon.
Several implementations are possible for the protection unit.
The operation of the data processing system will now be descril~ed with reference to a preferred elr~odiment for the protection unit. In this 10 preferred elr~odiment of the protection unit, the recognition means 16 comprise a jump instruction decoder 18 and a random nu~er generator 19.
The first modification means 17 co~lprise an adder 25 and the second modification means 15 comprise a subtracting circuit 26. 'Ihe random nurnker generator has an output connected via a line 20 to an input of 15 the adder and to an input of the sùbtracting circuit.
~ mong the program words stored in the men~ry there are the well known jump instructions which act on ~he equal-ste~
progression of the program counter. mese jump instructions are recognizable by their characteristic opcode (operational code) part.
20 The jump instruction decoder 18, which is an opcode decoder, decodes the opcode parts of the program ~ords outputted at the port of the meT~ry and supplied to the internal bus 23. When a jUlTp instruction is decoded, the jump instruction deccder generates a command signal which is supplied via line 21 to the random nu~er generator 19, to 25 the adder 25, even as to the subtracting circuit 26. Thereupon the random number generator 19 generates a random number which is supplied via line 20 to the aclder and the subtracting circuit.
The adder, which is connected to the internal bus 23, has also recei~ed the program ~rd which comprises the jump instruction. Under control 30 of the command signal the adder will add the random num~er to the address part (indicating the address to which to jump) of that jump instruction and produces a pseudo-jump address.
me dified program word with the pseudo-jump address is now transmitted via the data bus 13 to the data processor 14. There--35 upon the program c~}ter will indicate the program word at that pseudo-address. When the data processor 14 th~eafter addresses, via the address bus 11, the me~ry unit to acquire the program word at the pseudo-address, this address is transmitted to the subtracting circuit 26 of :
~2~3~7~) P~ 1091 6 29002.1984 the second modification means. After reception of the pseudo-address, the subtracting circuit substracts the random numker from the pseudo-address and transmits the thus obtained original address to the memory. The jump instruction is thus correctly executed.
Each subsequent program w~rd outputted from the ~emory 12 which is not a jump instruction is transmitted through the adder 25 onto data bus 13 without alteration. Since the program counter of the data processor, however, has been stepped forward to the pseudo-address, the second modification means 15 retains the random nw0ber for sub-traction from each of the addresses placed on address bus 11 by the data processor before transmission to the memory.
This continues until another jump instruction is provided on the port of the me~ory 12. When that occurs jump instruction decoder 18 again causes the random number generator 19 to operate to place another random number in adder 25 and subtracting circuit 26. The adder 25 operates as previously to place a pseuclo-jump address on the data bus 13. me second modification means 15 substitutes the new random number for the old random number in order to address the memory 12 properly when the data processor transmits the pseudo-jump address to the m~m2ry unit 10. In this way a predetermined group of information words in the form of jump instructions stored in some of the mem~ry locations of the memory 12 ca~se the first moclification means 17 to change those jump adclresses before transmission on the data bus 13.
Suppose now that the program w~rds stored in the mem~ry 12 are copied. The pseudo-addresses supplied on data bus 13 will than ke inco~porated in the copied program, making that copied program useless, kecause a wrong location in the program will ke addressed if the copied program is executed. Further if the copier addresses the memory unit after the output of the pseudo address, the supplied address will be m~dified by the second modification means. The copier will thus not know which location of the memory has been addressed. The copied program is thus totally useless.
In one form of the invention each jump instruction transmitted from the memory w~uld contain a binary 1 in one bit location. In all other mem3ry locations of the memory that bit location would contain a binary 0. In that embodiment the jump instruction decoder would take the form of a circuit which would respond to the binary 1 in the ~re-scriked bit location and would consequently cause the generation of ~2~3~7~1 PHA 1091 7 29.02.1984 the command signal as previously described.
In an alternative form, all jump instructions would be located in a particular section of the memory and the recognition means 16 w~uld comprise a comparator which would respond to the addresses in the locations in that section and cause the random number generator 19 to operate as previously described. The comparator is then for example connected to a storage element where said addresses are stored as identifier information in order to enable the comparison~ When all jump instructions are located in a particular section of the memory 12, then the recognition means could for example comprise an address decoder for decoding the addresses of that particular section.
Other types of recognition means are also known to those skilled in the art and could be substituted for those disclosed.
The recognition means could also react on other instructions than only the jump instructions, such as for example GC'TO instructions or any other instructions which act on an equal step progression of the program counter.
Several implementations are also possible for the first and the second modification means, which could for example comprise an 2D inverter, for inverting one of more bit locations in the address part of the jump instruction. For this implementation a random number generator is of course redundant.
In an alternative emkodiment the first modification means ~ould for example comprise a first address table, addressed by the address part of the jump instruction and comprising for each jump instruction a substitution address. The second modification means would then of course comprise a second address table, provided for restoring the original address part.
It is understood that various rnodifications to the a~ove descriked system of the invention will kecome apparent to those skilled in the art and that the arrangement described herein is for illustrative purposes and is not to be considered restrictive.
Claims (14)
1. Data processing system comprising a data processor and a memory unit which comprises a protection unit and a memory for the storage of: at least one program comprising a plurality of program words, said memory having a port for the exchange of program words, each program word comprises a data word and his respective address word, said protection unit comprises:
- recognition means having a first input connected to said port and being provided for recognizing out of the flux of program words at said port those which belong to a predetermined group wherein the program words comprise an address word for addressing a further program word, said recognition means being further provided for generat-ing a command signal thereupon;
- first modification means, having a second input connected to said port and a third input connected to said recogni-tion means for receiving said command signal, said first modification means being provided for applying under con-trol of said command signal a first modification operation on a received program word, said first modification means being connected to a first data output of said memory unit;
said data processor comprises:
- a data input connected to said first data output for receiving data signals;
- a program counter which is settable under control of received data signals, - a first address output connected to a first address input of the memory unit for supplying address signals in a sequence determined by said program counter;
characterized in that, said first modification operation being applied on the address word of said program word which the command signal was generated, said protection unit further comprises second modification means, having a fourth input connected to said first address input and a second address output connected with said port, said second modifi-cation means being provided for applying a second modification operation upon a received address signal in order to compen-sate for the first modification operation.
- recognition means having a first input connected to said port and being provided for recognizing out of the flux of program words at said port those which belong to a predetermined group wherein the program words comprise an address word for addressing a further program word, said recognition means being further provided for generat-ing a command signal thereupon;
- first modification means, having a second input connected to said port and a third input connected to said recogni-tion means for receiving said command signal, said first modification means being provided for applying under con-trol of said command signal a first modification operation on a received program word, said first modification means being connected to a first data output of said memory unit;
said data processor comprises:
- a data input connected to said first data output for receiving data signals;
- a program counter which is settable under control of received data signals, - a first address output connected to a first address input of the memory unit for supplying address signals in a sequence determined by said program counter;
characterized in that, said first modification operation being applied on the address word of said program word which the command signal was generated, said protection unit further comprises second modification means, having a fourth input connected to said first address input and a second address output connected with said port, said second modifi-cation means being provided for applying a second modification operation upon a received address signal in order to compen-sate for the first modification operation.
2. A data processing system as claimed in Claim 1, characterized in that each program words of said predetermined group comprises an instruction which acts on an equal-step progression of the program counter.
3. A data processing system as claimed in Claim 2, characterized in that each program word of said predeter-mined group comprises a jump instruction and the address word of the program word to which jump.
4. A data processing system as claimed in Claim 1, 2 or 3, characterized in that the program words of said prede-termined group comprise an opcode part, said recognition means comprise an opcode decoder for decoding the opcode part of the program words.
5. A data processing system as claimed in Claim 1, 2 or 3, characterized in that said recognition means comprise an address decoder for decoding the address words which belong to said predetermined group.
6. A data processing system as claimed in Claim 1, 2 or 3, characterized in that said recognition means comprise a storage element, for storing, an identifier information for each of the program words of said predetermined group, and a comparator having a first comparator input connected to said storage element and a second comparator input connected with said first input for realizing said recognition by comparing the identifier information with the supplied program words, said command signal being generated upon correspondence between said identifier information and said program word.
7. A data processing system as claimed in Claim 1, 2 or 3, characterized in that said recognition means comprise a storage element for storing an identifier information for each of the program words of said predetermined group, and a comparator having a first comparator input connected to said storage element and a second comparator input connected with said first input for realizing said recognition by comparing the identifier information with the supplied program words, said command signal being generated upon correspondence between said identifier information and said program word, and characterized in that said identifier information com-prises at least a part of the content of the program word.
8. A data processing system as claimed in Claim 1, 2 or 3, characterized in that said recognition means comprise a storage element for storing an identifier information for each of the program words of said predetermined group, and a comparator having a first comparator input connected to said storage element and a second comparator input connected with said first input for realizing said recognition by comparing the identifier information with the supplied program words, said command signal being generated upon correspondence between said identifier information and said program word, and characterized in that said identifier information com-prises at least a part of the content of the address word.
9. A data processing system as claimed in Claim 1, characterized in that said first modification means com-prise an adder for adding a value to said address word, and that said second modification means comprise a subtracting circuit for subtracting said value from said address signal.
10. A data processing system as claimed in Claim 9, characterized in that said first modification means com-prise a random generator for generating said value, said random generator having an output connected with said second modification means for supplying said value.
11. A memory unit for use in a data processing system as claimed in Claim 1, characterized in that said memory unit comprises a memory and a protection unit.
12. Protection unit to be used in a data processing system as claimed in Claim 1, 9 or 10.
13. A memory unit as claimed in Claim 11, charac-terized in that the memory unit is constructed using an integrated circuit technique, and that the memory and the pro-tection unit are integrated on the same chip surface.
14. A video game module comprising a memory unit as claimed in Claim 11 or 13.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US48741183A | 1983-04-29 | 1983-04-29 | |
US487,411 | 1983-04-29 |
Publications (1)
Publication Number | Publication Date |
---|---|
CA1213070A true CA1213070A (en) | 1986-10-21 |
Family
ID=23935622
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA000452806A Expired CA1213070A (en) | 1983-04-29 | 1984-04-26 | Memory unit comprising a memory and a protection unit |
Country Status (10)
Country | Link |
---|---|
JP (1) | JPS603024A (en) |
CA (1) | CA1213070A (en) |
DE (1) | DE3415209A1 (en) |
FR (1) | FR2545244B1 (en) |
GB (1) | GB2140592B (en) |
HK (1) | HK38788A (en) |
IE (1) | IE55440B1 (en) |
IT (1) | IT1209538B (en) |
SE (1) | SE462188B (en) |
SG (1) | SG10488G (en) |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPS60177498A (en) * | 1984-02-23 | 1985-09-11 | Fujitsu Ltd | Semiconductor storage device |
GB8507427D0 (en) * | 1985-03-21 | 1985-05-01 | Robertson J A | Prevention of soft & hardware copying |
DE3526130A1 (en) * | 1985-07-22 | 1987-01-29 | Lang Klaus Dipl Ing | Digital program protection chip |
US7162735B2 (en) | 2000-07-18 | 2007-01-09 | Simplex Major Sdn.Bhd | Digital data protection arrangement |
FR2823398B1 (en) | 2001-04-04 | 2003-08-15 | St Microelectronics Sa | EXTRACTION OF PRIVATE DATA FOR AUTHENTICATION OF AN INTEGRATED CIRCUIT |
FR2825873A1 (en) * | 2001-06-11 | 2002-12-13 | St Microelectronics Sa | PROTECTED STORAGE OF DATA IN AN INTEGRATED CIRCUIT |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4120030A (en) * | 1977-03-11 | 1978-10-10 | Kearney & Trecker Corporation | Computer software security system |
US4306289A (en) * | 1980-02-04 | 1981-12-15 | Western Electric Company, Inc. | Digital computer having code conversion apparatus for an encrypted program |
US4377844A (en) * | 1980-02-20 | 1983-03-22 | Marc Kaufman | Address translator |
GB2099616A (en) * | 1981-06-03 | 1982-12-08 | Jpm Automatic Machines Ltd | Improvements relating to microprocessor units |
GB2114331B (en) * | 1982-01-06 | 1985-10-09 | Emi Ltd | Program storage hardware |
NL8201847A (en) * | 1982-05-06 | 1983-12-01 | Philips Nv | DEVICE FOR PROTECTION AGAINST UNAUTHORIZED READING OF PROGRAM WORDS TO BE MEMORIZED IN A MEMORY. |
-
1984
- 1984-04-21 DE DE19843415209 patent/DE3415209A1/en not_active Withdrawn
- 1984-04-26 GB GB08410712A patent/GB2140592B/en not_active Expired
- 1984-04-26 CA CA000452806A patent/CA1213070A/en not_active Expired
- 1984-04-26 SE SE8402285A patent/SE462188B/en not_active IP Right Cessation
- 1984-04-26 IT IT8420695A patent/IT1209538B/en active
- 1984-04-26 IE IE1019/84A patent/IE55440B1/en unknown
- 1984-04-27 JP JP59084181A patent/JPS603024A/en active Granted
- 1984-04-27 FR FR848406677A patent/FR2545244B1/en not_active Expired - Lifetime
-
1988
- 1988-02-05 SG SG104/88A patent/SG10488G/en unknown
- 1988-05-26 HK HK387/88A patent/HK38788A/en unknown
Also Published As
Publication number | Publication date |
---|---|
FR2545244B1 (en) | 1990-05-04 |
GB2140592B (en) | 1987-10-21 |
SG10488G (en) | 1988-07-01 |
IE841019L (en) | 1984-10-28 |
SE462188B (en) | 1990-05-14 |
SE8402285D0 (en) | 1984-04-26 |
DE3415209A1 (en) | 1984-10-31 |
GB8410712D0 (en) | 1984-05-31 |
SE8402285L (en) | 1984-10-30 |
IT1209538B (en) | 1989-08-30 |
FR2545244A1 (en) | 1984-11-02 |
IE55440B1 (en) | 1990-09-12 |
GB2140592A (en) | 1984-11-28 |
JPS603024A (en) | 1985-01-09 |
IT8420695A0 (en) | 1984-04-26 |
HK38788A (en) | 1988-06-03 |
JPH0334103B2 (en) | 1991-05-21 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP0061096B1 (en) | Data processing system for parallel processing | |
US4409654A (en) | Data processor adapted for interruption to an instruction stream | |
US4584665A (en) | Arrangement for protecting against the unauthorized reading of program words stored in a memory | |
US5386565A (en) | Method and system for controlling/monitoring computer system having plural operating systems to run thereon | |
US4714994A (en) | Instruction prefetch buffer control | |
EP1050803B1 (en) | Guarded computer instruction execution | |
US5829047A (en) | Backup memory for reliable operation | |
CA1213070A (en) | Memory unit comprising a memory and a protection unit | |
US5471620A (en) | Data processor with means for separately receiving and processing different types of interrupts | |
CA1098214A (en) | Data processing system with an enhanced instruction pipeline control | |
US5901311A (en) | Access key protection for computer system data | |
JPH0758502B2 (en) | IC card | |
EP0346031B1 (en) | Vector data processing apparatus | |
EP0640916A2 (en) | Microcomputer | |
US5142630A (en) | System for calculating branch destination address based upon address mode bit in operand before executing an instruction which changes the address mode and branching | |
CN100359485C (en) | Testing device and method for flush-bonding system | |
CA1149068A (en) | Tri-state bussing system | |
US5210758A (en) | Means and method for detecting and correcting microinstruction errors | |
US3566369A (en) | Information processing system utilizing repeated selective execution of in-line instruction sets | |
KR100388961B1 (en) | data restoring control device of the flash ROM in the information processing system | |
CN114185602B (en) | Starting method, device and terminal of operating system | |
GB2174517A (en) | System for utilizing an auxiliary data memory unit in a data processing system having separate program and data memory units | |
JPH0430060B2 (en) | ||
CA1270572A (en) | Microprogram control device | |
US6081881A (en) | Method of and apparatus for speeding up the execution of normal extended mode transfer instructions |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
MKEX | Expiry |