Summary of the invention
The object of the invention is exactly the shortcoming that will solve above-mentioned prior art, provides a kind of chip based on voltage detecting and frequency detecting anti-attack method.
The present invention solves the technical scheme that its technical matters adopts: the anti-attack method of this chip based on voltage detecting and frequency detecting; Chip system comprises CPU main control unit, frequency detecting unit, voltage detection unit, anti-unit and the Nonvolatile memery unit attacked, and in nonvolatile memory, deposits the core data of chip system operate as normal; Through frequency detecting unit the clock input of outside is monitored, in case the clock frequency of input takes place unusually, frequency detecting unit reacts to this unusually, and reaction result is passed to the CPU main control unit; Through voltage detection unit the supply voltage of outside is monitored; In case it is bigger that input voltage value and normal value depart from, voltage detection module reacts to this variation, and reaction result is passed to the CPU main control unit; Voltage detection unit is an analog module; Accept the supply voltage of chip exterior, produce too high or too low voltage signal, select output to reset or interrupt by CPU main control unit control; After the CPU main control unit receives the abnormal response of frequency detecting unit and voltage detection unit, the entire chip system is controlled, implement protection the core data of chip internal through the anti-unit of attacking.
As preferably, in the said frequency detecting unit, encircle the reference clock f of the generation frequency detecting of shaking
1, ring shakes and is analog module, with the ring Disable that shakes, reference clock f
1Clock frequency is reduced to f behind frequency divider
2This clock carries out the frequency meter counting as the reference clock of frequency meter to outside input clock, and count results gets into comparer; Can accept the height limiting frequency with the preset chip of CPU main control unit compares; According to the output that comparative result produces frequency detecting, this is output as and resets or interrupt, and sends into the CPU main control unit.
As preferably, the anti-protected mode of taking the unit of attacking has three kinds.
1, the anti-output that resets of attacking unit reception voltage detection unit and frequency detecting unit directly resets to entire chip, cuts off the read channel of the core data of nonvolatile storage.
2, anti-interruption output of attacking unit reception voltage detection unit and frequency detecting unit starts and interrupts, and by interrupt service routine the core data in the chip is implemented to protect, and cuts off the read operation of CPU to the core data district of nonvolatile memory.
3, anti-attack the unit and receive resetting of voltage detection unit or frequency detecting unit or interrupts exporting after; Start hardware protection circuit; Send to write or to insert to nonvolatile memory through bus and remove order, the core data of the nonvolatile storage of chip internal is rewritten or inserted and remove.
Preceding two kinds of anti-anti-attack patterns of taking the unit of attacking are a kind of weak methods of protecting; When chip is attacked by abnormal voltage or frequency; Chip cuts off the read channel in chip internal sensitive data district, and after chip re-powered, BOOT data and routine data still kept; And read channel is replied normal, and chip can operate as normal.The anti-attack method that the third anti-attack unit is taked is a kind of method of strong protection; When chip is attacked by abnormal voltage or frequency; The chip internal nonvolatile memory BOOT data and routine data rewritten or insert and remove, after chip re-powers, the BOOT data read error; The reader data also make a mistake, and chip can't be reworked again.Selection in the LZT that anti-attack unit antagonism being attacked receives the control of CPU main control unit, and the CPU main control unit can any anti-attack pattern of Disable.The third anti-attack method is destructive big to chip, only adopts in the high security occasion.
The effect that the present invention is useful is: the present invention mainly is the aspect from the IC design; Design voltage detection module and frequency detection module; From chip internal the unusual power supply and the clock frequency of input chip are reacted, start the anti-attack unit of chip internal, chip is immune against attacks.
Embodiment
Below in conjunction with accompanying drawing and embodiment the present invention is described further:
As shown in Figure 1, the present invention is a kind of based on voltage detecting and the anti-attack method of frequency detecting chip, comprising: CPU main control unit, frequency detecting unit, voltage detection unit, anti-unit and the Nonvolatile memery unit attacked.
Said CPU main control unit (101) is the working centre of chip, is various application and developments, comprises that anti-attack control provides hardware platform, generally comprises CPU core and storage resources, like RAM, ROM etc.
Said frequency detecting unit (102) is monitored the clock input of outside, in case the clock frequency of input takes place unusually, frequency detecting unit reacts to this unusually, and reaction result is passed to the CPU main control unit, and it realizes that block diagram is (Fig. 2):
Ring shakes and produces the reference clock f of frequency detecting
1, ring shakes and is analog module, can be with the ring Disable that shakes for reducing power consumption CPU main control unit.Reference clock f
1Clock frequency is reduced to f behind frequency divider
2, this clock carries out the frequency meter counting as the reference clock of frequency meter to outside input clock, and count results gets into comparer, can accept the height limiting frequency with the preset chip of CPU main control unit and compare.According to the output that comparative result produces frequency detecting, this is output as and resets (fd_reset) or interrupt (fd_isr), sends into the CPU main control unit.
Said voltage detection unit (104) is monitored the supply voltage of outside, in case that input voltage value and normal value depart from is bigger, voltage detection module reacts to this variation, and reaction result is passed to the CPU main control unit.Voltage detection unit is an analog module, accepts the supply voltage of chip exterior, produces too high or too low voltage signal, is selected output to reset (vd_reset) or is interrupted (vd_isr) by CPU main control unit control.
Said nonvolatile memory (105) is deposited the core data of chip system operate as normal, and ROM, FLASH etc. are arranged usually.The BOOT data of chip and routine data leave in the nonvolatile memory usually, and after changing the BOOT data, chip can't normally start once more.And routine data is the sensitive data of chip, does not normally hope what the rival obtained, and its security needs to lay special stress on protecting in the chip design process.
Said anti-attack unit (103) is the anti-attack core component of CPU main control unit; After CPU receives the abnormal response of frequency detecting unit and voltage detection unit; Through the anti-unit of attacking the entire chip system is controlled, implement protection the critical data of chip internal.
Embodiment 1
The anti-output that resets (fd_reset or vd_reset) of attacking unit reception voltage detection unit and frequency detecting unit directly resets to entire chip, cuts off the read channel of the sensitive data of nonvolatile storage.This method requires the maximum address space in sensitive data district to fix, and sensitive data should not surpass this maximum memory space in application process.
As shown in Figure 3, VPP is the power supply of chip, and Clk is the clock source of chip, under the normal condition chip by electrification reset (POR) to system reset.Frequency detecting (FD) and power supply detect clock frequency and the power supply that (VR) detects input respectively; Frequency is too high or too low with Fhout or Flout output; Overtension or height be with Vhout or Vlout output, the attack protection unit detect Fhout, Flout or Vhout, Vlout arbitrary effectively after, stages of labor reset signal Rst_Fd_Vr; The output Rst_Por_Pdr that resets of this signal and electrification reset does the combinational logic operation, as the system reset of chip.Combinatorial logic unit realization Rst_Fd_Vr and Rst_Por_Pdr are arbitrary effectively, and system promptly resets.This embodiment is to first kind of anti-attack method.
Embodiment 2
Anti-interruption output (fd_isr or vd_isr) of attacking unit reception voltage detection unit and frequency detecting unit; Start and interrupt; By interrupt service routine the sensitive data in the chip is implemented protection, as cutting off the read operation of CPU to the sensitive data district of nonvolatile memory.This method is more flexible to the requirement in sensitive data district, and the user can implement protection to corresponding sensitive data district according to the size of employed sensitive data.
As shown in Figure 4, VPP is the power supply of chip, and Clk is the clock source of chip, and the system reset of chip is produced by POR.Frequency detecting (FD) and power supply detect clock frequency and the power supply that (VR) detects input respectively; Frequency is too high or too low with Fhout or Flout output; Overtension or height are with Vhout or Vlout output; The attack protection unit detect Fhout, Flout or Vhout, Vlout arbitrary effectively after, stages of labor look-at-me Isr_Fd_Vr.Other interrupt sources in this look-at-me and the system (Isr0 ..., Isrn) through producing a look-at-me after the interrupt control, through the outside interrupt service routine of human-computer interactive control flip chip.Through the read operation of bus to nonvolatile memory, data are stolen interrupt service routine in the protected storage through core logic Disable.This embodiment is to second kind of anti-attack method.
Embodiment 3
After anti-attack unit receives resetting of voltage detection unit or frequency detecting unit or interrupts output; Start hardware protection circuit; Send to write or to insert to nonvolatile memory through bus and remove order, the BOOT data or the sensitive data of the nonvolatile storage of chip internal are rewritten or inserted and remove.
As shown in Figure 5, after system powered on, FD and VR got into the default pattern, started the trim read operation of FLASH this moment, and the trim read operation is to carry out read command from the trim data field of FLASH, reads the trim data of FD and VR, and the trim read operation is not controlled by CPU.After FD, VR received correct trim value, FD and VR got into the active pattern, frequency detecting and voltage detecting operate as normal, incoming frequency and clock just often, CPU pass through the FLASH controller and FLASH mutual.In case when having abnormal frequency input or input voltage offset excessive; CPU starts the anti-unit of attacking, and carries out write operation to the trim data field of FLASH, changes the trim value of FD and VR operate as normal; With chip reset, FLASH is protected with the sensitive data in other nonvolatile memories simultaneously.
Because trim value starts the anti-unit of attacking by CPU and rewritten when Clk or Vpp are unusual in the FLASH, so after chip powers on once more, operate the trim value of delivering to FD and VR through trim and can not make FD and VR operate as normal, chip can't get into normal mode of operation.
The key of this anti-attack pattern is: in case detect the attack based on voltage or frequency, chip just automatically performs self-destruction, and is big to the destructiveness of chip, is not that too high occasion does not advise using in security requirement.This instance is the third control attack method.
Terminological interpretation
FD: frequency detecting
VR: voltage detecting
POR: electrification reset
PDR: reply the position down by cable
OTP: disposable programmable ROM
Non-physical attacks: do not destroy the attack technology of the physical package of chip, utilize temperature, voltage, frequency etc. that chip operation is got muddled, to steal one type of attack method of data inside chips.
Except that the foregoing description, the present invention can also have other embodiments.All employings are equal to the technical scheme of replacement or equivalent transformation formation, all drop on the protection domain of requirement of the present invention.