CN106855932B - Storage system and fault defense method and device thereof - Google Patents
Storage system and fault defense method and device thereof Download PDFInfo
- Publication number
- CN106855932B CN106855932B CN201510896260.6A CN201510896260A CN106855932B CN 106855932 B CN106855932 B CN 106855932B CN 201510896260 A CN201510896260 A CN 201510896260A CN 106855932 B CN106855932 B CN 106855932B
- Authority
- CN
- China
- Prior art keywords
- memory
- address
- target address
- data corresponding
- storage data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1416—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
Abstract
The invention discloses a storage system and a fault defense method and a fault defense device thereof, wherein the method comprises the following steps: receiving and analyzing a read instruction, and generating a read enable signal and a memory target address; generating an adjacent address set according to the target address of the memory, the type of the memory and the selected address generation mode; acquiring and detecting storage data corresponding to the target address and the adjacent address set of the memory; when all the storage data corresponding to the target address of the memory and the adjacent address set pass the detection, returning the storage data corresponding to the target address of the memory; otherwise, starting emergency measures.
Description
Technical Field
The invention relates to the technical field of safety protection design of a memory, in particular to a memory system and a fault defense method and device thereof.
Background
The development of mobile internet makes mobile payment means abundant. Financial security and communication security have become global problems, security chips are widely used, and accompanying attack techniques for attacking security chips are also endless, such as micro-detection technique attack, fault injection attack, power consumption analysis and the like. However, the generation of semiconductor process technology is rapidly advancing, so that the integration of chips is continuously increasing, and especially the integration of memories is rising at a speed exceeding moore's law. The reduction of the characteristic size of the chip puts a strict requirement on the intrusive attack, which is very serious due to the high cost of required equipment and the reduction of the attack success rate. Compared with invasive attack, semi-invasive attack has cost advantage and unsophisticated success rate and has become a main means for attacking high-integration chips. Optical fault injection attack is a typical semi-intrusive fault attack method and is widely used for attacking security chips. For example, a laser illuminates the memory to change the state of a bit in the memory, typically flipping from a current bit value to an opposite bit value.
The memory is widely used in security chips for storing program codes and data, however, how to safely read the stored contents has become an important factor affecting the security of such chips. The memory is susceptible to physical conditions such as light, heat, electricity, radiation and the like, and various fault injection attack techniques have been developed based on the physical conditions, and the attack techniques seriously threaten the security of the security chip, particularly the security of data storage and reading of the memory.
The memory is used as a source of program codes and data, how to prevent the memory from being attacked by fault injection is important, and the safety of storage and reading of the memory is ensured.
There is a method of interleaving repeated reads to protect the secure data read from fault attacks. The method for detecting the fault injection attack at least needs to delay two memory reading cycles, and data is sent to the bus when the data is not subjected to reading detection, so that certain potential safety hazards are generated. In the other scheme, light detection elements are added in each area of the chip, and the light detection units are accessed into a logic detection unit to judge whether each area of the chip is attacked by laser or not through a logic circuit. The scheme can effectively detect whether the register units in each area of the chip are attacked by laser, but the insertion of the light ray detection unit increases the area of the chip, and importantly, the scheme cannot prevent the memory from being attacked by light.
Disclosure of Invention
The invention is expected to provide a storage system and a fault defense method and device thereof, which can detect the fault injection attack to a storage in time, ensure that the system can safely read the content of the storage and improve the capacity of a security chip for defending the fault injection attack.
The technical scheme of the embodiment of the invention is realized as follows:
the embodiment of the invention provides a fault defense method of a storage system, which comprises the following steps:
receiving and analyzing a read instruction, and generating a read enable signal and a memory target address;
generating an adjacent address set according to the target address of the memory, the type of the memory and the selected address generation mode;
acquiring and detecting storage data corresponding to the target address and the adjacent address set of the memory;
when all the storage data corresponding to the target address of the memory and the adjacent address set pass the detection, returning the storage data corresponding to the target address of the memory; otherwise, starting emergency measures.
In the above scheme, the starting emergency measures include:
when the storage data corresponding to the target address of the memory fails to be detected, starting emergency operation according to the security level of the storage data corresponding to the target address of the memory;
when the storage data corresponding to the adjacent address set has the failed detection data, reading the storage data corresponding to the target address of the memory again; when the storage data corresponding to the target address of the memory read twice are consistent, returning the storage data corresponding to the target address of the memory; and when the storage data corresponding to the target address of the memory read twice are inconsistent, starting emergency operation according to the security level of the storage data corresponding to the target address of the memory.
In the above scheme, the detecting all the storage data corresponding to the target address of the memory and the adjacent address set includes:
after the storage data corresponding to the target address of the memory and the adjacent address set are detected, reading the storage data corresponding to the target address of the memory again;
when the storage data corresponding to the target address of the memory read twice are consistent, returning the storage data corresponding to the target address of the memory; and when the storage data corresponding to the target address of the memory read twice are inconsistent, starting emergency operation according to the security level of the storage data corresponding to the target address of the memory.
In the above scheme, the emergency operation includes:
interrupting a current read operation, interrupting a current task operation, a system reset operation, or deleting current data and a system reset operation.
In the foregoing solution, the address generation mode includes:
a rhombus method mode, namely the target address and the selected adjacent address set form a rhombus area;
or
And a rectangular method mode, namely the target address and the selected adjacent address set form a rectangular area.
In the above scheme, the rectangle method mode includes:
a square lower right corner method mode, a square upper left corner method mode, a square lower left corner method mode, a square upper right corner method mode or a square center method mode, that is, the target address and the selected adjacent address set form a square area, and the target address is located at the lower right corner, the upper left corner, the lower left corner, the upper right corner or the center of the square area.
In the above scheme, the higher the security level of the stored data corresponding to the target address of the memory is, the greater the number of elements in the adjacent address set corresponding to the target address of the memory is.
In the foregoing solution, the detecting the storage data corresponding to the target address of the memory and the adjacent address set includes:
and detecting the storage data corresponding to the target address of the memory and the adjacent address set by adopting a parity check method or a check sum check method.
The embodiment of the invention also provides a fault defense device of the storage system, which comprises: the device comprises a control unit, an address generation unit, a detection unit and an emergency processing unit; wherein the content of the first and second substances,
the control unit is used for receiving and analyzing the reading instruction and generating a reading enabling signal and a target address of the memory; the storage device is also used for returning the storage data corresponding to the target address of the memory when the storage data corresponding to the target address of the memory and the adjacent address set all pass the detection;
the address generating unit is used for generating an adjacent address set according to the target address of the memory, the memory type and the selected address generating mode;
the detection unit is used for acquiring and detecting the storage data corresponding to the target address of the memory and the adjacent address set;
and the emergency processing unit is used for starting emergency measures.
An embodiment of the present invention further provides a storage system, where the system includes: the fault defense device of the storage system and the storage are positioned on an access path of the storage.
The technical scheme of the invention has the beneficial effects that: detecting whether a target address area of a memory is attacked by fault injection according to abnormal performance of the read data by monitoring the data (including the data in the target address and the data in the adjacent address) read from the memory in real time; furthermore, the size of the memory array to be read can be adjusted according to the safety protection level required by the safety chip so as to cope with the light fault injection attack of various light spot areas.
Drawings
Fig. 1 is a schematic structural diagram of a memory system according to an embodiment of the present invention;
FIG. 2 is a diagram of a physical layout of a typical SRAM (8X8Bit) memory;
FIG. 3 is a physical layout diagram of a typical EEPROM (128X8Bit) memory;
fig. 4 is a flowchart illustrating a method for defending against a failure of a storage system according to an embodiment of the present invention.
Detailed Description
In order to more clearly illustrate the embodiments and technical solutions of the present invention, the technical solutions of the present invention will be described in more detail with reference to the accompanying drawings and embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without inventive step, are within the scope of the present invention.
Fig. 1 is a schematic structural diagram of a storage system according to an embodiment of the present invention, and as shown in fig. 1, the system includes: a fail-safe device 10 and a memory 11, wherein the fail-safe device 10 is located on an access path of the memory 11, the fail-safe device 10 comprising: a control unit 101, an address generation unit 102, a detection unit 103, and an emergency processing unit 104; wherein the content of the first and second substances,
a control unit 101, configured to receive and parse a read command, and generate a read enable signal and a memory target address; the storage device is also used for returning the storage data corresponding to the target address of the memory when the storage data corresponding to the target address of the memory and the adjacent address set all pass the detection;
an address generation unit 102, configured to generate an adjacent address set according to the memory target address, the memory type, and the selected address generation mode;
the detection unit 103 is configured to acquire and detect storage data corresponding to the target address of the memory and the adjacent address set;
and an emergency processing unit 104 for starting emergency measures.
Specifically, the failure defense apparatus 10 sends the target address to be read to the address generation unit 102 by parsing the read instruction issued by the data requester, and the address generation unit 102 generates the memory unit to be read and detected according to the type of the memory 11. The data read from these memory cells are transferred to the detection unit 103, and the detection unit 103 selects a data detection method according to the mode selection signal to determine whether the target address area is under a fault attack and sends the determination result thereof to the emergency processing unit 104. The failsafe device 10 returns the securely read data to the data requestor; and the emergency processing unit 104 starts the emergency measures immediately after receiving the fault attack existence indication.
The existing data checking methods such as parity check, checksum and the like can prevent optical fault injection attacks to a certain extent, and the methods are widely applied to memories, but the checking methods also have theoretical detection limits. For example, the parity check code can detect that an odd number of bits are erroneous, but cannot detect that an even number of bits are erroneous.
Since the memory has high density and high integration, and the light spot size of the light fault injection attack is larger than that of one memory cell of the memory, when a certain memory cell of the memory is attacked by the light fault injection attack, the adjacent memory cells are inevitably affected.
When a memory is attacked by optical fault injection, the state of a memory cell is generally inverted from a current bit value to an opposite bit value, and the resulting error is usually temporary, i.e. has a time length, so that the time for reading the memory can be prolonged or the number of times for reading the memory can be increased.
Based on the above three factors, the present failure defense apparatus 10 adds reading of adjacent addresses and re-reading of target addresses when reading target address data, and simultaneously, uses an error detection code and a multiple verification mechanism of target address data, thereby ensuring reliability of data and realizing detection of light failure injection attack. As described above, the failure defense apparatus 10 is composed of 4 parts: a control unit 101, an address generating unit 102, a detecting unit 103 and an emergency processing unit 104.
Wherein:
the control unit 101 mainly analyzes a read instruction sent by a data requester, and generates a read enable signal and a target address of the memory; and controls the address generating unit to output the adjacent address of the memory 11 to be detected according to the type of the memory 11; and selects a data detection method according to the mode selection signal to control the detection unit 103 to perform data detection; the address is controlled to generate other necessary timing and enable signals according to the mode selection signal. In order to further improve the reading security of the memory 11, the control unit 101 may control each unit to first read the target address data and verify the data, and temporarily store the data, then read the adjacent address data and detect the adjacent address data, and finally read the target address data and compare the target address data with the temporarily stored target address data to determine whether the memory is attacked by a fault.
The address generation unit 102 generates an adjacent address of the memory to be detected according to the target address of the memory and the type of the memory 11. Taking a typical Static Random Access Memory (SRAM) with a size of 8 × 8Bit as an example, the physical layout of the Memory is shown in fig. 2. The row address and the column address of the SRAM have a correspondence relationship with the word line WL and the bit line BL. The 8X8Bit SRAM has 4 WL (WL 0-WL 3) lines and 16 BL (BL 00-BL 07, BL 10-BL 17) lines, and each cross point in the figure represents a 1Bit value. When reading address 0, selecting WL0 and BL 00-BL 07, outputting data A0[7:0], namely A0[7] -A0 [0 ]; when reading address 1, WL0 and BL 10-BL 17 are selected, and the output data is A1[7:0 ]; when the address 2 is read, WL1 and BL 00-BL 07 are selected, and the output data is A2[7:0 ]; when address 3 is read, WL1 and BL 10-BL 17 are selected, the output data is A3[7:0], and so on.
Taking a 180nm process as an example, the size of a general SRAM cell (i.e. 1Bit value in the above figure) is about 1.5um2, and the size of a light spot is about 6um 2-60 um2, so when the light fault injection attacks the SRAM, not only an address data error of the SRAM is changed, but also data errors in the address adjacent to the address data error are caused. For example, when the center of the spot is illuminated at A3[0], the inevitable Bit values adjacent thereto are also affected, e.g., A2[0], A2[1], A1[0], A5[0], etc. Therefore, when the read target address is address 3, the address generation unit 102 will not only repeatedly read the data at address 3, but also read the data at addresses 1, 2, and 5 adjacent to the read target address to the detection unit 103 for detection, and the reading sequence can be any sequence. The data address of the reading method forms a rhombus, which is called a rhombus method, and the selection range of the rhombus can be expanded.
Taking the read target address as address 3 for example, the adjacent addresses are address 0, address 1 and address 2, and form a square by combining with the target address, which is called square method. The position of the target address is the lower right corner of the square, which is called as the lower right corner method of the square. Similarly, the position of the target address can be selected as an upper left address, a lower left address, an upper right address, or an adjacent address centered on the upper left address, the lower left address, the upper right address, or the adjacent address centered on the upper right address. They are named as square upper left corner method, square lower left corner method, square upper right corner method and square center method respectively. In addition, the adjacent addresses selected according to these methods are not limited to being immediately adjacent to the target address, and a larger adjacent range may be selected outward with the target address as the center or with the target address as a corner. Meanwhile, the safety protection grade is set in the fault defense device, different safety protection grades are defined according to different reading methods and different reading ranges, the larger the range selection is, the higher the safety protection grade is, and the stronger the protection capability is.
Different physical layouts can be used for different Memory types, and fig. 3 illustrates a typical 128X8Bit Electrically Erasable Programmable Read-Only Memory (EEPROM), which is different from SRAM in physical layout. For an EEPROM of 128X8Bit size, there are 4 WL (WL 0-WL 7) lines and 256 BL (BL 0-BL 256) lines, and each crossing point in the figure represents a 1-Bit value. When reading address 0, selecting WL0 and BL 0-BL 7, outputting data A0[7:0 ]; when address 1 is read, WL0 and BL 8-BL 15 are selected, the output data is A1[7:0], and so on. The above-mentioned rhombus method and square method are still suitable for EEPROM, the target address read for example is address 32, if rhombus method is adopted, the adjacent addresses selected are address 0, address 64, address 32, address 33; if the square bottom right corner method is adopted, the selected adjacent address is address 0.
The detection unit 103 selects a data detection method according to the mode selection signal. The data detection method may be parity check, checksum, etc., and the error detection code generated according to the data detection method needs to be stored in the memory. And the detection unit detects the data read from the target address of the memory and the adjacent address selected by the address generation unit and the error detection code after receiving the data detection instruction sent by the control unit, performs verification by adopting a corresponding data detection method, and determines that the current address is attacked by fault injection if the data verification result is inconsistent with the error detection code. The checking sequence of the target address and the data in the adjacent address can be combined at will, for example, the target address data can be checked and temporarily stored first, then the adjacent address data can be checked, and finally the target address data can be read and compared with the previously temporarily stored data.
The various error detection codes mentioned above are somewhat resistant to optical fault injection attacks, but also have theoretical detection limitations in themselves. For example, the parity check code can detect that an odd number of bits are erroneous, but cannot detect that an even number of bits are erroneous. The detection unit can firstly detect the data read by the target address and temporarily store the data according to the control time sequence of the control unit, then detect the read data of the adjacent address, finally detect the data in the target address which is repeatedly read, and compare the data with the previously temporarily stored data to detect the consistency of the data.
The emergency processing unit 104 executes different emergency processing measures according to the detection result of the detection unit and the security level of the target address data. If the target address is detected to be attacked by fault injection, the emergency processing unit respectively executes the current reading interruption operation, the current task interruption operation, the system reset operation or the current data deletion and system reset operation and the like according to the security level of the data in the target address. If the adjacent address is detected to be attacked by fault injection, the emergency processing unit returns an indication signal to the control unit to inform the control unit to read the data in the target address again, and the detection is compared with the previously read data to confirm whether the target address is attacked by the fault injection. And if the data in the target addresses read twice pass the detection of the detection unit and the data read twice are consistent, the reading process is considered to be safe. And if the detected or read data is not inconsistent, judging that the fault injection attack is received, and executing the emergency treatment measures.
In summary, the present invention also provides a method for defending a storage system against a failure, as shown in fig. 4, the method including:
In the above method, the starting of the emergency measure includes:
when the storage data corresponding to the target address of the memory fails to be detected, starting emergency operation according to the security level of the storage data corresponding to the target address of the memory;
when the storage data corresponding to the adjacent address set has the failed detection data, reading the storage data corresponding to the target address of the memory again; when the storage data corresponding to the target address of the memory read twice are consistent, returning the storage data corresponding to the target address of the memory; and when the storage data corresponding to the target address of the memory read twice are inconsistent, starting emergency operation according to the security level of the storage data corresponding to the target address of the memory.
In the above method, the detecting all the storage data corresponding to the target address of the memory and the adjacent address set includes:
after the storage data corresponding to the target address of the memory and the adjacent address set are detected, reading the storage data corresponding to the target address of the memory again;
when the storage data corresponding to the target address of the memory read twice are consistent, returning the storage data corresponding to the target address of the memory; and when the storage data corresponding to the target address of the memory read twice are inconsistent, starting emergency operation according to the security level of the storage data corresponding to the target address of the memory.
In the above method, the emergency operation includes:
interrupting a current read operation, interrupting a current task operation, a system reset operation, or deleting current data and a system reset operation.
In the above method, the address generation mode includes:
a rhombus method mode, namely the target address and the selected adjacent address set form a rhombus area;
or
And a rectangular method mode, namely the target address and the selected adjacent address set form a rectangular area.
In the above method, the rectangle method mode includes:
a square lower right corner method mode, a square upper left corner method mode, a square lower left corner method mode, a square upper right corner method mode or a square center method mode, that is, the target address and the selected adjacent address set form a square area, and the target address is located at the lower right corner, the upper left corner, the lower left corner, the upper right corner or the center of the square area.
In the above method, the higher the security level of the stored data corresponding to the target address of the memory is, the greater the number of elements in the adjacent address set corresponding to the target address of the memory is.
In the above method, the detecting the storage data corresponding to the target address of the memory and the adjacent address set includes:
and detecting the storage data corresponding to the target address of the memory and the adjacent address set by adopting a parity check method or a check sum check method.
The units of the failure protection device of the storage system of this embodiment execute the steps described in the above embodiments of the failure protection method, and therefore have the same beneficial effects. In addition, it should be understood that the above-described embodiment of the failure protection device of the storage system is only illustrative, and the described division of the units is only one logic function division, and other division manners may be provided in actual implementation. In addition, the coupling or communication connection between the units may be through some interfaces, and may also be in an electrical or other form.
The functional units may or may not be physical blocks, may be located in one place, or may be distributed on a plurality of circuit units, and may be implemented in the form of hardware or software functional blocks. Some or all of the modules can be selected according to actual needs to achieve the purpose of the scheme of the invention.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of a hardware embodiment, a software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, magnetic disk storage systems, optical storage systems, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory system that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory system produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
It should be noted that the above-mentioned embodiments are only examples of the present invention, and not intended to limit the scope of the present invention, and all equivalent structures or equivalent flow transformations made by using the contents of the specification and the drawings, such as the combination of technical features between the embodiments, or the direct or indirect application to other related technical fields, are included in the scope of the present invention.
Claims (9)
1. A method of failure defense for a storage system, the method comprising:
receiving and analyzing a read instruction, and generating a read enable signal and a memory target address;
generating an adjacent address set according to the target address of the memory, the type of the memory and the selected address generation mode;
acquiring and detecting the storage data corresponding to the target address and the adjacent address set of the memory in real time;
when all the storage data corresponding to the target address of the memory and the adjacent address set pass the detection, returning the storage data corresponding to the target address of the memory; otherwise, starting emergency measures;
the stored data corresponding to the memory target address and the adjacent address set all pass detection,
after the storage data corresponding to the target address of the memory and the adjacent address set are detected, reading the storage data corresponding to the target address of the memory again;
when the storage data corresponding to the target address of the memory read twice are consistent, returning the storage data corresponding to the target address of the memory; and when the storage data corresponding to the target address of the memory read twice are inconsistent, starting emergency operation according to the security level of the storage data corresponding to the target address of the memory.
2. The method of failure defense of a storage system according to claim 1, wherein the initiating an emergency measure comprises:
when the storage data corresponding to the target address of the memory fails to be detected, starting emergency operation according to the security level of the storage data corresponding to the target address of the memory;
when the storage data corresponding to the adjacent address set has the failed detection data, reading the storage data corresponding to the target address of the memory again; when the storage data corresponding to the target address of the memory read twice are consistent, returning the storage data corresponding to the target address of the memory; and when the storage data corresponding to the target address of the memory read twice are inconsistent, starting emergency operation according to the security level of the storage data corresponding to the target address of the memory.
3. The method of failure defense of a storage system according to claim 2, wherein the emergency operation comprises:
interrupting a current read operation, interrupting a current task operation, a system reset operation, or deleting current data and a system reset operation.
4. The method of fault defense for a storage system according to claim 1, wherein the address generation mode comprises:
a rhombus method mode, namely the target address and the selected adjacent address set form a rhombus area;
or
And a rectangular method mode, namely the target address and the selected adjacent address set form a rectangular area.
5. The method of failure defense for a storage system according to claim 4, wherein the rectangular method mode comprises:
a square lower right corner method mode, a square upper left corner method mode, a square lower left corner method mode, a square upper right corner method mode or a square center method mode, that is, the target address and the selected adjacent address set form a square area, and the target address is located at the lower right corner, the upper left corner, the lower left corner, the upper right corner or the center of the square area.
6. The method of claim 1, wherein the higher the security level of the storage data corresponding to the target memory address is, the greater the number of elements in the neighboring address set corresponding to the target memory address is.
7. The method of claim 1, wherein the detecting the stored data corresponding to the memory target address and the set of neighboring addresses comprises:
and detecting the storage data corresponding to the target address of the memory and the adjacent address set by adopting a parity check method or a check sum check method.
8. A device for failure defense of a storage system, the device comprising: the device comprises a control unit, an address generation unit, a detection unit and an emergency processing unit; wherein the content of the first and second substances,
the control unit is used for receiving and analyzing the reading instruction and generating a reading enabling signal and a target address of the memory; the storage device is also used for returning the storage data corresponding to the target address of the memory when the storage data corresponding to the target address of the memory and the adjacent address set all pass the detection;
the address generating unit is used for generating an adjacent address set according to the target address of the memory, the memory type and the selected address generating mode;
the detection unit is used for acquiring and detecting the storage data corresponding to the target address and the adjacent address set of the storage in real time;
the emergency processing unit is used for starting emergency measures;
the stored data corresponding to the memory target address and the adjacent address set all pass detection,
after the storage data corresponding to the target address of the memory and the adjacent address set are detected, reading the storage data corresponding to the target address of the memory again;
when the storage data corresponding to the target address of the memory read twice are consistent, returning the storage data corresponding to the target address of the memory; and when the storage data corresponding to the target address of the memory read twice are inconsistent, starting emergency operation according to the security level of the storage data corresponding to the target address of the memory.
9. A storage system, the system comprising: the memory system of claim 8 and a fail-safe device of the memory system, the fail-safe device being located on an access path of the memory.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510896260.6A CN106855932B (en) | 2015-12-08 | 2015-12-08 | Storage system and fault defense method and device thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510896260.6A CN106855932B (en) | 2015-12-08 | 2015-12-08 | Storage system and fault defense method and device thereof |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106855932A CN106855932A (en) | 2017-06-16 |
| CN106855932B true CN106855932B (en) | 2021-03-02 |
Family
ID=59132297
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510896260.6A Active CN106855932B (en) | 2015-12-08 | 2015-12-08 | Storage system and fault defense method and device thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106855932B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109936528B (en) * | 2017-12-15 | 2022-08-05 | 阿里巴巴集团控股有限公司 | Monitoring method, device, equipment and system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101923903A (en) * | 2009-06-16 | 2010-12-22 | St微电子(鲁塞)有限公司 | Detection is to the method and the corresponding memory of the fault-injection attack of storer |
| CN103679011A (en) * | 2012-09-20 | 2014-03-26 | 瑞萨电子株式会社 | Semiconductor integrated circuit |
| CN103917964A (en) * | 2011-11-02 | 2014-07-09 | 国立大学法人东京大学 | Memory controller and data storage device |
-
2015
- 2015-12-08 CN CN201510896260.6A patent/CN106855932B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101923903A (en) * | 2009-06-16 | 2010-12-22 | St微电子(鲁塞)有限公司 | Detection is to the method and the corresponding memory of the fault-injection attack of storer |
| CN103917964A (en) * | 2011-11-02 | 2014-07-09 | 国立大学法人东京大学 | Memory controller and data storage device |
| CN103679011A (en) * | 2012-09-20 | 2014-03-26 | 瑞萨电子株式会社 | Semiconductor integrated circuit |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106855932A (en) | 2017-06-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8397152B2 (en) | Method of detecting an attack by fault injection on a memory device, and corresponding memory device | |
| US8560899B2 (en) | Safe memory storage by internal operation verification | |
| KR101860809B1 (en) | Memory system and error correction method thereof | |
| CN110352407A (en) | Error Correcting Code memory | |
| US20100251043A1 (en) | Semiconductor integrated circuit, circuit function veryfication device and method of veryfying circuit function | |
| US20130139008A1 (en) | Methods and apparatus for ecc memory error injection | |
| CN105138903A (en) | ROP attack detection method based on RET instructions and JMP instructions | |
| US4912710A (en) | Self-checking random access memory | |
| CN103208313B (en) | Detection method and detection system | |
| US7475314B2 (en) | Mechanism for read-only memory built-in self-test | |
| CN114730607A (en) | Memory fault repairing method and device | |
| GB2613120A (en) | Online parallel processing soft error real-time error detection and recovery method and system | |
| US9891976B2 (en) | Error detection circuitry for use with memory | |
| CN106855932B (en) | Storage system and fault defense method and device thereof | |
| CN103257905B (en) | A kind of embedded computer system internal storage data checking circuit and method | |
| CN105824719B (en) | A kind of detection method and system of random access memory | |
| CN112612637B (en) | Memory data storage method, memory controller, processor chip and electronic device | |
| US20150227461A1 (en) | Repairing a memory device | |
| CN113608720A (en) | Satellite-borne data processing system and method resistant to single event upset | |
| CN106815153A (en) | A kind of method for secure storing, device and system | |
| Lee et al. | Evaluation of error detection coverage and fault-tolerance of digital plant protection system in nuclear power plants | |
| KR102389722B1 (en) | Semiconductor Memory Apparatus | |
| US9543043B2 (en) | Method for testing array fuse of semiconductor apparatus | |
| US10691586B2 (en) | Apparatus and method for software self-test | |
| US10579470B1 (en) | Address failure detection for memory devices having inline storage configurations |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |