EP4078418A1 - Electronic system and methods for dynamic activation of countermeasures - Google Patents
Electronic system and methods for dynamic activation of countermeasuresInfo
- Publication number
- EP4078418A1 EP4078418A1 EP20848856.9A EP20848856A EP4078418A1 EP 4078418 A1 EP4078418 A1 EP 4078418A1 EP 20848856 A EP20848856 A EP 20848856A EP 4078418 A1 EP4078418 A1 EP 4078418A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- function
- security
- hardware
- execution
- electronic system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 37
- 230000004913 activation Effects 0.000 title description 11
- 230000006870 function Effects 0.000 claims abstract description 179
- 238000001514 detection method Methods 0.000 claims abstract description 17
- 230000003213 activating effect Effects 0.000 claims description 6
- 238000004590 computer program Methods 0.000 claims description 4
- 238000005259 measurement Methods 0.000 claims 1
- 230000009849 deactivation Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 1
- 238000009499 grossing Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/034—Test or assess a computer or a system
Definitions
- the present invention relates to the field of securing the execution of software on an electronic device against attacks, and more particularly to a method for dynamically activating countermeasures.
- Software execution on an electronic device can be the subject of various attacks, allowing an attacker to maliciously modify the execution of software code on the electronic device or to gain knowledge of sensitive data stored on the secure device. , such as secret cryptographic keys or banking information.
- the present invention therefore relates to a method of configuring an electronic system for a secure execution of a code comprising a plurality of functions, said electronic system being configured to apply, during an execution of a code. a function, a security countermeasure configuration among a plurality of security countermeasure configurations, said method being executed by said electronic system comprising a hardware processor, security hardware registers configured to store start addresses of functions among said plurality of functions and associated security countermeasures configurations to be applied during an execution of said functions, a detection system configured to detect an attack on said electronic system during an execution of a function among said plurality of functions and including:
- said electronic system further comprises a backup memory while the start address of said first function and said selected security countermeasure configuration, stored in said hardware security register, are copied from said register.
- security equipment to said backup memory after said detection of an attack and, on startup of the electronic system, the starting addresses and the associated security countermeasures configurations, stored in said backup memory, are copied from said memory backup to said material security registers.
- the present invention relates to a method for executing a code comprising a plurality of functions, by an electronic system configured for secure execution of said code according to the method according to the first aspect, and for application, during an execution of a function, of a configuration of security countermeasures among a plurality of configurations of security countermeasures and comprising a hardware processor and hardware security registers storing, for at least one function among said plurality of functions, a function start address and an associated configuration of security countermeasures, to be applied during an execution of said at least one function, said method being executed by said electronic system and comprising, when the code execution passes through 'a first function has a second function:
- Such a method makes it possible to effectively protect parts of the code by activating, during their execution, the countermeasures necessary to protect them from the type of attacks which have already been detected during a previous execution of the code.
- Applying said predefined configuration of security countermeasures may include disabling all activated countermeasures.
- said electronic system comprises a secure processor state hardware register (psr_sec) storing a start address of a function in execution and a current configuration of a security countermeasure, as well as:
- determining whether one of the hardware security registers stores a start address of the second function includes comparing the start address of the second function stored in said processor secure state hardware register (psr_sec) to the start of function addresses stored in the hardware safety registers (break (i) _sec),
- - applying a security countermeasure configuration associated with the start address of the second function before executing said second function includes activating the required security countermeasures in the countermeasure configuration security associated with the start address of the second function and disabled in the current security countermeasure configuration.
- the method according to the second aspect can comprise: when the execution of the code passes from a first function to a second function, saving the contents of the processor secure state hardware register storing the start address of the first function in running and updating the secure processor state hardware register with the start address of the second function, and at the end of the execution of the second function and when execution reverts to the first function, reloading the saved content.
- the step of determining whether one of the security hardware registers stores a start address of the second function and / or the step of saving the content and reloading the saved content can be performed by a dedicated hardware circuit.
- this invention relates to a computer program product directly loadable into the memory of at least one computer, comprising software code instructions for carrying out the steps of the methods according to the first and second aspects of the invention. when said product is run on the computer.
- the present invention relates to an electronic system comprising a hardware processor, hardware security registers and a detection system, configured to perform the steps of the methods according to the first and the second aspect of the invention.
- one or more embodiments include the following features, fully described and particularly emphasized in the claims.
- Figure 1 is a schematic illustration of an electronic system according to the present invention.
- Figure 2 is a schematic illustration of a method according to an embodiment of the present invention.
- Figure 3 is an exemplary configuration of an electronic device according to the present invention.
- Figures 4 and 5 are schematic illustrations of an example of secure execution of a code according to the present invention.
- the invention relates to a method of configuring an electronic system 1 for secure execution of a code comprising a plurality of functions.
- the electronic system is able to apply, during the execution of a function, a configuration of security countermeasures among a plurality of configurations of security countermeasures .
- Each configuration of security countermeasures is defined by one or more countermeasures, the activation of which protects the electronic system against one or more types of attacks.
- Such countermeasures may include timing desynchronization such as clock jitter, power smoothing, activation of an anti-code rerouting mechanism, and memory access redundancy.
- Such an electronic system comprises, as shown in FIG. 1, a hardware processor 101 intended for the execution of the code to be protected and at least one memory 102, such as a non-volatile memory, a RAM memory and / or a ROM memory. in which the code is stored.
- the electronic system can also include a backup memory 105 such as a non-volatile memory, a programmable read only memory, a hard disk, etc.
- Such an electronic system can for example be a smart card or a tamper-proof computer.
- the main idea of the invention is to activate countermeasures during the execution of functions which have undergone attacks during a previous execution. To do this, attacks are detected during the operation of the electronic system.
- the electronic system comprises a detection system 103 configured to detect an attack on the electronic system during the execution of a function among the plurality of functions of the code to be protected.
- countermeasures to be activated for the next executions of the function, are defined.
- a security countermeasures configuration associated with the function that was running at the time of the attack is defined.
- the electronic system includes hardware security registers 104 configured to store function start addresses among the plurality of functions of the code, and associated security countermeasure configurations. , to be applied when performing these functions.
- such hardware security registers may be named break, _sec, where i represents an integer.
- the electronic system checks, at the start of the execution of a function, whether its starting address is stored in any one of the registers. break safety equipment, _sec. If a start-of-function address is found, the associated configuration is applied by activating the required countermeasures, such that these countermeasures remain active throughout the execution of the associated function.
- a first step S1 the detection system of the electronic system detects an attack on said electronic system during the execution of a first function. This step can be carried out continuously during the operation of the electronic system, until an attack is detected.
- the electronic system selects, as a function of the attack detected in the first step, a security countermeasure configuration to be applied during an execution of the first function.
- This security countermeasure configuration preferably includes one or more countermeasures against the attack detected in the first step, so that this countermeasure configuration, when applied, triggers the necessary countermeasures to protect the electronic system against further execution of the detected attack.
- the electronic system stores, in a break hardware security register, _sec, the start address of the first function and the selected configuration of the security countermeasure to be applied during an execution of the first function.
- a fourth step S4 when the execution code passes from a first function to a second function, the electronic system determines whether one of the hardware security registers break, _sec stores the start address of the second. function. This step can be performed by a dedicated hardware circuit. When one of the break hardware security registers, _sec stores the start address of the second function in a step S41, the electronic system applies the stored security countermeasure configuration before executing the second function. Thus, the execution of the second function is effectively protected by the countermeasures activated against the type of attacks it suffered during a previous execution.
- the second function does not require special countermeasures to be activated.
- the electronic system can apply a predefined security countermeasure configuration before executing the second function.
- This predefined security countermeasure configuration may simply indicate that no countermeasure is required.
- the application of the predefined configuration of security countermeasures may include deactivation of all activated countermeasures, in order to speed up the execution of the second function.
- the fourth step described above can be executed repeatedly each time a new function is called, in order to adapt the configuration of the countermeasures to the next function to be executed.
- the electronic system can at the same time carry out on the one hand the first three steps S1 to S3, in order to continuously detect new attacks and to adapt the configurations of security countermeasures stored in the hardware security registers; and on the other hand, performing the fourth step S4 at each change of function, in order to adapt the countermeasures applied to the function being executed.
- the electronic system may include a backup memory 105, such as an NVM or a programmable read only memory and after detection of an attack during the execution of a first function, the start address of said first function and said selected security countermeasure configuration, stored in said hardware security register, are copied from said hardware security register to said backup memory.
- a backup memory 105 such as an NVM or a programmable read only memory
- the starting addresses and the associated security countermeasures configurations, stored in said backup memory are copied from said backup memory to said security hardware registers.
- the electronic system may include a psr_sec processor secure state hardware register, configured to store the start address of the running function and the configuration. current security countermeasure applied.
- a start address of the first function and the current configuration of the security countermeasure can be stored, at the start of the execution of a first function, in the register.
- psr_sec processor secure state hardware configured to store the start address of the running function and the configuration.
- the content of the processor secure state hardware register psr_sec relating to the first function can be saved, for example in RAM or in dedicated hardware registers, and the psr_sec processor secure state hardware register may be updated with the start address of the second function.
- the fact of determining whether one of the break hardware security registers, _sec stores the start address of the second function can comprise the comparison of the start address of the second function stored in the hardware register.
- This comparison step can be carried out by a dedicated hardware circuit, for example by hardware comparators between each hardware security register break, _sec and the hardware secure state processor register psr_sec.
- a dedicated hardware circuit for example by hardware comparators between each hardware security register break, _sec and the hardware secure state processor register psr_sec.
- second function can then include the activation of the security countermeasures, required in the security countermeasure configuration associated with the start address of the second function and disabled in the current security countermeasure configuration, applied when performing the first function.
- the execution returns to the first function while the previous state of the processor secure state hardware register psr_sec, saved when passing from the execution to the second function, can be reloaded, for example from RAM or dedicated hardware registers. This step can be performed by a dedicated hardware circuit.
- FIG. 3 An example of the configuration of the electronic system is represented in FIG. 3, which shows the operations carried out during the detection of an attack during the execution of a function B called by a function A.
- Function A is executed from on board.
- the processor secure state hardware register psr_sec stores the A function start address 0x200 and a safety countermeasure configuration 0x0, indicating that no countermeasure is required.
- function B is called.
- the psr_sec processor safety status hardware register is updated with the start address of function B 0x2000.
- the detection of an attack triggers a security alarm which leads to writing the starting address of function B 0x2000 in one of the breakr_sec hardware security registers.
- the electronic system determines that three countermeasures are necessary to prevent this attack and therefore associates, with the starting address of function B 0x2000, a configuration of security countermeasure 0x3 requiring the activation of these three countermeasures .
- the contents of the breakr_sec security hardware registry can be copied to backup memory, so that it can be restored on restart.
- FIGS. 4 and 5 an example of secure execution of a code according to the invention is given in FIGS. 4 and 5.
- This example shows an initial state of the electronic system, in which a first function A is executed and calls a second function B. It is assumed that three hardware safety registers, breakr_sec, break2_sec and break / v_sec, store the start addresses of functions B (0x2000), D (0x4000) and F (0x6000) and the countermeasure configurations associated safety systems - which are not shown in FIG. 4 - but the start address of function A 0x200 is not stored in any of the hardware safety registers. As a result, function A is executed without the activation of any countermeasures.
- the processor secure state hardware register psr_sec When executing function A, the processor secure state hardware register psr_sec stores the starting address (A @ or 0x200) of function A and the safety countermeasure configuration 0x0, indicating that no countermeasures are required in this configuration. Function B is then called. Function B's start address B @ 0x2000 is copied to the processor secure state hardware register psr_sec and this starting address is looked up in the safety hardware registers. The breakr_sec safety hardware register stores the start address B @ 0x2000 associated with the safety countermeasure configuration 0x3 requiring the activation of three countermeasures.
- the processor secure state hardware register psr_sec After the execution of function B has started, the processor secure state hardware register psr_sec then stores the start address of function B @ 0x2000 and the associated safety countermeasure configuration 0x3.
- Figures 4 and 5 also show what happens when the execution of function B is completed and the execution of function A resumes.
- the processor secure state hardware register psr_sec still stores the start address of the B function @ 0x2000 and the associated safety countermeasure configuration 0x3.
- the start of function address A 0x200 could not be found in the hardware safety registers.
- the predefined safety configuration 0x0 is therefore applied, which deactivates the three countermeasures activated during the execution of function B, by a call to the deactivation function at address 0x1100.
- the hardware safety status register of psr_sec processor again memorizes the start address of function A @ 0x200 and the associated safety countermeasure configuration 0x0.
- the invention relates to a computer program product directly loadable into the memory of at least one computer, comprising software code instructions making it possible to execute, when said product is executed on the computer, the steps of the methods described above.
- the method and the computer program according to the second and third aspects of the invention can be configured to execute or can include any other characteristic described above.
- the electronic system and the method presented here therefore make it possible to effectively trigger the execution of additional countermeasures on specific parts of the code to be protected, almost without any imprint on this code and with a limited impact on the execution time, since 'no countermeasures are activated while performing functions for which no protection is required.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP19306680.0A EP3839779A1 (en) | 2019-12-18 | 2019-12-18 | Electronic system and methods for a dynamic activation of countermeasures |
PCT/FR2020/052559 WO2021123684A1 (en) | 2019-12-18 | 2020-12-18 | Electronic system and methods for dynamic activation of countermeasures |
Publications (1)
Publication Number | Publication Date |
---|---|
EP4078418A1 true EP4078418A1 (en) | 2022-10-26 |
Family
ID=74494940
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP19306680.0A Withdrawn EP3839779A1 (en) | 2019-12-18 | 2019-12-18 | Electronic system and methods for a dynamic activation of countermeasures |
EP20848856.9A Pending EP4078418A1 (en) | 2019-12-18 | 2020-12-18 | Electronic system and methods for dynamic activation of countermeasures |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP19306680.0A Withdrawn EP3839779A1 (en) | 2019-12-18 | 2019-12-18 | Electronic system and methods for a dynamic activation of countermeasures |
Country Status (3)
Country | Link |
---|---|
US (1) | US20230080096A1 (en) |
EP (2) | EP3839779A1 (en) |
WO (1) | WO2021123684A1 (en) |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP3376423A1 (en) * | 2017-03-14 | 2018-09-19 | Gemalto Sa | Self-adaptive countermeasures |
US10459477B2 (en) * | 2017-04-19 | 2019-10-29 | Seagate Technology Llc | Computing system with power variation attack countermeasures |
US10990682B2 (en) * | 2017-12-18 | 2021-04-27 | Nuvoton Technology Corporation | System and method for coping with fault injection attacks |
-
2019
- 2019-12-18 EP EP19306680.0A patent/EP3839779A1/en not_active Withdrawn
-
2020
- 2020-12-18 WO PCT/FR2020/052559 patent/WO2021123684A1/en unknown
- 2020-12-18 US US17/783,688 patent/US20230080096A1/en active Pending
- 2020-12-18 EP EP20848856.9A patent/EP4078418A1/en active Pending
Also Published As
Publication number | Publication date |
---|---|
WO2021123684A1 (en) | 2021-06-24 |
EP3839779A1 (en) | 2021-06-23 |
US20230080096A1 (en) | 2023-03-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP1605333B1 (en) | Program execution control | |
EP1904946B1 (en) | Detection of faults during a long perturbation | |
FR2989504A1 (en) | REGISTER PROTECTED FROM FAULT INJECTION ATTACKS | |
EP2880588A1 (en) | System for detecting a modification of a subprogram call stack | |
EP0919026A1 (en) | Method for modifying code sequences and related device | |
WO2012085482A1 (en) | Protection of applets against hidden-channel analyses | |
EP3441902B1 (en) | Method for protecting an electronic device against fault-injection attacks | |
EP4078418A1 (en) | Electronic system and methods for dynamic activation of countermeasures | |
EP1939745B1 (en) | Method and device for securing the reading of a memory | |
EP3198540B1 (en) | Method of auto-detection of attempted piracy of an electronic payment card, corresponding card, terminal and programme | |
KR20140082542A (en) | Method and apparatus for supporting dynamic change of authentication means for secure booting | |
EP2860660A1 (en) | System and method for securely loading data in a cache memory associated with a secure processor | |
WO2012080139A1 (en) | Dynamic method of controlling the integrity of the execution of an excutable code | |
EP3032451B1 (en) | Method for running a program by a processor and electronic entity comprising such a processor | |
EP4145704B1 (en) | Secure starting of a processing unit | |
EP2630605B1 (en) | Method for securing the execution of a computer code by means of dynamic redundancy | |
FR3072477A1 (en) | SECURING CONDITIONAL CONNECTION INSTRUCTIONS COMPOSED IN AN INTERMEDIATE CODE COMPUTER PROGRAM | |
EP3239845A1 (en) | Method for allocating memory space | |
EP2343663A1 (en) | Method for multiform protection of an executable code | |
FR2897452A1 (en) | Malicious software e.g. computer viruses, execution preventing method, involves implementing permutation over subset of instructions, storing permutation sequence number, and implementing instructions in execution module | |
EP2698739B1 (en) | Method for dynamic management of codes associated with security countermeasures, corresponding computer program product and device | |
EP3179400B1 (en) | Method for loading a computing resource into an electronic device, electronic module and corresponding computer program | |
FR2910658A1 (en) | Electronic system e.g. subscriber identification module card, for portable mobile phone, has physical address allocating module for allocating addresses in memory by variant according to behavioral factors of system | |
FR2996659A1 (en) | Method for executing program by microprocessor of electronic entity, involves verifying data value located in location stored at address structure passed as parameter, and applying countermeasure in negative result event during verification |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: UNKNOWN |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE INTERNATIONAL PUBLICATION HAS BEEN MADE |
|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE |
|
17P | Request for examination filed |
Effective date: 20220718 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
DAV | Request for validation of the european patent (deleted) | ||
DAX | Request for extension of the european patent (deleted) | ||
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: EXAMINATION IS IN PROGRESS |
|
17Q | First examination report despatched |
Effective date: 20240405 |