FR2990533A1 - Program execution monitoring method for smart card, involves performing set of operations, and arranging processing unit to generate interruption of execution of program according to result of set of operations - Google Patents

Abstract

The method involves checking a set of tags during execution of a program. The set of tags is transmitted to an input of a monitoring unit during execution of identification data associated with the set of tags. The monitoring unit is arranged with a register and a processing unit for reading data stored in the register. Identification data is received in the input of the monitoring unit. A set of operations is performed to control the identification data. The processing unit is arranged to generate an interruption of execution of the program (1200) according to result of the set of operations. Independent claims are also included for the following: (1) a monitoring unit (2) a smart card.

Description

FIELD OF THE INVENTION The field of the invention is that of the security of electronic components, in particular of smart cards. The invention is particularly applicable to the control of the execution of secure software. STATE OF THE ART One of the main objectives of developers of secure microcontroller software is to prevent a potential attacker from changing the order of execution of instruction or instruction blocks constituting software. These attacks can take the form of electrical or light attacks, or undue modifications of data. To ensure control over the execution of the software, software techniques for controlling the execution of secure software have been developed.

These techniques include software to identify modules - that is, groups of software functions - in use, or software functions, and to control transitions between different modules or different functions belonging to one or more modules.

Thus, if following an intrusion, the order of execution of the functions is wrong, the call by a first function of a second function not provided by the software is detected. The intrusion is detected. Software techniques have also been developed to monitor the execution of software by incrementing a variable dedicated to critical stages of the execution of said software, with intermediate controls and / or final control of the dedicated variable. Depending on the expected and actual values of the variable, the controls can detect a poor execution of the software. These techniques have the advantage of simplicity of implementation, and a good attack detection efficiency. However, they affect the performance of the software because they require a large code size. In addition, they do not provide complete security of the software because as software, these solutions can themselves be attacked.

PRESENTATION OF THE INVENTION The purpose of the present invention is to remedy the problems described above by proposing a solution for controlling the execution of a software that is more reliable than the solutions of the prior art, and which does not diminish. the performance of the controlled software. For this purpose, the object of the invention is a method for monitoring the execution of a program implemented by a computer, said program including in its instructions a set of tags allowing the control of its execution steps, characterized in that when crossing a beacon in the flow of the program execution steps, the identification data associated with this beacon is transmitted at the input of an execution tracking unit, said unit comprising a register and a control unit. logical gate processing circuit configured to read the data stored in the register and implement on that data and on the identification data received by the execution tracking unit, operations adapted to control the data of the data logger. identification received, said processing circuit or not generating an interruption in the execution of the program depending on the result of these operations. Such a method is advantageously completed by the following characteristics taken alone or in all their technically possible combinations: the identification data of a beacon comprise a counter value associated with the beacon, the register comprising a corresponding field, the processing circuit comparing the counter value of the beacon with the counter value of the corresponding field in the register and updating the latter value by incrementing the corresponding field in the register, during a beacon crossing; the identification data of a tag includes function identification data associated with the tag, the register having a corresponding field, the processing circuit comparing the data of the tag with that of this field in the register and, when a crossing of a beacon during the call to perform a second function in the course of the execution of a first function, replacing in the function identification field of the register of identification data of the first function by identification data of the second function; in particular, when the first and the second functions belong to different modules, the processing circuit also replaces, in a module identification field, the data register depending on the module of the first function with data depending on the module of the second function, the identification data of a tag having module identification data that the processing circuit compares to data of the corresponding field in the register; the data dependent on the second function or the second module are respectively obtained by application of the operator "or exclusive bit-to-bit" between the data of the first function or the first module and an identifier of the second function or the second module ; each update of the data of the identification fields of the register, the processing circuit updates data of a field for monitoring and controlling the modifications of the identification fields. each update of the data of the tracking and control field of the modifications of the identification fields, the processing circuit resets the program execution monitoring field. The invention furthermore relates to a unit for monitoring the execution of a program, comprising on the same hardware support: a register and a logic gate processing circuit configured to read the data stored in the register and to implement the process. It relates for example to a chip card comprising a chip and such a performance tracking unit whose processing circuit and the register have been melted with said chip. DESCRIPTION OF THE FIGURES Other features, objects and advantages of the invention will emerge from the description which follows, which is purely illustrative and nonlimiting, and which should be read with reference to the accompanying drawings, in which: FIG. hardware in a context of use, - Figure 2 shows schematically an example of communication between a program and the components of a hardware module implemented in the process of monitoring the execution of the program, - Figure 3 shows the main steps of the process of monitoring the execution of the program. DETAILED DESCRIPTION OF AT LEAST ONE IMPLEMENTING MODE Hardware description of the unit for monitoring the execution of a program The unit for monitoring the execution of a software, referenced 1 in FIG. the same hardware support a register 10, and a hardware circuit with logic gates 11, or processing circuit, configured to read and write data from the register 10 and perform operations thereon. For example, as illustrated in FIG. 1, the software may be a program running wholly or partly on the processor 20 of a smart card 2, the register 10 and the circuit 11 being fused with the processor 20 while being materially integrated with it.

To allow control of the program flow by the circuit 11, the software is developed by integrating into the flow of its instructions a number of tags B whose identification is likely to be controlled through the processing circuit 11 and the register 10. The processing circuit itself being developed and fused, consistent with the integration of the tags in the program, to allow the expected control operations on the beacons being melted according to the software to be executed, while the software is in turn developed in coherence with the circuit 11. In particular, each module of the program (consisting of one or more software functions) and each function thereof being programmed in the program with a particular identifier MID, FID, a tag B in the software stream is identified by the MID and FID ID of the module and function to which it corresponds, as well as by a value of CPT counter. For its part, the register 10 includes several fields dedicated to monitoring the execution of a program and in particular: a first MID field, read and write, which makes it possible to check the identification of the module in progress execution by the program, by comparison of the value read in this field with the value of the MID identifier of the beacon B concerned, the circuit 11 generating a program interruption, if the values of the module and the field differ; a second field FID, read and write, which makes it possible to verify that the function executed by the program is the desired one, by checking the adequacy of the value of this field with the identifier FID given by the beacon B, the circuit generating a software interrupt if the values of the function and the field differ and thus preventing the uncontrolled passage from one function to another; a third field CPT, in reading and writing, serves to follow the course of the program, by controlling that a beacon crossed by the program is the one desired, the circuit 11 comparing, for each beacon B crossed by the program, the value of the CPT counter indicated at the program level for this tag that of the CPT field of the register 10, then incrementing the value of this field in the register 10 thereof. If the two values being compared are the same, the execution continues normally. On the other hand, if the values differ, an interruption is generated. The register 10 furthermore comprises a control OPE field, which in reading is broken down into: a most significant bit used as an ERR error indicator field (When this bit is at 1, an error is signaled, and the processing 11 causes the interruption of the program) and - an LVL field which constitutes a level counter which makes it possible to control the changes of values which may be made necessary by the discontinuities related to function calls and interrupts. The register 10 may be a 32-bit register, the circuit 11 being a 32-bit core. For example, the module identification MID field represents 8 bits, the FID function identification field represents 10 bits, and the CPT field represents 7 bits. In writing the OPE control field represents 7 bits, while the error indicator field ERR represents 1 bit in read, and the LVL field represents 6 bits.

Also, the unit 1 can be advantageously coupled to a watchdog (electronic circuit for restarting the system if a given action is not executed within a time limit) to ensure the temporal control of the execution of the software to be monitored (not shown in the figure).

The operations of modifying the fields of the register 10 by the circuit 11 as a function of the execution of the program are described in more detail below. Example of a method for controlling the execution of a program With reference to FIG. 2 and FIG. 3, an example of implementation of the program execution control method by means of said register 10 and the circuit " hardware »11 associated. For the sake of clarity, the following conventions are used in the following: Field.b = Current value of the 'Field' before writing Field.w = Written value, Field.a = Result value after writing. Initialization The method comprises a first step 1000 of initializing or resetting the values of the register. This is the only way to completely modify the registry. In fact, this command being critical, it generates an interruption as soon as the field of the fields of the register is modified, prohibiting any non-mastered use.

This step is implemented by a CFU_LOAD command (LVL) of the OPE field described below: Command: OPE.w = CFU_LOAD (LVL) Action (s): LVL.a = LVL.w = OPE [5..0 ] .w (6 low-order bits of OPE.w) MID.a = MID.w FID.a = FID.w CPT.a = CPT.w ERR.a = 0 Exception conditions causing a break in any modification of a field of the register, that is to say: (ERR.b * 0) or (LVL.b * LVL.w) or (MID.b * MID.w) or (FID.b * FID.w) or (CPT.b * CPT.w) In this way, this command CFU_LOAD makes it possible to control the values of all the fields of the register. Verification and modification of the values of the fields Following this step of initializing the register, the method comprises a step 1100 of updating the values of the fields of the register as the program is executed, and the control of the matching the values of the fields and steps running the program. Thus, the course of a program is shown schematically in FIG. 2. It comprises the execution of functions F1, F2, F3 belonging to different modules M1, M2, and, for each function, the crossing of a certain number of tags. B programmed. The processing circuit 11 is melted according to the program to be executed, while the program is developed in coherence with the circuit 11, each time a beacon B is crossed by the program, the processing circuit 11 checks the identifiers MID and FID by comparing them with those previously written in the register 10 and executes a step 1110 for updating the value of the CPT field. This step can be performed by a CFU_STEP command referenced 1111 in FIG. 3, or by a CFU_ADD command, referenced 1112, of the OPE field. CFU_STEP command The CFU_STEP command is used to increment the CPT beacon counter field, and to check that the program has not changed any function or module running. If there is no correspondence between the values of the register fields and the program execution step, an interrupt is generated. Command: OPE.w = CFU_STEP 35 Actions: CPT.a = CPT.b + 1 ERR.a = (ERR.b * 0) or (MID.b * MID.w) or (FID.b * FID.w) or (CPT.b * CPT.w) or (CPT.a <CPT.b) Exception conditions: (ERR.a * 0) We notice that the overflow of the CPT counter, that is to say its return to 0, is also a source of interruption. Since the number of bits in each field, and in particular the CPT field, is limited, it is imperative to control the conditions under which an overflow can occur. Now, the processing circuit 11 is configured so that the overflow of the counter is only authorized if the LVL tracking field is modified.

On the other hand, one also notes that the result of a modification of the CPT field is a combination of the current value and the written value (in this case an increment of 1). Thus, a given value of the counter depends on the previous values and allows the propagation of an error for subsequent detection unless the LVL tracking field is changed.

CFU_ADD command The CFU_ADD command, meanwhile, also checks the values of the MID and FID identification fields, and it modifies the value of the CPT field by adding the write value (CPT.w).

Command: OPE.w = CFU_ADD Actions: CPT.a = CPT.b + CPT.w ERR.a = (ERR.b * 0) or (MID.b * MID.w) or (FID.b * FID.w ) or (CPT.a <CPT.b) Exception conditions: (ERR.a * 0) As for the CFU_STEP command, the overflow of the CPT field is an error. This command is an alternative to the command CFU_STEP, these two commands being called according to the beacons envisaged in the programming of the software to obtain the maximum value of the field CPT before overflow at the time of the modifications of the field LVL. However, the LVL field is modified, incrementally or decrementally, to allow program transitions between two functions or two separate modules. Whenever the program goes from a first function to a second function, the first and the second function can belong to separate modules, the module implements a step 1120 for modifying the LVL field. Two commands are therefore intended to modify the value of the LVL field, a field incrementing CFU_INC command, referenced 1121 in FIG. 3 and a decrementation CFU_DEC command, referenced 1122. Conventionally, the first one makes it possible to control calls to layers lower software, while the second allows to control returns to higher layers.

The LVL field is therefore a counter of the "level" ("level" in English) where the software is located. CFU INC and CFU_DEC commands The CFU_INC and CFU_DEC commands are executed as follows: - CFU_INC: Command: OPE.w = CFU_INC Actions: LVL.a = LVL.b + 1 MID.a = MID.b xor MID.w FID.a = FID.b xor FID.w CPT.a = CPT.b + CPT.w ERR.a = (ERR.b * 0) or (LVL.a = 0) or (CPT.a> = CPT.b) Conditions exception: (ERR.a * 0) or (MID.w * 0) - CFU_DEC: Command: OPE.w = CFU_DEC Actions: LVL.a = LVL.b - 1 MID.a = MID.b xor MID. w FID.a = FID.b xor FID.w CPT.a = CPT.b + CPT.w ERR.a = (ERR.b * 0) or (LVL.b = 0) or (CPT.a> = CPT .b) Exception conditions: (ERR.a * 0) or (MID.w * 0) Incrementing or decrementing the field forces overflow of the CPT counter. The software is made compatible with this module operation by programming the software provided to match the number of tags between each counter overflow, the size of the counter, and the transitions between functions. This adjustment of the number of tags is easy for the skilled person. In addition, the fact of changing the module, that is to say, to change the value of the MID field, causes the generation of an interrupt without activation of the error flag (ERR field). This systematic interruption with each modification of the MID field makes it possible to manage the execution contexts of the software. When changing the function and executing the CFU_INC or CFU_DEC commands, changes to the MID or FID fields are performed by applying the "or exclusive" operator ("xor") between the current value of the field, which corresponds to an identifier of the function or module before change, and an identifier of the function or module after change (noted FID.w or MID.w). Changing the values of the fields by an "exclusive" operator and not by a direct change allows a better control of the transition from one function to another. Indeed, the result is a combination of the current value and the desired value; so if there is an error on the current value, corresponding to the identifier of the function before change, the resulting identifier is also wrong. An error is propagated by a modification, instead of being overwritten by it, and if it has not been detected, it can be later. The step 1100 of updating the values of the register as the program is executed results either in a step 1200 of generating an interrupt (in the case where an error has occurred, or a change of module has taken place) or in a reiteration 1300 of this step 1100. During the iterations, the processing circuit 11 can also execute a command CFU_CTRL, referenced 1400 to check the values of all the fields of the register, with the exception of the "LVL" field. Any discrepancy between the control value (the written value) and the current value causes the activation of an error flag "ERR.a = 1" and the generation of a hardware interrupt 1200. This process is implemented until the end of program execution. The commands described above make it possible to control the good execution of the software by a hardware module, which greatly reduces the size of code specific to the program and the code execution time intended for this control. In addition, the use of a hardware interrupt helps control exceptional cases.15

Claims (10)

REVENDICATIONS1. A method of monitoring the execution of a program implemented by computer, said program including in its instructions a set of tags (B) for controlling its execution steps, characterized in that when crossing a tag (B) in the flow of the program execution steps, the identification data associated with this beacon is transmitted as input to an execution tracking unit, said unit comprising a register (10) and a control circuit. process (11) with logic gates configured to read the data stored in the register (10) and implement on these data and on the identification data input by the execution tracking unit, operations adapted to control the received identification data, said processing circuit or not generating an interruption in the execution of the program according to the result of these operations. The method according to claim 1, wherein the identification data of a tag includes an execution tracking counter value associated with the tag, the register having a corresponding field (CPT), the processing circuit ( 11) comparing the counter value of the beacon with the counter value of the corresponding field in the register (10) and updating this last value by incrementing the corresponding field in the register, during a beacon crossing (B) . 3. Method according to the preceding claim, wherein the identification data of a beacon comprise function identification data associated with the beacon, the register comprising a corresponding field (FID), the processing circuit (11). comparing the data of the beacon to that of this field in the register and, when crossing a beacon during the call of the execution of a second function in the course of the execution of a first function, replacing in the function identification field (FID) of the register (10) of the identification data of the first function by identification data of the second function. The method of claim 3, wherein the first and second functions belong to different modules, and the processing circuit (11) further replacing in a module identification field (MID) of the register (10) data dependent on the module of the first function by data dependent on the module of the second function, the identification data of a beacon comprising module identification data that the processing circuit (11) compares with those of the corresponding field in the register. 5. Method according to one of claims 3 or 4, wherein the data dependent on the second function or the second module are respectively obtained by applying the operator "or bitwise exclusive" between the data of the first function or of the first module and an identifier of the second function or the second module. The method according to one of the preceding claims, wherein, at each update of the data of the register identification fields, the processing circuit (11) updates data of a tracking field (LVL). and control changes to the identification fields. 7. Method according to the preceding claim, wherein, at each update of the field data (LVL) tracking and control changes of the identification fields, the processing circuit (11) resets the counter value. (CPT) program performance monitoring (CPT). 8. A unit for monitoring the execution of a program, comprising on the same hardware support: - a register (10), and - a logic gate processing circuit (11) configured to read the data stored in the register ( 10) and implement the method according to one of the preceding claims. 9. The program execution tracking unit according to the preceding claim, wherein the register (10) comprises 32 bits. 10. Smart card (2) comprising a chip (20) and a performance tracking unit according to one of claims 8 or 9, the processing circuit (11) and the register (10) being melted with said chip .