FR3075420B1 - SYSTEM AND METHOD FOR SECURE STARTING OF A PROCESSOR - Google Patents

SYSTEM AND METHOD FOR SECURE STARTING OF A PROCESSOR Download PDF

Info

Publication number
FR3075420B1
FR3075420B1 FR1701333A FR1701333A FR3075420B1 FR 3075420 B1 FR3075420 B1 FR 3075420B1 FR 1701333 A FR1701333 A FR 1701333A FR 1701333 A FR1701333 A FR 1701333A FR 3075420 B1 FR3075420 B1 FR 3075420B1
Authority
FR
France
Prior art keywords
processor
storage space
reset
secure
reinitialization
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
FR1701333A
Other languages
French (fr)
Other versions
FR3075420A1 (en
Inventor
Loic Mouren
Guillaume Zin
Jonathan Ben Hassen
Eric Rogard
Laurent Dicklic
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Thales SA
Original Assignee
Thales SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Thales SA filed Critical Thales SA
Priority to FR1701333A priority Critical patent/FR3075420B1/en
Publication of FR3075420A1 publication Critical patent/FR3075420A1/en
Application granted granted Critical
Publication of FR3075420B1 publication Critical patent/FR3075420B1/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • G06F15/16Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
    • G06F15/177Initialisation or configuration control
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/74Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Physics (AREA)
  • Storage Device Security (AREA)
  • Debugging And Monitoring (AREA)

Abstract

Ce système (300) de démarrage sécurisé d'un processeur (310), le système comportant le processeur et le processeur utilisant, lors de sa réinitialisation, un programme de réinitialisation (L1) présent dans un espace de stockage, est caractérisé en ce que l'espace de stockage est un espace de stockage volatil (320), et en ce que le système comporte, en outre, un processeur de sécurité (330) et un espace de stockage sécurisé (340), le processeur de sécurité étant configuré pour : appliquer au processeur un signal de réinitialisation (Sr) dont le niveau inhibe la réinitialisation du processeur ; charger un programme de réinitialisation (L1) depuis l'espace de stockage sécurisé dans l'espace de stockage volatil ; et modifier le niveau du signal de réinitialisation (Sr) pour autoriser la réinitialisation du processeur.This system (300) for securely starting a processor (310), the system comprising the processor and the processor using, during its reinitialization, a reinitialization program (L1) present in a storage space, is characterized in that the storage space is a volatile storage space (320), and in that the system further includes a security processor (330) and a secure storage space (340), the security processor being configured to : applying to the processor a reset signal (Sr) whose level inhibits the reset of the processor; load a reset program (L1) from the secure storage space in the volatile storage space; and change the level of the reset signal (Sr) to allow the processor to reset.

FR1701333A 2017-12-20 2017-12-20 SYSTEM AND METHOD FOR SECURE STARTING OF A PROCESSOR Active FR3075420B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
FR1701333A FR3075420B1 (en) 2017-12-20 2017-12-20 SYSTEM AND METHOD FOR SECURE STARTING OF A PROCESSOR

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR1701333 2017-12-20
FR1701333A FR3075420B1 (en) 2017-12-20 2017-12-20 SYSTEM AND METHOD FOR SECURE STARTING OF A PROCESSOR

Publications (2)

Publication Number Publication Date
FR3075420A1 FR3075420A1 (en) 2019-06-21
FR3075420B1 true FR3075420B1 (en) 2020-01-10

Family

ID=62017304

Family Applications (1)

Application Number Title Priority Date Filing Date
FR1701333A Active FR3075420B1 (en) 2017-12-20 2017-12-20 SYSTEM AND METHOD FOR SECURE STARTING OF A PROCESSOR

Country Status (1)

Country Link
FR (1) FR3075420B1 (en)

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPWO2009013825A1 (en) * 2007-07-25 2010-09-30 パナソニック株式会社 Information processing apparatus and falsification verification method
WO2015048922A1 (en) * 2013-10-02 2015-04-09 Intel Corporation Trusted boot and runtime operation
CN106462707B (en) * 2014-04-28 2019-06-14 英特尔公司 Safety guidance calculates equipment
US9710651B2 (en) * 2015-04-10 2017-07-18 Vixs Systems Inc. Secure processor for SoC initialization

Also Published As

Publication number Publication date
FR3075420A1 (en) 2019-06-21

Similar Documents

Publication Publication Date Title
ZA202300583B (en) Video encoding and decoding
EP2767923A3 (en) Robust malware detector
AU2019101570A4 (en) Data storage, data check, and data linkage method and apparatus
PH12017550118A1 (en) Management of commitments and requests extracted from communications and content
MY188579A (en) Parking space line detection method and device
RU2017105145A (en) SUBSCRIBE TO GEOZONING NOTIFICATIONS
MX2018003806A (en) Media content matching and indexing.
RU2015106596A (en) METHOD FOR WORKING A VEHICLE IN A SEMI-AUTONOMOUS MODE
MX2017016784A (en) Combined method for detecting anomalies in a water distribution system.
PH12017501303A1 (en) System and methods for providing information for an on-demand service
RU2015140802A (en) DETECTION OF VEHICLE WEDGE AT CLOSE DISTANCE AT LOW SPEED
TW201614420A (en) Content dependent display variable refresh rate
MX2017012250A (en) System and method of underground water detection.
MX359189B (en) Method, apparatus and system for determining disturbing telephone number.
MY178689A (en) Automatic detection of teeth clenching and/or teeth grinding
RU2014139203A (en) System and method for calculating the interval for redefining network resource categories
BR112021006491A2 (en) oil field system
RU2016121598A (en) METHOD AND DEVICE FOR PROCESSING REQUIREMENTS
GB2569741A (en) Guardian system in a network to improve situational awareness of a crowd at an incident
RU2016148640A (en) WEB ACCESSIBILITY IMPROVEMENT
MX2013001168A (en) System and method for determining a lubricant discard interval.
IN2015CH03249A (en)
WO2017056089A3 (en) Method and a system for identifying reflective surfaces in a scene
TW201612491A (en) Stereo camera and automatic range finding method for measuring a distance between stereo camera and reference plane
EP3159822A3 (en) Systems and methods for optimizing antivirus determinations

Legal Events

Date Code Title Description
PLFP Fee payment

Year of fee payment: 2

PLSC Publication of the preliminary search report

Effective date: 20190621

PLFP Fee payment

Year of fee payment: 3

PLFP Fee payment

Year of fee payment: 4

PLFP Fee payment

Year of fee payment: 5

PLFP Fee payment

Year of fee payment: 6

PLFP Fee payment

Year of fee payment: 7