TW202102999A - Rpmc flash emulation - Google Patents

Rpmc flash emulation Download PDF

Info

Publication number
TW202102999A
TW202102999A TW108142984A TW108142984A TW202102999A TW 202102999 A TW202102999 A TW 202102999A TW 108142984 A TW108142984 A TW 108142984A TW 108142984 A TW108142984 A TW 108142984A TW 202102999 A TW202102999 A TW 202102999A
Authority
TW
Taiwan
Prior art keywords
controller
flash memory
host
platform module
volatile memory
Prior art date
Application number
TW108142984A
Other languages
Chinese (zh)
Other versions
TWI728572B (en
Inventor
赫詩曼 日弗
摩瑞 丹
亞隆 摩西
Original Assignee
新唐科技股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US16/503,501 external-priority patent/US10846438B2/en
Application filed by 新唐科技股份有限公司 filed Critical 新唐科技股份有限公司
Publication of TW202102999A publication Critical patent/TW202102999A/en
Application granted granted Critical
Publication of TWI728572B publication Critical patent/TWI728572B/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/0223User address space allocation, e.g. contiguous or non contiguous base addressing
    • G06F12/023Free address space management
    • G06F12/0238Memory management in non-volatile memory, e.g. resistive RAM or ferroelectric memory
    • G06F12/0246Memory management in non-volatile memory, e.g. resistive RAM or ferroelectric memory in block erasable memory, e.g. flash memory
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)
  • Information Transfer Systems (AREA)

Abstract

A controller includes a host interface and a processor. The host interface is configured for communicating with a host. The processor is configured to receive from the host, via the host interface, instructions for execution in a Non-Volatile Memory (NVM), to identify among the instructions an instruction, which pertains to a secure monotonic counter and is intended for execution in an NVM having a secure monotonic counter embedded therein, and to execute the identified instruction, and respond to the host responsively to the instruction, instead of the NVM.

Description

具有快閃記憶體仿真功能之控制器及其控制方法Controller with flash memory simulation function and its control method

本發明係有關於安全計算環境,特別是有關於一種用於仿真(emulate)具有嵌入式安全單向性計數器快閃記憶體之方法以及系統。The present invention relates to a secure computing environment, and particularly relates to a method and system for emulating a flash memory with an embedded secure one-way counter.

個人電腦(PC)平台通常使用串列快閃記憶體來儲存非揮發性資料,例如,基本輸入輸出系統(BIOS)程式碼。在一些情況下串列快閃記憶體亦提供永久儲存功能以支援重要的功能,例如安全以及電源管理。Personal computer (PC) platforms usually use serial flash memory to store non-volatile data, such as basic input output system (BIOS) code. In some cases, serial flash memory also provides permanent storage to support important functions, such as security and power management.

為了符合安全需求,快閃記憶體裝置可包含一個或多個重放保護單向性計數器(replay protection monotonic counter, RPMC),其耦接密鑰以及適當的軟體,用以保護快閃記憶體防範未經授權操作,例如重放攻擊(replay attack)。In order to meet security requirements, the flash memory device may include one or more replay protection monotonic counters (RPMC), which are coupled to a key and appropriate software to protect the flash memory against Unauthorized operations, such as replay attacks.

目前本技術領域已知有多種使用單向性計數器的安全技術,例如美國專利案號9,405,707,其描述一種系統包含一快閃記憶體裝置,其包含一單向性計數器以及一主機裝置,該主機裝置與快閃記憶體裝置耦接並可進行通訊,用以產生鑑別憑證、使用此鑑別憑證以及一裝置金鑰產生的第一簽章,從快閃記憶體裝置之單向性計數器要求一數值,從單向性計數器接收此數值以及從快閃記憶體裝置接收此鑑別憑證,再傳送一指令以及上述裝置金鑰產生之第二簽章以增加快閃記憶體之單向性計數器之數值。其中快閃記憶體裝置可用自己的金鑰驗證上述從單向性計數器要數值的要求以及指令,以增加單向性計數器。At present, there are a variety of security technologies using one-way counters known in the art. For example, US Patent No. 9,405,707 describes a system including a flash memory device, which includes a one-way counter and a host device. The device is coupled to the flash memory device and can communicate with each other to generate an authentication certificate, use the authentication certificate and the first signature generated by a device key, and request a value from the one-way counter of the flash memory device , Receive this value from the one-way counter and receive the authentication certificate from the flash memory device, and then send a command and the second signature generated by the device key to increase the value of the one-way counter of the flash memory. The flash memory device can use its own key to verify the above-mentioned requirements and instructions from the one-way counter to increase the one-way counter.

為解決上述問題,本發明提供一種控制器,其包含: 一主機介面,用以與一主機進行通訊;以及一處理器,用以透過該主機介面從該主機接收在一非揮發性記憶體(NVM)執行的多個指令,在該多個指令之中識別初一有關於安全單向性計數器且在嵌有安全單向性計數器之一NVM中執行的指令,以及執行該所識別之指令,並取代該NVM向該主機回應該所識別之指令。To solve the above problems, the present invention provides a controller, which includes: a host interface for communicating with a host; and a processor for receiving a non-volatile memory from the host through the host interface ( NVM) a plurality of instructions executed, identifying among the plurality of instructions the first instruction related to the safety one-way counter and executed in the NVM embedded with the safety one-way counter, and executing the identified instruction, And instead of the NVM, respond to the recognized command to the host.

根據一實施例,控制器,更包含一記憶體介面,而處理器係透過該記憶體介面與一不具有嵌入式安全單向性計數器的NVM進行通訊,以及將該所識別之指令以外的該指令轉送至該NVM以執行。根據一實施例,當處理器執行該所識別之指令時,該處理器係覆蓋一晶片選擇(CS)訊號,該主機係將該晶片選擇訊號設定有效以選擇該NVM。根據一實施例,處理器係藉由攔截一晶片選擇訊號以接收試圖存取該NVM之指令,該主機係將該晶片選擇訊號設定有效以選擇該NVM。According to one embodiment, the controller further includes a memory interface, and the processor communicates with an NVM that does not have an embedded secure one-way counter through the memory interface, and the instructions other than the recognized instruction The instructions are forwarded to the NVM for execution. According to one embodiment, when the processor executes the identified instruction, the processor overrides a chip select (CS) signal, and the host sets the chip select signal to be valid to select the NVM. According to one embodiment, the processor intercepts a chip selection signal to receive an instruction that attempts to access the NVM, and the host sets the chip selection signal to be valid to select the NVM.

根據一實施例,處理器係用以與一信任平台模組(TPM)結合執行該所識別之指令。根據一實施例,信任平台模組係整合在該控制器中。根據一實施例,信任平台模組係位於該控制器外部,該控制器更包含一信任平台模組介面用以與該信任平台模組進行通訊。根據一實施例,信任平台模組係位於該控制器外部且係連接至該主機,該處理器係透過該主機介面與該信任平台模組進行通訊。According to one embodiment, the processor is used to execute the identified instruction in combination with a trusted platform module (TPM). According to an embodiment, the trust platform module is integrated in the controller. According to one embodiment, the trusted platform module is located outside the controller, and the controller further includes a trusted platform module interface for communicating with the trusted platform module. According to one embodiment, the trusted platform module is located outside the controller and connected to the host, and the processor communicates with the trusted platform module through the host interface.

根據一實施例,所識別之指令係符合一重放保護單向性計數器(replay-protected monotonic counter, RPMC)規範,該處理器係根據該RPMC規範用以執行該所識別之指令。According to one embodiment, the identified instruction complies with a replay-protected monotonic counter (RPMC) specification, and the processor is used to execute the identified instruction according to the RPMC specification.

本發明再提供一種控制方法,其包含:在一控制器中,從一主機接收用以在一非揮發性記憶體(NVM)中執行的多個指令;從該多個指令中識別出一與安全單向性計數器有關且試圖在一嵌有安全單向性計數器之NVM中執行的指令;以及由該控制器代替該NVM執行該所識別之指令。The present invention further provides a control method, which includes: in a controller, receiving a plurality of instructions for execution in a non-volatile memory (NVM) from a host; and identifying an AND from the plurality of instructions The safe one-way counter is related to an instruction that is attempting to be executed in an NVM embedded with a safe one-way counter; and the controller replaces the NVM to execute the identified instruction.

以下將配合圖式及實施例來詳細說明本發明之實施方式,藉此對本發明如何應用技術手段來解決技術問題並達成技術功效的實現過程能充分理解並據以實施。The following describes the implementation of the present invention in detail with the drawings and embodiments, so as to fully understand and implement the implementation process of how the present invention uses technical means to solve technical problems and achieve technical effects.

當在此使用時,除非文中另行明確地表示,否則「一」、「該」、「此」等單數型式亦旨在包含複數型式。圖式中相似之參考符號代表相似之元件。When used here, unless expressly stated otherwise in the text, singular forms such as "one", "the", and "this" are also intended to include plural forms. Similar reference symbols in the drawings represent similar components.

非揮發性記憶體(NVM)裝置,例如快閃記憶體,可用於儲存電腦系統使用的啟動代碼或其他敏感資訊,其為敏感資訊而有電腦駭客會嘗試駭入。傳統NVM提供非常低程度的保護,例如NVM之區段有防寫保護。 RPMC規範包含一寫入256位元之“根金鑰"的指令。根金鑰係儲存在快閃記憶體而不可從外部讀取。 經驗證的指令以及回應係使用雜湊值訊息驗證碼(Hash Message Authentication Code, HMAC)金鑰簽章。可使用HMAC驗證此簽章。 HMAC金鑰係儲存在快閃記憶體內且不可透過測試模式讀取。經驗證的"HMAC金鑰更新指令"可用於衍生一256位元之HMAC金鑰。Non-volatile memory (NVM) devices, such as flash memory, can be used to store startup codes or other sensitive information used by the computer system. It is sensitive information and computer hackers will try to hack into it. Traditional NVM provides a very low degree of protection. For example, NVM sections are protected against write. The RPMC specification includes a command to write a 256-bit "root key". The root key is stored in flash memory and cannot be read from the outside. Verified commands and responses are signed with Hash Message Authentication Code (HMAC) keys. You can use HMAC to verify this signature. The HMAC key is stored in the flash memory and cannot be read through the test mode. The verified "HMAC key update command" can be used to derive a 256-bit HMAC key.

安全單向性計數器之示例係為重放保護單向性計數器(replay protected monotonic counter, RPMC)。 英特爾2013年修訂版0.7之“Serial Flash harden Product External Architecture Specification( EAS)"規範(文件編號:328802-001EN)有描述RPMC規範,其包含架構以及指令集。其做為參考文獻通過引用併入本文。An example of a safe one-way counter is a replay protected monotonic counter (RPMC). Intel's 2013 revision 0.7 "Serial Flash harden Product External Architecture Specification (EAS)" specification (document number: 328802-001EN) describes the RPMC specification, which includes the architecture and instruction set. It is incorporated herein by reference as a reference.

RPMC規範包含一寫入256位元之“根金鑰”的指令。此根金鑰係儲存在快閃記憶體內且不可從外部讀取。根金鑰只能在系統製造期間一次性編程。32位元單向性計數器係與根金鑰相關。不管根金鑰的值為何,當有效256位元寫入根金鑰操作執行時,32位元單向性計數器會初始化為零。The RPMC specification includes a command to write a 256-bit "root key". This root key is stored in flash memory and cannot be read from outside. The root key can only be programmed once during system manufacturing. The 32-bit one-way counter is related to the root key. Regardless of the value of the root key, the 32-bit one-way counter will be initialized to zero when the effective 256-bit write to the root key operation is performed.

經過驗證的指令以及回應係為使用雜湊訊息驗證碼金鑰(HMAC Key)簽章的指令以及回應。 可使用HMAC驗證此簽章。HMAC金鑰係儲存在快閃記憶體內且不可透過測試模式讀取,一經過驗證的"HMAC金鑰更新指令"可用於衍生一256位元HMAC金鑰。 HMAC金鑰係使用HMAC-SHA-256在從根金鑰以及在此指令期間供應的金鑰資料所取得。因此,此指令會執行兩個HMAC-SHA-256操作,其中一個用於取得HMAC金鑰,而另一個用於驗證簽章。The verified commands and responses are the commands and responses signed with the hash message verification code key (HMAC Key). You can use HMAC to verify this signature. The HMAC key is stored in the flash memory and cannot be read through the test mode. A verified "HMAC key update command" can be used to derive a 256-bit HMAC key. The HMAC key is obtained using HMAC-SHA-256 from the root key and the key data supplied during this command. Therefore, this command will perform two HMAC-SHA-256 operations, one of which is used to obtain the HMAC key, and the other is used to verify the signature.

其他經過驗證的指令係用於支援增加以及讀取RPMC計數器。RPMC規範要求四個計數器之最小相關資源,例如支援根金鑰暫存器(root key register)以及HMAC金鑰暫存器(HMAC key register)。上述英特爾RPMC規範之2.1段落中有列出RPMC指令之清單。Other verified commands are used to support incrementing and reading RPMC counters. The RPMC specification requires the minimum related resources of the four counters, such as supporting root key register and HMAC key register. There is a list of RPMC instructions in paragraph 2.1 of the above Intel RPMC specification.

本發明的實施例係揭露一種方法以及系統,其使用一非安全性快閃記憶體以及一控制器以仿真(emulate)一具有嵌入式單向性計數器的安全性NVM(例如,支援RPMC之快閃記憶體)。控制器位於非安全性快閃記憶體之外部,且可為一嵌入控制器(EC)、一基板管理控制器(BMC)、一超級輸入輸出(super I/O)控制器、或是其他任何適合控制器。 在一實施例中,運算系統包含一控制器,其與一主機以及一非安全性快閃記憶體(例如,傳統串列式快閃記憶體裝置)進行通訊。主機執行快閃記憶體指令,包含存取儲存在快閃記憶體中之資料的指令、以及安全相關的指令(例如RPMC指令)。 控制器配合非安全性快閃記憶體進行操作,以對仿真(emulate)一面向該主機的安全性快閃記憶體。Embodiments of the present invention disclose a method and system that use a non-secure flash memory and a controller to emulate a secure NVM with an embedded one-way counter (for example, support RPMC fast Flash memory). The controller is located outside the non-secure flash memory, and can be an embedded controller (EC), a baseboard management controller (BMC), a super input output (super I/O) controller, or any other Suitable for controllers. In one embodiment, the computing system includes a controller that communicates with a host and a non-secure flash memory (for example, a traditional serial flash memory device). The host executes flash memory commands, including commands for accessing data stored in the flash memory, and safety-related commands (such as RPMC commands). The controller cooperates with the non-secure flash memory to operate to emulate a secure flash memory facing the host.

雖然下列說明主要參考RPMC,但本發明之技術適用其他嵌在NVM中的任何適合類型之安全單向性計數器。雖然下列說明主要參考串列式快閃記憶體(serial Flash),但是本發明之技術適用其他任何適合類型之NVM。 以下對串列式快閃記憶體以及RPMC的說明僅是示例,而非為限制本發明。Although the following description mainly refers to RPMC, the technology of the present invention is applicable to any suitable type of secure one-way counter embedded in NVM. Although the following description mainly refers to serial flash memory, the technology of the present invention is applicable to any other suitable type of NVM. The following description of serial flash memory and RPMC is only an example, and is not intended to limit the present invention.

為了方便起見,以下內容會將支援安全功能的快閃記憶體稱為安全性快閃記憶體(Secure-Flash),而不支援安全功能的快閃記憶體稱為非安全性快閃記憶體(non-Secure-Flash)。進一步,以下內容會將支援RPMC的安全性快閃記憶體稱為RPMC快閃記憶體(RPMC-Flash),而不支援RPMC之快閃記憶體稱為非RPMC快閃記憶體(non-RPMC-Flash)。For the sake of convenience, the following content will refer to the flash memory that supports the security function as secure flash memory (Secure-Flash), and the flash memory that does not support the security function as non-secure flash memory (non-Secure-Flash). Furthermore, the following content refers to the security flash memory that supports RPMC as RPMC flash memory (RPMC-Flash), and the flash memory that does not support RPMC as non-RPMC flash memory (non-RPMC- Flash).

在一實施例中,運算系統包含一控制器,其與主機以及非安全性快閃記憶體(例如非安全性快閃記憶體)進行通訊。 主機執行快閃記憶體指令,其包含存取儲存在快閃記憶體中的資料的指令、以及存取安全相關的指令(例如RPMC指令)。控制器配合非安全性快閃記憶體進行操作以仿真一面向對主機的安全性快閃記憶體。 例如,在一個包含一非安全性快閃記憶體以及一控制器的系統中,主機可發布一增加單向性計數器之指令,由RPMC-Flash執行。控制器可攔截此指令,以及面對主機通透地(transparent)代替快閃記憶體執行此指令。In one embodiment, the computing system includes a controller that communicates with the host and non-secure flash memory (for example, non-secure flash memory). The host executes flash memory commands, which include commands for accessing data stored in the flash memory and accessing security-related commands (such as RPMC commands). The controller cooperates with the non-secure flash memory to operate to simulate a host-oriented security flash memory. For example, in a system that includes a non-secure flash memory and a controller, the host can issue an instruction to increase the one-way counter, which is executed by the RPMC-Flash. The controller can intercept this command, and transparently replace the flash memory to execute the command facing the host.

在一些實施例中,控制器包含一主機介面用以與主機進行通訊;以及一處理器用於透過主機介面從主機接收多個在安全性快閃記憶體中執行的指令。處理器會識別出安全相關的快閃記憶體指令(例如RPMC指令),並執行此些安全相關指令中的至少一些,以回應主機。 非安全性快閃記憶體可執行主機發出的非安全相關指令。In some embodiments, the controller includes a host interface for communicating with the host; and a processor for receiving a plurality of commands executed in the secure flash memory from the host through the host interface. The processor recognizes safety-related flash memory commands (such as RPMC commands), and executes at least some of these safety-related commands in response to the host. The non-secure flash memory can execute non-secure related commands issued by the host.

根據本發明的其他實施例,運算系統包含一非安全性快閃記憶體裝置,此控制器包含一快閃記憶體介面單元耦接於非安全性快閃記憶體,在此組態中,經由控制器連接至主機的快閃記憶體係稱為從屬附加快閃記憶體(slave-attached-flash, SAF)。 處理器透過主機介面單元從主機接收多個快閃記憶體指令。 處理器執行安全相關的指令,並經由快閃記憶體介面傳送非安全相關的指令(non-security-related instruction)至非安全性快閃記憶體中執行。 處理器接著透過主機介面單元回應主機。According to other embodiments of the present invention, the computing system includes a non-secure flash memory device, and the controller includes a flash memory interface unit coupled to the non-secure flash memory. In this configuration, via The flash memory system in which the controller is connected to the host is called slave-attached-flash (SAF). The processor receives a plurality of flash memory commands from the host through the host interface unit. The processor executes safety-related instructions, and transmits non-security-related instructions to the non-security-related flash memory for execution via the flash memory interface. The processor then responds to the host through the host interface unit.

在一些實施例中,主機透過串列匯流排,例如序列周邊介面(SPI)或是延伸增強序列週邊設備介面(eSPI),與控制器進行通訊;串列匯流排包含,例如,双向資料線、時脈線以及複數條晶片選擇(CS)線。對應每一裝置的CS線係連接至串列匯流排。 被主機設定有效以與一安全性快閃記憶體進行通訊的CS線係連接至控制器,並藉由控制器轉達(relay)CS訊號至一非安全性快閃記憶體。針對非安全相關的指令,控制器將此CS訊號轉達至快閃記憶體;針對安全相關的指令(例如RPMC指令),控制器會對非安全性快閃記憶體覆蓋此CS訊號。In some embodiments, the host communicates with the controller through a serial bus, such as a serial peripheral interface (SPI) or an extended enhanced serial peripheral interface (eSPI); the serial bus includes, for example, a bidirectional data line, Clock line and multiple chip select (CS) lines. The CS line corresponding to each device is connected to the serial bus. The CS line, which is set valid by the host to communicate with a secure flash memory, is connected to the controller, and the CS signal is relayed to a non-secure flash memory through the controller. For non-safety-related commands, the controller transfers this CS signal to the flash memory; for safety-related commands (such as RPMC commands), the controller overwrites the CS signal on the non-safety flash memory.

根據本發明之其他實施例,非安全性快閃記憶體係透過SPI匯流排或是eSPI匯流排連接至主機,而主機為了與一安全性快閃記憶體進行通訊而產生的CS訊號係連接至非安全性快閃記憶體之CS輸入端。 然而,非安全性快閃記憶體不會回應安全相關指令,其表示非安全性快閃記憶體無法執行安全相關指令。 控制器會攔截(intercept)主機傳送至快閃記憶體的CS訊號,並檢查此指令類型。控制器將執行快閃記憶體無法執行的指令。According to other embodiments of the present invention, the non-secure flash memory system is connected to the host through an SPI bus or an eSPI bus, and the CS signal generated by the host to communicate with a secure flash memory is connected to the non-secure flash memory. CS input terminal of security flash memory. However, the non-secure flash memory does not respond to safety-related commands, which means that the non-secure flash memory cannot execute safety-related commands. The controller will intercept the CS signal sent from the host to the flash memory and check the command type. The controller will execute commands that the flash memory cannot execute.

在一些實施例中,執行安全相關指令之操作包含處理安全功能,例如進行安全簽章(security-signing)或是驗證安全簽章(verification of a security signature)。在一實施例中,主機包含一信任平台模組(TPM)。 信任平台模組係為一安全加密處理的國際標準(ISO/IEC11889),其專用於微控制器設計以使用整合加密金鑰保護硬體安全。 控制器以及信任平台模組可共用一用於致能控制器與信任平台模組之間通訊的機密資料。控制器可處理主機使用信任平台模組作為具有安全連結之安全NV儲存單元而發出的安全相關指令。In some embodiments, the operation of executing security-related instructions includes processing security functions, such as security-signing or verification of a security signature. In one embodiment, the host includes a Trusted Platform Module (TPM). The Trusted Platform Module is an international standard (ISO/IEC11889) for secure encryption processing, which is specifically designed for microcontrollers to use integrated encryption keys to protect hardware security. The controller and the trusted platform module can share a confidential data for enabling communication between the controller and the trusted platform module. The controller can process security-related commands issued by the host using the trusted platform module as a secure NV storage unit with secure connections.

在本發明的一些實施例中,控制器包含一信任平台模組,而控制器與信任平台模組之間的通訊係以本來就安全的方式(或是至少比晶片間(I2C)通訊還安全的方式)在晶片內完成。In some embodiments of the present invention, the controller includes a trusted platform module, and the communication between the controller and the trusted platform module is inherently secure (or at least more secure than inter-chip (I2C) communication) The way) is completed in the wafer.

在其他的實施例,控制器不包含用於信任平台模組(TPM)的介面,而是透過主機與信任平台模組進行通訊。 為了存取信任平台模組,控制器傳送一要求至主機,主機將要求轉達至信任平台模組。當信任平台模組有回應,主機接收此回應並將其傳送至控制器。In other embodiments, the controller does not include an interface for the trusted platform module (TPM), but communicates with the trusted platform module through the host. In order to access the trusted platform module, the controller sends a request to the host, and the host relays the request to the trusted platform module. When the trusted platform module has a response, the host receives the response and sends it to the controller.

在本發明之一些實施例中,由控制器代替安全性快閃記憶體執行的安全相關指令包含RPMC指令,其由RPMC規範或是其一部分所定義。In some embodiments of the present invention, the safety-related instructions executed by the controller instead of the safety flash memory include RPMC instructions, which are defined by or part of the RPMC specification.

能遵守上述RPMC規範的快閃記憶體裝置係稱為RPMC快閃記憶體,其包含唯一控制(unique control)、狀態以及組態暫存器以及機制。RPMC快閃記憶體裝置係回應多個專用RPMC指令。控制器仿真此RPMC指令,並當偵測到RPMC指令時,控制器可覆蓋非RPMC快閃記憶體之CS訊號。 除此之外,控制器可包含一快閃記憶體忙碌暫存器(flash busy register)用於覆蓋非安全性快閃記憶體之快閃記憶體忙碌訊號、一快閃記憶體延伸狀態暫存器用於仿真RPMC之延伸狀態暫存器、以及一串列式快閃記憶體可發現參數(serial flash discoverable parameter, SFDP)結構。The flash memory device that can comply with the above-mentioned RPMC specification is called RPMC flash memory, which includes unique control, status and configuration registers and mechanisms. RPMC flash memory devices respond to multiple dedicated RPMC commands. The controller emulates this RPMC command, and when the RPMC command is detected, the controller can overwrite the CS signal of the non-RPMC flash memory. In addition, the controller can include a flash busy register to cover the flash busy signal of non-secure flash memory, and a flash memory extended state temporary storage The device is used to simulate the extended state register of RPMC and a serial flash discoverable parameter (SFDP) structure.

控制器亦可包含RPMC快閃記憶體所要求之一部分快閃記憶體暫存器以及一些擴充資料之記憶體快取(例如鏡射),記憶體快取可代表快閃記憶體進行回應。The controller may also include a part of the flash register required by the RPMC flash memory and some memory caches for extended data (such as mirroring). The memory cache can respond on behalf of the flash memory.

在一些實施例中,快閃記憶體可包含一些但非所有定義在RPMC規範的RPMC功能,例如快閃記憶體可實現規範定義之四個RPMC計數器中的兩個;控制器可仿真其他漏掉的功能。In some embodiments, the flash memory may include some but not all of the RPMC functions defined in the RPMC specification. For example, the flash memory may implement two of the four RPMC counters defined in the specification; the controller may emulate the others. Function.

因此,本發明的實施例可包含一控制器以及一信任平台模組;並對於不包含安全性快閃記憶體的系統,本發明的實施例可提供安全性快閃記憶體之仿真。在一些實施例中,信任平台模組係為一分離的模組;然而,在其他的實施例中,信任平台模組可嵌入於控制器中。 在一些實施例中,主機直接耦接非安全性快閃記憶體;在其他的實施例中,例如在一從屬附加快閃記憶體組態(slave-attached-flash configuration),非安全性快閃記憶體係經由控制器連接至主機。Therefore, the embodiment of the present invention can include a controller and a trusted platform module; and for a system that does not include a secure flash memory, the embodiment of the present invention can provide a secure flash memory emulation. In some embodiments, the trusted platform module is a separate module; however, in other embodiments, the trusted platform module can be embedded in the controller. In some embodiments, the host is directly coupled to the non-secure flash memory; in other embodiments, for example, in a slave-attached-flash configuration, the non-secure flash memory is The memory system is connected to the host via the controller.

雖然上述RPMC規範之範例係有關串列式快閃記憶體中RPMC之特殊規範,但可以理解的是本發明的實施例不限於此規範,並可用於任何適合的串列式快閃記憶體、並列式快閃記憶體、或是其他任何類型NVM的RPMC規範。Although the above-mentioned example of the RPMC specification is related to the special specification of RPMC in serial flash memory, it is understood that the embodiments of the present invention are not limited to this specification and can be used for any suitable serial flash memory, Parallel flash memory, or any other type of RPMC specification for NVM.

在一些實施例中,例如,當快閃記憶體支援被要求之RPMC架構之一子集合時,中央處理單元發出的一些指令之執行可由非安全性快閃記憶體以及控制器聯合完成。In some embodiments, for example, when the flash memory supports a subset of the required RPMC architecture, the execution of some commands issued by the central processing unit can be performed jointly by the non-secure flash memory and the controller.

系統說明systems mannual

第1圖係根據本發明的第一實施例示意性繪示具有附屬附加快閃記憶體(SAF)組態之運算系統100的方塊圖。 運算系統包含一主機102用以執行軟體指令,此指令包含與安全性快閃記憶體裝置(例如,具有重放保護單向性計數器(RPCM)的快閃記憶體裝置)安全存取相關的指令。 一信任平台模組104,用以實現安全功能;一非安全性快閃記憶體106,其不支援一些或是所有主機發布至快閃記憶體裝置的指令; 以及一控制器108,用以仿真主機發出之快閃記憶體安全功能。FIG. 1 is a block diagram schematically showing a computing system 100 with an attached additional flash memory (SAF) configuration according to the first embodiment of the present invention. The computing system includes a host 102 for executing software commands. The commands include commands related to the safe access of a secure flash memory device (for example, a flash memory device with a replay protection unidirectional counter (RPCM)) . A trusted platform module 104 for implementing security functions; a non-secure flash memory 106 that does not support some or all commands issued by the host to the flash memory device; and a controller 108 for emulation The flash memory security function issued by the host.

在第1圖所示之實施例中,主機在SPI匯流排上與信任平台模組(TPM)進行通訊,而並在eSPI匯流排上與控制器進行通訊。控制器在I2C匯流排上與信任平台模組進行通訊,而在SPI匯流排上與快閃記憶體進行通訊。 可以理解的是,本發明之其他實施例可使用其他任何適合匯流排,例如串列式或是並列式匯流排。In the embodiment shown in Figure 1, the host communicates with the Trusted Platform Module (TPM) on the SPI bus, and communicates with the controller on the eSPI bus. The controller communicates with the trusted platform module on the I2C bus, and communicates with the flash memory on the SPI bus. It can be understood that other embodiments of the present invention can use any other suitable bus, such as a serial bus or a parallel bus.

第1圖之示例實施例中,快閃記憶體係附加於一控制器,且由控制器完與快閃記憶體的所有通訊。此組態係稱為從屬附加快閃記憶體(SAF)組態。In the exemplary embodiment shown in Figure 1, the flash memory system is attached to a controller, and all communications with the flash memory are completed by the controller. This configuration is called a slave attached flash memory (SAF) configuration.

主機所執行的有關於存取快閃記憶體的一些指令包含快閃記憶體讀/寫功能以及快閃記憶體安全功能(例如RPMC指令)。 在以下說明內容,所有有關於存取快閃記憶體的指令係稱為快閃記憶體指令。Some commands executed by the host to access the flash memory include flash memory read/write functions and flash memory security functions (such as RPMC commands). In the following description, all instructions related to access to flash memory are called flash memory instructions.

控制器之詳細方塊圖係繪製於第1圖之下方。控制器包含處理器110;主機介面112,其用以與主機102以及處理器110之間的通訊,且包含一eSPI端口(eSPI port);一I2C端口114,其用於信任平台模組104以及處理器110之間的通訊; 以及一SPI端口(SPI port)116,其用以快閃記憶體106以及處理器110之間的通訊。The detailed block diagram of the controller is drawn below the first figure. The controller includes a processor 110; a host interface 112, which is used to communicate with the host 102 and the processor 110, and includes an eSPI port (eSPI port); an I2C port 114, which is used to trust the platform module 104, and The communication between the processors 110; and an SPI port 116, which is used for the communication between the flash memory 106 and the processor 110.

主機執行快閃記憶體指令以及非快閃記憶體指令。為了執行快閃記憶體指令,主機係在eSPI匯流排上與快閃記憶體裝置進行通訊。 在第1圖之示例性SAF組態中,控制器接收且回應主機發出之快閃記憶體指令。The host executes flash memory commands and non-flash memory commands. In order to execute flash memory commands, the host communicates with the flash memory device on the eSPI bus. In the exemplary SAF configuration in Figure 1, the controller receives and responds to flash memory commands issued by the host.

在控制器108中,處理器110經由主機介面112接收快閃記憶體指令。處理器可將一些指令導向非安全性快閃記憶體106,由其直接執行。處理器執行其他指令,例如非安全性快閃記憶體無法執行的指令。其他指令之執行可能會需要存取非安全性快閃記憶體,以及經由I2C端口104存取信任平台模組104。In the controller 108, the processor 110 receives flash memory commands via the host interface 112. The processor can direct some instructions to the non-secure flash memory 106 for direct execution. The processor executes other instructions, such as instructions that cannot be executed by non-secure flash memory. The execution of other commands may require access to non-secure flash memory and access to the trusted platform module 104 via the I2C port 104.

處理器可藉由回傳任何所要求的資料至主機,及/或回傳一指令執行完成的指示,以結束一些快閃記憶體指令。The processor can end some flash memory commands by returning any required data to the host, and/or returning an instruction to complete the execution of the command.

綜上所述,根據第1圖繪示之示例實施例,運算系統可包含一不支援一些安全功能的附屬附加快閃記憶體,其經由控制器連接至主機。 控制器與快閃記憶體以及信任平台模組進行通訊,並通透(transparently)至主機,直接執行或是結合非安全性快閃記憶體及/或信任平台模組執行所有快閃記憶體指令。 因此,本發明之運算系統可實現安全性快閃記憶體功能,其成本比具有快閃記憶體以實現所有快閃記憶體指令之運算系統更低。In summary, according to the exemplary embodiment shown in FIG. 1, the computing system may include an auxiliary flash memory that does not support some security functions, which is connected to the host via the controller. The controller communicates with the flash memory and the trusted platform module, and transparently to the host, executes all flash memory commands directly or in combination with the non-secure flash memory and/or the trusted platform module . Therefore, the computing system of the present invention can implement a secure flash memory function, and its cost is lower than that of a computing system that has a flash memory to implement all flash memory instructions.

第2圖係根據本發明之第二實施例示意性繪示具有主機附加快閃記憶體組態(configuration)之運算系統200之方塊圖。 運算系統包含主機202,其用以執行包含快閃記憶體指令之軟體指令; 一信任平台模組(TPM)204,其用以實現安全功能;一快閃記憶體(在以下內容稱為非安全性快閃記憶體)206,其不支援主機發出給快閃記憶體裝置的一些或是所有指令; 一控制器208,其用以仿真主機202發出要求之快閃記憶體安全功能。FIG. 2 is a block diagram schematically showing a computing system 200 with a host-attached flash memory configuration according to the second embodiment of the present invention. The computing system includes a host 202, which is used to execute software commands including flash memory commands; a trusted platform module (TPM) 204, which is used to implement security functions; and a flash memory (hereinafter referred to as non-secure Flash memory) 206, which does not support some or all commands issued by the host to the flash memory device; a controller 208, which is used to emulate the flash memory security function requested by the host 202.

在第2圖之示例實施例,主機202係在SPI匯流排上與信任平台模組204、控制器208以及非安全性快閃記憶體206進行通訊。可以理解的是,其他實施例可使用其他任何適合匯流排,例如串列式或是並列式匯流排。In the example embodiment in FIG. 2, the host 202 communicates with the trusted platform module 204, the controller 208, and the non-secure flash memory 206 on the SPI bus. It can be understood that other embodiments may use any other suitable bus, such as a serial bus or a parallel bus.

在第2圖之示例實施例,非安全性快閃記憶體206可接收所有快閃記憶體通訊資料; 然而,非安全性快閃記憶體206僅回應其能支援的指令。 例如,若主機202發出一RPMC指令,非安全性快閃記憶體206不支援RPMC指令,則非安全性快閃記憶體206會忽視此指令。In the example embodiment in FIG. 2, the non-secure flash memory 206 can receive all flash memory communication data; however, the non-secure flash memory 206 only responds to commands that it can support. For example, if the host 202 issues an RPMC command and the non-secure flash memory 206 does not support the RPMC command, the non-secure flash memory 206 will ignore this command.

控制器208的詳細方塊圖係繪示於第2圖之下方。控制器208包含一處理器210; 一主機介面212,其用於主機202以及處理器210之間的通訊;以及一I2C端口214,其用於信任平台模組204以及控制器208之間的通訊。The detailed block diagram of the controller 208 is shown at the bottom of FIG. 2. The controller 208 includes a processor 210; a host interface 212 for communication between the host 202 and the processor 210; and an I2C port 214 for communication between the trust platform module 204 and the controller 208 .

為了執行快閃記憶體指令,主機202係在SPI匯流排上與安全性快閃記憶體裝置進行通訊。 當與安全性快閃記憶體進行通訊時,主機202將晶片選擇(CS)線設定有效(assert),且此晶片選擇線(第2圖中以Flash CS表示)係連接至非安全性快閃記憶體206以及控制器208。當主機202發出非安全性快閃記憶體206不支援的一安全相關的指令時,控制器208會讀取並執行此安全相關指令。In order to execute flash memory commands, the host 202 communicates with the security flash memory device on the SPI bus. When communicating with the secure flash memory, the host 202 sets the chip select (CS) line to assert, and the chip select line (indicated by Flash CS in Figure 2) is connected to the non-secure flash The memory 206 and the controller 208. When the host 202 issues a safety-related command that is not supported by the non-secure flash memory 206, the controller 208 reads and executes the safety-related command.

在控制器208中,主機介面212係連接至SPI匯流排,其包含上述的CS線。 處理器210經由主機介面212接收所有來自主機202的快閃記憶體指令。 若處理器210識別出非安全性快閃記憶體206無法執行所接收的指令,例如RPMC指令,則處理器210將執行此指令。當非安全性快閃記憶體206無法執行的指令進行執行時,可能會經由I2C端口104存取信任平台模組204。 例如,若信任平台模組204中有一些RPMC計數器而主機202發出一讀RPCM指令,則處理器210將經由I2C端口214存取信任平台模組204,並要求信任平台模組204回傳儲存在RPCM計數器中的數值。 處理器210接著經由主機介面212回傳所要求到的資料給主機202。In the controller 208, the host interface 212 is connected to the SPI bus, which includes the aforementioned CS line. The processor 210 receives all flash memory commands from the host 202 via the host interface 212. If the processor 210 recognizes that the non-secure flash memory 206 cannot execute the received instruction, such as the RPMC instruction, the processor 210 will execute the instruction. When instructions that cannot be executed by the non-secure flash memory 206 are executed, the trusted platform module 204 may be accessed through the I2C port 104. For example, if there are some RPMC counters in the trusted platform module 204 and the host 202 issues a read RCM command, the processor 210 will access the trusted platform module 204 via the I2C port 214, and request the trusted platform module 204 to send back the data stored in The value in the RPCM counter. The processor 210 then returns the requested data to the host 202 via the host interface 212.

藉由回傳任何所要求的資料、及/或回傳指令執行完成的指示,處理器210可結束此多個快閃記憶體指令中的一些。By returning any requested data and/or returning an instruction to complete the execution of the command, the processor 210 can end some of the multiple flash memory commands.

綜上所述,根據第2圖繪示之示例實施例,運算系統可包含一非安全性快閃記憶體,其經由串列匯流排與控制器並聯並連接至主機。 非安全性快閃記憶體可執行快閃記憶體指令之一子集合(subset),而控制器執行非安全性快閃記憶體不支援的其他快閃記憶體指令。 上述實現安全性快閃記憶體功能的運算系統的成本可比具有安全性快閃記憶體之運算系統更低。In summary, according to the exemplary embodiment shown in FIG. 2, the computing system may include a non-secure flash memory, which is connected in parallel with the controller via the serial bus and connected to the host. Non-secure flash memory can execute a subset of flash memory commands, and the controller executes other flash memory commands that are not supported by non-secure flash memory. The cost of the computing system that implements the secure flash memory function can be lower than that of the computing system with secure flash memory.

第3圖係根據本發明的第三實施方式示意性繪示具有SAF組態之運算系統300之方塊圖。 第3圖繪示之示例實施例係與第1圖之示例實施例相似,而不同處在於第3圖之示例實施例之控制器不是直接耦接至信任平台模組。FIG. 3 is a block diagram schematically showing a computing system 300 with SAF configuration according to the third embodiment of the present invention. The example embodiment shown in FIG. 3 is similar to the example embodiment in FIG. 1, but the difference is that the controller of the example embodiment in FIG. 3 is not directly coupled to the trust platform module.

運算系統300包含一主機302,其用以執行包含快閃記憶體指令之軟體指令,其包含安全指令以及非安全指令。 一信任平台模組304,用以實現安全功能;一非安全性快閃記憶體306,其不支援主機發出至快閃記憶體裝置之多個指令的一些或是所有; 以及,一控制器308,用以仿真主機302發出的快閃記憶體安全功能。The computing system 300 includes a host 302 for executing software commands including flash memory commands, including secure commands and non-secure commands. A trusted platform module 304 for implementing security functions; a non-secure flash memory 306 that does not support some or all of the multiple commands issued by the host to the flash memory device; and, a controller 308 , Used to simulate the flash memory security function issued by the host 302.

第3圖之示例實施例,主機302係在SPI匯流排上與信任平台模組304進行通訊,並在eSPI匯流排上與控制器308進行通訊; 控制器308在SPI匯流排上與快閃記憶體306進行通訊。可以理解的是,其他實施例可使用其他任何適合匯流排,例如串列式或是並列式匯流排。 在第3圖之示例實施例中,在SAF組態中,快閃記憶體係附加於(attached to)控制器。In the example embodiment in Figure 3, the host 302 communicates with the trusted platform module 304 on the SPI bus, and communicates with the controller 308 on the eSPI bus; the controller 308 communicates with the flash memory on the SPI bus The body 306 communicates. It can be understood that other embodiments may use any other suitable bus, such as a serial bus or a parallel bus. In the example embodiment in Figure 3, in the SAF configuration, the flash memory system is attached to the controller.

主機302執行快閃記憶體指令,其包含非安全性快閃記憶體306可執行的指令以及非安全性快閃記憶體306不支援而會由控制器308執行的指令。The host 302 executes flash memory commands, which include commands executable by the non-secure flash memory 306 and commands that the non-secure flash memory 306 does not support but will be executed by the controller 308.

控制器308之詳細方塊圖係繪示在第3圖之下方。 控制器308包含一處理器310;一主機介面312,用於主機302以及處理器之間的通訊,且包含一eSPI端口; 一SPI端口316,其用於快閃記憶體306以及處理器310之間的通訊。The detailed block diagram of the controller 308 is shown at the bottom of FIG. 3. The controller 308 includes a processor 310; a host interface 312 for communication between the host 302 and the processor, and includes an eSPI port; an SPI port 316, which is used for the flash memory 306 and the processor 310 Inter-communication.

主機308係在eSPI匯流排上與快閃記憶體裝置進行通訊。在第3圖之SAF組態之示例中,控制器308係接收且回應主機302發出之快閃記憶體指令。The host 308 communicates with the flash memory device on the eSPI bus. In the SAF configuration example in FIG. 3, the controller 308 receives and responds to the flash memory command issued by the host 302.

在此控制器308中,處理器310經由主機介面312接收快閃記憶體指令。 處理器310可將一些指令導向非安全性快閃記憶體306以直接執行。 或者,處理器310將執行其他指令,例如,非安全性快閃記憶體306無法執行的指令。 其他指令執行時可能會需要經由主機302存取信任平台模組304以及存取非安全性快閃記憶體306。以下將詳細描述。In the controller 308, the processor 310 receives flash memory commands via the host interface 312. The processor 310 can direct some instructions to the non-secure flash memory 306 for direct execution. Alternatively, the processor 310 will execute other instructions, for example, instructions that the non-secure flash memory 306 cannot execute. When other commands are executed, it may be necessary to access the trusted platform module 304 and the non-secure flash memory 306 through the host 302. This will be described in detail below.

處理器310可回傳任何所要求的資料給主機、及/或回傳表示指令已經執行完成的指示,以結束一些快閃記憶體指令。The processor 310 can return any required data to the host, and/or return an instruction indicating that the command has been executed, so as to end some flash memory commands.

以下將搭配第3圖簡單說明根據本發明的實施例的軟體驅動程式之範例。 在第3圖繪示之示例實施例中,主機302中有至少二驅動程式係同時處於活動狀態,即快閃記憶體應用驅動程式318以及安全服務驅動程式320。Hereinafter, an example of the software driver according to the embodiment of the present invention will be briefly described in conjunction with FIG. 3. In the exemplary embodiment shown in FIG. 3, at least two drivers in the host 302 are active at the same time, that is, the flash memory application driver 318 and the security service driver 320.

快閃記憶體應用驅動程式318係提供軟體介面至快閃記憶體裝置。在第3圖之示例實施例中,快閃記憶體應用驅動程式318係與控制器308進行通訊。 然而,所述之驅動程式可與主機在一包含安全性快閃記憶體之運算系統中使用的驅動程式相似(或是相同。快閃記憶體驅動程式318亦可使用於第1以及2圖所示之示例實施例。The flash memory application driver 318 provides a software interface to the flash memory device. In the example embodiment shown in FIG. 3, the flash memory application driver 318 communicates with the controller 308. However, the driver can be similar to (or the same as) the driver used by the host in a computing system that includes a secure flash memory. The flash memory driver 318 can also be used as shown in Figures 1 and 2. Illustrated example embodiment.

安全服務驅動程式320提供一介於安全服務用戶端以及信任平台模組304之間的介面。 在第3圖所示之示例實施例中,處理器310可經由主機介面312要求來自安全服務驅動程式320的信任平台模組服務(TPM service)。 安全服務驅動程式可存取信任平台模組304以執行服務,並經由控制器308之主機介面312回覆處理器310。The security service driver 320 provides an interface between the security service client and the trust platform module 304. In the exemplary embodiment shown in FIG. 3, the processor 310 can request a trusted platform module service (TPM service) from the security service driver 320 via the host interface 312. The security service driver can access the trusted platform module 304 to execute the service, and reply to the processor 310 via the host interface 312 of the controller 308.

在一些實施例中,在早期開機前階段(類似電腦的ME開機),信任平台模組(TPM)驅動程式尚未啟動,因此信任平台模組無法用於一些安全功能,例如單向性計數器功能。 此時,控制器308可藉由回報儲存在非安全性快閃記憶體內之單向性數值,在上電期間支援追溯(retro-active)RPMC功能,並等待來自信任平台模組之經驗證的單向性計數器之讀數。此單向性計數器之讀數係儲存在一緩衝器中。 若單向性計數器之讀數無法在一預先定義期間內通過驗證,則控制器308可重置或中斷主機302,並發出安全故障之警訊。In some embodiments, in the early pre-boot phase (similar to the ME booting of a computer), the trusted platform module (TPM) driver has not been activated, so the trusted platform module cannot be used for some security functions, such as the one-way counter function. At this time, the controller 308 can support the retro-active RPMC function during power-on by reporting the one-way value stored in the non-secure flash memory, and wait for the verified data from the trusted platform module The reading of the one-way counter. The reading of the one-way counter is stored in a buffer. If the reading of the one-way counter fails to pass the verification within a predefined period, the controller 308 can reset or interrupt the host 302 and issue a safety failure warning.

綜上所述,根據第3圖所示之示例實施例,運算系統可包含不支援一些安全功能的附屬附加快閃記憶體(Slave-Attached-Flash),其係經由控制器連接至主機。 控制器不包含對向信任平台模組的介面,而是改成控制器係經由主機運行之服務驅動程式來存取信任平台模組(TPM)。 運算系統實現此安全性快閃記憶體功能的成本係低於具有能實現所有快閃記憶體指令之快閃記憶體的運算系統。In summary, according to the exemplary embodiment shown in FIG. 3, the computing system may include a slave-attached flash memory (Slave-Attached-Flash) that does not support some security functions, which is connected to the host via the controller. The controller does not include an interface to the trusted platform module. Instead, the controller accesses the trusted platform module (TPM) through a service driver running on the host. The cost of the operating system to implement this secure flash memory function is lower than that of an operating system with flash memory that can implement all flash memory instructions.

第4圖係根據本發明的第四實施例示意性繪示具有主機附加快閃記憶體之運算系統400之方塊圖。在本實施例中,控制器包含一信任平台模組。FIG. 4 is a block diagram schematically showing a computing system 400 with a host attached flash memory according to the fourth embodiment of the present invention. In this embodiment, the controller includes a trusted platform module.

運算系統400包含一主機402,其用以執行包含快閃記憶體指令的軟體指令;一非安全性快閃記憶體406; 以及一控制器408,其用以仿真主機402發出要求之快閃記憶體安全功能。The computing system 400 includes a host 402 for executing software commands including flash memory commands; a non-secure flash memory 406; and a controller 408 for simulating the flash memory requested by the host 402 Physical safety features.

在第4圖之示例實施例中,主機402在一SPI匯流排上與控制器408以及非安全性快閃記憶體406進行通訊。可以理解的是,其他實施例可使用其他任何適合的匯流排,例如串列式(serial)或是並列式(parallel)匯流排。In the example embodiment of FIG. 4, the host 402 communicates with the controller 408 and the non-secure flash memory 406 on an SPI bus. It is understood that other embodiments may use any other suitable bus, such as serial or parallel bus.

在第4圖之示例實施例中,非安全性快閃記憶體406接收所有快閃記憶體的通訊資料;然而,快閃記憶體406只回應其有支援的指令。 例如,若主機402發布一RPMC指令,而非安全性快閃記憶體406不支援RPMC指令,則非安全性快閃記憶體406將忽視此RPMC指令。In the example embodiment of FIG. 4, the non-secure flash memory 406 receives all the communication data of the flash memory; however, the flash memory 406 only responds to commands that it supports. For example, if the host 402 issues an RPMC command and the non-secure flash memory 406 does not support the RPMC command, the non-secure flash memory 406 will ignore the RPMC command.

控制器408之詳細方塊圖係繪示在第4圖之下方。 控制器408包含一處理器410;一主機介面412,其用於主機202以及處理器410之間的通訊;以及一內嵌式信任平台模組(embedded TPM)414,其用以實現安全功能。The detailed block diagram of the controller 408 is shown at the bottom of FIG. 4. The controller 408 includes a processor 410; a host interface 412 for communication between the host 202 and the processor 410; and an embedded trusted platform module (embedded TPM) 414 for implementing security functions.

為了執行快閃記憶體指令,主機402係在SPI匯流排上與一安全性快閃記憶體裝置進行通訊。當主機402欲與安全性快閃記憶體進行通訊時,主機402會將晶片選擇(CS)線設定有效,而此CS線係連接至非安全性快閃記憶體406以及控制器408。當主機402發布一安全相關指令,而非安全性快閃記憶體406不支援此安全相關指令時,控制器408會讀取並執行此安全相關指令。In order to execute flash memory commands, the host 402 communicates with a security flash memory device on the SPI bus. When the host 402 wants to communicate with the secure flash memory, the host 402 will set the chip select (CS) line to be valid, and the CS line is connected to the non-secure flash memory 406 and the controller 408. When the host 402 issues a safety-related command and the non-security flash memory 406 does not support the safety-related command, the controller 408 will read and execute the safety-related command.

在此控制器408中,主機介面412係連接至SPI匯流排,其包含上述CS線。 處理器410係經由主機介面412從主機402接收所有快閃記憶體指令。 若處理器410識別出所接收的指令(例如RPMC指令)無法由非安全性快閃記憶體406執行,則將由處理器410執行此指令。 非安全性快閃記憶體406無法執行的指令在執行時可能需要存取嵌入式信任平台模組414。 例如,若嵌入式信任平台模組414中有一些RPMC計數器而主機402發出一讀取RPCM指令,則處理器410將存取嵌入式信任平台模組414並要求嵌入式信任平台模組414回傳儲存在RPCM中的數值。 處理器410接著經由主機介面412將回傳所要求的資料給主機402。In the controller 408, the host interface 412 is connected to the SPI bus, which includes the aforementioned CS line. The processor 410 receives all flash memory commands from the host 402 via the host interface 412. If the processor 410 recognizes that the received instruction (such as the RPMC instruction) cannot be executed by the non-secure flash memory 406, the processor 410 will execute the instruction. Commands that cannot be executed by the non-secure flash memory 406 may require access to the embedded trusted platform module 414 during execution. For example, if there are some RPMC counters in the embedded trust platform module 414 and the host 402 issues a read RCM command, the processor 410 will access the embedded trust platform module 414 and request the embedded trust platform module 414 to send back The value stored in RCM. The processor 410 then returns the requested data to the host 402 via the host interface 412.

處理器410可藉由回傳任何所要求的資料給主機402、及/或回傳指令執行完成之指示,以結束一些快閃記憶體指令。The processor 410 can end some flash memory commands by returning any required data to the host 402 and/or returning an instruction to complete the command execution.

綜上所述,根據第4圖繪示之示例實施例,運算系統可包含非安全性快閃記憶體,其經由串列匯流排連接至主機,且與控制器並聯。 非安全性快閃記憶體執行快閃記憶體指令之子集合,而控制器執行非安全性快閃記憶體不支援的快閃記憶體指令。 上述可實現安全性快閃記憶體功能的運算系統的成本係低於具有安全性快閃記憶體之運算系統。In summary, according to the exemplary embodiment shown in FIG. 4, the computing system may include non-secure flash memory, which is connected to the host via a serial bus and is connected in parallel with the controller. Non-secure flash memory executes a sub-set of flash memory commands, and the controller executes flash memory commands that are not supported by non-secure flash memory. The cost of the above-mentioned computing system that can implement the secure flash memory function is lower than that of the computing system with secure flash memory.

第5圖係根據本發明的第五實施例示意性繪示具有SAF組態之運算系統500之方塊圖。在本實施例中,控制器508包含一信任平台模組514,而此非安全性快閃記憶體所用的組態係為附屬附加快閃記憶體(SAF)組態。FIG. 5 is a block diagram schematically showing a computing system 500 with SAF configuration according to the fifth embodiment of the present invention. In this embodiment, the controller 508 includes a trusted platform module 514, and the configuration used for the non-secure flash memory is a supplementary flash memory (SAF) configuration.

運算系統500包含一主機502,其用以執行多個軟體指令,其包含快閃記憶體指令。 非安全性快閃記憶體506;以及一控制器508,其用以仿真主機502發出要求之快閃記憶體安全功能。The computing system 500 includes a host 502 for executing a plurality of software commands, including flash memory commands. Non-secure flash memory 506; and a controller 508 for simulating the security function of the flash memory requested by the host 502.

在第5圖之示例實施例中,主機502傳送包含安全指令之多個快閃記憶體指令給控制器508。 非安全性快閃記憶體506係連接至控制器508。控制器508包含一處理器510、一主機介面512、一嵌入式信任平台模組514以及一SPI端口516。In the example embodiment of FIG. 5, the host 502 transmits a plurality of flash memory commands including security commands to the controller 508. The non-secure flash memory 506 is connected to the controller 508. The controller 508 includes a processor 510, a host interface 512, an embedded trust platform module 514, and an SPI port 516.

在控制器508中,處理器510係經由主機介面512接收快閃記憶體指令。處理器510可將此些指令中的一部分導向非安全性快閃記憶體506以直接執行。 處理器510可執行其他指令,例如,非安全性快閃記憶體506無法執行的指令。此些指令之執行可能需要存取嵌入式信任平台模組514以及存取非安全性快閃記憶體506。In the controller 508, the processor 510 receives flash memory commands via the host interface 512. The processor 510 can direct some of these instructions to the non-secure flash memory 506 for direct execution. The processor 510 can execute other instructions, for example, instructions that the non-secure flash memory 506 cannot execute. The execution of these commands may require access to the embedded trusted platform module 514 and access to the non-secure flash memory 506.

處理器510可藉由回傳任何所要求的資料給主機502、及/或回傳指令執行完成之指示,以結束此些快閃記憶體指令之一部分。The processor 510 can end a part of these flash memory commands by returning any required data to the host 502 and/or returning an instruction to complete the command execution.

綜上所述,根據第5圖繪示之示例實施例,在SAF組態中,運算系統可包含非安全性快閃記憶體,其經由控制器連接至主機。 控制器執行所有快閃記憶體指令(包含安全相關指令以及非安全相關指令),並存取附加的非安全性快閃記憶體以及內部嵌入式信任平台模組。 上述可實現安全性快閃記憶體功能之運算系統的成本可低於具有安全性快閃記憶體之運算系統。In summary, according to the exemplary embodiment shown in FIG. 5, in the SAF configuration, the computing system may include non-secure flash memory, which is connected to the host via the controller. The controller executes all flash memory commands (including safety-related commands and non-safety-related commands), and accesses additional non-secure flash memory and internal embedded trust platform modules. The cost of the above-mentioned computing system that can realize the security flash memory function can be lower than that of the computing system with the security flash memory.

可以理解的是,第1至5圖繪示之運算系統之實施例係僅為舉例,而非為限制本發明。 本發明之運算系統不限於上述示例實施例。例如,在其他實施例,可使用其他類型之非揮發性記憶體,而連接系統之多種元件的匯流排可與上述實施例之匯流排不同。 在一些實施例中,可包含複數個主機、複數個安全性快閃記憶體裝置、及/或複數個控制器。在一實施例中,單一控制器可耦接複數個快閃記憶體裝置及/或複數個信任平台模組(TPM)。It can be understood that the embodiments of the computing system shown in FIGS. 1 to 5 are only examples, and are not intended to limit the present invention. The computing system of the present invention is not limited to the above exemplary embodiment. For example, in other embodiments, other types of non-volatile memory may be used, and the bus bar connecting various components of the system may be different from the bus bar of the above-mentioned embodiment. In some embodiments, it may include a plurality of hosts, a plurality of security flash memory devices, and/or a plurality of controllers. In one embodiment, a single controller can be coupled to a plurality of flash memory devices and/or a plurality of trusted platform modules (TPM).

在一些實施例中,主機可發布指令以在原子程度上讀取快閃記憶體以及增加RPMC。處理器藉由存取非安全性快閃記憶體之資料以及存取信任平台模組以增加對應的RPMC,以仿真此指令。In some embodiments, the host can issue instructions to atomically read the flash memory and increase the RPMC. The processor adds the corresponding RPMC by accessing the data of the non-secure flash memory and accessing the trusted platform module to simulate this command.

在一些實施例中,單一信任平台模組除了作為信任平台模組服務主機之外,可使用作為電路板上其他元件之一般用途安全NV存儲裝置。在一實施例中,上述控制器之功能可實現在信任平台模組中,而不需要使用控制器。In some embodiments, a single trusted platform module can be used as a general-purpose secure NV storage device for other components on the circuit board in addition to serving as the host of the trusted platform module. In one embodiment, the functions of the above-mentioned controller can be implemented in the trusted platform module without using the controller.

在一些非SAF實施例中,主機用於快閃記憶體的CS線係連接至控制器而非快閃記憶體,而快閃記憶體接收的CS線係連接至控制器而非主機; 回應於控制器從主機接收的CS線,控制器產生CS訊號;而回應於其他快閃記憶體存取週期,控制器啟動以執行安全性快閃記憶體功能。In some non-SAF embodiments, the CS line used by the host for the flash memory is connected to the controller instead of the flash memory, and the CS line received by the flash memory is connected to the controller instead of the host; When the controller receives the CS line from the host, the controller generates a CS signal; and in response to other flash memory access cycles, the controller activates to perform the security flash memory function.

在本發明之一些實施例中,控制器可包含一快取記憶體,用於頻繁存取安全數據,例如金鑰。In some embodiments of the present invention, the controller may include a cache memory for frequent access to secure data, such as keys.

控制器108、208、308、408以及508、或是其元件,可用任何適合硬體來實現,例如特殊應用積體電路(ASIC)或是現場可程式邏輯閘陣列(FPGA)。 在一些實施例中,控制器之一些或是全部元件可使用軟體、硬體、或是硬體以及軟體元件之組合來實現。The controllers 108, 208, 308, 408, and 508, or their components, can be implemented by any suitable hardware, such as an application-specific integrated circuit (ASIC) or a field programmable logic gate array (FPGA). In some embodiments, some or all of the components of the controller can be implemented using software, hardware, or a combination of hardware and software components.

通常,主機102、202、302、402以及502包含一通用處理器,其可用軟體編程以執行上述內容中的功能。 此軟體可從一網路以電子訊號形式下載至處理器,或是可提供及/或儲存在非暫時性有形媒體上,例如磁性記憶體、光學記憶體、或是電子記憶體。Generally, the hosts 102, 202, 302, 402, and 502 include a general-purpose processor, which can be programmed with software to perform the functions described above. This software can be downloaded from a network to the processor in the form of electronic signals, or can be provided and/or stored on non-transitory tangible media, such as magnetic memory, optical memory, or electronic memory.

雖然本發明以前述之實施例揭露如上,然其並非用以限定本發明,任何熟習相像技藝者,在不脫離本發明之精神和範圍內,當可作些許之更動與潤飾,因此本發明之專利保護範圍須視本說明書所附之申請專利範圍所界定者為準。Although the present invention is disclosed in the foregoing embodiments as above, it is not intended to limit the present invention. Anyone familiar with similar art can make some changes and modifications without departing from the spirit and scope of the present invention. Therefore, the present invention The scope of patent protection shall be determined by the scope of the patent application attached to this specification.

100、200、300、400、500:運算系統 102、202、302、402、502:主機 104、204、304、414、514:TPM 106、206、306、406、506:快閃記憶體 108、208、308、408、508:控制器 110、210、310、410、510:處理器 112、212、312、412、512:主機介面 114、214、414、514:I2C端口 116、316、516:SPI端口 318:快閃記憶體應用驅動程式 320:服務驅動程式100, 200, 300, 400, 500: computing system 102, 202, 302, 402, 502: host 104, 204, 304, 414, 514: TPM 106, 206, 306, 406, 506: flash memory 108, 208, 308, 408, 508: Controller 110, 210, 310, 410, 510: processor 112, 212, 312, 412, 512: host interface 114, 214, 414, 514: I2C port 116, 316, 516: SPI port 318: Flash memory application driver 320: service driver

第1圖係根據本發明之一實施例示意性繪示具有從屬附加快閃記憶體(Slave-Attached-Flash, SAF)組態之運算系統之方塊圖,該SAF組態係執行重放保護單向性計數器(RPMC)快閃記憶體仿真。Figure 1 is a block diagram of a computing system with a Slave-Attached-Flash (Slave-Attached-Flash, SAF) configuration according to an embodiment of the present invention. The SAF configuration executes the replay protection list. The directional counter (RPMC) flash memory emulation.

第2圖係根據本發明的另一實施例示意性繪示具有主機附加快閃記憶體組態(host-attached Flash configuration)之運算系統之方塊圖,該主機附加快閃記憶體組態係執行RPMC快閃記憶體仿真。Figure 2 is a block diagram of a computing system with a host-attached Flash configuration according to another embodiment of the present invention. The host-attached Flash configuration is executed RPMC flash memory emulation.

第3圖係根據本發明的又一實施例示意性繪示具有一SAF組態之運算系統之方塊圖,SAF組態係執行RPMC快閃記憶體仿真。FIG. 3 is a block diagram schematically showing a computing system with a SAF configuration according to another embodiment of the present invention, and the SAF configuration executes RPMC flash memory simulation.

第4圖係根據本發明的再一實施例示意性繪示具有主機附加快閃記憶體組態之運算系統之方塊圖,該主機附加快閃記憶體組態係執行RPMC快閃記憶體仿真。FIG. 4 is a block diagram schematically showing a computing system with a host-attached flash memory configuration according to another embodiment of the present invention, and the host-attached flash memory configuration executes RPMC flash memory emulation.

第5圖係根據本發明的第五實施例示意性繪示具有SAF組態之運算系統之方塊圖,該SAF組態執行RPMC快閃記憶體仿真。FIG. 5 is a block diagram schematically showing a computing system with SAF configuration according to the fifth embodiment of the present invention, and the SAF configuration executes RPMC flash memory simulation.

100:運算系統 100: computing system

102:主機 102: host

104:TPM 104: TPM

106:快閃記憶體 106: flash memory

108:控制器 108: Controller

110:處理器 110: processor

112:主機介面 112: Host Interface

114:I2C端口 114: I2C port

116:SPI端口 116: SPI port

Claims (18)

一種控制器,包含: 一主機介面,用以與一主機進行通訊;以及 一處理器,用以: 透過該主機介面從該主機接收在一非揮發性記憶體(NVM)執行的多個指令; 在該多個指令之中識別出一有關於安全單向性計數器且在嵌有安全單向性計數器之非揮發性記憶體中執行的指令;以及 執行該所識別之指令,並取代該非揮發性記憶體向該主機回應該所識別之指令。A controller that contains: A host interface for communicating with a host; and A processor for: Receive a plurality of commands executed by a non-volatile memory (NVM) from the host through the host interface; Identifying among the plurality of instructions is an instruction related to a safe one-way counter and executed in a non-volatile memory in which the safe one-way counter is embedded; and Execute the recognized command, and replace the non-volatile memory to respond to the host with the recognized command. 如申請專利範圍第1項所述之控制器, 更包含一記憶體介面,其中該處理器係透過該記憶體介面與一不具有嵌入式安全單向性計數器的非揮發性記憶體進行通訊,以及將該所識別之指令以外的該指令轉送至該不具有嵌入式安全單向性計數器的非揮發性記憶體以執行。For example, the controller described in claim 1 further includes a memory interface through which the processor communicates with a non-volatile memory that does not have an embedded secure one-way counter. And the instructions other than the identified instructions are transferred to the non-volatile memory which does not have an embedded secure one-way counter for execution. 如申請專利範圍第1項所述之控制器, 其中當該處理器執行該所識別之指令時,該處理器係覆蓋一晶片選擇(CS)訊號,該主機係將該晶片選擇訊號設定有效以選擇該非揮發性記憶體。For example, the controller described in item 1 of the scope of patent application, wherein when the processor executes the recognized instruction, the processor covers a chip select (CS) signal, and the host sets the chip select signal to be valid to Select the non-volatile memory. 如申請專利範圍第1項所述之控制器, 其中該處理器係藉由攔截一晶片選擇訊號以接收試圖存取該非揮發性記憶體之指令,該主機係將該晶片選擇訊號設定有效(assert)以選擇該非揮發性記憶體。For example, the controller described in item 1 of the scope of patent application, wherein the processor receives an instruction to access the non-volatile memory by intercepting a chip selection signal, and the host sets the chip selection signal to be valid (assert ) To select the non-volatile memory. 如申請專利範圍第1項所述之控制器, 其中該處理器係用以與一信任平台模組(TPM)結合執行該所識別之指令。As for the controller described in item 1 of the scope of patent application, the processor is used to execute the identified command in combination with a trusted platform module (TPM). 如申請專利範圍第5項所述之控制器,其中該信任平台模組係整合在該控制器中。In the controller described in item 5 of the scope of patent application, the trust platform module is integrated in the controller. 如申請專利範圍第5項所述之控制器, 其中該信任平台模組係位於該控制器外部,該控制器更包含一信任平台模組介面用以與該信任平台模組進行通訊。For example, in the controller described in item 5 of the scope of patent application, the trusted platform module is located outside the controller, and the controller further includes a trusted platform module interface for communicating with the trusted platform module. 如申請專利範圍第5項所述之控制器, 其中該信任平台模組係位於該控制器外部且係連接至該主機,該處理器係透過該主機介面與該信任平台模組進行通訊。For the controller described in item 5 of the scope of patent application, the trusted platform module is located outside the controller and connected to the host, and the processor communicates with the trusted platform module through the host interface. 如申請專利範圍第1項所述之控制器, 其中該所識別之指令係符合一重放保護單向性計數器(replay-protected monotonic counter, RPMC)規範,該處理器係根據該RPMC規範用以執行該所識別之指令。For the controller described in item 1 of the scope of patent application, the recognized instruction complies with a replay-protected monotonic counter (RPMC) specification, and the processor is used according to the RPMC specification Execute the recognized command. 一種控制方法,包含: 在一控制器中,從一主機接收用以在一非揮發性記憶體(NVM)中執行的多個指令; 從該多個指令中識別出一與安全單向性計數器有關且試圖在一嵌有安全單向性計數器之非揮發性記憶體中執行的指令;以及 由該控制器代替該非揮發性記憶體執行該所識別之指令。A control method including: In a controller, receiving a plurality of commands for execution in a non-volatile memory (NVM) from a host; Identifying from the plurality of instructions an instruction related to a safe one-way counter and trying to be executed in a non-volatile memory embedded with a safe one-way counter; and The controller replaces the non-volatile memory to execute the recognized command. 如申請專利範圍第10項所述之控制方法, 更包含與一不具有嵌入式安全單向性計數器的非揮發性記憶體進行通訊,以及將該所識別之指令以外的該指令轉送至該不具有嵌入式安全單向性計數器的非揮發性記憶體以執行。For example, the control method described in item 10 of the scope of the patent application further includes communicating with a non-volatile memory that does not have an embedded secure one-way counter, and forwarding the command other than the recognized command to the non-volatile memory. Non-volatile memory with embedded security one-way counter for execution. 如申請專利範圍第10項所述之控制方法, 其中執行該所識別之指令之步驟包含:覆蓋一晶片選擇(CS)訊號,其中該主機係將該晶片選擇訊號設定有效以選擇該非揮發性記憶體。For the control method described in item 10 of the scope of patent application, the step of executing the identified command includes: covering a chip selection (CS) signal, wherein the host sets the chip selection signal to be valid to select the non-volatile memory body. 如申請專利範圍第10項所述之控制方法, 其中接收該企圖存取該非揮發性記憶體之該指令之步驟包含:攔截一晶片選擇訊號,其中該主機係將該晶片選擇訊號設定有效(assert)以選擇該非揮發性記憶體。For example, in the control method described in claim 10, the step of receiving the command attempting to access the non-volatile memory includes: intercepting a chip selection signal, wherein the host sets the chip selection signal to be valid (assert ) To select the non-volatile memory. 如申請專利範圍第10項所述之控制方法, 其中執行該所識別之指令之步驟包含:結合一信任平台模組(TPM)以執行該所識別之指令。According to the control method described in item 10 of the scope of patent application, the step of executing the identified command includes: combining a trusted platform module (TPM) to execute the identified command. 如申請專利範圍第14項所述之控制方法, 其中該信任平台模組係整合在該控制器中。For the control method described in item 14 of the scope of patent application, the trust platform module is integrated in the controller. 如申請專利範圍第14項所述之控制方法, 其中該信任平台模組係位於該控制器外部,該控制器更包含一信任平台模組介面用以與該信任平台模組進行通訊。For example, in the control method described in item 14 of the scope of patent application, the trusted platform module is located outside the controller, and the controller further includes a trusted platform module interface for communicating with the trusted platform module. 如申請專利範圍第14項所述之控制方法, 其中該信任平台模組係位於該控制器外部且係連接至該主機,其中執行該所識別之指令之步驟包含:透過一主機介面與該信任平台模組進行通訊。For the control method described in item 14 of the scope of patent application, the trust platform module is located outside the controller and connected to the host, and the step of executing the identified command includes: communicating with the trust through a host interface The platform module communicates. 如申請專利範圍第10項所述之控制方法, 其中該所識別之指令係符合一重放保護單向性計數器(RPMC)規範,該處理器係根據該重放保護單向性計數器規範用以執行該所識別之指令。For example, the control method described in item 10 of the scope of patent application, wherein the recognized instruction complies with a replay protection unidirectional counter (RPMC) specification, and the processor is used according to the replay protection unidirectional counter specification Execute the recognized command.
TW108142984A 2019-07-04 2019-11-26 Rpmc flash emulation TWI728572B (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US16/503,501 2019-07-04
US16/503,501 US10846438B2 (en) 2014-07-24 2019-07-04 RPMC flash emulation

Publications (2)

Publication Number Publication Date
TW202102999A true TW202102999A (en) 2021-01-16
TWI728572B TWI728572B (en) 2021-05-21

Family

ID=73919520

Family Applications (1)

Application Number Title Priority Date Filing Date
TW108142984A TWI728572B (en) 2019-07-04 2019-11-26 Rpmc flash emulation

Country Status (3)

Country Link
JP (1) JP7293163B2 (en)
CN (1) CN112181860B (en)
TW (1) TWI728572B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI775436B (en) * 2021-05-17 2022-08-21 新唐科技股份有限公司 Bus system

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080320263A1 (en) * 2007-06-20 2008-12-25 Daniel Nemiroff Method, system, and apparatus for encrypting, integrity, and anti-replay protecting data in non-volatile memory in a fault tolerant manner
US8588228B1 (en) * 2010-08-16 2013-11-19 Pmc-Sierra Us, Inc. Nonvolatile memory controller with host controller interface for retrieving and dispatching nonvolatile memory commands in a distributed manner
WO2013095387A1 (en) * 2011-12-20 2013-06-27 Intel Corporation Secure replay protected storage
US9218490B2 (en) * 2011-12-30 2015-12-22 Intel Corporation Using a trusted platform module for boot policy and secure firmware
CN103247612B (en) * 2013-04-09 2015-09-23 北京兆易创新科技股份有限公司 A kind of enhancement mode FLASH chip and a kind of chip packaging method
TWI640895B (en) * 2013-07-12 2018-11-11 華邦電子股份有限公司 Nonvalatile memory device having authentication, and methods of operation and manufacture thereof
US9407636B2 (en) * 2014-05-19 2016-08-02 Intel Corporation Method and apparatus for securely saving and restoring the state of a computing platform
US10303880B2 (en) * 2014-07-24 2019-05-28 Nuvoton Technology Corporation Security device having indirect access to external non-volatile memory
US9716710B2 (en) * 2015-06-26 2017-07-25 Intel Corporation Technologies for virtualized access to security services provided by a converged manageability and security engine

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI775436B (en) * 2021-05-17 2022-08-21 新唐科技股份有限公司 Bus system
CN115378755A (en) * 2021-05-17 2022-11-22 新唐科技股份有限公司 Bus system
US11630787B2 (en) 2021-05-17 2023-04-18 Nuvoton Technology Corporation Bus system
CN115378755B (en) * 2021-05-17 2023-12-29 新唐科技股份有限公司 Bus system

Also Published As

Publication number Publication date
CN112181860B (en) 2023-11-24
JP7293163B2 (en) 2023-06-19
TWI728572B (en) 2021-05-21
JP2021012679A (en) 2021-02-04
CN112181860A (en) 2021-01-05

Similar Documents

Publication Publication Date Title
US10846438B2 (en) RPMC flash emulation
Lentz et al. Secloak: Arm trustzone-based mobile peripheral control
CN106605233B (en) Providing trusted execution environment using processor
EP3582129B1 (en) Technologies for secure hardware and software attestation for trusted i/o
Zhou et al. Building verifiable trusted path on commodity x86 computers
CN109918919B (en) Management of authentication variables
Koeberl et al. TrustLite: A security architecture for tiny embedded devices
US9575790B2 (en) Secure communication using a trusted virtual machine
CN107851162B (en) Techniques for secure programming of a cryptographic engine for secure I/O
US20220171841A1 (en) Remote attestation for multi-core processor
US20180060077A1 (en) Trusted platform module support on reduced instruction set computing architectures
KR20170095161A (en) Secure system on chip
EP3329416B1 (en) Secure input/output device management
US10146962B2 (en) Method and apparatus for protecting a PCI device controller from masquerade attacks by malware
CN107567629B (en) Dynamic firmware module loader in trusted execution environment container
KR102105760B1 (en) Heterogeneous isolated execution for commodity gpus
TWI728572B (en) Rpmc flash emulation
CN113268447A (en) Computer architecture and access control, data interaction and safe starting method in computer architecture
US20230342472A1 (en) Computer System, Trusted Function Component, and Running Method
TWI751962B (en) Secured device, secured method, secured system, and secured apparatus
Kaplan Hardware VM Isolation in the Cloud: Enabling confidential computing with AMD SEV-SNP technology
US11960737B2 (en) Self-deploying encrypted hard disk, deployment method thereof, self-deploying encrypted hard disk system and boot method thereof
US20220222340A1 (en) Security and support for trust domain operation
Kaplan Hardware VM Isolation in the Cloud
Gazidedja HW-SW architectures for security and data protection at the edge