TWI313433B - Method for operating digital system including graphics display and digital system thereof - Google Patents

Description

A7 B7 1313433 V. INSTALLATION OF EMBODIMENT The technical field of the invention belongs to the claim that for the January 2nd, 2nd, 2nd, 6th, 6th European patent application, the case is broken, No. 02290115, the name is, and the MMU is supported and interrupted. The security mode of the processor, (authorized memo number 33762_1Εϋ), and June 2, 2, 3 European Patent Application No. 02100727.3? Tiger, named ', supports the security mode of MMU and interrupted processor ,, (authorization of the memo number 33762.2EU) priority. The present invention is generally related to a microprocessor, and more particularly,

ο 1X

5 IX Ministry of Economic Affairs Intellectual Property Bureau employee sales cooperative printing ο 2 Improvement of the security mechanism of the security software service. Prior Art Microprocessors are general purpose processors that provide high instruction computations to execute software on them and have a wide range of processing requirements depending on the particular software application they contain. Many different types of processors are known, and microprocessors are only one. For example, digital signal processing H (DSP) is widely used and is best handled for specific applications such as mobile processing applications. DSP-like configurations are used to optimize the performance of related applications, for which purpose more specific execution units and instruction sets are used. To provide continuous rising Dsp performance while minimizing power consumption in applications that are specifically, but not limited to, mobile telecommunications. To further improve digital system performance, two or more processors can be interconnected. For example, a DSP can be interconnected with a general purpose processor in a digital system. The dSP implements a numerically enhanced signal processing algorithm, while the general purpose processor handles all control processes. The two processors pass and transfer data via shared memory for signal processing. Direct memory access (DMA) controllers are often connected to the processor. This paper size applies to National Standard (CNS) A4 specifications (210 x 297 mm) 1313433

Five 'invention description

ο 1X

5 1A Ministry of Economic Affairs Intellectual Property Office staff consumption contract to allow Indian farmers to take over the burden of data block transfer between memory or surrounding resources to improve processor performance. Typically, there is an operating system (〇s) that manages the digital system by scheduling resources and executing execution schedules of various program modules or tasks. In a system with several processors, it is convenient to have individual processors. The general term is assumed to be under the control of all system resources. A variety of 〇s are not designed to share memory and resources with other 〇s. Therefore, when two or more os are combined in a single system, resource allocation problems may occur. Conflicts in the use of memory or peripheral devices can have undesirable consequences for system operation. Most processors are built with 2 privilege levels: one for 〇S and one for user tasks. A third privilege level has been proposed, but it has never been implemented in the current CPU. Some operating systems have been identified as safe for specific financial or safety critical applications. Some general operating systems claim to have built-in security, but their vulnerability is well known. Hardware mechanisms can be used to improve security. For example, U.S. Patent No. 4,595,552, entitled "Reservation of Information Retaining in Non-Volatile Memory", reveals that one can be permanently set to prohibit off-chip resources. On the wafer (οη, ρ) memory one or more security bits ' thus protect the data storage marriage, by bribing the code or data stored in the memory on the chip. But the misjudgment operation of the operating system can crack such Preservation method. Applicable to the application of safety category such as business (mobile business) or banknote paper size. National Standard for Insular State (CNS) A4 (2丨〇x 297 坌) 1313433 A7 B7 V. Description of invention The wisdom of the Ministry of Economic Affairs, the staff of the Bureau of Labor and Production, "Society " 101520 (, sub-banking), is hidden, requiring users to record private information such as the code 'on the screen or on the screen. In this action, the user has no choice but to rely solely on the soundness of the device. However, the user's temperament detects whether the hacker or virus has invaded the security architecture of the device. In a version of the invention, a digital system having a secure mode (third level of privilege level) built into the processor system in a non-intrusive manner is provided. The secure execution mode is thus located at two. On the platform, the platform only relies on the code stored in the ROM on the chip by the soft system. The sub-provided (four) user-visible indicator means that the indicator means can only be used for security, bribe _ type code In one embodiment, the security mode is entered via a unique entry point. A sufficient hardware evaluation of the entry/exit conditions can be used to dynamically exit the secure execution mode. The implementation exchanges with the user such as a password or a message displayed on the screen. Confidential information must only be used when the processing device is in safe mode. - The device and method for providing a safe mode are as described in the European Patent Application No. 021Q0727.3, filed in 2002+ June 30. Female full mode for supporting MMU and interrupt processing benefits. A full description of the security model is included here, so that those skilled in the art are aware of their operation. In secure mode, the entry of a physical user interface, such as a keyboard or display, is limited to secure applications via trusted drives. With the security mode keyboard and display, it is enough to exchange the information between the user and the user. Now the inventor has found that it is necessary to indicate the user by means, 〇s

A7 B7

1313433 V. Invention Description (4 Trusted keyboard or display driver, that is, the drive stored in the security record, and enter safe mode. Otherwise, if the virus/hacker wants to download the pseudo drive on the smart device, the user It is not known that it cannot rely on its wearing. According to one aspect of the present invention, a smart device for performing a security application has a security mode indicator in addition to the display and the keypad. This indicator will inform the user that the device is in safe mode. This indicator can be, for example, small. ° If the safety mode indicator is not activated, the user should not enter any private information (in, code) or anything that should not be displayed on the screen. If at H_, benefit is not If you want to enter your PIN at startup, the user will know and crack, and the device cannot provide safe operation.

4 a eg 15 Ministry of Economic Affairs, Wisdom Property Bureau, Staff and Consumers Co., Ltd. 20, ~ From now on, the work is for a general input/output (GP丨0) _ bit彳54. The safety GPIO latch is used to drive the safety indicator LED 155. It is engraved in the security mode from ROM/SRAM (read-only memory/static random access memory) and is responsible for the control and latching. Fork Wang uriu is completely outside the tender display, because the non-enclosure is under the transfer of money, "this device. In theory, the fluorescing on the display is not domain", the current sales of people in the hacker code can enter the screen, U In addition, the symbol or the signal W, such as the rib finger, is used to indicate the object = cap. The wheel device must be in private mode only when the device is in the safe mode, and should only be used when the device is safe. Pass the private information of I or don't sign on the screen - 6 - order

— _ ^ * Ό - The paper size is t @ ϋ家县-------- Yu (2丨〇Χ 297 公董) 1313433 A7 B7 V. Invention description (:5) 5

ο IX 5 11 Ministry of Economic Affairs Intellectual Property Bureau Staff Consumer Cooperative Printed 20 Anything. 1 is a block diagram of a digital system including an embodiment of the present invention in a dead cell 10 of a plurality of processors 102, 104. For the sake of clarity, only the parts of the inspection unit that are relevant to the understanding of the -f embodiment of the invention are shown. The general architectural details of the digital signal processor (DSP) are well known and easy to see at it. For example, Frederick Boutaud et al., in the U.S. Patent No. π. No. </ RTI> </ RTI> </ RTI> </ RTI> </ RTI> </ RTI> </ RTI> </ RTI> </ RTI> </ RTI> </ RTI> </ RTI> <RTIgt; The embodiments are fully described in order to enable those skilled in the art to implement and utilize the present invention. Although the present invention finds particular application to the implementation of the number (4) of the special application integrated circuit (ASIC), Applications to other forms of systems have also been discovered. ASICs can include one or more megabit cells, each of which contains a custom-designed circuit for the customer and a pre-designed functional circuit from the design. There is one in the megabit unit 100. The distribution security system adopts the method of selecting the hardware block and the reliance on the execution of the Wei 1 combination distribution security system to solve the electronic listening ((4) service) and the mobile business (m-business) preservation method in the telephone environment. The preservation topics include: - Machine :: Ensure that only the communicator understands the content of the transmitted information; - Integrity: Ensure that the information remains unchanged during the transmission; - Verification Make sure the other person communication system that is who it claims; - no negativity: Make sure the sender can not deny the information transmitted beam;

1313433 A7 B7 V. INSTRUCTIONS 10 15 20 _ User protection: pseudonyms and anonymity; - protection that cannot be copied. See the operating system (〇s). Cannot be considered safe. Some 〇s claim An Wang, but its complexity makes it difficult to achieve or guarantee safety. For e-commerce and other secure transactions, there is a need for a secure layer of software. This must be easily used in both the memory management unit (MMU) and the fast buffer storage area, while supporting timely interruption and 〇3 support. In many applications, software-only solutions have proven to be inadequate and can only be addressed through the proper use of hardware and software architecture. The development of the female full mode adopted in this embodiment is to introduce the hardware integrity into the overall security mechanism, which is based on the following premise: - the operating system (〇S) is untrustworthy; • is executed on the platform All essential software is not trusted; only L software is the code stored in the security program; - can start the fast buffer storage area due to performance; - can start the interrupt for immediate reasons; - can activate MMU for flexibility . The above premise turns the ribs. First of all, it is not convincing. / 奂 之 ' _ U operation and 〇 S defined translation table is not reliable. The safety mode should be resistant to any misuse of the MMU and the conversion table defined by 〇s may be erroneous. Secondly, the 0S definition of the towel break vector table and the interrupt service routine and the branch letter. The need to perform a "special management of the break" in the safe mode causes the security mode to resist any misuse of the interrupt and the fact that the break vector table and the ISR may be erroneous. Third, the basic operation of the 〇s = U U-scale application of the national standard (CNS) A4 specifications (2l 〇 X 297 public S)

4 I I

I I I I I I

1313433 A7 B7 Five 'Inventions' I 1 Ministry of Economic Affairs, Wisdom and Production Bureau, Staff Consumer Cooperatives, print t 101520 (such as background save, fast buffer storage cache, TLB cache, write buffer, etc.) Fu should not rely on it. Last but not least, in the safe mode, f removes the relevant trial, error removal and simulation capabilities. In this embodiment, the processor 102 generates a segmentation, security mode, ', which makes it possible to perform a security operation as a smoke, and simultaneously performs a security operation. The security mode can be regarded as being at 102. The third privilege level. The startup side depends on whether the specific purpose hardware exists or not. The hardware can be generated by the untrusted software-environment to protect the (four) message from being accessed. The security mode is announced. - The exclusive security signal 152 is set, the security signal 152 is propagated through the system, and a boundary is established between the resources accessible by the trusted software and the resources accessible by any software. The female full mode startup also depends on the proper control of the security software. The security soft system is stored in the secure program ROM/SRAM and executed there. There is no possibility that the security mode can be entered by stealing the hardware, or the trusted code can be obtained to perform the task that should not be performed. If the boundary is properly established, the information shall be taken from the boundary to the outside of the boundary without the normal operation of the processor, except for the controlled operation. Note that the normal operation of the processor includes execution. Potentially “user code.” The security software layer is trusted by the secure memory and stored in it. It passes through a single security gateway to a secure mode while protecting the MMU from modification and entering a software sequence. The Bodyguard Full State Engine (SSM) 15〇 demonstrates that it is actually executing the security code. When the security software is performing the security mode, the interrupt vector is redirected, so that the security control software can be used as needed to apply the Chinese national standard (CNS). ) A4 specification (2i〇X297 public)

I

I order

1313433 A7 87 15 Ministry of Economic Affairs Intellectual Property Bureau employees consumption cooperation 钍 printing 20 V. Invention Description Start to leave the safe mode. The reorientation process is transparent to 〇s and avoids the appearance of safety data after the transition. The GPIO latch 154 is a flash memory lock that operates in a conventional manner, with the exception that it can only be accessed and activated by secure software. Indicator 彳 55 is coupled to GPI 〇 154 and illuminates in response to GPI 〇. The indicator 155 is turned on by writing a logic value such as logic 1 to the latch 154; and is turned off by writing a complementary logic value such as logic 0 to the latch 154. Core 103 accesses latch 154 via peripheral bus signal 156. However, the operation of the GPIO latch 154 is defined by a safety signal 152 controlled by the SSM 150. As such, the GPI 〇 154 can only be written when the safety signal 152 is in the startup state indicating that the processor 1 〇 2 is executing the secure software routine. In the present embodiment, the indicator 155 is a light emitting diode (LED), but in other embodiments, any type of indicator that exhibits two distinct states: on and off can be employed. For example, various types of lamps such as I and electric fresh can be used. Various mechanical devices may be employed, such as rotating a disc that displays a different color to indicate an on/off state, or a mobile-finger to indicate an on/off state of the actuator. In other embodiments, the surface changes of 'turn, height, temperature, etc., can indicate two states, such that a person with visual impairment or other physical impairment can detect both states. For example, the contact ^ indicator can be placed in a scrolling display device. In another embodiment, it is indicated that an audio indication can be provided, such as a playable tone to indicate that the security mode is on, but the attention is required because the tone can be reproduced by non-secure audio.岑 复 复 t 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图 图

1313433 A7 ______B7 V. Description of invention (9) 10 Economic Zou Intellectual Property Bureau X Consumer Consuming Sub-Print Processor (DSP) 104 'The two share a memory called the second level (L2) memory subsystem Body block 113. The flow control block 11 receives the transfer request from the host processor coupled to the host interface 120b, the request from the control processor 102, and the transfer request from the memory access node in the DSP 104. The flow control block inserts these requirements and presents them in the shared memory and fast buffer memory. The shared perimeter 116 is also accessed via the flow control block. The direct memory access controller 1〇6 can transfer data between external sources such as off-chip 5 memory 132 or on-wafer memory 134 and shared memory. It is also possible to incorporate various specific application processors or hardware accelerators 108 into the megabit units according to the needs of each application, and interact with the flow control blocks 舆Dsp and Mp(j. In addition to the megabit single S, the third level (L3) The control block 13 is responsive to the explicit request from the DSP or the MPU to receive the memory request from the internal flow control block. The external memory 132 and/or the on-chip memory 134 are coupled to the system flow controller. These are referred to as L3 memory subsystems. Both the time frame buffer 136 and the display device 138 are coupled to the system traffic_device to receive data for displaying images. The main processor 12Qa and external resources are via the system flow controller. The main interface connected to the flow control H 130 can be accessed by the main processor to the external § memory and other devices connected to the flow controller 13Q. Therefore, in the implementation, it can be used in the third敎 or the second level is connected to the main processor. - The group private periphery is connected to the Dsp, and the other group 142 is connected to the MPU. The figure is a block diagram of the MPU 1〇2 in Figure 1. Ge

Order

1313433

V. INSTRUCTIONS The decentralized preservation of the combination of the selected hardware block and the protected soft ancestor execution environment executed by the security state engine 300 is employed. In another embodiment of the digital system, for example, processor 112 can be a single processor or can be coupled to one or more processors for interoperability. The female full mode is the "third privilege level" of the processor 102. The security mode provides hardware means to limit access to the secure resources of the processor (CPU) 200 set in the appropriate execution environment. The secure mode is built around the CPU 200, and the CPU 200 includes processor cores, data and instruction caches 204, 206 and MMU 210. The advantage is that the security feature of the present embodiment is not invasive to the CPU 200, so in another embodiment, another processor may be employed instead of the processor. Ministry of Economic Affairs, Intellectual Property Bureau, Consumers, and Consumers Print 0 0 0 1 1 2 There are two types of security hardware: the logic to control the security signal, and the hardware resources that are limited by the security model. The former is mainly composed of a Security State Engine (SSM) 300. The SSM 300 is responsible for monitoring the conditions for entering the security mode; declaring/cancelling the security signal 302, and detecting the security mode violation. A violation is indicated by declaring this inverse signal 304 coupled to the reconfiguration circuitry 306, even if the system is reset upon detection of a security violation. The security state engine monitors each of the signals 330 from the external interface of the processor 200, particularly the address obtained for the processor on the instruction bus. The security state engine is tightly coupled to the low order combination code from the incoming sequence. It reacts to events generated by the incoming sequence on the monitored signal. The security mode is entered when the security signal 302 is declared. When the security signal is declared, it spreads throughout the system's open access to secure resources. In secure mode, only processor 200 can access secure resources. In this example -12- This paper scale applies the national standard (CNS) A4 specification (210 x 297 mm) 1313433 A7 V. Description of the invention 11 Ministry of Economic Affairs Intellectual Property Bureau employee consumption contract is printed, due to design specifications The DSP 104 and DMA 106 must not access security sources. The security resources in this embodiment include: security R〇M 31〇 (part of the overall ROM), security SRA|V| 312, and security peripherals 316a, b. Access to the GPIO latch 318 is also verified by the hold signal 3〇2, which can only be written to Gp|〇318 when the hold signal 302 is in the boot state indicating that the CPU 2 is executing the secure software routine. In. The Security Signal (SSM) 300 declares a security signal of 3〇2 under certain conditions. In safe mode, the CPU 2GQ can only execute code stored in secure R〇M 31〇 or secure SRAM 312. Any code that is older than these trusted locations will be generated by the announce signal 3〇4, which will cause the reset circuitry 306 to perform an overall system reset. The ROM is divided into two parts: a security unit protected by a security bit and accessible only in secure mode; and a common part of the ROM that can be accessed at any time and has a boot area. The public R〇M 311 also has various preservation procedures and participates in the overall security mechanism. "Safe Storage RAM 312 is a secure work data storage (safety stack, safe overall data, safe stacking). Security program 312 (optional) is designed to perform non-existing security codes. Non-existing security code is first The external memory device is downloaded to the secure program RAM, and then 20 lines of authentication are performed before execution. The register 3 〇 6 reset by the overall reset signal is implemented in a number of bits in the secure storage SRAM (group bit) Address. These temporary storage masks - some normal SRAM locations 'can be used as general SRAM addresses. The only difference is that these registers / SRAM locations will be reset to one of them. -13- t paper size applicable national standard (CNS) A4 specification (2|0x2^^y 5 10 15 4 order 1313433 A7 B7 V. Invention description 5 ο 5 li Ministry of Economic Affairs Intellectual Property Bureau employee consumption cooperation 钍 printing In the full mode, there are a few variables that can be reset, so it is known to have a value that can be changed only in the safe mode. For example, this feature can be used to: detect the first entry in the safe mode; Properly leave the mode value (normal, exception Detecting power on, etc. In another embodiment, these resettable values can be implemented in other ways, such as by placing the scratchpad in an address space that is not overlapped with the SRAM; Set the signal to the selected memory unit, etc. There is no software way to declare the hold signal 302 or improve the state engine behavior. The SSM is tightly coupled to the boot sequence detailed in Part 5. SSM monitoring comes from the processor 2实体The physical instruction address bus 33〇 and the incoming condition signals 321-327 &gt; received from each resource are from the processor 2 bb 7; | 彳 § 331 and the data interface signal 333 are also monitored And defining which bus bar handling is performed on the instruction bus bar 330 and the data bus bar 332. The security mode is entered by branching into a specific address in the public R〇M, which is called a single entry point. This is the hard-coded address in the SSM. Enter the point system &quot; Kaixian column address. Start the sequence to read and store the hybrid ROM to the security state engine - (4), and ensure that some of the entry conditions of the security mode are met. Entry form The evaluation sequence is directly evaluated based on the specific entry condition signal. The startup sequence generates a defined sequence of events on the part of the signal monitored by the security state engine. These events ensure that the conditions required to enter the security mode have been met. The security state engine recognizes this mode and announces Preservation signal. In safe mode, 'safety, 3⁄4 engine continuously monitors _ some signals, 俾 detection safety mode violates -14-

1313433

V. INSTRUCTIONS 13 5 ο |- 3 5 1ί Ministry of Economic Affairs Intellectual Property Bureau employees consumption cooperation 钍 printing 20 and ensuring compliance with safety die opening ° ^ When to discuss violations, SSM will release * preservation signal and declare S Full violation of signal 304. The code violation is an attempt to remove instructions outside the r〇m/sraivu address. The promoter sequence is stored in the public R〇M. It ensures that the safe mode entry condition has been met. The environment setting sequence is stored in the secure R〇M. It sets the appropriate execution environment for the safe mode for actuating the fast buffer storage area and the MMU. The leaving sequence is stored in a secure ROM. Its mandatory binding leaves the program in compliance with the secure mode. By -BRANCH or under Interrupt. - Safely leave the security mode. It also protects the &quot;private&quot; content of the secure ROM and RAM when it is opened. Still referring to Figure 2, the security control register Mg can be accessed only in the safe mode. Turning on/off the test, debug, and simulation facilities that can be used by hackers to destroy the security but the authentication and debugging of the hardware and software are still needed. For example, one of the signals indicated by signal 321 The operation of the embedded tracking macro unit (ETM) 350 for the development of the program is activated/deactivated. The signal 322 activates/deactivates the operation of the JTAG interface on the processor 2. The signal 323 is actuated/closed at the processor 2 The operation of the debug interface (dbg 丨/F) on the 。. In the non-secure mode, the security conditional register 32 can be used as a memory map to the scratchpad and is used by the control. The partial entry conditions in the safe mode are set to destroy the operation mode of each resource of the preservation. The self-protection condition temporary storage of money is more than the state engine monitoring. For example, the direct memory access (DMA) actuation signal 324 is so DMA controller (not shown) that can access secure memory 312 .

-15- 1313433 V. INSTRUCTIONS (A7 B7 10 15 Ministry of Economic Affairs, Intellectual Property Office, Staff Consumption Cooperation, Print*, JNong 20 In this example, the scan serial interface (scan |/F) is provided for testing, and A protection breakpoint may be provided. However, the processor 200 does not provide a means to turn off the scan string output. To avoid modifying the internal signal of the processor 200, the scan gate 342' is provided from the outside to cover the scan output of the processor 200, and the clock length thereof. Equal to the number of longest scan strings in processor 200. Initialize this masking mechanism (counter reset) upon reset, and each time it is driven by a scan under the control of an external test device (not shown). The mode is switched to the test mode. An external interrupt operator 360 is provided to receive a set of interrupt signals and multiplexed into two interrupt signals 362, 363, which are then received by the processor 200. The interrupt processor 360 has a software configurable Blocking bit 364 as a whole and causing the software to turn off all interrupts to the processor as a whole. Whenever the overall masking bit is set, the interrupt controller announces the masking signal 325 and will The break signals 362, 363 are turned off. After the mask signal 325 is declared, the interrupt signals 362, 363 output by the interrupt controller can no longer be declared until the entire mask bit is cleared by the software. The SSM 300 monitors the mask signal 325 to determine whether Interruption of the motion or masking. A common means of destroying the system security from the external memory booting. In this embodiment, external booting is avoided. In addition, the SSM 3〇〇 monitors the boot signal 327 that is announced when an external boot is attempted. However, during the development of the program, external booting is preferred to facilitate software debugging. A fuse circuit 328 is provided to distinguish between the developing device and the production device, and the device type signal 326 is monitored by the SSM 3, so that the device can be released on the developing device. Security mode. For development devices, the SSM 300 ignores the power-on signal 327 ^ -16-

A7 B7 1313433 V. DESCRIPTION OF THE INVENTION Fig. 3 is a block diagram showing the ROM contents of Fig. 2 and the circuit system for dividing R 〇 M into a public part and a female part. In the present embodiment, the common ROM 311 and the security R 〇 M 31 are implemented in a single R 〇 M. In another embodiment, the segmentation can be performed without affecting the inventive aspects herein. The address decoder circuit 370a is a portion of the decoding circuit 370 for decoding the access to R 〇 M. A similar circuit is provided for the SRAM to interface with other instructions or data. 10 No. Ra, in response to the address decoding signal 406 or 407 corresponding to the common r〇m address or the security address, respectively, thus declaring the address corresponding to the ROM 31Q, 311 on the instruction address bus 33Qa, The driver circuit 400 provides the required command material on the instruction bus 33b. &quot; As mentioned above, false information is provided if access to secure resources is not in secure mode. The gate circuit 404 monitors the hold signal 302 and the secure R〇M decode signal 15 4.07' and if the security R〇M is accessed but the hold signal is not asserted, the driver circuit 400 is caused to pass the invalid data. Security Mode Ministry of Economic Affairs Intellectual Property Office staff consumption, combined printing 20 Figure 4 is a domain 2 online security mode operation access flow chart, which will now be described in more detail. Steps 5QQ, 5〇2, and 5Q4 represent applications executed on the processor 2〇〇 in a normal non-privilege level execution. Sometimes for services in privileged level operations, steps 510, 512, 5M, and 516 do not generate a call 502 to the operating system (〇S). As long as the squad, s s stores the state in 510 and switches to privileged mode; privileged operation in step 514; resumes state in step 516; and returns non-privileged application in 5.4. These two levels of operation are well known. 1313433 A7 Ministry of Economic Affairs Intellectual Property Office Staff Consumption Cooperation. Society Printing 101520 B7 Invention Description (!6 In step 512, the test determines whether the required service is a safe operation; if so, the system will enter a mode called Safe Mode. The third level of security. In step 520, the OS driver performs the housekeeper's work, placing the system in an appropriate state to enter the security mode, which includes the shadowing interrupt; setting the security conditional temporary state 320 to turn off various resources in which the security risk exists; Acknowledging whether the e-memory unit 210 is actuated, such that the page table entry corresponding to the boot sequence is labeled as "non-fast storage buffer," which will be described in further detail later. In step 522, reference is made. 3, jumps to an entry point 410 in the entry sequence 412 located in the public r〇m 311. The entry sequence is a set of stone horses, each time before executing any type of security code on the platform, at, security services Executed when called by the application. This sequence is also executed when the exception to the execution of the interrupted security code is resumed. The entry sequence begins with the address defined in R〇M, which is Hard coded and referred to as the "entry point." The incoming sequence consists of two parts: a hold signal initiation sequence 413 and a secure mode environment setup sequence 414. The purpose of the boot sequence is to replace the execution flow of the processor 20 and ensure that any Other untrusted codes cannot be preempted. At some point during the portion of the sequence, the security signal 302 is declared to enter a secure mode and access to secure resources (ROM, SRAM, peripherals, etc.) is released. The purpose of the ring sequence 414 is to set the environment for full code execution. The advantage is that by setting the security environment, the secure touch can be used to: fast buffer the storage area and operate the interrupt exception. The security signal start sequence 413 is common. R〇m, and the safe mode environment setting sequence 414 is located in the secure ROM. The total code of the incoming paste is -1 8 - This paper size applies to the national standard (CNS) A4 specification (210x297 public)

A7 B7

1313433

10 15 20 Small (part 1 + part 2) needs to be smaller than ] kilobytes so that it can be mapped to a 1 kilobyte page, which is the smallest memory segment in the MMU translation table for this embodiment. In this way, the 'enter sequence virtual address cannot be mapped to two paragraphs' to preferentially occupy part of the breakpoint during the execution of the incoming sequence. The processor. It is also important that the memory page of the incoming sequence is not cacheable, or that the instruction cache is closed when the entry sequence is executed. The Secure Translation Table (STT) 420 and the Secure Interrupt Vector Table (SIVT) 430 will be described subsequently. If the 1 kilobyte code size is seen to be too restrictive for a given embodiment, the MMU can be turned off in the boot sequence 413. And re-actuated at the end of the environmental sequence 414. In this case, the 1 kilobyte limit will only affect the boot sequence. Referring to Figure 4' in step 524, the start sequence is checked with the SSM 300 for correction. The details will be described below with reference to FIG. 5. If the startup sequence is not performed correctly, the SSM 300 announces the violation signal and resets the system in step 540. In step 526, the security environment is set by executing the environment setting sequence 414, as will be described in detail later. As soon as a secure environment is established, the secure operation required by the security code 416 is executed in step 528, as is the case when the non-privileged application is applied at the beginning. In accordance with one aspect of the present invention, security code 416 includes an instruction to write to GPIO latch 318 in step 528.1, which activates security mode indicator 319 only in the secure mode. The security code 416 can then ask the user to provide confidential information in step 528.2, and then close the security mode indicator by rewriting the GPIO latch in step 528.3. In step 5284, the implementation of the -19- paper scale applies to the national standard (CNS) A4 specification (2丨〇 297 297 mm) 1313433 A7 V. Description of the invention 5

ο 1A

5 IX Ministry of Economic Affairs Intellectual Property Bureau employee consumption cooperative printing 20 plus security processing. It should be known that this special order ship is used for the domain. The safety mode indicator Wei Xing is in the open, t - ^, Wang Duo Li. For example, you can turn on the security mode and you don't want to "close," and then turn it on again. The Money 2 sequence can be implemented by the application. /,, after he completed the safe operation, the normal way of leaving the full mode in the (4) 53Q towel is to leave the phase in the safety ROM and jump to the "normal_sequence" ^ often away from the shape of the _ riding a good paste and ensure The protection of the private grace when leaving. The normal leave sequence can be located anywhere in Security_; the Secret State Engine towel does not have a hard-coded address check. In the safe mode, the SSM 300 continues to monitor the signals 321_327 and 331. SSM can reduce this violation by Wei Qicong. When the exclusive violation of the security mode is strong, SSM has a “county credit” to create a security violation, as shown by arc 542. Violation of the overall reset of the starter device. Security Violation of the drive SSM to a blocked state that can only be removed by resetting. The following violations can be detected: Violation 1 - Get the instruction at the address outside the full ROM and RAM address range; Violation 2 - Reset processor 200; Violation of 3_Brake test, simulation or debug feature. When the exception occurs, the processor 200 jumps to the corresponding exception in the interrupt vector table (|vj): ' From there, it is redirected to the specific interrupt routine.丨VT is generally managed by 〇S, but it is not in security. Therefore, its content is not protected and cannot be trusted. In addition, as far as the security point of view is concerned, there are two reasons for not allowing the processor to jump directly to the exception vector: (1) it does not conform to the overall security mechanism; it is considered to be a breach of security address outside the scope of the secure memory address; (2) The fast buffer storage area and the processor register are filled with "private"

-20- This paper scale applies to the national standard (CNS) A4 specification (210; &lt; 297 mm) A7 B7 19 1313433 V. Invention description ',; release the queen bit and remove it before executing the non-security code. In order to allow interrupts in safe mode, a secure IVT is required. 5

5 IX Ministry of Economic Affairs Intellectual Property Bureau employee consumption cooperative printing 20 Figure 5 is a state diagram detailing the operation status of the security state engine. The security state engine declares the security "into the security mode" at some point during the execution sequence in R〇M. This part of the sequence is intended to produce a defined sequence of events on the signals detected by the Warranty State Engine. These events ensure that the conditions required to set the hold signal are met and can be searched by SSM. Surveillance, condition, and signal throughout the boot sequence. If any entry conditions do not match or cease to be valid at the end of the startup sequence, the security state engine will transition to violation status 630 and declare a violation violation signal 3〇4. There are two key objectives behind the SSM monitoring entry conditions: ("Processor 2 is capturing and overriding the execution of the serial code; (2) Trusted code has completely replaced the CPU execution process, unless controlled operations, Nothing can be preempted without being detected before the preserving signal is set. The constructor of the initiating program is a unique prototype generated on the instruction address bus. The prototype is the (actual) address value of the starting sequence code and Made at the relative timing of time, these addresses should appear on the busbar. However, the prototype is made independent of the memory system access latency. The exact boot sequence bus topology is derived from the simulation and hard coding in SSM. The SSM thus ensures full compliance with the boot sequence bus prototype. Typically, the final instruction of the boot sequence is a branch instruction and is different from the fast buffer clear instruction or the fast buffer close instruction, all other instructions in the startup sequence. Both are N〇p instructions. After entering the female full mode and the declaration signal has been declared, the entry condition does not need to have a - 21 - paper scale Applicable to China National Standard (CNS) A4 specification (210 x 297 mm) Ministry of Economic Affairs Intellectual Property Bureau employee consumption cooperation 钍 Printing 1313433 Α7 Β7 V. Invention description (2〇) Effective, and SSM does not continuously test it. But SSM continues to detect Each signal is measured to detect a safety mode violation, which will be described below. After the effective entry into the safety memory, the safety mode departure condition is tested. Refer to Figure 5 'State 600 is an idle state during which time 5 monitoring address convergence Row 330, looking for the entry point address (ESA[EP]) of the incoming sequence. As soon as an entry point address is detected, if all entry conditions are met, 'SSM transitions to state 601; if not, then transitions to announce violation signal 304 Violation state 630. The state must pass through each state 601-615 by detecting the correct entry of the sequence address and the corresponding entry condition signal, otherwise the SSM transitions to the violation state 63CN. If these sequences pass without error, then enter security. Mode state 62Q and declares a hold signal 302. For example, to transition from state 600 to state 601, the address of the entry point command must be along with all correct condition signals. The next occurrence address must be the address of the next 15 sequence instruction to transition to state 602, otherwise the SSM transitions to the violation state 630. In a similar method, the address of the startup sequence must appear to Transitioning to state 602-615' and eventually to safe mode state 62CN, an error address, address timing, or erroneous change in a conditional signal will cause a transition to violation state 630, as indicated by dispatch line 6〇1a. If the 20 status signal indicates that any of the boot sequence accesses are cacheable, the boot sequence will fail. In the safe mode state 620, and in the valid check to indicate that the secure memory has been entered into the secure memory routine. After the address of (ESA[SR]), if the SSM is detected by the SSM located in the public ROM, the SSM transitions back to -22- This paper scale applies to the CNS A4 specification (21〇χ2?Γ ^3-' ' ---

1313433 A7 B7

ο IX

5 IX Ministry of Economic Affairs Intellectual Property Bureau Η Consumption Cooperation: ί! Printing 20 V. Invention Description (21)

The idle mode 600 is shown as a ghost line 621. If the address is detected by RsM or SSM outside the SRAM or if the violation is preserved with an error in the monitored signal, the SSM transitions to a violation state 630, as indicated by arc 622. There is no need to close the instruction cache buffer during the startup sequence; the inability to quickly buffer the storage is sufficient to ensure the integrity of the incoming sequence. However, turning off the fast buffer storage area will eliminate the intrusion attempt based on the improper use of the fast buffer storage area clearing mechanism. Safe mode environment setting sequence

Referring back to FIG. 4, in step 526, the security Wei is set by executing the environment setting R4 from the security R〇M. The purpose of this sequence is to set a proper view for safe and smooth operation. Safety ring agency Xu mining program and data quick buffer storage area, real-time situation and potential MM (J. These steps in the specific - some specific security mode, a marriage system, called the start sequence before the normal ^ ^ 0S implementation As mentioned above, the security mode cannot rely on the basic operation. Therefore, the environment setting paste needs to perform part of the background switching operation such as fast _ surface clearing and TLB clearing the integrity of the domain. An exemplary implementation of the integrated circuit of the present invention, such as a mobile personal digital assistant (PDA), having a display 14 and sensing around the display 14, is illustrated in the mobile device

12a, 12b. Digital $ 姑 - 人 H ^ J 心 · Charge 10 packs 3 as dead unit in Figure 1, connected (not shown) to the input sense · H12b, as Mpu

1313433 V. Description of invention

ο ΊΑ 5 1Α Employees of the Ministry of Science and Technology of the Ministry of Economic and Social Affairs, the consumer cooperation technology printing 32 20 I2h around 142. The stylus or finger can be used to input the information to the PDA via the input sensor 12a. Display 14 is coupled to dead bit unit 100 via a local time frame buffer similar to a time frame buffer. The display 14 provides image and video output such as in the MPEG video view f 14a and the shared text file window 14c. A radio frequency (RF) circuit system (not shown) is coupled to the antenna 18, which is a bit unit, a crane as a Dsp private peripheral, and a recording wireless network routing connector 20 connected to an electrical adapter 'data machine (not shown) And from the wide link to the megabit unit · as a DSP private perimeter ·, provide a wired network key for the example of a butterfly H ring shot quiet H brewing pro 23, also connected to, 'headset 22, and is connected to the megabit Unit·as a low-power transmitter of the private perimeter of the coffee room ^not shown ^ is driven by the wind and is also connected to the inspection unit in a similar way, because it is transferred to a microphone and wireless headset 22 and wireless or cable Its makers exchange two-way information. The inspection unit 100 provides all encoding and decoding of sound and video/image information transmitted and received via a wireless network chain and/or a wire-based network link. The gamma is also provided by the inspection unit. As described herein, the 'safe mode indicator light % is controlled by - off, which can only be turned on by the execution code when the megabit unit 100 is executing in the female full mode. The secure pull indicator light 30 is used to instruct the user of the PDA 1 to provide confidential information for the application executing on the PDA. In this method, ρ[)Α 10 provides solutions to the e-commerce (e_business) and mobile commerce (m-business) preservation issues proposed in the mobile phone environment. )A4 secret (21Qjj97

1313433 V. Invention Description (23 S U20 Ministry of Economic Affairs Intellectual Property Bureau employee consumption contract printing system 7 B7 Pre-J Xu other types of communication systems and computer systems can also be obtained from this month! Other computer systems of It class Examples include building-type computers, medicine-based phones, Internet telephony, etc. Because of the desktop and line power supply (丨: 2^ computer systems and microcontroller applications are also concerned about security issues, especially from the point of view of the secret It is considered that the present invention is also expected to benefit such a line power supply system. The eight-number system, the first 100 manufacturing involves implanting different amounts of impurities into the semiconductor substrate and diffusing impurities to a selected depth within the substrate to form electricity. A step of the crystal device. A mask is formed to control the position of the impurity. The deposition of the non-engraved multilayer conductive material and the insulating material is interconnected with the devices. This is suspended under the clean room ring. The cost of the towel, the test is very significant. In the form of wafers, the "speaking operation function of the station is done as a probe test. Then the wafer is divided into individual blocks, which can be bare or packaged. In the case of the seal, the part will be partially biased to the operating state and tested for the operational function. The term, applied,,,,,,,,,,,,,,,,,,,,, The position of the component in the electrical connection path. The related "refers to the control relationship" such as the memory resource controlled by the relevant 。. The term declaration, the invalidation method to avoid the mixing of the processing start high and the start low. Yes, the announcement is used to indicate that the signal is present or logically true. Cancellation and invalidation are used to indicate that a signal is rendered off or logically non-existent. The digital system thus has a female all-in-one that is built into the processor system in a non-intrusive manner. (third privilege level), the processor system package processor

1313433

, invention description Printed by the Department of Intellectual Property of the Department of Intellectual Property, 0 0 0 0 1 1 . 2 Haixin, command and processing fast buffer storage area, write buffer and memory management unit. The security fine mode is located on the platform, and the towel-only software is stored in the ROM code. In particular, 〇s are not trusted for all essential applications and are not trusted. The security mode indication is to inform the user that the device is in security mode. Although the invention has been described with reference to the preferred embodiments, this description is not intended to be limiting. Those skilled in the art will be able to understand various other embodiments of the present invention by referring to this description. For example, the security mode aspect described herein can be used to improve all hacking types such as reduced instruction set operations (R|SC.), complex instruction set operations (CISC), wide blocks, DSPs, and the like. In another embodiment, the secure environment can be extended to share secure resources among several initiator resources, such as DSPs. In this embodiment, the state engine can be monitored to monitor each indicator resource to enforce the above-described security principles. In various embodiments, there may be different supplements for secure hardware, including peripherals such as watchdog timers, encryption/decryption hardware accelerators, random number generators (RNGs), etc.; and various 丨/〇 devices such as keyboards, LCDs 'Touch camp and so on. Referring again to Figure 1, in another embodiment, the second SSM can be located in the DSP button 4, and a security signal is generated in a similar manner on the processor 1200 for use by the secure software layer executing on the DSP 104. In this embodiment, the bustling version of the security signal can be incorporated into the traffic control bus 110 so that the various processes initiated by the processor 102 or the DSP 104 can access secure resources, such as a security signal generated by each SSM. The specific shared perimeter 116. Referring to 圊1, in another embodiment, the preservation signal may extend beyond -26- This paper scale applies to China National Standard (CNS) A4 specification (210 X 297 mm). Ministry of Economic Affairs Intellectual Property Bureau employee consumption cooperation 钍 printing 1313433 A7 B7 V. INSTRUCTIONS (25) The megabit unit 100 enables the third level of resources to operate in a secure manner. The start sequence, the environment set sequence, and the leave sequence are all subject to the needs of the various embodiments. For example, different command pipeline lengths and different fast buffer storage 5 area line lengths need to be changed in the startup sequence. In another embodiment, the housekeeping performed in step 520 can be incorporated into the initiation sequence. In another embodiment, the means of entering the secure mode may be different from the SSM described herein. As long as the safe mode operation is obtained by any means, the safety mode indicator available only when in the safe mode can be accessed to indicate that the ten-home system is operated in the safe mode. In another embodiment, a means other than a GPI(R) latch can be provided to activate the safety mode indicator. For example, a bit from the hold control register 319 can be used. Similarly, a bit from one of the security devices 316a or 316b can be employed. The main requirement is that the means can be stored only in safe mode. In another embodiment, the security mode indicator can be responsive to the security signal such that the security mode indicator is fully activated when the processor is in the secure mode. However, in this embodiment, the user can be aware that the indicator is in the text mode, and thus is not intended to be a preferred embodiment. Referring to Figure 2, security device 316a can be an input device for receiving confidential information from a user. In this way, the input device can be actuated to receive confidential information only when the system is operating in a secure mode. Figure 2 is intended to show that the safety system is "on. This is not necessary for all embodiments. It can also be used for identification of off-chip devices such as independent fingerprints. Access to external devices -27- This paper size applies. China National Standard (CNS) A4 specification (210 x 297 mm)

[313433

V. Description of invention (26 Ministry of Economic Affairs, Intellectual Property Bureau, Η Consumption Cooperation. Spit printing is a safe mode. In general, the information exchanged with a secure external device, except for the addition and the other, is required to be confidential. When operating the device, the user can see the external security device. If the device is unable to operate outside the security mode, it is less likely for the hacker to deceive the user. See Figure 2 for optional selection. The detection device is fine. The 38CU from the tamper detection detection 38Q provides an indication that the access packet on the envelope containing cp (J 2〇〇 has been tampered with. Then the signal is detected by SSM 3〇〇 380.1, jingle detection When it is tampering, it will not enter the safe mode. Similarly, if it is in the safe mode when the button occurs, the SSM detects the signal 380.1 and leaves the safety mode to indicate a violation, as described above. The Xia-ai detection device can also be external. Off-chip device. SSM can monitor the output of the tamper detection device or board the security GPIO. Since the access to the GR is limited to the security mode, it is impossible to remove it. The money method is The next time you enter the safe mode, the scope of the accompanying patent application is to be considered as any such improvement that encompasses the embodiments of the invention in the true scope and spirit of the invention. 'Specific embodiments in accordance with the present invention are described by way of example only, and similar reference numerals are used in the like, and unless otherwise stated, the 贝 圊 圊 均 均 均 均 均 均 均 , , , , , , , , , A block diagram of a digital system including an embodiment of the present invention in a unit having a multiprocessing core; FIG. 2 is a block diagram of a Mpu block in the system of the first embodiment, which is selected to select a hardware block and Protected by the Safety State Engine (SSM) - 2 8 - Paper Size - 10 15 20 i 1313433 V. Description of the Invention A7 B7 27

ο TA Department of Economics Intellectual Property Office employee consumption cooperative prints the combination of human execution environment dispersion security; Figure 3 is a block diagram showing the ROM content of view 2 and the circuit that separates R〇|\yj into the common part and the security part Figure 4 is a flow chart illustrating the operation of entering the security mode of the system of Figure 2; Figure 5 is an operational state diagram illustrating the security state engine in the system of Figure 2; and Figure 6 illustrates an embodiment of the present invention. Wireless personal digital assistant. Unless otherwise indicated, the corresponding numbers and symbols in the different figures refer to the corresponding parts. Code Description 10 Λ Λ Personal Digital Assistant 12a, 12b Integrated Input Sensor 14 Jk Λ I Display 14a Image Window 14b Shared Text File View 14c 3D Game Window 18 Antenna 20 Connector 22 耳机 Headphone 23 Wireless Link 24 Microphone 30 Safety Mode Indicator Light 100 Megabit Unit 102 Microprocessor 103 Core 104 Digital Signal Processor (DSP) 105 Digital Signal Processor 106 Direct Memory Access Control Core Controller 108 Hardware Accelerator 110 Flow Control Block 113 Memory Body block 116 shared periphery 120a main processor 120b main interface 130 flow controller 132 off-chip memory 134 on-chip memory 136 frame buffer 138 display device 140, 142 private periphery 150 security state engine 152 security signal (SSM) paper National Standards for Standards and Counties (CNS) M Specifications (21()χ297) 1313433 Λ7 B7 Ministry of Economic Affairs Intellectual Property Office Staff Consumer Cooperatives Printed V. Inventions (28) 154 General Purpose Input/Output (GPIO) Latch Bits 155 Security Indicator LED 156 Peripheral Bus Signal 200 Central Processing Unit (CPU) / Processor Subsystem 204 Data Cache Cache 206 Instruction Flash Cache 210 Memory Management Unit (MMU) 300 Security State Engine (SSM) 302 Security Signal 304 Violation Signal 306 Reset Circuit System 310 Security Read Only Memory (ROM) 311 Common Read Only Memory (ROM) 312 Secure Static Random Access Memory (SRAM) 316a, 316b Security Peripheral 318 General Purpose Input/Output (GPIO) Latch 319 Security Control Register/Safe Mode Indicator fuse circuit 321-327 enter condition signal _ 328 330 instruction bus 330a command address bus bar 330b command bus 324 actuation signal 326 device type signal 327 power on signal 331 command interface signal 332 data bus 333 data interface signal 342 Scan Gate 350 Embedded Tracking Macro Unit 360 Interrupt Operator 362, 363 Interrupt Signal 364 Overall Mask Bit 370 Decommissioning Circuit 370a Address Decoder Circuit 380 Tamper Detection Device 380.1 Signal 400 Driver Circuit 404 Gate Circuit 406 Common Only Buy Memory (ROM) encoded signal 407 Secure Read Only Memory (ROM) decoded signal 410 Point -30-

This paper scale applies to China National Standard (CNS) A4 specification (2丨0 JC297 mm) A7 B7 1313433_ V. Invention description (29 413 Security signal startup sequence 414 Security mode environment sequence 416 420 Security code 418 Security read-only memory (ROM) Leave Sequence Safe Translation Table 430 Security Interrupt Vector Table (STT) (SIVT) 500, 502, 504, Step 542, 601a, Arc 510, 512, 514, 516, 520, 522, 524, 526, 528, 528.1, 528.2, 528.3, 528.4, 621, 622 530, 540 600 Idle State 601~605 State 620 Safe mode status 630 Violation status (1), the designated representative figure of this case: Figure 4 (2), the symbol of the symbol of this representative figure: 500,502,504,510,512,514,516,520,522,524,526,528 528.1,528.2, 528.3.528.4, 53Q 540 Intellectual Property of the Ministry of Finance Bureau staff consumption cooperation 钍 printed paper scale applicable to China National Standard (CNS) A4 specifications (210 X 297 public splash)

Claims (1)

1313433 Rnff? 蟢声第,92135673 &amp; 释歧龄厂®〒-attachment (3) ——^^gd.Amended Claims in Chinese - End (Π]] (presented on September 11, 1997) f X. Patent application scope: 1. A method for operating a digital system with a graphic display, comprising: executing an application; displaying the result of the execution step on the display of the figure; by the following steps, entering Sexual part; as a 'ton system' - the safety T to a command to spread the towel - the mosquito ship - enter the address; stop the activation sequence 〇f instructions; and Ί ^ υι To do * towel money management ^ ^ dare to complete the hard-to-start sequence when entering the safe mode operation; 7 double-assisted response to the implementation of the application security county, listen - An (_C_, the security mode indicator Faced in the picture;;, large W mark. /, towel in the * full model knows that 'only can be - letter hard code start safe mode refers to 2. - kind of safety _ standard _ coffee __ show _ unified. One of the central processing units used to execute instructions; : display adapter Display means to one of the central processing units; 八 纽 纽 纽 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ Sexual command-safety ❿5, when it is turned, it can access the secure memory; h' circuit' has its own-output for a security circuit to tilt the security signal; The 'Anwen Wang pull-type dip' female full-mode indicator is independent of the graphic display, and in response to 1313433, the towel is counted as a scale, borrowed, =a, in the -action mode; The security circuit is operable, for monitoring the execution of the activation sequence of instructions, and only when the executor executes the instruction initiation sequence in a pre-order, the party enters the security mode operation list.