Abstract: The disclosure provides a processor checking method, a checking device and a checking system. The method includes acquiring a first access record of the processor to a first memory during a running process, the first access record including reading-operation information; acquiring a second access record of a checking device to a second memory during a replay process, the second access record including first reading-operation information, the first reading-operation information being reading-operation information corresponding to a case in which a first access of the checking device to a same address during the replay process is a reading operation, and determining, based on the first access record and the second access record, whether or not the processor reads during the running process a memory address that is not any one of addresses included in the second access record.

Abstract: The present disclosure provides a processor checking method, a checking device and a checking system. The method includes acquiring an access record to a memory by a processor during a running process, the access record includes a read operation information and a corresponding time information, determining whether there is a read operation information corresponding to a high access authority in the access record, and when there is a read operation information corresponding to a high access authority, determining whether the read operation information corresponding to the high access authority belongs to an unauthorized operation. According to embodiments of the present disclosure, the behavior of the processor reading data from the memory is checked and analyzed, thereby preventing the security problems caused by malicious use of unauthorized reading operation.

Abstract: A method for processing an asynchronous event by a checking device and a checking device are provided, the method including: obtaining an instruction position where a checked processor executes an asynchronous event during a target running process; and executing the asynchronous event at the instruction position during executing a task of the target running process in a manner conforming to predefined behavior, wherein the predefined behavior is a hardware behavior standard of the processor. Obtaining the instruction position and executing the asynchronous event at the instruction position may cause the checking device and the checked processor to process the same asynchronous event at the same instruction position. In this way, during performing security checking on a processor, the method and the device according to the embodiments of the present disclosure may be used to eliminate the influence of the uncertainty factor of the asynchronous event.

Abstract: The disclosure provides an input and output recording device and method, CPU and data read and write operation method thereof. The input and output recording device is provided between a central processor CPU and a peripheral, and is configured to record data read and write operations between the CPU and the peripheral, wherein the data read and write operations comprise a data read and write operation initiated by the peripheral and a data read and write operation initiated by the CPU; the input and output recording device is further configured to request the CPU to process the data read and write operation initiated by the peripheral, and upon receiving an instruction sent by the CPU, send a data packet of the data read and write operation initiated by the peripheral to the CPU.

Abstract: A checking method for a processor is provided. The checking method first determines whether a checked processor satisfies a security-sensitive condition including one or more of security-sensitive instruction, processor running mode, security-sensitive input/output operation, security-sensitive application, and user-defined security level. Then, the checking method checks the checked processor according to a determination result, which further includes: when the checked processor satisfies the security-sensitive condition, checking the checked processor according to a first checking mode; and when the checked processor does not satisfy the security-sensitive condition, checking the checked processor according to a second checking mode; wherein for the same running process of the checked processor, a total checking length of the first checking mode is longer than that of the second checking mode. Also provided is a checking device for a processor and a checking system for a processor.

Abstract: The present disclosure discloses a processor security checking method, system and checking device. The processor security checking method includes: acquiring recording information of data read and write operations between a processor and a peripheral device, where the data read and write operation is a data read and write operation initiated by the processor or a data read and write operation initiated by the peripheral; and determining whether the processor is secure according to the recording information of the data read and write operation and an analysis result on the data read and write operation by the checking device. The embodiments of the present disclosure may detect hardware vulnerabilities and improve the security of hardware usage.

Abstract: The disclosure provides a method, a checking device and a system for determining security of a processor. The method comprises: setting an initial running state of the checking device according to initial running state information of the processor during the target running process, and taking input information of the processor during the target running process as input information of the checking device; causing the checking device to execute a task of the target running process in a manner conforming to predefined behavior to obtain at least one of output information and final running state information of the checking device, wherein the predefined behavior is a standard of hardware behavior of the processor; and determining whether the processor is secure during the target running process according to at least one of the output information and the final running state information of the checking device when the checking device completes the task of the target running process.

Abstract: The disclosure provides a processor checking method, a checking device and a checking system. The method includes acquiring a first access record of the processor to a first memory during a running process, the first access record including reading-operation information; acquiring a second access record of a checking device to a second memory during a replay process, the second access record including first reading-operation information, the first reading-operation information being reading-operation information corresponding to a case in which a first access of the checking device to a same address during the replay process is a reading operation, and determining, based on the first access record and the second access record, whether or not the processor reads during the running process a memory address that is not any one of addresses included in the second access record.

Abstract: The present disclosure provides a processor checking method, a checking device and a checking system. The method includes acquiring an access record to a memory by a processor during a running process, the access record includes a read operation information and a corresponding time information, determining whether there is a read operation information corresponding to a high access authority in the access record, and when there is a read operation information corresponding to a high access authority, determining whether the read operation information corresponding to the high access authority belongs to an unauthorized operation. According to embodiments of the present disclosure, the behavior of the processor reading data from the memory is checked and analyzed, thereby preventing the security problems caused by malicious use of unauthorized reading operation.

Abstract: A method and a device for recording memory access operation information are provided by the present disclosure. The method comprises: recording memory access operations between a processor and a memory during a target running process to form an memory access sequence information of the target running process, wherein each of the memory access operation information in the memory access sequence information includes a memory access type, a memory access address and a memory access data; and determining a final storage state of the memory during the target running process according to the memory access sequence information of the target running process. According to the embodiments of the present disclosure, the final storage state of the memory during the target running process may be obtained by using less storage resources, and the hardware overhead is reduced.

Abstract: A checking method for a processor is provided. The checking method first determines whether a checked processor satisfies a security-sensitive condition including one or more of security-sensitive instruction, processor running mode, security-sensitive input/output operation, security-sensitive application, and user-defined security level. Then, the checking method checks the checked processor according to a determination result, which further includes: when the checked processor satisfies the security-sensitive condition, checking the checked processor according to a first checking mode; and when the checked processor does not satisfy the security-sensitive condition, checking the checked processor according to a second checking mode; wherein for the same running process of the checked processor, a total checking length of the first checking mode is longer than that of the second checking mode. Also provided is a checking device for a processor and a checking system for a processor.

Abstract: The disclosure provides a method, a checking device and a system for determining security of a processor. The method comprises: setting an initial running state of the checking device according to initial running state information of the processor during the target running process, and taking input information of the processor during the target running process as input information of the checking device; causing the checking device to execute a task of the target running process in a manner conforming to predefined behavior to obtain at least one of output information and final running state information of the checking device, wherein the predefined behavior is a standard of hardware behavior of the processor; and determining whether the processor is secure during the target running process according to at least one of the output information and the final running state information of the checking device when the checking device completes the task of the target running process.

Abstract: The disclosure provides an input and output recording device and method, CPU and data read and write operation method thereof. The input and output recording device is provided between a central processor CPU and a peripheral, and is configured to record data read and write operations between the CPU and the peripheral, wherein the data read and write operations comprise a data read and write operation initiated by the peripheral and a data read and write operation initiated by the CPU; the input and output recording device is further configured to request the CPU to process the data read and write operation initiated by the peripheral, and upon receiving an instruction sent by the CPU, send a data packet of the data read and write operation initiated by the peripheral to the CPU.

Abstract: The present disclosure discloses a processor security checking method, system and checking device. The processor security checking method includes: acquiring recording information of data read and write operations between a processor and a peripheral device, where the data read and write operation is a data read and write operation initiated by the processor or a data read and write operation initiated by the peripheral; and determining whether the processor is secure according to the recording information of the data read and write operation and an analysis result on the data read and write operation by the checking device. The embodiments of the present disclosure may detect hardware vulnerabilities and improve the security of hardware usage.

Abstract: A method for processing an asynchronous event by a checking device and a checking device are provided, the method including: obtaining an instruction position where a checked processor executes an asynchronous event during a target running process; and executing the asynchronous event at the instruction position during executing a task of the target running process in a manner conforming to predefined behavior, wherein the predefined behavior is a hardware behavior standard of the processor. Obtaining the instruction position and executing the asynchronous event at the instruction position may cause the checking device and the checked processor to process the same asynchronous event at the same instruction position. In this way, during performing security checking on a processor, the method and the device according to the embodiments of the present disclosure may be used to eliminate the influence of the uncertainty factor of the asynchronous event.

Abstract: A method and a device for recording memory access operation information are provided by the present disclosure. The method comprises: recording memory access operations between a processor and a memory during a target running process to form an memory access sequence information of the target running process, wherein each of the memory access operation information in the memory access sequence information includes a memory access type, a memory access address and a memory access data; and determining a final storage state of the memory during the target running process according to the memory access sequence information of the target running process. According to the embodiments of the present disclosure, the final storage state of the memory during the target running process may be obtained by using less storage resources, and the hardware overhead is reduced.