Abstract: A processor system with an application and a maintenance function that would interfere with the application if concurrently executed. The processor system comprises a set of processor cores operable in different security and context-related modes, said processors having at least one interrupt input and at least one wait for interrupt output. The processor system also comprises a wait for interrupt expansion circuit responsive to the at least one wait for interrupt output to provide an interrupt signal, at least one of said processor cores operable in response to the interrupt signal to schedule a maintenance function separated in time from execution of the application.

Abstract: An electronic power management system comprising plural processors operable in different security and context-related modes and having respective supply voltage inputs and clock inputs, said processors having at least one interrupt input and at least one wait for interrupt output. The system further comprises a power control circuit operable to configurably adjust supply voltages and clock rates for said supply voltage inputs and clock inputs. The system further comprises a wait for interrupt expansion circuit responsive to the at least one wait for interrupt output to provide an interrupt signal, at least one of said processors operable to configure said power control circuit in response to the interrupt signal.

Abstract: A processing system operable in various execution environments. The system comprises plural processor cores having respective interrupt inputs, respective wait for interrupt outputs, and respective security outputs. The system also comprises a register coupled to at least one of the processor cores for identifying active execution environments. The system also comprises a global interrupt handler operable to selectively route interrupts to one or more of the interrupt inputs of said plural processor cores. The system also comprises a conversion circuit having plural interrupt-related output lines, and said conversion circuit fed with at least some of said respective wait for interrupt outputs and respective security outputs and fed by said register.

Abstract: An electronic interrupt circuit includes an interrupt-related input line, a security-related status input line, a context-related status input line, and a conversion circuit having plural interrupt-related output lines and selectively operable in response to an interrupt-related signal on said interrupt-related input line depending on an active or inactive status of each of said security-related status input line and said context-related status input line.

Abstract: An electronic configuration circuit includes a processing circuit (2610) operable for executing instructions and responsive to interrupt requests and operable in a plurality of execution environments (EE) selectively wherein a said execution environment (EE) is activated or suspended, a first configuration register (SCR) coupled to the processing circuit (2610) for identifying the interrupt request as an ordinary interrupt request IRQ when the execution environment (EE) is activated (EE_Active); and a second configuration register (SSM_FIQ_EE_y) for associating an identification of that execution environment (EE) with the same interrupt request, the processing circuit (2610) coupled (5910) to the second configuration register (SSM_FIQ_EE_y) to respond to the same interrupt request as a more urgent type of interrupt request when that execution environment (EE) is suspended (5920).

Abstract: An electronic configuration circuit includes a processing circuit (2610) operable for executing instructions and responsive to interrupt requests and operable in a plurality of execution environments (EE) selectively wherein a said execution environment (EE) is activated or suspended, a first configuration register (SCR) coupled to the processing circuit (2610) for identifying the interrupt request as an ordinary interrupt request IRQ when the execution environment (EE) is activated (EE_Active); and a second configuration register (SSM_FIQ_EE_y) for associating an identification of that execution environment (EE) with the same interrupt request, the processing circuit (2610) coupled (5910) to the second configuration register (SSM_FIQ_EE_y) to respond to the same interrupt request as a more urgent type of interrupt request when that execution environment (EE) is suspended (5920).

Abstract: An electronic configuration circuit includes a processing circuit (2610) operable for executing instructions and responsive to interrupt requests and operable in a plurality of execution environments (EE) selectively wherein a said execution environment (EE) is activated or suspended, a first configuration register (SCR) coupled to the processing circuit (2610) for identifying the interrupt request as an ordinary interrupt request IRQ when the execution environment (EE) is activated (EE_Active); and a second configuration register (SSM_FIQ_EE_y) for associating an identification of that execution environment (EE) with the same interrupt request, the processing circuit (2610) coupled (5910) to the second configuration register (SSM_FIQ_EE_y) to respond to the same interrupt request as a more urgent type of interrupt request when that execution environment (EE) is suspended (5920).

Abstract: An electronic interrupt circuit includes an interrupt-related input line (4235), a security-related status input line (4236), a context-related status input line (4237), and a conversion circuit (4234A) having plural interrupt-related output lines (4245) and selectively operable in response to an interrupt-related signal on said interrupt-related input line (4235) depending on an active or inactive status of each of said security-related status input line (4236) and said context-related status input line (4237).

Abstract: An electronic system (1400) includes a processor (1422, 2610) having a pipeline, a bus (2655) coupled to the pipeline, a storage (1435, 1440, 2650) coupled to the bus (2655), the storage (1435, 2650) having a real time operating system (RTOS) and a real-time application, a non-real-time operating system (HLOS), a secure environment kernel (SE), and a software monitor (2310); and protective circuitry (2460) coupled to the processor and operable to establish a first signal (VP1_Active) and a second signal (NS) each having states and together having combinations of the states representing a first category (2430) for the real-time operating system and the real-time application, a second category (2420) for the non-real-time operating system, and a third category (2450) for the secure environment kernel.

Abstract: In at least some embodiments, a system comprises a processor and a direct memory access (DMA) subsystem coupled to the processor. The system further comprises a component coupled to the DMA subsystem via an interconnect employing security rules, wherein, if the component requests a DMA channel, the DMA subsystem restricts usage of the DMA channel based on the security rules.

Abstract: A system comprising a processor adapted to activate multiple security levels for the system and a monitoring device coupled to the processor and employing security rules pertaining to the multiple security levels. The monitoring device restricts usage of the system if the processor activates the security levels in a sequence contrary to the security rules.

Abstract: A system and method for detecting a security violation using an error correction code. Some illustrative embodiments may be a method used in a computing system comprising reading a codeword comprising data and an error correction code (ECC) (the ECC associated with the data), deriving an error location polynomial (ELP) from the codeword, determining a total number of codeword errors from the ELP, and preventing access to the data within the codeword if the total number of codeword errors exceeds a maximum number of correctable errors.

Abstract: A system comprising a processor adapted to activate multiple privilege levels for the system, a monitoring unit coupled to the processor and employing security rules pertaining to the multiple privilege levels, and a memory management unit (MMU) coupled to the monitoring unit and adapted to partition memory into public and secure memories. If the processor switches privilege levels while the MMU is disabled, the monitoring unit restricts usage of the system. If the processor accesses the public memory while in a privilege level not authorized by the security rules, the monitoring unit restricts usage of the system.

Abstract: Systems and methods for a multi-sharing security firewall are provided. Embodiments of a memory security firewall apparatus are provided that include region configuration logic, region selection logic, and access validation logic. The region configuration logic is operable to define memory protection regions of a target memory, each memory protection region having two initiator groups and two sets of access attribute combinations, one for each initiator group. The region selection logic is operable to select a memory protection region that includes the address of a target memory access request from a system initiator. The access validation logic is operable to allow the requested memory access if the system initiator is in one of the initiator groups of the memory protection region selected by the region selection logic, and the combination of access attributes is in a set of access attribute combinations of the memory protection region.

Abstract: A method for detecting a stack buffer overflow attack is provided that includes receiving a memory access request from a processor core of a system, and determining that the memory access request indicates a stack buffer overflow attack. The method may further include preventing completion of the memory access request and/or executing a security violation response. A system is also provided that includes a processor core coupled to a plurality of busses and an execution stack in a random access memory coupled to the plurality of busses. The system further includes a buffer overflow protection (BOP) logic coupled to the plurality of busses to receive memory access requests from the plurality of busses. The BOP logic is operable to detect a buffer overflow attack comprising a memory access request addressing the execution stack initiated by a program executing on the processor core.

Abstract: A system and method for detecting a security violation using an error correction code. Some illustrative embodiments may be a method used in a computing system comprising reading a codeword comprising data and an error correction code (ECC) (the ECC associated with the data), deriving an error location polynomial (ELP) from the codeword, determining a total number of codeword errors from the ELP, and preventing access to the data within the codeword if the total number of codeword errors exceeds a maximum number of correctable errors.

Abstract: A system and method of identifying and preventing security violations within a computing system. Some exemplary embodiments may be a method comprising monitoring activity on a core bus coupled to a processor core (the processor core operating in a computing system), identifying activity on the core bus as a security violation, and preventing execution of an instruction within the processor core in response to the security violation.

Abstract: A computing system comprising a processor having a first and second bus (the processor on a first semiconductor die mounted within a semiconductor package), a monitoring device coupled to both the first and second bus of the processor (the monitoring device on the first semiconductor die mounted within the semiconductor package), a memory coupled to the processor via the first bus (coupled to the monitoring device via a security signal, the memory on a second semiconductor die mounted within the semiconductor package), and a user interface external of the semiconductor package (the user interface coupled to the processor via the second data and instruction bus). The monitoring device checks one or both of the first and second busses to determine whether a secure mode entry sequence is delivered to the processor. The first bus and the security signal are only coupled to and accessible by devices within the semiconductor package.

Abstract: A method and system of ensuring integrity of a secure mode entry sequence. At least some of the exemplary embodiments may be a method comprising transferring a plurality of instructions to a microprocessor, wherein the instructions prepare the processor for entry into a secure mode of operation. The instructions comprise flushing the processor pipelines and removing contents of at least some processor caches and buffers.