CN110337652A - 芯片的访问方法、安全控制模块、芯片和调试设备 - Google Patents

芯片的访问方法、安全控制模块、芯片和调试设备 Download PDF

Info

Publication number
CN110337652A
CN110337652A CN201880000241.2A CN201880000241A CN110337652A CN 110337652 A CN110337652 A CN 110337652A CN 201880000241 A CN201880000241 A CN 201880000241A CN 110337652 A CN110337652 A CN 110337652A
Authority
CN
China
Prior art keywords
chip
commissioning device
authentication information
private key
debugging interface
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201880000241.2A
Other languages
English (en)
Other versions
CN110337652B (zh
Inventor
陈道宇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Goodix Technology Co Ltd
Original Assignee
Shenzhen Goodix Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Goodix Technology Co Ltd filed Critical Shenzhen Goodix Technology Co Ltd
Publication of CN110337652A publication Critical patent/CN110337652A/zh
Application granted granted Critical
Publication of CN110337652B publication Critical patent/CN110337652B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • GPHYSICS
    • G01MEASURING; TESTING
    • G01RMEASURING ELECTRIC VARIABLES; MEASURING MAGNETIC VARIABLES
    • G01R31/00Arrangements for testing electric properties; Arrangements for locating electric faults; Arrangements for electrical testing characterised by what is being tested not provided for elsewhere
    • G01R31/28Testing of electronic circuits, e.g. by signal tracer
    • G01R31/317Testing of digital circuits
    • G01R31/31719Security aspects, e.g. preventing unauthorised access during test
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/74Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/75Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by inhibiting the analysis of circuitry or operation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/034Test or assess a computer or a system

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Physics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

本申请部分实施例提供了一种芯片的访问方法、安全控制模块、芯片和调试设备。芯片的访问方法,应用于芯片,包括:在检测到调试设备后,触发对调试设备的安全认证,调试设备上插有安全卡,安全卡内预存有第一私钥;从调试设备获取第一认证信息,第一认证信息为调试设备至少基于第一私钥生成的第一认证信息;根据第一认证信息判断调试设备是否通过认证;如果调试设备通过认证,则将调试接口打开,允许调试设备通过调试接口对芯片进行访问。采用本申请的实施例,有利于提高调试设备访问芯片时的安全性、方便性和灵活性。

Description

PCT国内申请,说明书已公开。

Claims (14)

  1. PCT国内申请,权利要求书已公开。
CN201880000241.2A 2018-01-29 2018-01-29 芯片的访问方法、安全控制模块、芯片和调试设备 Active CN110337652B (zh)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2018/074451 WO2019144403A1 (zh) 2018-01-29 2018-01-29 芯片的访问方法、安全控制模块、芯片和调试设备

Publications (2)

Publication Number Publication Date
CN110337652A true CN110337652A (zh) 2019-10-15
CN110337652B CN110337652B (zh) 2023-03-17

Family

ID=67394461

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201880000241.2A Active CN110337652B (zh) 2018-01-29 2018-01-29 芯片的访问方法、安全控制模块、芯片和调试设备

Country Status (4)

Country Link
US (1) US11093600B2 (zh)
EP (1) EP3543881B1 (zh)
CN (1) CN110337652B (zh)
WO (1) WO2019144403A1 (zh)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111046372A (zh) * 2019-12-04 2020-04-21 深圳模微半导体有限公司 在通信设备间进行信息安全认证的方法、芯片以及电子设备
CN111464313A (zh) * 2020-03-31 2020-07-28 北京隆普智能科技有限公司 一种多接口认证终端及其使用方法
CN112860497A (zh) * 2021-01-28 2021-05-28 无锡众星微***技术有限公司 芯片调试使能控制方法
CN112904182A (zh) * 2021-01-28 2021-06-04 无锡众星微***技术有限公司 测试模式进入控制方法
CN114024878A (zh) * 2021-11-18 2022-02-08 芯翼信息科技(上海)有限公司 数据传输方法、装置、介质和设备

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11280829B1 (en) * 2019-12-19 2022-03-22 Xlnx, Inc. System-on-chip having secure debug mode
US11443071B2 (en) * 2020-02-13 2022-09-13 SiFive, Inc. Secure debug architecture
CN112100691A (zh) * 2020-09-11 2020-12-18 浪潮(北京)电子信息产业有限公司 一种硬件调试接口的保护方法、保护***及可编程控制器
CN112444735B (zh) * 2020-11-27 2023-06-13 成都海光集成电路设计有限公司 可安全配置的芯片及其操作方法
TWI818221B (zh) * 2020-12-31 2023-10-11 新唐科技股份有限公司 可認證晶片外部除錯功能韌體程式與除錯使用者的晶片與方法
CN112732586B (zh) * 2021-01-20 2024-06-07 山东云海国创云计算装备产业创新中心有限公司 一种芯片调试方法、***、设备及计算机可读存储介质
CN113297091B (zh) * 2021-06-18 2022-04-29 海光信息技术股份有限公司 SoC芯片的调试方法、装置及SoC芯片
CN114520727B (zh) * 2022-04-15 2022-06-21 广州万协通信息技术有限公司 安全芯片数据防护方法及***

Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060282734A1 (en) * 2005-05-23 2006-12-14 Arm Limited Test access control for secure integrated circuits
CN101013958A (zh) * 2006-12-22 2007-08-08 华为技术有限公司 心跳实现方法及***、模块
US20070271461A1 (en) * 2006-05-22 2007-11-22 General Dynamics C4 Systems, Inc. Method for managing operability of on-chip debug capability
CN101169809A (zh) * 2006-10-24 2008-04-30 展讯通信(上海)有限公司 一种安全的jtag连接认证***及其认证方法
US20090165111A1 (en) * 2007-12-21 2009-06-25 General Instrument Corporation Method and apparatus for secure management of debugging processes within communication devices
US20090193230A1 (en) * 2008-01-30 2009-07-30 Ralf Findeisen Computer system including a main processor and a bound security coprocessor
CN101620656A (zh) * 2009-07-29 2010-01-06 深圳国微技术有限公司 安全jtag模块及保护芯片内部信息安全的方法
CN102301375A (zh) * 2009-01-30 2011-12-28 飞思卡尔半导体公司 用于市场返修的认证调试访问
CN103207965A (zh) * 2013-03-13 2013-07-17 杭州华三通信技术有限公司 一种虚拟环境下License认证的方法及装置
CN103413161A (zh) * 2013-07-30 2013-11-27 复旦大学 一种可切换为安全模式的电子标签及切换的方法
US20150055161A1 (en) * 2013-08-21 2015-02-26 Systel Business Equipment Co., Inc. System and Method for Authentication
US20170188232A1 (en) * 2009-01-28 2017-06-29 Headwater Partners I Llc Security, Fraud Detection, and Fraud Mitigation in Device-Assisted Services Systems

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6151688A (en) * 1997-02-21 2000-11-21 Novell, Inc. Resource management in a clustered computer system
US10771448B2 (en) * 2012-08-10 2020-09-08 Cryptography Research, Inc. Secure feature and key management in integrated circuits
CN105871873A (zh) * 2016-04-29 2016-08-17 国家电网公司 一种用于配电终端通信的安全加密认证模块及其方法

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060282734A1 (en) * 2005-05-23 2006-12-14 Arm Limited Test access control for secure integrated circuits
US20070271461A1 (en) * 2006-05-22 2007-11-22 General Dynamics C4 Systems, Inc. Method for managing operability of on-chip debug capability
CN101169809A (zh) * 2006-10-24 2008-04-30 展讯通信(上海)有限公司 一种安全的jtag连接认证***及其认证方法
CN101013958A (zh) * 2006-12-22 2007-08-08 华为技术有限公司 心跳实现方法及***、模块
US20090165111A1 (en) * 2007-12-21 2009-06-25 General Instrument Corporation Method and apparatus for secure management of debugging processes within communication devices
US20090193230A1 (en) * 2008-01-30 2009-07-30 Ralf Findeisen Computer system including a main processor and a bound security coprocessor
US20170188232A1 (en) * 2009-01-28 2017-06-29 Headwater Partners I Llc Security, Fraud Detection, and Fraud Mitigation in Device-Assisted Services Systems
CN102301375A (zh) * 2009-01-30 2011-12-28 飞思卡尔半导体公司 用于市场返修的认证调试访问
CN101620656A (zh) * 2009-07-29 2010-01-06 深圳国微技术有限公司 安全jtag模块及保护芯片内部信息安全的方法
CN103207965A (zh) * 2013-03-13 2013-07-17 杭州华三通信技术有限公司 一种虚拟环境下License认证的方法及装置
CN103413161A (zh) * 2013-07-30 2013-11-27 复旦大学 一种可切换为安全模式的电子标签及切换的方法
US20150055161A1 (en) * 2013-08-21 2015-02-26 Systel Business Equipment Co., Inc. System and Method for Authentication

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111046372A (zh) * 2019-12-04 2020-04-21 深圳模微半导体有限公司 在通信设备间进行信息安全认证的方法、芯片以及电子设备
CN111046372B (zh) * 2019-12-04 2023-05-23 深圳模微半导体有限公司 在通信设备间进行信息安全认证的方法、芯片以及电子设备
CN111464313A (zh) * 2020-03-31 2020-07-28 北京隆普智能科技有限公司 一种多接口认证终端及其使用方法
CN111464313B (zh) * 2020-03-31 2021-12-28 北京汇量山河信息科技有限公司 一种多接口认证终端及其使用方法
CN112860497A (zh) * 2021-01-28 2021-05-28 无锡众星微***技术有限公司 芯片调试使能控制方法
CN112904182A (zh) * 2021-01-28 2021-06-04 无锡众星微***技术有限公司 测试模式进入控制方法
CN112904182B (zh) * 2021-01-28 2021-12-07 无锡众星微***技术有限公司 测试模式进入控制方法
CN114024878A (zh) * 2021-11-18 2022-02-08 芯翼信息科技(上海)有限公司 数据传输方法、装置、介质和设备

Also Published As

Publication number Publication date
CN110337652B (zh) 2023-03-17
US20190347401A1 (en) 2019-11-14
EP3543881A1 (en) 2019-09-25
WO2019144403A1 (zh) 2019-08-01
EP3543881B1 (en) 2021-08-11
EP3543881A4 (en) 2020-01-01
US11093600B2 (en) 2021-08-17

Similar Documents

Publication Publication Date Title
CN110337652A (zh) 芯片的访问方法、安全控制模块、芯片和调试设备
Rosenfeld et al. Attacks and defenses for JTAG
US7810002B2 (en) Providing trusted access to a JTAG scan interface in a microprocessor
US20070162759A1 (en) Protected port for electronic access to an embedded device
US20090204823A1 (en) Method and apparatus for controlling system access during protected modes of operation
Valea et al. A survey on security threats and countermeasures in IEEE test standards
US8171542B2 (en) Advanced encryption standard to provide hardware key interface
Dworak et al. A call to action: Securing IEEE 1687 and the need for an IEEE test security standard
US20080098224A1 (en) Processes and apparatus for establishing a secured connection with a joint test action group port
Kochte et al. Specification and verification of security in reconfigurable scan networks
Hutle et al. Resilience against physical attacks
CN112118240A (zh) 一种数据获取方法、装置、设备及存储介质
Lee et al. A brief review on jtag security
Chen et al. Arm PSA-certified IoT chip security: a case study
Bhakthavatchalu et al. Verilog design of programmable JTAG controller for digital VLSI IC’s
Rosenfeld et al. Attacks and defenses for JTAG
Merandat et al. A Comprehensive Approach to a Trusted Test Infrastructure
Tshagharyan et al. Securing test infrastructure of system-on-chips
Kumar et al. A novel holistic security framework for in-field firmware updates
Lee et al. A secure JTAG wrapper for SoC testing and debugging
Katsaiti et al. Real-World Attacks Toward Circuits & Systems Design, Targeting Safety Invasion
Chen et al. Striking a balance between SoC security and debug requirements
Chen et al. SoC security and debug
Brauchler et al. Multi-level access protection for future IEEE P1687. 1 IJTAG networks
Hopkins et al. Ensuring data integrity via ICmetrics based security infrastructure

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant