CN110337652A - 芯片的访问方法、安全控制模块、芯片和调试设备 - Google Patents
芯片的访问方法、安全控制模块、芯片和调试设备 Download PDFInfo
- Publication number
- CN110337652A CN110337652A CN201880000241.2A CN201880000241A CN110337652A CN 110337652 A CN110337652 A CN 110337652A CN 201880000241 A CN201880000241 A CN 201880000241A CN 110337652 A CN110337652 A CN 110337652A
- Authority
- CN
- China
- Prior art keywords
- chip
- commissioning device
- authentication information
- private key
- debugging interface
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
-
- G—PHYSICS
- G01—MEASURING; TESTING
- G01R—MEASURING ELECTRIC VARIABLES; MEASURING MAGNETIC VARIABLES
- G01R31/00—Arrangements for testing electric properties; Arrangements for locating electric faults; Arrangements for electrical testing characterised by what is being tested not provided for elsewhere
- G01R31/28—Testing of electronic circuits, e.g. by signal tracer
- G01R31/317—Testing of digital circuits
- G01R31/31719—Security aspects, e.g. preventing unauthorised access during test
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/74—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/75—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by inhibiting the analysis of circuitry or operation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/034—Test or assess a computer or a system
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Mathematical Physics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
本申请部分实施例提供了一种芯片的访问方法、安全控制模块、芯片和调试设备。芯片的访问方法,应用于芯片,包括:在检测到调试设备后,触发对调试设备的安全认证,调试设备上插有安全卡,安全卡内预存有第一私钥;从调试设备获取第一认证信息,第一认证信息为调试设备至少基于第一私钥生成的第一认证信息;根据第一认证信息判断调试设备是否通过认证;如果调试设备通过认证,则将调试接口打开,允许调试设备通过调试接口对芯片进行访问。采用本申请的实施例,有利于提高调试设备访问芯片时的安全性、方便性和灵活性。
Description
PCT国内申请,说明书已公开。
Claims (14)
- PCT国内申请,权利要求书已公开。
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/CN2018/074451 WO2019144403A1 (zh) | 2018-01-29 | 2018-01-29 | 芯片的访问方法、安全控制模块、芯片和调试设备 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110337652A true CN110337652A (zh) | 2019-10-15 |
CN110337652B CN110337652B (zh) | 2023-03-17 |
Family
ID=67394461
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201880000241.2A Active CN110337652B (zh) | 2018-01-29 | 2018-01-29 | 芯片的访问方法、安全控制模块、芯片和调试设备 |
Country Status (4)
Country | Link |
---|---|
US (1) | US11093600B2 (zh) |
EP (1) | EP3543881B1 (zh) |
CN (1) | CN110337652B (zh) |
WO (1) | WO2019144403A1 (zh) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111046372A (zh) * | 2019-12-04 | 2020-04-21 | 深圳模微半导体有限公司 | 在通信设备间进行信息安全认证的方法、芯片以及电子设备 |
CN111464313A (zh) * | 2020-03-31 | 2020-07-28 | 北京隆普智能科技有限公司 | 一种多接口认证终端及其使用方法 |
CN112860497A (zh) * | 2021-01-28 | 2021-05-28 | 无锡众星微***技术有限公司 | 芯片调试使能控制方法 |
CN112904182A (zh) * | 2021-01-28 | 2021-06-04 | 无锡众星微***技术有限公司 | 测试模式进入控制方法 |
CN114024878A (zh) * | 2021-11-18 | 2022-02-08 | 芯翼信息科技(上海)有限公司 | 数据传输方法、装置、介质和设备 |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11280829B1 (en) * | 2019-12-19 | 2022-03-22 | Xlnx, Inc. | System-on-chip having secure debug mode |
US11443071B2 (en) * | 2020-02-13 | 2022-09-13 | SiFive, Inc. | Secure debug architecture |
CN112100691A (zh) * | 2020-09-11 | 2020-12-18 | 浪潮(北京)电子信息产业有限公司 | 一种硬件调试接口的保护方法、保护***及可编程控制器 |
CN112444735B (zh) * | 2020-11-27 | 2023-06-13 | 成都海光集成电路设计有限公司 | 可安全配置的芯片及其操作方法 |
TWI818221B (zh) * | 2020-12-31 | 2023-10-11 | 新唐科技股份有限公司 | 可認證晶片外部除錯功能韌體程式與除錯使用者的晶片與方法 |
CN112732586B (zh) * | 2021-01-20 | 2024-06-07 | 山东云海国创云计算装备产业创新中心有限公司 | 一种芯片调试方法、***、设备及计算机可读存储介质 |
CN113297091B (zh) * | 2021-06-18 | 2022-04-29 | 海光信息技术股份有限公司 | SoC芯片的调试方法、装置及SoC芯片 |
CN114520727B (zh) * | 2022-04-15 | 2022-06-21 | 广州万协通信息技术有限公司 | 安全芯片数据防护方法及*** |
Citations (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060282734A1 (en) * | 2005-05-23 | 2006-12-14 | Arm Limited | Test access control for secure integrated circuits |
CN101013958A (zh) * | 2006-12-22 | 2007-08-08 | 华为技术有限公司 | 心跳实现方法及***、模块 |
US20070271461A1 (en) * | 2006-05-22 | 2007-11-22 | General Dynamics C4 Systems, Inc. | Method for managing operability of on-chip debug capability |
CN101169809A (zh) * | 2006-10-24 | 2008-04-30 | 展讯通信(上海)有限公司 | 一种安全的jtag连接认证***及其认证方法 |
US20090165111A1 (en) * | 2007-12-21 | 2009-06-25 | General Instrument Corporation | Method and apparatus for secure management of debugging processes within communication devices |
US20090193230A1 (en) * | 2008-01-30 | 2009-07-30 | Ralf Findeisen | Computer system including a main processor and a bound security coprocessor |
CN101620656A (zh) * | 2009-07-29 | 2010-01-06 | 深圳国微技术有限公司 | 安全jtag模块及保护芯片内部信息安全的方法 |
CN102301375A (zh) * | 2009-01-30 | 2011-12-28 | 飞思卡尔半导体公司 | 用于市场返修的认证调试访问 |
CN103207965A (zh) * | 2013-03-13 | 2013-07-17 | 杭州华三通信技术有限公司 | 一种虚拟环境下License认证的方法及装置 |
CN103413161A (zh) * | 2013-07-30 | 2013-11-27 | 复旦大学 | 一种可切换为安全模式的电子标签及切换的方法 |
US20150055161A1 (en) * | 2013-08-21 | 2015-02-26 | Systel Business Equipment Co., Inc. | System and Method for Authentication |
US20170188232A1 (en) * | 2009-01-28 | 2017-06-29 | Headwater Partners I Llc | Security, Fraud Detection, and Fraud Mitigation in Device-Assisted Services Systems |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6151688A (en) * | 1997-02-21 | 2000-11-21 | Novell, Inc. | Resource management in a clustered computer system |
US10771448B2 (en) * | 2012-08-10 | 2020-09-08 | Cryptography Research, Inc. | Secure feature and key management in integrated circuits |
CN105871873A (zh) * | 2016-04-29 | 2016-08-17 | 国家电网公司 | 一种用于配电终端通信的安全加密认证模块及其方法 |
-
2018
- 2018-01-29 CN CN201880000241.2A patent/CN110337652B/zh active Active
- 2018-01-29 WO PCT/CN2018/074451 patent/WO2019144403A1/zh unknown
- 2018-01-29 EP EP18875000.4A patent/EP3543881B1/en active Active
-
2019
- 2019-05-17 US US16/416,125 patent/US11093600B2/en active Active
Patent Citations (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060282734A1 (en) * | 2005-05-23 | 2006-12-14 | Arm Limited | Test access control for secure integrated circuits |
US20070271461A1 (en) * | 2006-05-22 | 2007-11-22 | General Dynamics C4 Systems, Inc. | Method for managing operability of on-chip debug capability |
CN101169809A (zh) * | 2006-10-24 | 2008-04-30 | 展讯通信(上海)有限公司 | 一种安全的jtag连接认证***及其认证方法 |
CN101013958A (zh) * | 2006-12-22 | 2007-08-08 | 华为技术有限公司 | 心跳实现方法及***、模块 |
US20090165111A1 (en) * | 2007-12-21 | 2009-06-25 | General Instrument Corporation | Method and apparatus for secure management of debugging processes within communication devices |
US20090193230A1 (en) * | 2008-01-30 | 2009-07-30 | Ralf Findeisen | Computer system including a main processor and a bound security coprocessor |
US20170188232A1 (en) * | 2009-01-28 | 2017-06-29 | Headwater Partners I Llc | Security, Fraud Detection, and Fraud Mitigation in Device-Assisted Services Systems |
CN102301375A (zh) * | 2009-01-30 | 2011-12-28 | 飞思卡尔半导体公司 | 用于市场返修的认证调试访问 |
CN101620656A (zh) * | 2009-07-29 | 2010-01-06 | 深圳国微技术有限公司 | 安全jtag模块及保护芯片内部信息安全的方法 |
CN103207965A (zh) * | 2013-03-13 | 2013-07-17 | 杭州华三通信技术有限公司 | 一种虚拟环境下License认证的方法及装置 |
CN103413161A (zh) * | 2013-07-30 | 2013-11-27 | 复旦大学 | 一种可切换为安全模式的电子标签及切换的方法 |
US20150055161A1 (en) * | 2013-08-21 | 2015-02-26 | Systel Business Equipment Co., Inc. | System and Method for Authentication |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111046372A (zh) * | 2019-12-04 | 2020-04-21 | 深圳模微半导体有限公司 | 在通信设备间进行信息安全认证的方法、芯片以及电子设备 |
CN111046372B (zh) * | 2019-12-04 | 2023-05-23 | 深圳模微半导体有限公司 | 在通信设备间进行信息安全认证的方法、芯片以及电子设备 |
CN111464313A (zh) * | 2020-03-31 | 2020-07-28 | 北京隆普智能科技有限公司 | 一种多接口认证终端及其使用方法 |
CN111464313B (zh) * | 2020-03-31 | 2021-12-28 | 北京汇量山河信息科技有限公司 | 一种多接口认证终端及其使用方法 |
CN112860497A (zh) * | 2021-01-28 | 2021-05-28 | 无锡众星微***技术有限公司 | 芯片调试使能控制方法 |
CN112904182A (zh) * | 2021-01-28 | 2021-06-04 | 无锡众星微***技术有限公司 | 测试模式进入控制方法 |
CN112904182B (zh) * | 2021-01-28 | 2021-12-07 | 无锡众星微***技术有限公司 | 测试模式进入控制方法 |
CN114024878A (zh) * | 2021-11-18 | 2022-02-08 | 芯翼信息科技(上海)有限公司 | 数据传输方法、装置、介质和设备 |
Also Published As
Publication number | Publication date |
---|---|
CN110337652B (zh) | 2023-03-17 |
US20190347401A1 (en) | 2019-11-14 |
EP3543881A1 (en) | 2019-09-25 |
WO2019144403A1 (zh) | 2019-08-01 |
EP3543881B1 (en) | 2021-08-11 |
EP3543881A4 (en) | 2020-01-01 |
US11093600B2 (en) | 2021-08-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110337652A (zh) | 芯片的访问方法、安全控制模块、芯片和调试设备 | |
Rosenfeld et al. | Attacks and defenses for JTAG | |
US7810002B2 (en) | Providing trusted access to a JTAG scan interface in a microprocessor | |
US20070162759A1 (en) | Protected port for electronic access to an embedded device | |
US20090204823A1 (en) | Method and apparatus for controlling system access during protected modes of operation | |
Valea et al. | A survey on security threats and countermeasures in IEEE test standards | |
US8171542B2 (en) | Advanced encryption standard to provide hardware key interface | |
Dworak et al. | A call to action: Securing IEEE 1687 and the need for an IEEE test security standard | |
US20080098224A1 (en) | Processes and apparatus for establishing a secured connection with a joint test action group port | |
Kochte et al. | Specification and verification of security in reconfigurable scan networks | |
Hutle et al. | Resilience against physical attacks | |
CN112118240A (zh) | 一种数据获取方法、装置、设备及存储介质 | |
Lee et al. | A brief review on jtag security | |
Chen et al. | Arm PSA-certified IoT chip security: a case study | |
Bhakthavatchalu et al. | Verilog design of programmable JTAG controller for digital VLSI IC’s | |
Rosenfeld et al. | Attacks and defenses for JTAG | |
Merandat et al. | A Comprehensive Approach to a Trusted Test Infrastructure | |
Tshagharyan et al. | Securing test infrastructure of system-on-chips | |
Kumar et al. | A novel holistic security framework for in-field firmware updates | |
Lee et al. | A secure JTAG wrapper for SoC testing and debugging | |
Katsaiti et al. | Real-World Attacks Toward Circuits & Systems Design, Targeting Safety Invasion | |
Chen et al. | Striking a balance between SoC security and debug requirements | |
Chen et al. | SoC security and debug | |
Brauchler et al. | Multi-level access protection for future IEEE P1687. 1 IJTAG networks | |
Hopkins et al. | Ensuring data integrity via ICmetrics based security infrastructure |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |