Board device and method for detecting unsanctioned interference with integral circuit

FIELD: electronics.

SUBSTANCE: device has signaling bus, loaded with clock signal, at least one couple of buses serving for encoding one bit, detector circuit, multiplexer. According to method in case of first value of signal of signal bus two buses of one couple detect same level of signal, and in case of second value of signal of signal bus two buses of one couple detect different signal levels, detect forbidden states during operation of board, change process of system functioning, to generate alarm in that way.

EFFECT: higher reliability of protection.

2 cl, 7 dwg

 

The present invention relates to a circuit device for detecting tampering of the integrated circuit containing the signal bus, loaded with a clock signal, and at least one pair of tires, is used to encode one bit, and the signal bus and at least one pair of tires is included between the first and second blocks of the integrated circuit.

Many schemes are used, for example, in microprocessors, networks with relay access or other blocks of data, require protected from physical interventions and listening data with a high level of protection. Such interference is possible by analysis of the integrated circuit by the method of "Reverse Engineering". This method can be analyzed as the principle of operation of the integrated circuit and affect the principle of operation in order to manipulate the contents of the data or process operation.

In practice there are various methods by which you can, at least to complicate such an analysis.

For example, it is known closing of the integrated circuit so-called "screen". The screen is at the same time, at least two passes over the integrated circuit, as a rule, meander conductive tracks. Interruption or short circuit of these conductive paths detected by using the schema is the processing, which then leads an integrated circuit in a protected state. This can be, for example, actuation of the reset or erase the memory.

Further known methods, by which it is possible to detect the removal consisting of a press-weight plastic housing. When it detects a change in capacitance between two conductive tracks when removing the housing. For this purpose, the plastic housing is provided by the sensors.

Further, there are methods that can detect the removal pestiviruses layer on the chip surface.

To reflect the crypto-analytic interventions integrated circuits important for protection applications are often implemented using a technology known as "Dual Rail with Precharge". Bits encode using complementary tires. On the first clock phase, the so-called "Precharge Phase, both complementary bus pre-charge (logical 1 or High), which is pre-stored information is erased. On the second clock phase, the so-called "Evaluation Phase", one of the two tires discharge (logical 0 or Low), and the next front of the clock pulse process.

All of the above detection methods are used to prevent access to the conductive paths of the integrated circuit. After overcoming these barriers is sent along the conduction paths is integralnoi schema data can be analyzed and manipulated. The latter may occur, for example, by application of voltage or cut tires.

The present invention is therefore to develop a circuit device and method of detecting unauthorised intervention in an integrated circuit that would provide more reliable protection.

This problem is solved by the characteristics of claim 1 of the formula, in which the circuit device, as well as signs p.4 formula, which gives way. The preferred implementation shown in dependent clauses.

Integrated circuit uses with the above technology "Dual Rail with Precharge", i.e. to encode one bit uses a pair of tires. Integrated circuit may have multiple pairs of tires. According to the invention provides that one signal bus, loaded with a clock signal, and at least one pair of tires connected with the detector circuit, which depending on the signal bus and at least one pair of tyres modifies the functioning of the integrated schema.

In one embodiment, each tire, at least one pair of tires directly connected with the detector circuit. Alternatively, a pair of tires can be connected to the multiplexer with the detector circuit. Signal bus, loaded with a clock signal, each of the both option is in connected with the detector circuit.

Circuit device according to the invention uses with the fact that the current state of technology "Dual Rail with Precharge" applicable logical States confront five forbidden States. They are determined using a detector circuit, which if necessary you can change the process of functioning of the integrated schema.

In addition to the detection of prohibited state when the work is protected schema pointing to physical intervention (for example, through needles, by the method FIB Focused Ion Beam", the manipulation of light, temperature, voltage), circuit device according to the invention can be activated already during production testing, i.e. the self-test circuit. Due to this, it is possible to detect manufacturing defects, such as defects "Stuck-At-One or Stuck-At-Zero". Because the production of integrated circuits can be assumed that interference is missing, invalid values in pairs of tires indicate a failure, such as a short circuit.

Circuit device according to the invention is made very simply because it additionally requires only the detector circuit, which is connected with the pairs of tires and a signal bus, loaded with a clock signal.

The principle of operation of the circuit device according to the invention becomes clear from vivamore below way.

When the first signal value signal bus two tires one pair of tyres detects the same signal level. When the second signal value signal bus two tires one pair of tyres will detect different signal level, and the deviation from the expected results of the change process operation of the integrated circuit.

In other words, this means that one of the five forbidden States, explain in more detail below, is called the process of functioning of the integrated circuit. The method according to the invention uses when it checks the charge status (signal level) of both tires one pair, and check forbidden States can be represented using a state table or reliability. Circuit implementation table of reliability is a standard task here is therefore not explained in more detail.

Phase Precharge Phase can, in principle, be set at the first value of the signal logical 1 or logical 0.

The preferred image of the first signal value of the signal bus is a logical 0. In this case, the state table corresponds to the usual action technology "Dual Rail with Precharge".

While the signal on the bus has a first signal value, the signal level of the second tire of the pair in one run is accordingly logical 0 or l is logical 1. Due to one of these two conditions establish, therefore, reliable "Precharge". Accordingly, the other three remaining States determine Smoking status.

Accordingly, the second signal value of the signal bus is a logical 1 or a logical 0. The second value of the signal, thus, in principle, complementary to the first signal value signal bus.

While the signal on the bus has a second signal value, the signal value of the first bus one pair is a logical 0 or 1, while the signal level of the second bus is a logical 1 or 0, i.e. complementary.

Smoking status occurs, therefore, when the second signal values of the signal bus on both tires one pair has the same value. In General, there are thus five forbidden States.

The method according to the invention is explained in more detail below using the figures which represent:

- figure 1: the first example of execution circuit device according to the invention;

- figure 2: the second example of execution circuit device according to the invention;

- figure 3: approximate the characteristic signal of the signal bus, and two pairs of tires;

- figure 4-7: four state table.

1 shows a first exemplary embodiment of the circuit device according invented the Yu for detection of unauthorized interference in an integrated circuit. Integrated circuit depicted in figure 1 as an example, blocks a, b, between which are conductive tracks 1-5. Lane 1 represents this signal bus "Clock", loaded clock signal. Further, as the example shows two pairs of tires L1.1, L2.1 and L1.n, L2.n. Between the blocks a, b can thus be transmitted in this example, two bits. In principle, between the blocks a, b may be included, of course, an arbitrary number of pairs of tires.

According to the invention for checking the conductive paths provided by the detection circuit 11. Each of the signal tyres 1-5, included between the blocks a, b, connected with the detector circuit 11. It depicts conductive tracks 6-10. In the case of Smoking status detector circuit 11 through the bus 12 to cause alarm, resulting in the integrated circuit can be restarted or can be erased important to protect the data.

Next, you can activate or deactivate the detector circuit 11 selectively by means of the signal bus 13.

In the first exemplary embodiment in figure 1, each of the signal tyres 1-5 are directly connected with the detector circuit 11. In the example of figure 2, only the signal bus 1, which features a clock signal, is connected directly with the detector circuit 11 via the signal bus 6. Pair of tyres L1.1, L2.1 and L1.n, L2.n, on the contrary, connected with children who ktorej circuit 11 via the multiplexer 14.

While in figure 1 can occur check all pairs of tires at the same time, a pair of tires on 2 check for prohibited status consistently. Since the principle of operation of the multiplexer sufficiently known from the prior art, a detailed description of the principle of operation is omitted.

Using state tables 4-7, you can understand the principle of operation of the circuit device according to the invention. In the first column is populated with the number of possible States. Columns 2-4 represent the possible States of the signal bus "Clock", as well as two tires one pair, denoted in this case L1.k, L2.k. The index k indicates when this pair of tires 1-n. The last column shows the logical value of the controlled rectifying circuit 11.

During the first four States (number of States 1-4) signal bus "Clock" is the so-called phase Precharge Phase. In this phase, the charge state of the two tires L1.k, L2.k one pair must have the same value. Figs.4 and 6 this is the case when L1.k and L2.k have a value of logical 1, while figure 5 and 7 this is the case when the value of logical 0.

On the so-called phase "Evaluation Phase" (non-state 5-8) bus L1.k, L2.k should not have the same charge state. In this case there is a defect or interference. Selectively, you can set the number 6 state of logical value 0 or 1. According the this logical value when the number 7 is 1 or 0, i.e. it is complementary logical value rooms 6 status.

Use depicted on figure 4 and 5 state tables in the method of detection according to the invention is preferable, because the phase Precharge Phase is carried out at a logical 0 signal bus "Clock". Alternatively, you can phase Precharge Phase when the value of logical 1, and the phase "Evaluation Phase" - when set to logical 0. This is shown in the state tables 6 and 7.

Figure 3 as an example, shows the characteristic signal of the signal bus "Clock", as well as two pairs of tires L1.1, L2.1 and L1.n, L2.n. To verify Smoking status, such as a defect or intervention, it is necessary, in principle, to compare the signals of tires one pair. Shown in figure 3 the characteristic of the signal estimate for the state table in figure 4. Thus, in the first pair of tires already at the first signal value signal bus "Clock" (clock phase) already has a defect, because the second bus L2.1 on the phase Precharge Phase does not take identical values of the signal. During clock phase T7and T9the phase Evaluation Phase there is a defect, because there the state of the signals of the two tire pair 1 have the same charge state, which according to the state table in figure 4 is prohibited. Another defect occurs at a clock phase of T10.

Characteristic is ignal n-th pair of tyres, on the contrary, in order, as shown by comparison with the state table in figure 4.

The reference list of items

1-5 - conductive path

6-10 - conductive path

11 - detector scheme

12 - signal bus

13 - signal bus

14 - multiplexer

15 is a conductive path

16 is a conductive path

And, In - circuit block

1. Circuit device for detection of unauthorized interference in an integrated circuit (a, b)containing signal bus (1), loaded with a clock signal, and at least one pair of tyres(2, 3; 4, 5), is used to encode one bit, and a signal bus (1) and at least one pair of tyres (2, 3; 4, 5) is included between the first (a) and second (B) blocks of the integrated circuit, wherein the signal bus (1) and at least one pair of tyres (2, 3; 4, 5) are connected with the detector circuit (11), which, depending on the signal bus (1) and at least one pair of tyres (2, 3; 4, 5) modifies the operation of the integrated circuit.

2. The device according to claim 1, characterized in that each tire, at least one pair of tyres (2, 3; 4, 5) are connected with the detector circuit (11) directly.

3. The device according to claim 1, characterized in that a pair of tyres (2, 3; 4, 5) connected to the detector circuit through a multiplexer.

4. The method of detecting unauthorized interference in gralow scheme, containing a pair of tyres (2, 3; 4, 5) for transmission of one bit between the first and second blocks of integrated circuits and signal bus (1), loaded with a clock signal, in which

a) when the first signal value signal bus (1) two tires one pair of tyres (2, 3; 4, 5) detects the same signal level;

b) when the second signal value signal bus (1) two tires one pair of tyres (2, 3; 4, 5) detect different signal level, and the process operation of the integrated circuit change so that it calls the alert if two tires one pair of tyres (2, 3; 4, 5) when the first signal value signal bus (1) have different levels of signal or the second signal value signal bus (1) have the same signal level.

5. The method according to claim 4, characterized in that the first signal value signal bus (1) is a logical 0 or a logical 1.

6. The method according to claim 5, characterized in that the signal level of the two tires one pair of tyres (2, 3; 4, 5) is accordingly logical 0 or logical 1.

7. The method according to one of claims 4 to 6, characterized in that the second signal value signal bus (1) is a logical 1 or a logical 0.

8. The method according to claim 7, characterized in that the signal level of the first bus one pair of tyres (2, 3; 4, 5) is a logical 0 or 1, while the signal level of the second bus is a logical 1 or .



 

Same patents:

FIELD: copy protection.

SUBSTANCE: system has content distribution block, multiple recording and playback devices for digital data, calculations processing block, meant to perform communications with recording and playback devices and performing calculations processing for transferring license payments.

EFFECT: higher reliability of copy protection.

5 cl, 55 dwg

FIELD: computers.

SUBSTANCE: method includes, on basis of contents of central processor registers, received after processor performs some sort of command, by means of mathematical logical operation, forming certain finite control sum and storing it in memory, and on basis of contents of registers, received before start of execution by said processor of directly next command, certain starting checksum is formed, while if starting checksum mismatches finite checksum, error message is generated, which can be followed by halting of processor operation or blocking of chip board with its removal from circulation.

EFFECT: higher reliability.

2 cl, 2 dwg

FIELD: technologies for authentication of information.

SUBSTANCE: method includes performing absolute identification for confirming legality of data carrier according to first rule in preset time. Authentication information is recorded on this data carrier in previously set position. Process of arbitrary authentication is performed for confirming legality of said data carrier in accordance to second rule in arbitrary time. First rule includes announcing confirmation of standard match, if information for authentication is detected as registered in selected preset position. Second rule in given arbitrary authentication process includes announcing standard match, if information for authentication is detected as not registered in arbitrary positions, different from given preset position.

EFFECT: higher reliability.

6 cl, 12 dwg

Processor // 2248608

FIELD: computers, data protection.

SUBSTANCE: processor has bus interface device, device for selection/decoding of commands, device for dispatching/execution, program string decoding device, which string is selected from program and loaded in first levels command cash, which contains a set of N two-input elements XOR, keys memory, storing different N-bit decoding keys.

EFFECT: higher efficiency.

2 dwg

The invention relates to computing
The invention relates to computing, and in particular to information and computer systems and networks, and can be used in the network integrity monitoring for protection of information resources in workstations, informational, and functional servers, etc

The invention relates to computer technology and may find application in the organization of authorized access to resources of the computing system

The invention relates to the field of information security with cryptographic transformation of data

The invention relates to the field of authentication objects

The invention relates to methods of protecting computer memory from unauthorized access through an arbitrary communication channels and to the structure of the devices for implementing such methods

FIELD: mobile communications.

SUBSTANCE: device has socket, appropriate for use as headphone socket.

EFFECT: higher efficiency.

11 cl, 37 dwg

FIELD: data bases.

SUBSTANCE: method includes presenting operations at all levels of company in form typical product life cycle tree, wherein existing objective functional-technological connections of each manufacture stage are decomposed, and forming information system in form of pertinent-relevant complex information system and search, for which typical structure-information modules of information system are formed, system objective information requirements of data consumers, being a result of decompositions by levels of operations and problems, are determined as precisely as possible, data base of found documents in form of files is formed of key nodes with set of elementary data block for each system information requirement and files of information system modules, starting from lower levels of current stage and then upwards, while each data block has a list of pertinent documents ordered by determined information requirements.

EFFECT: higher search efficiency.

13 cl, 11 dwg

FIELD: computer science.

SUBSTANCE: method includes text messages from data channel, linguistic words processing is performed, thesaurus of each text message is formed, statistical processing of words in thesaurus is performed, text message and thesaurus are stored in storage. Membership of text message in one of categories from the list is determined, starting data value of text message is determined, stored in storage with text message, data value values are periodically updated with consideration of time passed since their appearance and text messages with data value below preset threshold are erased, during processing of each message values of categories classification signs are updated.

EFFECT: higher efficiency.

1 dwg

FIELD: computer science.

SUBSTANCE: method includes text messages from data channel, linguistic words processing is performed, thesaurus of each text message is formed, statistical processing of words in thesaurus is performed, text message and thesaurus are stored in storage. Membership of text message in one of categories from the list is determined, starting data value of text message is determined, stored in storage with text message, data value values are periodically updated with consideration of time passed since their appearance and text messages with data value below preset threshold are erased, during processing of each message values of categories classification signs are updated.

EFFECT: higher efficiency.

1 dwg

FIELD: computer science.

SUBSTANCE: system, according to one variants, has socket contact, outer contact, output signal generators, microprocessor and output indicator, and according to other variants, additionally has input signal receiver, diagnostic rod. Equipment set includes boards, transfer line bodies, output signal generators, input signal receivers, microprocessor and indicator. Transfer line pipe has substrate, multiple contacts and conductor.

EFFECT: higher efficiency.

10 cl, 25 dwg

FIELD: copy protection.

SUBSTANCE: system has content distribution block, multiple recording and playback devices for digital data, calculations processing block, meant to perform communications with recording and playback devices and performing calculations processing for transferring license payments.

EFFECT: higher reliability of copy protection.

5 cl, 55 dwg

FIELD: computer science.

SUBSTANCE: device has n-byte query register, query limits location systems, each of which consists of counting timer and OR element, OR element, AND element, keys cascade.

EFFECT: higher reliability and speed of operation.

1 dwg

FIELD: computer science.

SUBSTANCE: device has n-byte query register, query limits location systems, each of which consists of counting timer and OR element, OR element, AND element, keys cascade.

EFFECT: higher reliability and speed of operation.

1 dwg

FIELD: computers, finance.

SUBSTANCE: method includes receiving data from user concerning certain active, minimal value of change, current percent stake without risk of non-payment, difference between prices of certain active during its quotation and required guarantee payment for certain active. Derivative for each variable of derivative calculation algorithm is set, variable price of realization with value of current price of certain active, variable price of execution with value of execution price. Difference between trade price of contract and final closing price is determined. Data about said difference is sent to user, which difference is subject to distribution. Difference between execution price and current price of certain active is determined and data is sent to user concerning said difference, being subject to distribution.

EFFECT: higher precision.

7 cl

FIELD: electronic engineering.

SUBSTANCE: for each channel device has digital signal converter, block for setting conversion digitization frequency, conversion level adjustment block, block for transferring electric signals to physical values, block for observing converted signals, block of precision of signal conversion, block of signal conversion time, block for disabling unused channels, block for synchronization of analog signals, visualization block, converted signal recording block. Device allows to convert signals of different levels, to change digitization frequency and conversion time, to disable unused channels, transfer sensors signals to physical values with consideration of sensors scales, observe signals at different scales, appropriate to levels of converted signals, to measure precision of recording of converted signals.

EFFECT: higher efficiency.

5 dwg

FIELD: medicine; medical engineering.

SUBSTANCE: method involves collecting information and storing it in single database or several databases representing parameter values of significance to enable one to carry out the procedures on his/her own, and operations for processing the mentioned single database or several databases to show alternative variants for making selection among two or more actions and values corresponding to each of two or more actions. Device has means for making calculations, required for implementing the method, and computer system and machine-readable carrier having program written on it and capable of implementing the method corresponding to the invention, on computer.

EFFECT: wider range of means accessible to end user.

69 cl, 8 dwg, 1 tbl

Up!