Processing

Please wait...

Settings

Settings

Goto Application

1. WO2013156315 - METHOD OF SECURE MANAGEMENT OF A MEMORY SPACE FOR MICROCONTROLLER

Publication Number WO/2013/156315
Publication Date 24.10.2013
International Application No. PCT/EP2013/057117
International Filing Date 04.04.2013
IPC
G06F 21/64 2013.01
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
60Protecting data
64Protecting data integrity, e.g. using checksums, certificates or signatures
G06F 12/10 2006.01
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
12Accessing, addressing or allocating within memory systems or architectures
02Addressing or allocation; Relocation
08in hierarchically structured memory systems, e.g. virtual memory systems
10Address translation
G06F 12/14 2006.01
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
12Accessing, addressing or allocating within memory systems or architectures
14Protection against unauthorised use of memory
G06F 21/74 2013.01
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
71to assure secure computing or processing of information
74operating in dual or compartmented mode, i.e. at least one secure mode
G06F 21/79 2013.01
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
78to assure secure storage of data
79in semiconductor storage media, e.g. directly-addressable memories
CPC
G06F 12/1036
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
12Accessing, addressing or allocating within memory systems or architectures
02Addressing or allocation; Relocation
08in hierarchically structured memory systems, e.g. virtual memory systems
10Address translation
1027using associative or pseudo-associative address translation means, e.g. translation look-aside buffer [TLB]
1036for multiple virtual address spaces, e.g. segmentation
G06F 12/145
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
12Accessing, addressing or allocating within memory systems or architectures
14Protection against unauthorised use of memory ; or access to memory
1416by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
145the protection being virtual, e.g. for virtual blocks or segments before a translation mechanism
G06F 12/1491
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
12Accessing, addressing or allocating within memory systems or architectures
14Protection against unauthorised use of memory ; or access to memory
1458by checking the subject access rights
1491in a hierarchical protection system, e.g. privilege levels, memory rings
G06F 21/64
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
60Protecting data
64Protecting data integrity, e.g. using checksums, certificates or signatures
G06F 21/74
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
71to assure secure computing or processing of information
74operating in dual or compartmented mode, i.e. at least one secure mode
G06F 21/79
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
78to assure secure storage of data
79in semiconductor storage media, e.g. directly-addressable memories
Applicants
  • SCHNEIDER ELECTRIC INDUSTRIES SAS [FR]/[FR]
Inventors
  • CHAPIER, Pascal
  • JARAUDIAS, Patrice
Agents
  • DUFRESNE, Thierry
Priority Data
125355318.04.2012FR
Publication Language French (FR)
Filing Language French (FR)
Designated States
Title
(EN) METHOD OF SECURE MANAGEMENT OF A MEMORY SPACE FOR MICROCONTROLLER
(FR) PROCEDE DE GESTION SECURISEE D'UN ESPACE MEMOIRE POUR MICROCONTROLEUR
Abstract
(EN)
The present invention consists of a method of managing an electronic microcontroller system, the microcontroller system comprising two processors (CPU1, CPU2) with a first processor (CPU1) intended for the execution of a nonsecure application (Appli1) exhibiting a nonguaranteed level of functional security and integrity, and a second processor (CPU2) dedicated to the execution of a secure application (Appli2) implementing code and data, and involving a guaranteed level of functional security and integrity, said secure application (Appli2) being able to implement a security function; means of access (CT) to a shared memory space (MEM). According to the invention, the first processor (CPU1) comprises a unit for managing the memory (MMU1) configured in such a way that it implements a write access control, so as to manage write access to the shared memory space (MEM), that is not modifiable when the secure application (Appli2) implements its security function.
(FR)
La présente invention consiste en un procédé de gestion d'un système de microcontrôleur électronique, le système de microcontrôleur comportant deux processeurs (CPU1, CPU2) avec un premier processeur (CPU1) destiné à l'exécution d'une application non sécurisée (Appli1) présentant un niveau de sécurité fonctionnelle et d'intégrité non garanti, et un deuxième processeur (CPU2) dédié à l'exécution d'une application sécurisée (Appli2) mettant en œuvre du code et des données, et impliquant un niveau de sécurité fonctionnelle et d'intégrité garanti, ladite application sécurisée (Appli2) étant apte à mettre en œuvre une fonction de sécurité; des moyens d'accès (CT) à un espace mémoire partagé (MEM). Selon l'invention, le premier processeur (CPU1) comprend une unité de gestion de la mémoire (MMU1) configurée de telle sorte qu'elle met en œuvre un contrôle d'accès en écriture, pour gérer l'accès en écriture à l'espace mémoire partagé (MEM), non modifiable lorsque l'application sécurisée (Appli2) met en œuvre sa fonction de sécurité.
Latest bibliographic data on file with the International Bureau