A technology that enables the detection of tampering of a program as the program executes for security applications.
The present technology enables tampering of a program to be detected as the program executes. In particular, tampering of the code as it runs is detected efficiently. The authenticity of instructions is verified within the processor, concurrent with initial execution of the instructions. While a reference signature is accessed and verified, the instruction processing is not delayed. Thus, the verification proceeds in parallel with instruction execution. Advantageously, the execution pipeline for instructions is longer than the verification latency, so that in the event of a verification exception, instruction execution can be modified or preempted.
Fast validation of programs as they execute with very little performance overhead. Mechanism fits easily into existing hardware/software designs. Can use existing Trusted Platform Module (TPM) support to implement processor-internal storage for secret keys
Detection of malicious attempts to modify code. Ensures that only certified code can run and detect run-time tampering of such code. Permits trustworthy code to be distributed and used. Detects instruction corruption due to faults – permanent or transient