Hardware-facilitated secure software execution environment

Assignees

• VIRGINIA TECH INTELLECTUAL PROPERTIES, INC. · US
• MacAulay-Brown, Inc. · US

Inventors

• Mark T. Jones · Troy, US
• Peter M. Athanas · Blacksburg, US
• Cameron Patterson · Los Gatos, US
• Joshua N. Edmison · Ellicott City, US
• Anthony Mahar · Merrimack, US
• Benjamin J. Muzal · Fairfax, US
• Barry L. Polakowski · Roanoke, US
• Jonathan Graf · Blacksburg, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F21/72
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

A hardware-facilitated secure software execution environment provides protection of both program instructions and data against unauthorized access and/or execution to maintain confidentiality and integrity of the software or the data during distribution, in external memories, and during execution. The secure computing environment is achieved by using a hardware-based security method and apparatus to provide protection against software privacy and tampering. A Harvard architecture CPU core is instantiated on the same silicon chip along with encryption management unit (EMU) circuitry and secure key management unit (SKU) circuitry. Credential information acquired from one or more sources is combined by the SKU circuitry to generate one or more security keys provided to the EMU for use in decrypting encrypted program instructions and/or data that is obtained from a non-secure, off-chip source such as an external RAM, an information storage device or other network source. In a non-limiting illustrative example implementation, the EMU decrypts a single memory page of encrypted instructions or data per a corresponding encryption key provided by the SKU. Although instantiated on the same c…