| Embedded systems are in great danger in recent years, Malicious programs have threaten the proper use of embedded devices. Because the embedded processors never check the security of the executing programs, at the other hand, malicious programs looks as same as the normal programs through the processor point, and is transparent in instruction level, these features leave space to malicious programs.It would be much safer if embedded processor can find the malicious programs out in time at running and suspend it, this can supply a reliable environment for embedded systems. In this paper, we proposed a new security protection mechanism to support the whole instruction and data path which called FPM(Full Protection Mechanism). FPM's security policies are highly flexible and software-programmable, software uses two special registers to configuration a custom-define security policy which is more effective. Meanwhile, FPM supports a special security policy for sensitive-data and special-function to stop the invalidate using of sensitive data and the rewriting to the special-function areas.This paper designs and implements the FPM mechanism using hardware descript language, and verifies it on FPGA board. The FPGA verification results show that the FPM works very well and can detects many kinds of attacks efficiently. |
PDF Full Text Request