• 专利附录
  • 专利说明
  • 权利要求
  • 类似技术
  • 同族专利
  • 引用文献
  • 法律状态
  • 优先权
    • 专利摘要:
    In an advanced metering infrastructure environment, software program statements and/or data may be encrypted. A microcontroller unit may include a first cache configured to store a block of encrypted data obtained from an external memory device. A decryption engine may decrypt the block of encrypted data for storage in a second cache. An address alignment module may be configured to receive input from a program counter and to calculate an offset pointer. The offset pointer may indicate a particular word in the block of decrypted data within the second cache for transmission to an instruction register for use by an application program. An address generator may be configured to receive input from the address alignment module and to indicate a block of data in the external memory device to be loaded into the first cache, to thereby replacing the encrypted data sent to the decryption engine.
    公开号:AU2012377374A1
    申请号:U2012377374
    申请日:2012-05-10
    公开日:2014-11-06
    发明作者:Guillaume Descamps;Eric Plainecassagne
    申请人:Itron Inc;
    IPC主号:G06F12-00
    专利说明:
    WO 2013/158129 PCT/US2012/037309 MICROCONTROLLER CONFIGURED FOR EXTERNAL MEMORY DECRYPTION CROSS REFERENCE TO RELATED APPLICATIONS 5 [00011 This application claims priority to European Patent Application No. EP 12164501.4, filed April 17, 2012, and entitled "Microcontroller Configured for External Memory Decryption," which is incorporated herein by reference. BACKGROUND 10 [00021 An advanced metering infrastructure (AMI) node may be associated with a device for metering a consumable resource, such as electricity, natural gas or water. Such nodes may be organized as an autonomous routing area (ARA), having a tree structure that may be headed by a root node and/or router node. Within each node, a number of sensors, meters or other devices may 15 provide data to a processing unit, memory and/or an application specific integrated circuit (ASIC). Application(s) operating on the node may process data received as input, and relay it up the network. [00031 Such data, and the executable code that forms the application(s), may be valuable. For example, data may represent consumption quantities of 20 electricity, natural gas or other utility, and integrity of the data may be important for financial reasons. Additionally, the executable code may include propriety technology. Unfortunately, the nodes in an ARA may be vulnerable to tampering, and the data may be vulnerable to unauthorized viewing or copying. Additionally, the executable code of the application(s) (e.g., program 25 statements) may be vulnerable to copying, decompiling and reverse engineering, which can reveal information on the operation and functionality of individual nodes and/or the entire network. 1 WO 2013/158129 PCT/US2012/037309 BRIEF DESCRIPTION OF THE DRAWINGS [00041 The detailed description is described with reference to the accompanying figures. In the figures, the left-most digit(s) of a reference 5 number identifies the figure in which the reference number first appears. The same numbers are used throughout the drawings to reference like features and components. Moreover, the figures are intended to illustrate general concepts, and not to indicate required and/or necessary elements. [00051 FIG. 1 is a diagram showing an example network having a plurality of 10 nodes, some detail of one example node, a connection to a further network such as the Internet, and a central office. [00061 FIG. 2 is a schematic diagram of an example microcontroller unit configured for decryption of data contained in an external memory device. [00071 FIG. 3 is a flow diagram illustrating an example method by which a 15 microcontroller configured for external memory decryption may be operated. DETAILED DESCRIPTION Overview [00081 Advanced encryption standard (AES) and other encryption techniques 20 represent significant advances in data security. For example, blocks of 128 bits may be encrypted using a symmetric key, resulting in strong encryption. Using such encryption, data may be secured, even in environments in which it is not possible to secure and control the memory devices that contain the data. [00091 In an advanced metering infrastructure (AMI), nodes may contain data 25 related to the consumption of electricity, natural gas, water and/or other consumable resources. The nodes may include memory devices which control records of the consumption. Such records have considerable financial value, 2 WO 2013/158129 PCT/US2012/037309 since customers are billed based on the amounts consumed. Accordingly, encryption is useful to prevent tampering. [00101 However, existing microcontrollers are configured to execute code and to use data that is not encrypted. In cases where encrypted executable code and/or 5 encrypted data are used, considerable overhead is introduced, which slows down program execution. Also, the decrypted code and data is put at risk during the periods that it remains decrypted. The below discussion includes several representative examples that provide techniques for configuring a microcontroller for external memory encryption. 10 [00111 An example illustrating some of the techniques discussed herein-not to be considered a full or comprehensive discussion-may assist the reader. In an AMI environment, a meter may be configured to generate encrypted data representing consumption of a resource and to record the encrypted data in a memory device located external to a microcontroller unit. The meter may utilize 15 an application (e.g., a software program) that includes executable statements that are stored in an encrypted form on the memory. Within the microcontroller unit (and/or microprocessor, processor, etc.) a first cache may be configured to store a block of encrypted data obtained from the memory device. The data may represent any encrypted information, such as consumption records or encrypted 20 program statements. Also within the microcontroller unit, a decryption engine may be configured to obtain and decrypt the block of encrypted data from the first cache. A second cache, also located within the microcontroller unit, may be configured to receive the block of decrypted data from the decryption engine. An address alignment module may be configured to receive input from a program 25 counter and to calculate an offset pointer. The offset pointer may indicate a particular word in the block of decrypted data within the second cache for transmission to an instruction register for use by an application program. An 3 WO 2013/158129 PCT/US2012/037309 address generator may be configured to receive input from the address alignment module and to indicate a block of memory in the memory device to be loaded into the first cache, to thereby replacing the encrypted data sent to the decryption engine. 5 [00121 The discussion herein includes several sections. The discussion, drawings and each section are intended to be examples of techniques and/or structures, but are not intended to indicate elements which must be used and/or performed. More particularly, this entire description is intended to illustrate components and techniques that may be utilized in a microcontroller configured 10 for external memory decryption, but not components or techniques which are necessarily required. The discussion begins with a section entitled "Example Network," which describes one environment that may implement the techniques described herein. This section depicts and describes an example of an ARA that may include the techniques for use with encrypted data on a memory device that 15 is external to a microcontroller and/or processor. Next, a section entitled "Example Microcontroller Unit" illustrates and describes an example of a microcontroller unit, and also shows its relationship to an external memory device. This section provides example structures that perform representative functionality, including decrypting data obtained from the external memory 20 device. A third section, entitled "Example Methods," discusses aspects of methods operational in devices including processors, memory devices, application specific integrated circuits (ASICs), etc. In particular, the example methods may be applied to any of the techniques discussed herein. Next, a section entitled "Example Methods of External Memory Decryption" illustrates 25 and describes aspects that may be used to read, decrypt and manage encrypted data on a memory device that is external to the microcontroller. Finally, the discussion ends with a brief conclusion. 4 WO 2013/158129 PCT/US2012/037309 [00131 This brief introduction, including section titles and corresponding summaries, is provided for the reader's convenience and is not intended to describe and/or limit the scope of the claims or any section of this disclosure. 5 Example Network [00141 FIG. 1 is a diagram showing an example network 100, which may be an ARA or other network. FIG. 1 shows a plurality of nodes 102, including a root or router node 102A, which may be connected to a central office 104 by a network 106 such as the Internet. Within the network, nodes may communicate by means 10 of radio RF links 108, power line communication (i.e., a signal superimposed over current flowing in an electrical power transmission grid) or other medium. The example network 100 is provided as a specific instance to illustrate more general concepts of the use and management of encrypted data in a network environment, and not to indicate required and/or necessary elements. In 15 particular, the example network 100 will be used to illustrate examples of nodes utilizing microcontrollers and external memory devices. In particular, the microcontrollers may execute software code associated with applications operating on the nodes that may utilize encrypted data and/or encrypted program statements. 20 [00151 The network architecture 100 may be configured as a smart grid, such as an AMI network including a number of utility meters having wireless communication capabilities. The utility meters may measure consumption of electricity, natural gas, water or other consumable resources. The central office 104 may be implemented by one or more computing devices, such as servers, 25 personal computers, laptop computers, etc. The one or more computing devices may be equipped with one or more processor(s) communicatively coupled to memory. In some examples, the central office 104 includes a centralized meter 5 WO 2013/158129 PCT/US2012/037309 data management system which performs processing, analysis, storage, and/or management of data received from one or more of the nodes 102. For instance, the central office 104 may process, analyze, store, and/or manage data obtained from a smart utility meter, sensor, control device, router, regulator, server, relay, 5 switch, valve, and/or other nodes. Although the example of FIG. 1 illustrates the central office 104 in a single location, in some examples the central office may be distributed amongst multiple locations and/or may be eliminated entirely (e.g., in the case of a highly decentralized distributed computing platform). [00161 The network(s) 106 may comprise a wireless or a wired network, or a 10 combination thereof, such as the Internet. The network 106 may be a collection of discrete and/or interconnected networks, which may function as a single large network. [00171 The network architecture 100 may include a plurality of nodes 102A, 102B, 102C, 102D, ... 102N (collectively referred to as nodes 102) 15 communicatively coupled to each other via direct communication RF signals, power line communication (PLC) links, or other types of transmissions. Some of the nodes may be associated with utility meters. In this example, N represents an example number of nodes in an ARA, which may be configured as a wide area network (WAN), metropolitan area network (MAN), local area network (LAN), 20 neighborhood area network (NAN), personal area network (PAN), a combination of the foregoing, or the like. [00181 The node 102A may be considered to be a "root," "root node," "field area router," or similar, and may be configured to connect the ARA to servers within the central office 104 by way of a back-haul network, such as the network 25 106. The nodes 102 may communicate by means of signals 108, which facilitate both upstream and downstream transfer of data, information, reports, queries and packets, etc. 6 WO 2013/158129 PCT/US2012/037309 [00191 Detail of the node 102B includes a radio 110, configured for communication by means of RF signals 108. The radio 110 may comprise a RF transceiver configured to transmit and/or receive RF signals via one or more of a plurality of channels/frequencies. In one example of a wireless implementation, 5 the node 102 may include a single radio 110 configured to send and receive data on multiple different channels, such as a control channel and multiple data channels on each communication link 108. The radio 110 may also be configured to implement a plurality of different modulation techniques, data rates, protocols, signal strengths, and/or power levels. Additionally, the radio may be configured 10 to sequentially tune a plurality of different frequencies, each for a short period of time, in a "frequency hopping" scheme. In other implementations, each of the nodes may be configured for wired communication. By way of example and not limitation, wired communications may include power line communications (PCL) or other wired communication network technologies, such as Ethernet. The 15 architecture of the network 100 may represent a heterogeneous network of nodes, in that the nodes 102 may include different types of nodes (e.g., smart meters, cellular relays, sensors, etc.), different generations or models of nodes, and/or nodes that otherwise are capable transmitting on different channels and using different modulation techniques, data rates, protocols, signal strengths, and/or 20 power levels. [00201 A meter 112 may be an electric meter, a natural gas meter, a water meter or other meter. The meter 112 may operate in cooperation with one or more applications, and may create data in encrypted or non-encrypted states. In one example, a processing unit or microcontroller may provide a control and data 25 exchange interface with the meter 112. The meter may provide encrypted data to the application, or the application may encrypt data received from the meter. The 7 WO 2013/158129 PCT/US2012/037309 encrypted data may be stored in an external memory (i.e., a memory "external" to, or not part of, the microcontroller on which the software application operates). [00211 A processing unit 114 may include one or more processors 116 communicatively coupled to memory 118. The processor(s) 116 may execute, 5 and the memory 118 may contain, various software statements, software modules, procedures, managers, algorithms, etc. Such functional blocks may be configured in software and/or firmware, and may be executable by the processor(s) 116. In alternative embodiments, any or all of the processor(s) 116, memory 118 and/or software operable on the processor(s) and memory may be implemented in whole 10 or in part by hardware. Examples of hardware include a microcontroller or other digital device, such as an application specific integrated circuit (ASIC) or other device configured to execute the described functions. [00221 In one example, one, several or all of the processor(s) 116 may be microcontroller unit(s) (MCU) 120 configured for external memory decryption. 15 The MCU 120 may be configured to read encrypted data 122 or encrypted software program statements of one or more encrypted applications 124. In the example, the MCU 120 decrypts the data 122 and/or program statements of the application(s) 124 in real time and/or "on the fly." Thus, the MCU 120 is able to execute decrypted program statements and/or utilize decrypted data. In one 20 example, the program statements may be associated with a software application that may interface with the meter 112. In such an example, blocks of data representing encrypted versions of the program statements are decrypted, and the decrypted statements executed, by the MCU 120 configured for external memory decryption. 25 [00231 The memory 118, while shown as a monolithic entity, may also be configured as a plurality of similarly and/or differently configured devices, such as read-only memory, writable memory, persistent or non-persistent memory, etc. 8 WO 2013/158129 PCT/US2012/037309 The memory 118 may be configured to store one or more software and/or firmware modules, which are executable by the processor(s) 116 to implement various functions. The memory 118 may comprise computer-readable media and may take the form of volatile memory, such as random access memory (RAM) 5 and/or non-volatile memory, such as read only memory (ROM) or flash RAM. Computer-readable media includes volatile and non-volatile, removable and non removable media implemented according to any technology or techniques for storage of information such as computer-readable instructions, data structures, program modules, or other data for execution by one or more processors of a 10 computing device. Examples of computer-readable media include, but are not limited to, phase change memory (PRAM), static random-access memory (SRAM), dynamic random-access memory (DRAM), other types of random access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other memory 15 technology, compact disk read-only memory (CD-ROM), digital versatile disks (DVD) or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information for access by a computing device. [00241 For purposes herein, a computer-readable media may include all or part 20 of an application specific integrated circuit (ASIC) or other hardware device. Such a hardware device may be configured to include other functionality, including functions performed in a bandwidth management in an AMI. Accordingly, within such an integrated circuit, one or more processors are configured with executable instructions, which may be defined by logic, 25 transistors or other components, or on-board memory. [00251 In the illustrated example, memory 118 includes encrypted data 122 and a one or more applications 124, which may be defined by processor-executable 9 WO 2013/158129 PCT/US2012/037309 instructions executable by actions of the processor(s) 116 and/or the MCU 120. Accordingly, the application(s) 124 may be considered to be software, subroutines, programs, etc. Alternatively, the processor 116 and/or 120, memory 118 and/or applications 124 may be defined by operation of one or more 5 hardware devices such as ASICs. Example Microcontroller Unit [00261 FIG. 2 is a schematic diagram of an example 200 of an arrangement of a microcontroller unit (MCU) 120 and an external memory device 118. The MCU 10 120 may be configured for decryption of data contained in the external memory device 118. The data may include information, software application program statements, and the like. [00271 A memory device 118 is external to the MCU 120, and is therefore inherently more vulnerable to attack by those who would steal its data than if the 15 memory device were completely enclosed within the MCU 120. However, the external memory configuration allows the memory device 118 to be much less expensive, and also allows it to be upgraded and/or replaced more easily. To protect against attack, one or both of the data 122 and software program statements (e.g., software commands) of the application 124 may be encrypted. 20 Accordingly, while the memory device 118 is external to the MCU 120, the data and application(s) contained within the device may be protected by encryption. [00281 An external memory interface 202 is configured to connect to an address bus 204 and a data bus 206, and to thereby interface with the external memory device 118. In a second example, the external memory could be connected to the 25 microcontroller unit 120 by a serial link, as opposed to a parallel bus. Either configuration could allow use of the same decryption mechanism. The external memory interface 202 receives an address input 208, which controls the address 10 WO 2013/158129 PCT/US2012/037309 output 204. A data bus 210 transfers data obtained from the external memory device 118 to a cache memory 212. [00291 The cache memory 212 may be configured to hold a block of encrypted data read from the external memory 202. The block of data may be read over a 5 data bus 210. The data bus may be read at a time indicated by an input 214, which may be controlled by an address generator. In one example, the data read into the cache 212 is stored in memory locations or registers 216. Collectively, the memory locations 216 may be configured to contain one block of data. The block of data may be 128 bits, 256 bits or other quantity. In one example, a 128 10 bit block is used, which matches the 128-bit block of data used by AES encryption. In such an example, the registers 216 may organize the 128-bit block as N words, such as 4 words of 32-bit length. Such an example may utilize an electronic codebook (ECB), wherein message may be divided into blocks, and each block may be encrypted separately. Alternatively, non-ECB encryption 15 techniques may be used, which may provide better security. [00301 The cache memory device 212 may be configured to provide the block of data to a decryption engine 218. The decryption engine 218 may be a special purpose hardware device or a general purpose device configured to operate decryption software. To obtain higher throughput, a single purpose hardware 20 device configured to decrypt AES-encrypted data is used. A symmetric key may be built into the device 218 or otherwise provided to it. In the example of FIG. 2, an external clock 220 may be used to clock the decryption engine 218, although an internal clock could alternatively be used. [00311 Output from the decryption engine may be transferred to a second cache 25 222. The second cache 222 may be configured to contain a block of decrypted data organized as N words in a plurality of registers 224. In one example, the registers 224 organize the decrypted block of data as 4 words of 32-bit length. 11 WO 2013/158129 PCT/US2012/037309 [00321 A program counter 228 increments to a next or appropriate address, the contents of which indicate an instruction to be read into the instruction register 226. The program counter 228 may be controlled by an operating system or other device. A signal 230 from the program counter 228 may be received by the 5 address alignment module 232. The address alignment module 232 may calculate an offset pointer 234, wherein the offset pointer indicates which of the registers 224 of the second cache 222 having decrypted data should be sent to the instruction register 226. [00331 In one example, the program counter 228 includes an address of the 10 external memory 118 having the desired program instruction. However, data was previously read from the external memory 118, stored in the first cache 212, decrypted by the decryption engine 218 and then stored in the second cache 222 in decrypted form. Accordingly, a decrypted form of the program instruction indicated by the program counter 228 is contained in one of the registers 224 of 15 the second cache memory 222. The address alignment module 232, using the offset pointer 234, indicates the appropriate register. [00341 An address generator 238 may receive an input 236 from the address alignment module 232. The input may indicate an address, which the address generator 238 may translate into an address of a block of data to fetch from the 20 external memory 118 for storage in the first cache 212. The address generator 238 may place an address on the address bus 208/204, to select desired data from the external memory 118. In one example, the address generator 238 is configured to adapt to address buses of different widths, such as by having sufficient address space to accommodate varying memory device sizes. When the 25 address is on the bus, an output 214 allows the address generator 238 to notify the first cache when it is time to read the data bus 210/206. 12 WO 2013/158129 PCT/US2012/037309 [00351 Optionally, the functionality of the address alignment module 232 and the address generator 238 may be combined. In such a configuration, a unified address alignment and generator module could be configured to: provide an offset pointer 234 to the second cache memory 222; to generate an output 208 5 indicating an address of a block of memory to be fetched from external memory; and to provide a signal 214 to the first cache 212 to receive data on the data bus 210. [00361 A clock 240 may be used to provide clock signal(s) to the instruction register 226, the program counter 228 and other microcontroller functionality 10 242. The microcontroller functionality 242 may include a plurality of functions that are present in known microcontrollers, and which are not described herein. In one example, the clock 220 driving the decryption engine 218 may be of a higher frequency than the clock 240, although the exact design parameters can vary depending on the implementation. 15 Example Methods [00371 The example methods of FIG. 3 may be implemented at least in part by the configurations of FIGS. 1 and 2. However, FIG. 3 contains general applicability, and are not limited by other drawing figures and/or prior discussion. 20 Each method described herein is illustrated as a collection of acts, blocks or operations in a logical flow graph, which represent a sequence of operations that can be implemented in hardware, software, or a combination thereof. In the context of software, the operations represent computer-executable instructions stored on one or more computer-readable storage media that, when executed by 25 one or more processors, perform the recited operations. Such storage media, processors and computer-readable instructions can be located within a MCU (e.g., MCU 120 of FIGS. 1 and 2) according to a desired design or implementation. 13 WO 2013/158129 PCT/US2012/037309 The storage media seen in FIGS. 1 and 2 is representative of storage media generally, both removable and non-removable, and of any technology. Thus, the recited operations represent actions, such as those described in FIG. 3, and are taken under control of one or more processors configured with executable 5 instructions to perform actions indicated. Generally, computer-executable instructions include routines, programs, objects, components, data structures, and the like that perform particular functions or implement particular abstract data types. The order in which the operations are described is not intended to be construed as a limitation, and the described operations may be combined in 10 different orders and/or in parallel to implement the method. The above discussion may apply to other methods described herein. Example Methods of External Memory Decryption [00381 FIG. 3 is a flow diagram illustrating an example method 300 by which a 15 microcontroller unit (MCU) may operate to provide decryption of data contained in external memory. At operation 302, a first address in memory whose contents are to be fetched is generated. In the example of FIG. 2, the program counter 228 may give an address 230 to the address alignment module 232. The address alignment module 232 may generate an address 236, which is sent to the address 20 generator 238. [00391 At operation 304, a block of encrypted data is fetched from an external memory device. The fetching may be performed in response to completion of the decrypting of the data, incrementing the offset pointer to the last word in the second cache, or other timing event. In the context of example of FIG. 2 a 128 25 bit block, sized to be compatible with AES encryption, is fetched from external memory device 118. The block of data may comprise encrypted computer software program statements or data information. The block may be fetched 14 WO 2013/158129 PCT/US2012/037309 through operation of an external memory interface 202. The external memory interface may be attached to the address bus 204 and a data bus 206. Address(es) are put on to the address bus, and corresponding data is read off the data bus. [00401 At operation 306, the fetched block of encrypted data is stored in a first 5 cache memory. In the context of example of FIG. 2, the N words of the block of encrypted data may be stored in N registers 216 in the first cache 212. In one example, the 128-bit block is stored in 4 registers, each of 32-bit length. [00411 At operation 308, data obtained from the first cache memory is decrypted. In the context of example of FIG. 2, the data from the first cache 212 10 is transferred to the decryption engine 218. The decryption engine 218 may be configured to decrypt a 128-bit block of encrypted data using a key (e.g., a symmetric key) built into the engine. The decryption engine 218 may be configured as a fast-operating hardware device, which may use the fastest clock 220 available in the MCU. The clock 220 may provide a clock signal at the 15 decryption engine that is faster than a clock signal provided to the program counter or other areas of the microcontroller unit. [00421 At operation 310, the decrypted data is stored in a second cache memory. In the context of example of FIG. 2, decrypted data is output from the decryption engine 218 for storage in the second cache memory 222. The address alignment 20 module, the address generator and/or another device may signal the decryption engine to overwrite the second cache with newly decrypted data. The overwriting of the second cache may reset the offset pointer 234. In the example shown, a decrypted 128-bit block of data is stored as 4 words of 32-bit length in registers 224. However, other data block and word length sizes are possible, depending on 25 the encryption technology used and the design of the decryption engine. [00431 At operation 312, an address from a program counter is received. The address indicates a next statement to be executed by, and/or fetched for, the 15 WO 2013/158129 PCT/US2012/037309 microcontroller. In the context of example of FIG. 2, the program counter 228 may be incremented by an operating system, application of other device and/or object. Output 230 of the program counter 228 is transferred to an address alignment module 232. 5 [00441 At operation 314, an offset to a word (e.g. a data element) in the second cache is calculated, wherein the word represents the instruction or data indicated by the address provided by the program counter. The calculating may include incrementing an offset pointer to indicate the word contained within the second cache, wherein the incrementing is based on action by the program counter. In 10 the context of example of FIG. 2, the address alignment module 232 processes the address received from the program counter 228. In particular, the address alignment module 232 maps the received address from a location in the external memory 118 to a register 224 in the second cache 222. Accordingly, the register 224 located in the second cache 222 contains a decrypted version of the address 15 in the external memory 118, and is therefore usable by the MCU. The particular register 224 may be indicated by an offset or offset pointer 234. Thus, the data in the register indicated by the offset pointer 234 is a decrypted version of the data indicated by the program counter 228, which originally resided in the external memory 118. That is, the output 230 of the program counter 228 is an address to 20 a location in external memory 118 that has been decrypted and moved to a register 224 in the second cache 222, pointed to by the offset pointer 234. [00451 At operation 316, the data word indicated by the offset is provided to the instruction register. Accordingly, the data indicated by the address provided by the program counter, in a decrypted form found in the second cache, is provided 25 to the program counter. In the context of example of FIG. 2, the appropriate register 224 in the second cache 222 is copied to the instruction register 226. 16 WO 2013/158129 PCT/US2012/037309 [00461 At operation 318, an address in the external memory is calculated for use in fetching an additional block of data. In the context of example of FIG. 2, the address alignment module 232 provides an address in output 236 to the address generator 238. The address generator 238 calculates an address to a next block of 5 data to be fetched, based on the received address. Thus, the calculation of the address in the external memory 118 may be associated with an address received from the program counter 228 may include determining a block of data in the external memory that follows a block of data in the external memory that was most recently fetched. 10 [00471 At operation 320, a second block of encrypted data is fetched from the external memory. The second block of memory is associated with the address calculated at operation 316. In the context of example of FIG. 2, the address generator 208 provides appropriate address(es) to the external memory interface 202, and may provide a signal 214 to the first cache memory 212 to receive data 15 from the external memory device 118. In one example, the second block may be fetched after some timing event, such as when the offset pointer 234 has pointed to a last word or register 224 in the second cache 222. In a further example, the second block may be fetched after the offset pointer has pointed to each register in the second cache. The offset pointer may then be reset to point at a first 20 register, such as in response to an increment of the offset pointer when the offset point is pointing to the last register. [00481 Note that a number of operations may be performed in parallel. As one example for purposes of illustration only, fetching the block of encrypted data (operation 302, 318), decrypting the data obtained from the first cache memory 25 (operation 306) and providing the word indicated by the offset (operation 314) may all be performed simultaneously. 17 WO 2013/158129 PCT/US2012/037309 Conclusion [00491 Although the subject matter has been described in language specific to structural features and/or methodological acts, it is to be understood that the subject matter defined in the appended claims is not necessarily limited to the 5 specific features or acts described. Rather, the specific features and acts are disclosed as exemplary forms of implementing the claims. 18
    权利要求:
    Claims (20)
    [1] 1. A node in a network, comprising: 5 a meter configured to generate encrypted data representing consumption of a resource and to record the encrypted data in a memory device located externally to a microcontroller unit; a first cache, located within the microcontroller unit, and configured to store a block of encrypted data obtained from the memory device; 10 a decryption engine, located within the microcontroller unit, and configured to obtain the block of encrypted data from the first cache and to decrypt the block of encrypted data, thereby producing a block of decrypted data; a second cache, located within the microcontroller unit, and configured 15 to receive the block of decrypted data from the decryption engine; an address alignment module configured to receive input from a program counter within the microcontroller unit and to calculate an offset pointer to a particular word in the block of decrypted data within the second cache; 20 an address generator configured to receive input from the address alignment module and to indicate a block of memory in the memory device to be loaded into the first cache; and an application having program statements configured for operation on the microcontroller unit, the program statements being stored on the external 25 memory in encrypted form and being executed in decrypted form in an order indicated by the offset pointer. 19 WO 2013/158129 PCT/US2012/037309
    [2] 2. The node of claim 1, wherein the address alignment module calculates the offset pointer to the particular word based on a mapping of an address in the memory device external to the microcontroller unit to a register in the second cache. 5
    [3] 3. A processing device, comprising: a first cache configured to store N words of encrypted data obtained from a memory device external to the processing device; a decryption engine configured to obtain the N words of encrypted data 10 from the first cache and to decrypt the N words; a second cache, configured to receive the N words of decrypted data from the decryption engine; an address alignment and generator module, configured to: receive input from a program counter and to calculate an offset 15 pointer to a particular word of the N words of decrypted data within the second cache; and indicate N words of encrypted data in the memory device external to the processing device to be loaded into the first cache. 20
    [4] 4. The processing device of claim 3, wherein the address alignment and generator module translates the input from the program counter, which indicates a word from a particular location in external memory, into an offset to a register in the second cache. 25 20 WO 2013/158129 PCT/US2012/037309
    [5] 5. The processing device of claim 3, wherein the address alignment and generator module is additionally configured to: increment the offset pointer in response to input from the program counter, wherein the offset pointer points to a decrypted word of data for 5 transmission to the instruction register.
    [6] 6. The processing device of claim 3, wherein: calculating the offset pointer includes translating an address, the address originally indicating a location in the memory device external to the processing 10 device, to indicate a register in the second cache; and indicating N words of encrypted data in the memory device includes mapping an address obtained from the program counter to indicate a block of memory in the external memory device. 15
    [7] 7. The processing device of claim 3, wherein: the address alignment and generator module signals the decryption engine to overwrite the second cache with newly decrypted data; and the offset pointer is reset when decrypted data from the decryption engine overwrites the second cache. 20
    [8] 8. The processing device of claim 3, wherein address alignment and generator module is additionally configured to: adapt address buses of different widths; and notify the first cache when it is time to read the data bus. 25 21 WO 2013/158129 PCT/US2012/037309
    [9] 9. The processing device of claim 3, additionally comprising: a clock configured to send a signal to the decryption engine; and a second clock to send a signal to the instruction register and the program counter. 5
    [10] 10. The processing device of claim 3, wherein: the first cache contains one block of encrypted data; the decryption engine contains one block of data in the process of decryption; and 10 the second cache contains one block of decrypted data.
    [11] 11. A method of executing encrypted code from an external memory, comprising: fetching a block of encrypted data from the external memory; 15 storing the fetched block of encrypted data in a first cache memory; decrypting data obtained from the first cache memory; storing the decrypted data in a second cache memory; receiving an address from a program counter, the address indicating a next statement to be executed by a microcontroller; 20 calculating an offset to a word in the second cache memory, the offset based on the address received from the program counter; providing the word indicated by the offset to an instruction register; calculating an address in the external memory associated with the address received from the program counter; and 25 fetching a second block of encrypted data, the second block being associated with the calculated address. 22 WO 2013/158129 PCT/US2012/037309
    [12] 12. The method of claim 11, wherein fetching the block of encrypted data from the external memory is in response to: completing the decrypting of the data; and incrementing the offset to the last word in the second cache. 5
    [13] 13. The method of claim 11, wherein decrypting the data comprises: decrypting the data using a decryption engine configured in hardware for AES decryption. 10
    [14] 14. The method of claim 13, wherein decrypting the data comprises: receiving a clock signal at the decryption engine that is faster than a clock signal provided to the program counter.
    [15] 15. The method of claim 11, wherein calculating the offset to the word 15 in the second cache memory comprises: incrementing an offset pointer to indicate the word contained within the second cache, wherein the incrementing is based on action by the program counter. 20
    [16] 16. The method of claim 11, wherein calculating the address in the external memory associated with the address received from the program counter comprises: determining a block of data in the external memory that follows a block of data in the external memory that was most recently fetched. 25 23 WO 2013/158129 PCT/US2012/037309
    [17] 17. The method of claim 11, wherein: fetching the block of encrypted data, decrypting the data obtained from the first cache memory and providing the word indicated by the offset are performed simultaneously. 5
    [18] 18. The method of claim 11, wherein: calculating the offset to the word in the second cache memory comprises incrementing an offset pointer by one register; and calculating the address in the external memory comprises calculating an 10 address of a block of data in the external memory that includes the address received from the program counter.
    [19] 19. The method of claim 11, wherein fetching the second block of encrypted data comprises: 15 fetching the second block after an offset pointer has pointed to a last word in the second cache.
    [20] 20. The method of claim 11, wherein fetching the second block of encrypted data comprises: 20 fetching the second block after an offset pointer has pointed to each register in the second cache; and resetting the offset pointer to point at a first register in response to an increment of the offset pointer when the offset point is pointing to the last register. 25 24
    类似技术:
    公开号 | 公开日 | 专利标题
    AU2012377374B2|2016-12-08|Microcontroller configured for external memory decryption
    US10693966B2|2020-06-23|System for distributed intelligent remote sensing systems
    KR20190001546A|2019-01-04|Using blockchain to track information for devices on a network
    US10985903B2|2021-04-20|Power side-channel attack resistant advanced encryption standard accelerator processor
    EP3326107B1|2021-07-21|Supporting configurable security levels for memory address ranges
    US8681973B2|2014-03-25|Methods, systems, and computer program products for performing homomorphic encryption and decryption on individual operations
    US9425956B2|2016-08-23|Method and system for transferring firmware or software to a plurality of devices
    US8036379B2|2011-10-11|Cryptographic processing
    CN104202161B|2018-05-04|A kind of SoC crypto chips
    Richter et al.2010|Security digital evidence
    US20090136042A1|2009-05-28|Application layer authorization token and method
    WO2016190924A2|2016-12-01|Side channel analysis resistant architecture
    CN108520183A|2018-09-11|A kind of date storage method and device
    US20210258150A1|2021-08-19|Using blockchain to track information for devices on a network
    US20120281837A1|2012-11-08|Secure key management
    US10013517B1|2018-07-03|High level programming language core protection for high level synthesis
    US20120281836A1|2012-11-08|Secure key management
    TW202016743A|2020-05-01|Data processing apparatus and data processing method for internet of things system
    US10103877B2|2018-10-16|SMS4 acceleration processors having round constant generation
    CN102110038B|2013-08-14|Hardware test circuit structure applied in security chip
    US20190028266A1|2019-01-24|Dynamic encryption of cpu registers
    Yang et al.2021|PLCrypto: A Symmetric Cryptographic Library for Programmable Logic Controllers
    Ceker2013|Secure Communications in the Smart Grid
    同族专利:
    公开号 | 公开日
    WO2013158129A8|2014-12-04|
    JP2015517160A|2015-06-18|
    JP5990635B2|2016-09-14|
    WO2013158129A1|2013-10-24|
    CA2870883A1|2013-10-24|
    US20130275766A1|2013-10-17|
    SG11201406735SA|2014-11-27|
    EP2653992A1|2013-10-23|
    US8762739B2|2014-06-24|
    ZA201407767B|2016-08-31|
    AU2012377374B2|2016-12-08|
    引用文献:
    公开号 | 申请日 | 公开日 | 申请人 | 专利标题
    US4847902A|1984-02-10|1989-07-11|Prime Computer, Inc.|Digital computer system for executing encrypted programs|
    US7133845B1|1995-02-13|2006-11-07|Intertrust Technologies Corp.|System and methods for secure transaction management and electronic rights protection|
    US7270193B2|2000-02-14|2007-09-18|Kabushiki Kaisha Toshiba|Method and system for distributing programs using tamper resistant processor|
    JP4153653B2|2000-10-31|2008-09-24|株式会社東芝|Microprocessor and data protection method|
    JP4226816B2|2001-09-28|2009-02-18|株式会社東芝|Microprocessor|
    EP1542112A4|2002-07-09|2008-04-09|Fujitsu Ltd|Open type general-purpose attack-resistant cpu, and application system thereof|
    JP2004287754A|2003-03-20|2004-10-14|Matsushita Electric Ind Co Ltd|Computer and instruction processing method|
    US8059009B2|2006-09-15|2011-11-15|Itron, Inc.|Uplink routing without routing table|
    JP5412364B2|2009-07-16|2014-02-12|株式会社日立製作所|Information processing method and information processing system|
    WO2011064883A1|2009-11-27|2011-06-03|株式会社東芝|Memory chip|
    JP5439233B2|2010-03-08|2014-03-12|株式会社東芝|Control device|
    KR101055843B1|2010-08-09|2011-08-09|한국전력공사|Method for encryption and decryption of transaction in power network and system thereof|
    JP5198526B2|2010-09-21|2013-05-15|株式会社東芝|Encryption device and decryption device|US9679344B2|2012-10-24|2017-06-13|Nubo Software|Server-based fast remote display on client devices|
    US9819593B1|2013-01-22|2017-11-14|Hypori, Inc.|System, method and computer program product providing bypass mechanisms for a virtual mobile device platform|
    US9667703B1|2013-01-22|2017-05-30|Hypori, Inc.|System, method and computer program product for generating remote views in a virtual mobile device platform|
    US9380456B1|2013-01-22|2016-06-28|Hypori, Inc.|System, method and computer program product for dynamically switching operating systems in a virtual mobile device platform|
    US9697629B1|2013-01-22|2017-07-04|Hypori, Inc.|System, method and computer product for user performance and device resolution settings|
    US9380562B1|2013-01-22|2016-06-28|Hypori, Inc.|System, method and computer program product for providing notifications from a virtual device to a disconnected physical device|
    US9380523B1|2013-01-22|2016-06-28|Hypori, Inc.|System, method and computer program product for connecting roaming mobile devices to a virtual device platform|
    US9619673B1|2013-01-22|2017-04-11|Hypori, Inc.|System, method and computer program product for capturing touch events for a virtual mobile device platform|
    US10691838B2|2014-06-20|2020-06-23|Cypress Semiconductor Corporation|Encryption for XIP and MMIO external memories|
    US10169618B2|2014-06-20|2019-01-01|Cypress Semiconductor Corporation|Encryption method for execute-in-place memories|
    US10192062B2|2014-06-20|2019-01-29|Cypress Semiconductor Corporation|Encryption for XIP and MMIO external memories|
    EP3183685A1|2014-08-20|2017-06-28|Intel Corporation|Encrypted code execution|
    US11250165B2|2019-12-20|2022-02-15|Intel Corporation|Binding of cryptographic operations to context or speculative execution restrictions|
    法律状态:
    2014-12-11| DA3| Amendments made section 104|Free format text: THE NATURE OF THE AMENDMENT IS: AMEND THE INVENTION TITLE TO READ MICROCONTROLLER CONFIGURED FOR EXTERNAL MEMORY DECRYPTION |
    2017-04-06| FGA| Letters patent sealed or granted (standard patent)|
    2018-12-06| MK14| Patent ceased section 143(a) (annual fees not paid) or expired|
    优先权:
    申请号 | 申请日 | 专利标题
    EP12164501.4A|EP2653992A1|2012-04-17|2012-04-17|Microcontroller configured for external memory decryption|
    EP12164501.4||2012-04-17||
    PCT/US2012/037309|WO2013158129A1|2012-04-17|2012-05-10|Microcontroller configured for external memory decrypton|
    [返回顶部]