Information assurance system for secure program execution

Abstract

An information assurance system for secure program execution is disclosed. The enhanced information assurance system may comprise an improved computer (12) including a central processing unit (CPU) (16) emulator configured to extend the available machine instruction set. The CPU emulator may be configured to emulate machine language instructions taken from a nonnative set of secure opcodes. The CPU emulator may ensure that instructions and data (36) in a random access memory (RAM) (14) remain encrypted at all times when in RAM, for example by storing the instructions (38) and data (36) in CPU registers (18) when decrypted on an as-needed basis.

Description

technical field

[0001] The present disclosure relates to apparatus and methods for maintaining data and program security during code execution. Background technique

[0002] In modern computer programs, whether on standard desktops or critical real-time embedded systems, protecting critical data and technology is paramount in today's threat-rich environment. This task becomes increasingly difficult when potential attackers have large budgets, direct access to target systems, and ample time.

[0003] Computer programs that perform critical functions (e.g., control of nuclear power plants, surgical robots, autonomous weapon systems, etc.) are generally protected by isolation from other computers and computer programs that could extract critical data or impair their behavior and performance. In practice, the "criticality" of computer programs ranges from jeopardy that may cause inconvenience to users, to jeopardy that may cause temporary loss of critical infrastructure and ser...

Images