| 发明名称 | System for monitoring an operation of a device | ||
| 摘要 | A system monitors an application. The system includes a state table with state table nodes corresponding to application checkpoints. The state table nodes include an authorized time interval and application path. The system also includes a time counter that tracks an operation time between successive application checkpoints, and a program counter that tracks and stores an operation path for the application. A checkpoint module verifies an operation of the application at a checkpoint by comparing the authorized time interval for the checkpoint state table node and the operation time tracked by the time counter, as well as the authorized application path for the checkpoint state table node and the operation path tracked by the program counter. A security action is performed when the tracked operation time is not within the authorized time interval, or when the tracked operation path does not match the authorized application path. | ||
| 申请公布号 | US9027124(B2) | 申请公布日期 | 2015.05.05 |
| 申请号 | US201213470697 | 申请日期 | 2012.05.14 |
| 申请人 | Broadcom Corporation | 发明人 | Mendel Jacob;Potievsky Alexander |
| 分类号 | G06F21/00;G06F21/54;G06F11/07 | 主分类号 | G06F21/00 |
| 代理机构 | Brinks Gilson & Lione | 代理人 | Brinks Gilson & Lione |
| 主权项 | 1. A system for monitoring an application, comprising: a state table including a plurality of state table nodes corresponding to checkpoints of an application, the state table nodes including an authorized time interval and an authorized application path; circuitry configured to track an operation time between successive checkpoints of the application; circuitry configured to track and store an operation path for the application; circuitry configured to detect an error in an operation of the application at a checkpoint, the detection comprising: identification of a checkpoint state table node corresponding to the checkpoint, comparison of the authorized time interval for the checkpoint state table node and the operation time tracked, and comparison of the authorized application path for the checkpoint state table node and the operation path tracked;identification of a branch value corresponding to a next node address and comparison of the authorized application path for the next node address; andcomparison of an authorized pointer value and an observed pointer value; and circuitry configured to perform a security operation in response to the error in the operation, the error detected by at least one of the tracked operation time not being within the authorized time interval, the tracked operation path not matching the authorized application path, the next node address not being in the authorized application path, or the authorized pointer value does not match the observed pointer value, wherein the security operation performed is selected according to a security level of the detected error. | ||
| 地址 | Irvine CA US | ||