CN108345789B - Record the method and device of accessing operation information - Google Patents
Record the method and device of accessing operation information Download PDFInfo
- Publication number
- CN108345789B CN108345789B CN201710213086.XA CN201710213086A CN108345789B CN 108345789 B CN108345789 B CN 108345789B CN 201710213086 A CN201710213086 A CN 201710213086A CN 108345789 B CN108345789 B CN 108345789B
- Authority
- CN
- China
- Prior art keywords
- access
- buffer
- operation information
- memory
- memory access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 166
- 230000015654 memory Effects 0.000 claims abstract description 267
- 230000008569 process Effects 0.000 claims abstract description 125
- 239000000872 buffer Substances 0.000 claims description 175
- 238000001514 detection method Methods 0.000 claims description 87
- 230000006399 behavior Effects 0.000 claims description 35
- 230000008520 organization Effects 0.000 claims description 8
- 238000012545 processing Methods 0.000 claims description 8
- 238000013461 design Methods 0.000 description 8
- 238000010586 diagram Methods 0.000 description 7
- 230000006870 function Effects 0.000 description 6
- 238000012360 testing method Methods 0.000 description 6
- 238000004891 communication Methods 0.000 description 3
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000011160 research Methods 0.000 description 3
- 230000002159 abnormal effect Effects 0.000 description 2
- 230000005055 memory storage Effects 0.000 description 2
- 238000013459 approach Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000009467 reduction Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 230000002123 temporal effect Effects 0.000 description 1
- 230000001052 transient effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/17—Details of further file system functions
- G06F16/1734—Details of monitoring file system events, e.g. by the use of hooks, filter drivers, logs
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Data Mining & Analysis (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
Abstract
The present invention provides a kind of method and devices for recording accessing operation information, this method comprises: the accessing operation during record object run between processor and memory, to form the memory access sequence information of the object run process, each accessing operation information in the memory access sequence information includes memory access type, memory access address and memory access data;According to the memory access sequence information of object run process, determine memory in the termination storage state of object run process.The embodiment of the present invention is achieved with termination storage state of memory during object run using less storage resource, reduces hardware spending.
Description
Technical Field
The invention relates to the technical field of computers, in particular to a method and a device for recording access operation information.
Background
With the large-scale application of new technologies such as network informatization and the like, information security becomes a more and more serious problem. The information security discussed by people is limited to network security, software security and the like, but with the recent research, the hardware security should be concerned.
The scale of hardware design is gradually increased along with the increase of the level of hardware design, so that the hardware trojan becomes possible: in a current large-scale circuit represented by a Central Processing Unit (CPU), sources of used hardware IP (intellectual property) are diversified, a hardware design flow is complicated, and factors such as labor division and refinement of a design and manufacturing flow cause a reduction in safety controllability of a final hardware product. The likelihood of malicious trojans or bugs (hereinafter trojans) being injected into the design increases, while the increase in hardware size also increases the difficulty of trojans being identified and discovered. In recent years, with the development of information security concepts, the security of hardware has become a research hotspot of information security.
Therefore, how to design a scheme to reduce the software and hardware overhead becomes an important issue in the process of detecting the hardware security.
Disclosure of Invention
In order to solve the above problems in the prior art, an object of the present invention is to provide a method and an apparatus for recording access operation information, which can obtain a termination storage state of a memory in a target operation process by using fewer storage resources, thereby reducing hardware overhead.
One aspect of the embodiments of the present invention provides a method for recording access operation information, where the method includes:
recording memory access operation between a processor and a memory in a target operation process to form memory access sequence information of the target operation process, wherein each memory access operation information in the memory access sequence information comprises a memory access type, a memory access address and memory access data;
and determining the termination storage state of the memory in the target operation process according to the memory access sequence information of the target operation process.
Another aspect of the embodiments of the present invention further provides a device for recording access operation information, where the device includes:
the memory access operation recording unit is used for recording memory access operation between the processor and the memory in the target running process so as to form memory access sequence information of the target running process, and each memory access operation information in the memory access sequence information comprises a memory access type, a memory access address and memory access data;
and the data organization unit is used for determining the termination storage state of the memory in the target operation process according to the access sequence information of the target operation process.
According to the embodiment of the invention, the memory access operation between the processor and the memory in the target running process is recorded, and the running termination state of the processor is determined by the memory access sequence information. Therefore, the termination storage state of the memory in the target operation process can be obtained by using less storage resources, and the hardware overhead is reduced.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a flowchart of a method for recording access operation information according to an embodiment of the present invention;
FIG. 2 is a flow chart of determining a termination storage state according to an embodiment of the present invention;
FIG. 3 is a flowchart illustrating a process of determining whether a processor is secure based on access operation information according to an embodiment of the present invention;
FIG. 4 is a flow chart illustrating a process of determining whether a processor is secure based on access operation information according to another embodiment of the present invention;
fig. 5 is a schematic structural diagram of an apparatus for recording access operation information according to an embodiment of the present invention;
FIG. 6 is a schematic diagram of a data organization unit 502 according to an embodiment of the invention;
FIG. 7 is a block diagram illustrating an apparatus for determining processor security based on access operation information according to an embodiment of the present invention;
FIG. 8 is a schematic structural diagram of a first read operation obtaining unit 503 according to an embodiment of the present invention;
FIG. 9 is a block diagram illustrating an apparatus for determining processor security based on access operation information according to another embodiment of the present invention;
fig. 10 is a schematic block diagram of a system configuration of an electronic apparatus according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Hardware security is a cornerstone of software security. All software security implementations are based on the assumption that the hardware is trusted, i.e. the hardware should behave as defined in its manual. At present, hardware is mostly detected in a design link and a factory link, and since the hardware appears in a system of a user in the form of a black box after being delivered (unlike a software trojan, a code of the hardware exists in the system and can be read and analyzed), the behavior of the hardware is difficult to monitor or sense. In addition, since it is difficult to judge the rationality of hardware behavior, there is currently little research on hardware security. The inventor finds that the storage state of the memory is one of important indexes in the process of safety detection of the processor. In order to obtain the memory mirror image, the simplest method is to copy the content of the whole memory, and further obtain the storage state of the memory in the detection interval. However, this approach is inefficient and takes up more resources.
The method and the device for recording the access operation information record the access operation between the processor and the memory in the target operation process, and determine the stop operation state of the processor by the access sequence information. Therefore, the termination storage state of the memory in the target operation process can be obtained by using less storage resources, and the hardware overhead is reduced. The method for recording the access operation information in the embodiment of the invention can be executed by a device for recording the access operation information. It should be understood that the means for recording the access operation information may be implemented as part of the detection means (means for determining the security of the processor based on the access operation information). Specifically, the apparatus may be integrated on the same chip as the processor, or may be implemented as a separate chip, or may be implemented in other forms of apparatuses, which is not limited in this respect. For example, some of the functions of the embodiments of the present invention may be integrated on the same chip as the processor under test, and the rest of the functions may be implemented as a separate chip or chips.
Fig. 1 is a flowchart illustrating a method for recording access operation information according to an embodiment of the present invention. As shown in fig. 1, the method includes:
step S101, recording the access operation between a processor and a memory in the target running process to form access sequence information of the target running process, wherein each item of access operation information in the access sequence information comprises an access type, an access address and access data.
Generally, the storage described herein includes an on-chip storage, such as a memory of a processor chip, and an off-chip storage, such as a hard disk, a usb disk, and a memory, and the present invention is not limited thereto. It should be understood that the memory access type includes a read operation and a write operation, the memory access address refers to an address of the memory access operation of this time, and the memory access data refers to data read by or written in the memory access operation of this time.
And step S102, determining the storage termination state of the memory in the target operation process according to the memory access sequence information of the target operation process. Wherein, in one embodiment, the termination storage state may be used to determine whether the processor is safe during the target operation. For example, the detection means may determine whether the processor is safe during the target operation based on the memory's terminated memory state.
It should be understood that the method and apparatus for recording access operation information provided by the present invention can be applied not only to the above-mentioned hardware security detection field, but also to other technical fields without departing from the spirit and scope of the present invention.
It should be understood that the termination storage state of the memory during the target run refers to the final storage state of the storage space operated by the processor during the target run. The memory space operated on by the processor may include read-only memory space, write-only memory space, and memory space that is both read and write. The read-only memory space means that the processor only performs read operation on the memory space in the target operation process. Similarly, a write-only memory space refers to a memory space to which a processor performs a write operation only during a target operation, and a read-write memory space refers to a memory space to which a processor performs both a read operation and a write operation during a target operation. In one embodiment, the termination storage state may include only the final storage state in the write-only storage space and the storage space that is both read and written. In another embodiment, the termination storage state may include a read-only storage space, a write-only storage space, and a final storage state in both read and write storage spaces.
It should also be understood that the last write operation of the processor may be derived from the terminating storage state of the memory. For example, when the termination storage state includes only the final storage state in the write-only storage space and the storage space that is both read and written, the termination storage state is equal to the last write operation of the processor. Specifically, the ordering of each access operation information in the access sequence information may represent the time sequence of each access operation. Therefore, according to the time sequence of each memory access operation, each memory access operation information is traversed in sequence, and the termination storage state of the memory can be obtained. Or, the last write operation of the processor to each storage space may be obtained, and the storage termination state/last write operation may be used to determine whether the processor is safe.
In one embodiment, when determining whether the processor is safe, the operation process of the tested processor can be divided into one or more detection intervals. For example, the whole running process of the processor under test from startup to shutdown may be used as one target running process, or the whole running process may be divided into a plurality of target running processes corresponding to a plurality of detection intervals. In this way, when confirming the safety of the processor, the safety detection of the running process (i.e. the target running process) of the processor in a certain detection interval can be realized.
In an embodiment, when the memory storage termination state of the memory in the target running process is obtained according to the memory access sequence information of the target running process, the memory storage termination state may be obtained according to the steps shown in fig. 2:
step S201, obtaining first access operation information from the access sequence information. It should be understood that the first access operation information is a name, and may be used to refer to any access operation information in the access sequence information.
Step S202, when the access type of the first access operation information is write operation, writing the first access operation information into a buffer. For the sake of distinction from the following buffer, the buffer herein will be referred to as the first buffer.
Step S203, traversing each access operation information in the access sequence in sequence, and after the access operation information corresponding to all write operations in the access sequence information is written into the first buffer, obtaining the storage termination state from the first buffer.
In the above embodiment, when the first access operation information is written into the first buffer in step S202, the access operation information corresponding to the write operation may be directly written into the first buffer without comparing with the content in the first buffer, which may result in an increase in the amount of information recorded in the first buffer. For example, the same address may correspond to multiple memory access records. Thus, when the terminating storage state is obtained, the content of the last write operation in the same address needs to be obtained.
For the same access address, only the last record needs to be taken. Therefore, when the access operation information corresponding to the write operation is written into the first buffer, the access operation information can be compared with the content recorded in the first buffer and written into the first buffer in an overwriting or inserting mode. Therefore, the same address in the first buffer can be ensured to correspond to one record, and the information amount recorded in the first buffer is reduced.
In one embodiment, when the access type of the first access operation information is a write operation, when the first access operation information is written into the first buffer, it is generally determined whether a memory address of the first access operation information is recorded in the first buffer. If the first buffer records the access address of the first access operation information, writing the first access operation information into the first buffer to cover the previous access operation information; and if the access address of the first access operation information is not recorded in the first buffer, inserting the first access operation information into the first buffer.
In an embodiment, according to the access sequence information obtained in step S101, access operation information corresponding to the first read operation of the access address related in the target running process is obtained, and then access data in the access operation information corresponding to the first read operation of each access address is used as input information or an initial running state of a detection device, so that the detection device executes a task in the target running process in a manner that the detection device conforms to a predefined behavior. It should be understood that the first read operation is for the same address, and that the first read operations for different addresses are different. For example, a processor may have multiple read operations for a particular memory address, the first of which is referred to herein as the first read operation.
The predefined behavior is a hardware behavior standard of the processor, wherein the hardware behavior standard refers to a behavior standard of the processor in the process of analyzing and executing the software instruction stream. In one embodiment, the hardware behavior criteria for a processor may be the behavior criteria specified in a processor specification or other normalized document. For example, for an instruction set processor, the predefined behavior may include: the behavior of instructions specified in the instruction set implemented by the processor, the behavior of responses and processing to interrupts, and the behavior of input and output ports of the processor, among other behaviors. In one embodiment, the processor in the detection device may be designed in advance according to the hardware behavior standard of the processor, so that the detection device conforms to the predefined behavior during operation.
Since the processor under test is a black box for the user, it is not known whether it will perform the task in the target run in a manner that conforms to the predefined behavior during the actual run. Therefore, comparing the difference between the hardware execution traces of the processor under test and the detection device when executing the same task is an important criterion for determining the hardware security. The predefined behavior can be defined and modified by a user, has good portability, can be applied to safety detection of processors of different models, and solves the problem of processor hardware black box.
In an embodiment, when the access operation information corresponding to the first read operation in the target running process is obtained from the access sequence information, the second access operation information may be obtained from the access sequence information first. Then, judging whether the access type of the second access operation information is a read operation; if the read operation is performed, the second access operation information is written into a buffer, here denoted as a second buffer. In this way, when the detection device executes a task in the target running process, the access data of the first read operation can be acquired from the second buffer to be used as the input information. Or, the detection device obtains the first read operation as the initial operation state of the detection interval. It should be understood that the second access operation information and the first access operation information are all terms, and they may point to the same access operation information. It should also be understood that the detection device may obtain the memory access data of the first read operation from the second buffer in real time, without waiting for the target running process to end.
In one embodiment, because the input information of the detection device is the access data in the access operation information corresponding to the first read operation, when the access operation information corresponding to the first read operation is acquired from the second buffer, the access data in the access operation information corresponding to each first read operation can be read only, and the access address and the access type in the access operation information corresponding to each first read operation do not need to be read.
In an embodiment, when the access type of the second access operation information is a read operation, it may be determined first whether the second buffer has recorded therein information that is the same as the second access operation information, and if the access operation information that is the same as the access operation information corresponding to the read operation has been recorded therein, the access operation information corresponding to the second read operation may be discarded and is no longer written into the second buffer.
In one embodiment, after the memory access operation information is recorded, when the detection device performs security detection on the processor based on the memory access operation information, the method further includes the following steps (see fig. 3):
step S301, when the access type of the second access operation information is a read operation, further determining whether the first buffer stores the access address of the second access operation information.
Step S302, when the access address of the second access operation information is not recorded in the first buffer, writing the second access operation information into the first buffer. When the memory address of the second memory access operation information is recorded in the first buffer, the second memory access operation information may be discarded (step S303).
In summary, the access operation information in the access sequence information may be sequentially traversed, and if it is a write operation, it is written into the first buffer. If the data is written into the second buffer for reading operation, whether the corresponding access address is recorded in the first buffer is judged at the same time, and if not, the data is written into the first buffer.
Step S304, when the detection device executes the task in the target running process, writing the output data of the detection device into the second buffer. In this way, the second buffer is not only used for storing the access operation information, but also can be reused by the detection device to store the output information of the detection device, thereby saving the storage resource. It should be understood that the detection device may also write the output data into other memories, and the scope of the embodiments of the present invention is not limited thereto.
Before step S304 is executed, the second buffer already records the access operation information of which the access operation type is a read operation in the access sequence information. Therefore, when the output data of the detection device is written into the second buffer, if the same access operation as the access address (write address) of the output data is recorded in the second buffer, the previously recorded content of the second buffer is overwritten when the output data is written into the second buffer. If the second buffer does not record the access operation same as the access address (write address) of the output data, the write address entry can be added in the second buffer, and the output data is inserted into the second buffer. When determining whether the processor is safe in the target operation process by using the embodiment of the present invention, the determination may be performed according to step S305.
Step S305, sequentially traversing and comparing the memory access data and the memory access type of the same memory access address in the second buffer and the first buffer, and determining whether the processor is safe. For example, it may be determined whether the same access address is recorded in the second buffer and the first buffer, and if the same access address is not recorded, the processor is considered to be unsafe (step S306). If the memory access addresses recorded in the two buffers are the same, it is also necessary to determine whether the memory access data and the memory access types in the memory access operation information corresponding to each memory access address are consistent, and if the memory access data and the memory access types are inconsistent, the processor is considered to be unsafe (step S307). For example, the first buffer may be used as a comparison reference, and whether the memory address, the memory data, and the memory type of each piece of memory operation information recorded in the second buffer are consistent with the first buffer may be sequentially traversed and compared. If there is an inconsistency, the processor is considered unsafe. If they are identical, the processor is considered safe.
It should be understood that processor security as identified in this specification is a concept of temporal security. Generally, when detecting whether a processor is safe, a plurality of parameters of the processor need to be compared. In this case, the "processor security" defined in this specification is a transient security, and it is determined that the processor is secure only when all parameters have been compared. The following illustrates a complete processor security detection process.
Setting the initial operation state of the detection device according to the initial operation state information of the processor in the target operation process, and taking the input information of the processor in the target operation process as the input information of the detection device. And enabling the detection device to execute the task in the target operation process in a mode of conforming to the predefined behavior to obtain the output information and/or the stop operation state information of the detection device. Wherein the predefined behavior is a hardware behavior criterion of the processor. And determining whether the processor is safe in the target operation process according to the output information and/or the operation termination state information of the detection device. The initial running state information of the target running process is data stored in a memory corresponding to the characteristic state set at the starting position of the target running process. The stop operation state information of the target operation process is data stored in a memory corresponding to the characteristic state set at the stop position of the target operation process. And determining the output information and the next operating state of the target operating process according to the current operating state, the input information and the characteristic state set of the target operating process.
The memory termination state referred to herein may be used to indicate the last write operation of the processor to the memory, and thus corresponds to the output information of the processor. Thus, the security detection method shown in FIG. 3 is one embodiment of determining whether a processor is secure based on output information. Optionally, whether the processor is safe or not may be determined in real time according to the output information, or whether the processor is safe or not may be determined according to the output information when the detection device has completed executing the task in the target operation process. Then, when the detection device has finished executing the task in the target operation process, it is necessary to compare the output information with the operation termination state to finally determine that the processor is safe.
In another embodiment, when the detection device performs security detection on the processor, as an alternative implementation manner of the embodiment shown in fig. 3, it is not required to write the access operation information of the read operation type into the first buffer, compared with the embodiment shown in fig. 3. For example, when the access operation information in the access sequence information is traversed in sequence, if the access operation information is written into the first buffer for writing. If the data is written into the second buffer for reading operation, whether the corresponding access address is recorded in the first buffer or not is not required to be judged and written into the first buffer. In this case, the method further comprises the steps of (see fig. 4):
step S401, when the detection device executes the task in the target operation process, writing the output data of the detection device into the second buffer.
Step S402, determining whether the first buffer stores the access address of the output data.
The output data of the detection device may carry other information except the memory access type and the memory access data, and when the output data is written into the second buffer, it needs to be ensured that the output data is the same as the storage format of the second buffer, for example, the memory access type and the memory access data are extracted from the output data and written into the second buffer.
When the access address of the output data is recorded in the first buffer, whether the processor is safe is determined according to the storage termination state of the memory in the target operation process, and the specific operation is shown in step S403. When the access address of the output data is not recorded in the first buffer, the processor is considered to be unsafe (step S404). That is, when the first buffer does not record the access address of the output data, it indicates that the processor under test writes less data than the detection device, and the processor under test may be determined to be unsafe.
Step S403, traversing the access operation information in the first buffer, and determining whether the second buffer records the same access data corresponding to the same access address. And when the same access data corresponding to the same access address is recorded in the second buffer, determining that the processor is safe (step S405). And when the same access data corresponding to the same access address is not recorded in the second buffer, determining that the processor is not secure (step S404).
It can be seen from the above embodiments that, if the memory access address and the memory access data in the first buffer are consistent with the memory access address and the memory access data in the second buffer, the processor is determined to be safe. And when the same access address as the access address in the first buffer is not recorded in the second buffer or the access data in the second buffer are different, the processor is judged to be unsafe.
In one embodiment, the address range to be detected is acquired before the memory access operation between the processor and the memory in the running process of the record target. In this case, the memory access operation recorded in the target operation process is selected according to the address range to be detected. The address range to be detected can be customized by a user and is pre-stored in a position where the detection device or other detection devices can read. Therefore, the user can customize the memory range of the safety detection according to the safety detection requirement, and the detection efficiency and the flexibility are improved.
By utilizing the method and the device for recording the access operation information, the access operation between the processor and the memory in the target operation process is recorded, and the stop operation state of the processor is determined by the access sequence information. Therefore, the termination storage state of the memory in the target operation process can be obtained by using less storage resources, and the hardware overhead is reduced.
In addition, according to the embodiment of the invention, by recording the memory access operation between the processor and the memory in the target operation process and determining whether the processor is safe in the target operation process according to the obtained storage termination state of the memory, whether the behavior of the processor is abnormal in the target operation process can be effectively checked, the difficulty of hardware safety detection is reduced, and the safety of hardware use is improved. Meanwhile, the detection content can be set by a user, the method has good portability, can be applied to hardware safety detection of processors of different models, solves the problem of processor hardware black box, and reduces the detection difficulty.
Based on the same inventive concept as the method for recording the access operation information shown in fig. 1, the embodiment of the present invention further provides an apparatus for recording the access operation information, which is specifically described in the following embodiment. Since the principle of the device for solving the problems is similar to the method in fig. 1, the implementation of the device can refer to the implementation of the method shown in fig. 1, and repeated descriptions are omitted.
As shown in the solid line part in fig. 5, an embodiment of the present invention further provides an apparatus for recording access operation information, which mainly includes an access operation recording unit 501 and a data organization unit 502. The memory access operation recording unit 501 is configured to record memory access operations between a processor and a memory in a target operation process to form memory access sequence information of the target operation process, where each memory access operation information in the memory access sequence information includes a memory access type, a memory access address, and memory access data. The data organization unit 502 is configured to determine a storage termination state of the memory in the target running process according to the access sequence information of the target running process. The termination storage state is used to determine whether the processor is safe during the target operation.
The memory access operation recording unit 501 in the embodiment of the present invention may be disposed between the processor and the memory, or disposed on the processor chip, which is not limited in the present invention. For ease of description, the detection device is shown as a separate unit in fig. 5. It should be understood that the memory access operation recording unit 501 and the data organization unit 502 may be implemented as a part of the detection apparatus, and perform the security detection process in cooperation with other parts of the detection apparatus. Likewise, each of the units described below may be implemented as part of the detection device.
In one embodiment, the structure of the data organization unit 501 is shown in fig. 6 (solid line part of the figure), and includes: a first access operation information obtaining module 601, a first handling module 602, a first buffer 603, and a termination storage status obtaining module 604. The first memory access operation information obtaining module 601 is configured to obtain first memory access operation information in the memory access sequence information; the first handling module 602 is configured to, when the access type of the first access operation information is a write operation, write the first access operation information into a first buffer 603; a termination storage status obtaining module 604, configured to obtain the termination storage status from the first buffer.
In one embodiment, the first handling module 602 is configured to determine whether a memory access address of the first memory access operation information is recorded in the first buffer 603, and write the first memory access operation information into the first buffer 603 to overwrite previous memory access operation information when the memory access address of the first memory access operation information is already recorded in the first buffer 603; when the access address of the first access operation information is not recorded in the first buffer 603, the first access operation information is inserted into the first buffer 603.
In an embodiment, the apparatus shown in fig. 5 further includes a first read operation obtaining unit 503 (see fig. 7 in detail) for obtaining, from the access sequence information, access operation information corresponding to the first read operation in the target running process. The memory access data in the memory access operation information corresponding to the first read operation can be used as input information or an initial running state of the detection device, so that the detection device can execute the task in the target running process in a mode of meeting predefined behaviors. The predefined behavior is a hardware behavior criterion of the processor. In another scenario, when the memory is integrated with the processor, the memory access data corresponding to the first read operation may be used as part of detecting the initial operating state of the device.
In one embodiment, the structure of the first read operation obtaining unit 503 is shown as a solid line part in fig. 8, and includes: a second access operation information obtaining module 801, a second handling module 802, a second buffer 803, and a first read operation obtaining module 804. The second memory access operation information obtaining module 801 is configured to obtain second memory access operation information in the memory access sequence information; the second handling module 802 is configured to, when the access type of the second access operation information is a read operation, write the second access operation information into a second buffer 803; the first read operation obtaining module 804 is configured to obtain, from the second buffer, access operation information corresponding to the first read operation.
In one embodiment, the apparatus for recording the access operation information further includes a judging unit 504, a synchronizing unit 505, an output data obtaining unit 506, and a security judging unit 507, and the structure of which is shown in fig. 9.
The judging unit 504 is configured to determine whether a memory access address of the second memory access operation information is recorded in the first buffer 603 when the memory access type of the second memory access operation information is a read operation; the synchronization unit 505 is configured to, when the access address of the second access operation information is not recorded in the first buffer, write the second access operation information into the first buffer; when the detection device executes a task in the target running process, the output data acquisition unit 506 is configured to write output data of the detection device into the second buffer 803; the security judgment unit 507 is configured to sequentially traverse and compare the memory access data and the memory access type of the same memory access address in the second buffer 803 and the first buffer 603, and determine whether the processor is secure.
In one embodiment, when the detection device executes a task in the target operation process, and the output data acquisition unit 506 writes the output data of the detection device into the second buffer 803, the judgment unit 504 is further configured to determine whether the access address of the output data is recorded in the first buffer 603, and when the access address of the output data is recorded in the first buffer 603, determine whether the processor is safe by using the safety judgment unit 507 according to the storage termination state of the memory in the target operation process.
In an embodiment, when determining whether the processor is safe by using the security determining unit 507 according to the storage termination state of the memory in the target operation process, the access operation information in the first buffer 603 may be traversed, and it is determined whether the second buffer 803 records the same access data corresponding to the same access address, and when the second buffer 803 already records the same access data corresponding to the same access address, the processor is determined to be safe; when the same access data corresponding to the same access address is not recorded in the second buffer 803, it is determined that the processor is not secure.
In an embodiment, the memory access operation recording unit 501 is further configured to acquire an address range to be detected, and select a memory access operation recorded in the target operation process according to the address range to be detected.
The method and the device for recording the access operation information record the access operation between the processor and the memory in the target operation process, and determine the stop operation state of the processor by the access sequence information. Therefore, the termination storage state of the memory in the target operation process can be obtained by using less storage resources, and the hardware overhead is reduced.
In addition, the embodiment of the invention can effectively check whether the behavior of the processor in the target running process is abnormal or not by recording the access operation between the processor and the memory in the target running process and determining whether the processor is safe in the target running process according to the obtained storage termination state of the memory, thereby reducing the difficulty of hardware safety detection and improving the safety of hardware use. Meanwhile, the detection content can be set by a user, the method has good portability, can be applied to hardware safety detection of processors of different models, solves the problem of processor hardware black box, and reduces the detection difficulty.
It should be appreciated that the buffers referred to herein may be implemented as any type of memory and embodiments of the present invention are not limited in this respect.
The embodiment of the invention also provides electronic equipment, which can be a desktop computer and the like, and the embodiment is not limited to the electronic equipment. In this embodiment, the electronic device may refer to the implementation of the method shown in fig. 1 and the implementation of the apparatus shown in fig. 5, and the contents thereof are incorporated herein, and repeated descriptions are omitted.
Fig. 10 is a schematic block diagram of a system configuration of an electronic apparatus according to an embodiment of the present invention. As shown in fig. 6, the electronic device may include a processor 1001 and a memory 1002, the memory 1002 being coupled to the processor 1001. It is noted that this figure is exemplary and that other types of structures may be used in addition to or in place of this structure to implement communication, detection functions, or other functions.
In one embodiment, the function of recording memory accesses between the processor and the memory during the running of the target may be integrated into the processor 1001. Among other things, the processor 1001 may be configured to control as follows: recording memory access operation between a processor and a memory in a target operation process to form memory access sequence information of the target operation process, wherein each memory access operation information in the memory access sequence information comprises a memory access type, a memory access address and memory access data; and determining the termination storage state of the memory in the target operation process according to the memory access sequence information of the target operation process. Wherein, in one embodiment, the termination storage state is used to determine whether the processor is safe during the target run.
Determining the termination storage state of the memory in the target operation process according to the access sequence information of the target operation process, wherein the termination storage state comprises the following steps: acquiring first access operation information in the access sequence information; when the access type of the first access operation information is write operation, writing the first access operation information into a first buffer; retrieving the termination storage state from the first buffer.
When the access type of the first access operation information is write operation, writing the first access operation information into the first buffer comprises: determining whether a memory access address of the first memory access operation information is recorded in the first buffer; when the first buffer is recorded with the memory access address of the first memory access operation information, writing the first memory access operation information into the first buffer to cover the previous memory access operation information; and when the access address of the first access operation information is not recorded in the first buffer, inserting the first access operation information into the first buffer.
Wherein, the processor 1001 may be further configured to control as follows: obtaining access operation information corresponding to the first read operation in the target running process from the access sequence information; and taking the memory access data in the memory access operation information corresponding to the first read operation as input information or initial running state information of a detection device, so that the detection device executes the task in the target running process in a mode of meeting predefined behaviors, wherein the predefined behaviors are hardware behavior standards of a processor.
Obtaining the memory access operation information corresponding to the first read operation in the target running process from the memory access sequence information, wherein the memory access operation information comprises: acquiring second access operation information in the access sequence information; when the access type of the second access operation information is read operation, writing the second access operation information into a second buffer; and obtaining the access operation information corresponding to the first read operation from the second buffer.
Wherein, the processor 1001 may be further configured to control as follows: when the access type of the second access operation information is read operation, determining whether the first buffer is recorded with an access address of the second access operation information; when the access address of the second access operation information is not recorded in the first buffer, writing the second access operation information into the first buffer; when the detection device executes the task in the target running process, writing output data of the detection device into the second buffer; and sequentially traversing and comparing the memory access data and the memory access types of the same memory access addresses in the second buffer and the first buffer to determine whether the processor is safe.
Wherein, the processor 1001 may be further configured to control as follows: when the detection device executes the task in the target running process, writing output data of the detection device into the second buffer; determining whether the first buffer is recorded with the access address of the output data; and when the memory access address of the output data is recorded in the first buffer, determining whether the processor is safe or not according to the termination storage state of the memory in the target operation process.
Wherein determining whether the processor is safe according to the termination storage state of the memory in the target operation process comprises: traversing the access operation information in the first buffer, and determining whether the second buffer records the same access data corresponding to the same access address; when the same access data corresponding to the same access address is recorded in the second buffer, the safety of the processor is determined; and when the same access data corresponding to the same access address is not recorded in the second buffer, determining that the processor is unsafe.
Before being configured to record the access operation between the processor and the memory in the target running process, the processor 1001 is further configured to control as follows: acquiring an address range to be detected; and selecting the memory access operation recorded in the target operation process according to the address range to be detected.
In another embodiment, the device for recording the access operation information may be configured separately from the processor 1001, for example, the device for recording the access operation information may be configured as a chip connected to the processor 1001, and the recording of the access operation information is realized by the control of the processor 1001.
As shown in fig. 10, the electronic device may further include: an input unit 1003, a display unit 1004, and a power supply 1005. It is noted that the electronic device does not necessarily have to include all of the components shown in fig. 10. Furthermore, the electronic device may also comprise components not shown in fig. 10, reference being made to the prior art.
As shown in fig. 10, the processor 1001, sometimes referred to as a controller or operational control, may comprise a microprocessor or other processor device and/or logic device, and the processor 1001 receives input and controls the operation of the various components of the electronic device.
The memory 1002 may be, for example, one or more of a buffer, a flash memory, a hard drive, a removable medium, a volatile memory, a non-volatile memory, or other suitable devices, and may store one or more of configuration information of the processor 1001, instructions executed by the processor 1001, recorded access sequence information, and the like. The processor 1001 may execute a program stored in the memory 1002 to realize information storage or processing, or the like. In one embodiment, a buffer memory, i.e., a buffer, is also included in the memory 1002 to store the intermediate information.
The input unit 1003 may be, for example, a key input device or a touch input device, and provides input to the processor 1001. The display unit 1004 is used for displaying a display object such as an image or a character, and may be, for example, an LCD display, but the present invention is not limited thereto. The power supply 1005 is used to provide power to the electronic device.
Embodiments of the present invention further provide a computer readable instruction, where when the instruction is executed in an electronic device, the program causes the electronic device to execute the method for recording access operation information as shown in fig. 1.
An embodiment of the present invention further provides a storage medium storing computer-readable instructions, where the computer-readable instructions enable an electronic device to execute the method for recording access operation information shown in fig. 1.
It should be understood that, in various embodiments of the present invention, the sequence numbers of the above-mentioned processes do not mean the execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation on the implementation process of the embodiments of the present invention.
It should also be understood that, in the embodiment of the present invention, the term "and/or" is only one kind of association relation describing an associated object, and means that three kinds of relations may exist. For example, a and/or B, may represent: a exists alone, A and B exist simultaneously, and B exists alone. In addition, the character "/" herein generally indicates that the former and latter related objects are in an "or" relationship.
Those of ordinary skill in the art will appreciate that the elements and algorithm steps of the examples described in connection with the embodiments disclosed herein may be embodied in electronic hardware, computer software, or combinations of both, and that the components and steps of the examples have been described in a functional general in the foregoing description for the purpose of illustrating clearly the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may also be an electric, mechanical or other form of connection.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment of the present invention.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention essentially or partially contributes to the prior art, or all or part of the technical solution can be embodied in the form of a software product stored in a storage medium and including instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The principle and the implementation mode of the invention are explained by applying specific embodiments in the invention, and the description of the embodiments is only used for helping to understand the method and the core idea of the invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.
Claims (18)
1. A method for recording access operation information is characterized by comprising the following steps:
recording memory access operation between a processor and a memory in a target operation process to form memory access sequence information of the target operation process, wherein each memory access operation information in the memory access sequence information comprises a memory access type, a memory access address and memory access data;
determining the termination storage state of the memory in the target operation process according to the access sequence information of the target operation process,
wherein the termination storage state is a final storage state of a storage space operated by the processor during the target run.
2. The method as claimed in claim 1, wherein the determining the storage state of the memory at the end of the target running process according to the access sequence information of the target running process comprises:
acquiring first access operation information in the access sequence information;
when the access type of the first access operation information is write operation, writing the first access operation information into a first buffer;
retrieving the termination storage state from the first buffer.
3. The method of claim 2, wherein when the access type of the first access operation information is a write operation, writing the first access operation information into a first buffer comprises:
determining whether a memory access address of the first memory access operation information is recorded in the first buffer;
when the first buffer is recorded with the memory access address of the first memory access operation information, writing the first memory access operation information into the first buffer to cover the previous memory access operation information;
and when the access address of the first access operation information is not recorded in the first buffer, inserting the first access operation information into the first buffer.
4. The method of claim 2 or 3, further comprising:
obtaining access operation information corresponding to the first read operation in the target running process from the access sequence information;
and taking the memory access data in the memory access operation information corresponding to the first read operation as input information or an initial running state of a detection device, so that the detection device executes the task in the target running process in a mode of meeting a predefined behavior, wherein the predefined behavior is a hardware behavior standard of a processor.
5. The method according to claim 4, wherein the obtaining access operation information corresponding to a first read operation in the target running process from the access sequence information includes:
acquiring second access operation information in the access sequence information;
when the access type of the second access operation information is read operation, writing the second access operation information into a second buffer;
and obtaining the access operation information corresponding to the first read operation from the second buffer.
6. The method of claim 5, further comprising:
when the access type of the second access operation information is read operation, determining whether the first buffer is recorded with an access address of the second access operation information;
when the access address of the second access operation information is not recorded in the first buffer, writing the second access operation information into the first buffer;
when the detection device executes the task in the target running process, writing output data of the detection device into the second buffer;
and sequentially traversing and comparing the memory access data and the memory access types of the same memory access addresses in the second buffer and the first buffer to determine whether the processor is safe.
7. The method of claim 5, further comprising:
when the detection device executes the task in the target running process, writing output data of the detection device into the second buffer;
determining whether the first buffer is recorded with the access address of the output data;
and when the memory access address of the output data is recorded in the first buffer, determining whether the processor is safe or not according to the termination storage state of the memory in the target operation process.
8. The method of claim 7, wherein determining whether the processor is secure based on a termination storage state of the memory during the target run comprises:
traversing the access operation information in the first buffer, and determining whether the second buffer records the same access data corresponding to the same access address;
when the same access data corresponding to the same access address is recorded in the second buffer, the safety of the processor is determined;
and when the same access data corresponding to the same access address is not recorded in the second buffer, determining that the processor is unsafe.
9. The method according to any one of claims 1 to 3, wherein before the memory access operation between the processor and the memory in the running process of the recording target, the method further comprises:
acquiring an address range to be detected;
and selecting the memory access operation recorded in the target operation process according to the address range to be detected.
10. An apparatus for recording access operation information, comprising:
the memory access operation recording unit is used for recording memory access operation between a processor and a memory in a target running process so as to form memory access sequence information of the target running process, wherein each memory access operation information in the memory access sequence information comprises a memory access type, a memory access address and memory access data;
the data organization unit is used for determining the termination storage state of the memory in the target operation process according to the access sequence information of the target operation process,
wherein the termination storage state is a final storage state of a storage space operated by the processor during the target run.
11. The apparatus of claim 10, wherein the data organization unit comprises: the device comprises a first access operation information acquisition module, a first processing module, a first buffer and a storage termination state acquisition module; wherein,
the first memory access operation information acquisition module is used for acquiring first memory access operation information in the memory access sequence information;
the first processing module is used for writing the first access operation information into a first buffer when the access type of the first access operation information is write operation;
the storage termination state obtaining module is configured to obtain the storage termination state from the first buffer.
12. The apparatus of claim 11, wherein the first treatment module is to:
determining whether a memory access address of the first memory access operation information is recorded in the first buffer;
when the first buffer is recorded with the memory access address of the first memory access operation information, writing the first memory access operation information into the first buffer to cover the previous memory access operation information;
and when the access address of the first access operation information is not recorded in the first buffer, inserting the first access operation information into the first buffer.
13. The apparatus of claim 11 or 12, further comprising:
a first read operation obtaining unit, configured to obtain, from the access sequence information, access operation information corresponding to a first read operation in the target operation process;
and the memory access data in the memory access operation information corresponding to the first read operation is used as input information or an initial running state of the detection device, so that the detection device executes the task in the target running process in a mode of meeting predefined behaviors, wherein the predefined behaviors are the hardware behavior standards of the processor.
14. The apparatus of claim 13, wherein the first read operation obtaining unit comprises: the first memory access operation information acquisition module, the first processing module, the first buffer and the first read operation acquisition module are connected with the first memory access operation information acquisition module; wherein,
the second memory access operation information acquisition module is used for acquiring second memory access operation information in the memory access sequence information;
the second processing module is used for writing the second access operation information into a second buffer when the access type of the second access operation information is read operation;
and the first read operation acquisition module is used for acquiring the access operation information corresponding to the first read operation from the second buffer.
15. The apparatus of claim 14, further comprising: the device comprises a judging unit, a synchronizing unit, an output data acquiring unit and a safety judging unit; wherein,
the judging unit is used for determining whether a memory access address of the second memory access operation information is recorded in the first buffer or not when the memory access type of the second memory access operation information is read operation;
the synchronization unit is used for writing the second access operation information into the first buffer when the access address of the second access operation information is not recorded in the first buffer;
the output data acquisition unit is used for writing the output data of the detection device into the second buffer when the detection device executes the task in the target operation process;
and the safety judgment unit is used for sequentially traversing and comparing the memory access data and the memory access types of the same memory access addresses in the second buffer and the first buffer to determine whether the processor is safe.
16. The apparatus according to claim 15, wherein the output data obtaining unit writes output data of the detection apparatus into the second buffer while the detection apparatus executes the task in the target operation process;
the judging unit is further used for determining whether the first buffer is recorded with the access address of the output data;
when the first buffer records the access address of the output data, the safety judgment unit is further used for determining whether the processor is safe according to the storage termination state of the memory in the target operation process.
17. The apparatus of claim 16, wherein when the first buffer has a memory address of the output data recorded therein, the security determining unit determines whether the processor is secure according to a storage termination state of the memory during the target operation, and includes:
traversing the access operation information in the first buffer, and determining whether the second buffer records the same access data corresponding to the same access address;
when the same access data corresponding to the same access address is recorded in the second buffer, the safety of the processor is determined;
and when the same access data corresponding to the same access address is not recorded in the second buffer, determining that the processor is unsafe.
18. The apparatus of any one of claims 10 to 12,
the memory access operation recording unit is further used for acquiring an address range to be detected and selecting memory access operation recorded in the target operation process according to the address range to be detected.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710213086.XA CN108345789B (en) | 2017-04-01 | 2017-04-01 | Record the method and device of accessing operation information |
| US15/895,145 US10331381B2 (en) | 2017-02-20 | 2018-02-13 | Method and device for recording memory access operation information |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710213086.XA CN108345789B (en) | 2017-04-01 | 2017-04-01 | Record the method and device of accessing operation information |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108345789A CN108345789A (en) | 2018-07-31 |
| CN108345789B true CN108345789B (en) | 2019-02-22 |
Family
ID=62962738
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710213086.XA Active CN108345789B (en) | 2017-02-20 | 2017-04-01 | Record the method and device of accessing operation information |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108345789B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101561775A (en) * | 2009-05-12 | 2009-10-21 | 华为技术有限公司 | Method and device for monitoring memory |
| CN103970512A (en) * | 2014-05-21 | 2014-08-06 | 龙芯中科技术有限公司 | Multi-core processor and parallel replay method thereof |
| CN106407063A (en) * | 2016-10-11 | 2017-02-15 | 东南大学 | Method for simulative generation and sorting of access sequences at GPU L1 Cache |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104216837A (en) * | 2013-05-31 | 2014-12-17 | 华为技术有限公司 | Memory system, memory access request processing method and computer system |
| US20150186311A1 (en) * | 2013-12-28 | 2015-07-02 | Ming Kiat Yap | Smart direct memory access |
-
2017
- 2017-04-01 CN CN201710213086.XA patent/CN108345789B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101561775A (en) * | 2009-05-12 | 2009-10-21 | 华为技术有限公司 | Method and device for monitoring memory |
| CN103970512A (en) * | 2014-05-21 | 2014-08-06 | 龙芯中科技术有限公司 | Multi-core processor and parallel replay method thereof |
| CN106407063A (en) * | 2016-10-11 | 2017-02-15 | 东南大学 | Method for simulative generation and sorting of access sequences at GPU L1 Cache |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108345789A (en) | 2018-07-31 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20160300044A1 (en) | Anti-debugging method | |
| US8812983B2 (en) | Automatic magnification and selection confirmation | |
| CN103646208B (en) | Monitoring method and device of eMMC | |
| KR100988157B1 (en) | Method and apparatus for detecting memory device configuration, and computer readable medium containing instructions for performing method for detecting memory device configuration | |
| US9177136B2 (en) | Information device, program, method, and computer readable recording medium for preventing execution of malicious program code | |
| CN104217139B (en) | Processing system | |
| US10289397B2 (en) | Silent installation of software with dependencies | |
| CN108898012B (en) | Method and apparatus for detecting illegal program | |
| US10049029B1 (en) | Networked multi-interface host debugger | |
| US20140164845A1 (en) | Host computer and method for testing sas expanders | |
| US9535713B2 (en) | Manipulating rules for adding new devices | |
| CN107678770B (en) | Interface chip upgrading method and device, storage medium and processor | |
| CN111428240B (en) | Method and device for detecting illegal access of memory of software | |
| CN109522174B (en) | Method, device, terminal and storage medium for controlling adb enabling | |
| CN108009039B (en) | Terminal information recording method, device, storage medium and electronic equipment | |
| EP3136278B1 (en) | Dynamically loaded code analysis device, dynamically loaded code analysis method, and dynamically loaded code analysis program | |
| CN108345789B (en) | Record the method and device of accessing operation information | |
| CN111782474A (en) | Log processing method and device, electronic equipment and medium | |
| US20110224939A1 (en) | Integrated tool for persisting development environment test scenario information | |
| US10331381B2 (en) | Method and device for recording memory access operation information | |
| CN111143218B (en) | Log debugging method and device suitable for 5G embedded equipment and readable storage medium | |
| CN109213526B (en) | Method and apparatus for determining processor operation | |
| US9104518B2 (en) | Wireless communication terminal and method for securely running industry software | |
| US8756409B2 (en) | System, method and computer program product for retrieving data at boot time | |
| CN107742080B (en) | Vulnerability mining method and device for virtualized environment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |