Concurrent Error Detection using Signature Monitoring and Encryption

  • Kent Wilken
  • John Paul Shen
Part of the Dependable Computing and Fault-Tolerant Systems book series (DEPENDABLECOMP, volume 4)


This paper presents an efficient approach to concurrent detection of program execution errors that combines signature monitoring with program encryption. Sources of detectable errors include permanent and transient hardware faults, software and hardware design faults, and computer viruses. Errors are detected by a simple monitor that uses signatures embedded in a compatibly encrypted program. The monitor concurrently decrypts the program using the processor control-bit sequences that are included in the signatures. Computer virus attacks are difficult because details of the processor’s internal operation are needed to attach compatibly encrypted code. Encryption and a small signature cache added to the monitor allow the lowest memory overhead of any proposed signature-monitoring technique. Encryption and the program memory’s error correction/detection code are combined to reduce signature-error detection latency by more than 60 times, while maintaining memory error correction/detection.


Intermediate Signature Signature Graph Computer Virus Maximal Path Assembly Code 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    A. Aho, R. Sethi and J. Ullman, Compilers: Principles, Techniques, and Tools, (Addison-Wesley, 1985).Google Scholar
  2. [2]
    H. Beker and F. Piper, Cipher Systems: The Protection of Communications, (John Wiley, 1982).MATHGoogle Scholar
  3. [3]
    F. Cohen, “Computer Viruses: Theory and Experiments”, pp. 240–263, 7th National Computer Security Conf., (Sept. 1984).Google Scholar
  4. [4]
    F. Cohen, “A Cryptographic Checksum for Integrity Protection”, Computers & Security 6, 6 (Dec. 1987), 505–510.CrossRefGoogle Scholar
  5. [5]
    P. Denning, “Computer Viruses”, American Scientist 76, (May-June 1988), 236–238.Google Scholar
  6. [6]
    National Bureau of Standards, Data Encryption Standard, FIPS Publication 46, U.S. Department of Commerce, (1977).Google Scholar
  7. [7]
    A. Herzberg and S. Pinter, “Public Protection of Software”, ACM Transactions on Computer Systems 5, 4 (November 1987), 371–393.CrossRefGoogle Scholar
  8. [8]
    M. Hsiao, “A Class of Optimal Minimum Odd-Weight-Column SEC-DED Codes”, IBM Journal of Research & Development 14, 4 (July 1970), 395–401.CrossRefGoogle Scholar
  9. [9]
    M. Joseph and A. Avizienis, “A Fault Tolerance Approach to Computer Viruses”, pp. 52–58, Proc. Symp. on Security and Privacy, IEEE, (1988).Google Scholar
  10. [10]
    M. Joseph, “Architectural Issues in Fault-Tolerant, Secure Computing Systems”, Ph.D. Dissertation, T.R. #CSD-880047, UCLA Computer Science Dept., (1988).Google Scholar
  11. [11]
    S. Lin, An Introduction to Error-Correcting Codes, (Prentice Hall, 1970).Google Scholar
  12. [12]
    A. Mahmood and E. McCluskey, “Concurrent Error Detection Using Watchdog Processors — A Survey”, IEEE Transactions on Computers 37, 2 (February 1988), 160–174.CrossRefGoogle Scholar
  13. [13]
    M. Namjoo, “Techniques for Testing of VLSI Processor Operation”, pp. 461–468, Proc. 12th ITC, IEEE, (1982).Google Scholar
  14. [14]
    M. Namjoo, “Cerberus-16: An Architecture For a General Purpose Watchdog Processor”, pp. 216–219, Proc. 13th FTCS, IEEE, (1983).Google Scholar
  15. [15]
    M. Schmid, R. Trapp, A. Davidoff and G. Masson, “Upset Exposure by Means of Abstraction Verification”, pp. 237–244, Proc. 12th FTCS, IEEE, (1982).Google Scholar
  16. [16]
    M. Schuette and J. Shen, “Processor Control Flow Monitoring Using Signatured Instruction Streams”, IEEE Transactions on Computers C-36, 3 (March 1987), 264–276.CrossRefGoogle Scholar
  17. [17]
    E. Spafford, “The Internet Worm: Crisis and Aftermath”, Communications of the ACM 32, 6 (June 1989), 678–687.CrossRefGoogle Scholar
  18. [18]
    T. Sridhar and S. Thatte, “Concurrent Checking of Program Flow in VLSI Processors”, pp. 191–199, Proc 12th ITC, IEEE, (1982).Google Scholar
  19. [19]
    H. Stone, High-Performance Computer Architecture, (Addison-Wesley, 1987).Google Scholar
  20. [20]
    Y. Tamir, M. Tremblay and D. Rennels, “The Implementation and Application of Micro Rollback in Fault-Tolerant VLSI Systems”, pp. 234–239, Proc. 18th FTCS, IEEE, (1988).Google Scholar
  21. [21]
    K. Wilken and J. Shen, “Embedded Signature Monitoring: Analysis and Technique”, pp. 324–333, Proc. 17th ITC, IEEE, (1987).Google Scholar
  22. [22]
    K. Wilken and J. Shen, “Continuous Signature Monitoring: Efficient Concurrent-Detection of Processor Control Errors”, pp. 914–925, Proc. 18th ITC, IEEE, (1988).Google Scholar

Copyright information

© Springer-Verlag/Wien 1991

Authors and Affiliations

  • Kent Wilken
    • 1
  • John Paul Shen
    • 1
  1. 1.Center for Dependable Systems, Department of Electrical & Computer EngineeringCarnegie Mellon UniversityPittsburghUSA

Personalised recommendations