| CPC G06F 11/3024 (2013.01) [G06F 17/16 (2013.01); G06F 18/24 (2023.01); G06F 21/57 (2013.01)] | 13 Claims |
|
1. A computer-implemented method of monitoring execution of computer program instructions in a microprocessor of a digital system, comprising:
a training phase comprising:
determining input data reference values for physical properties for a training phase;
generating fingerprints of measured properties; and
creating templates for identifying irregularities in operations based on the fingerprints;
the monitoring comprising:
receiving a plurality of data items representing real-time measurements of side-channel information emanating from and correlated to the execution of computer program instructions in the monitored digital system, each one of the plurality of data items being sampled in a timed relationship or correlated to each other and forming a value of a corresponding dimension of a side-channel information vector;
receiving, for two or more of the corresponding dimensions of the side-channel information vector, classifiers that assign a received side-channel vector to one of two classes;
classifying the received side-channel information vector in accordance with respective received classifiers, wherein an orthogonal distance of the side-channel information vector from a corresponding classifier indicates an associated probability or confidence value of the respective classification;
generating a combined probability or confidence value for the side-channel information vector from individual classifications and associated probability or confidence values; and
outputting a signal if a combined probability or confidence value of a side-channel information vector indicates affiliation to a selected one of the two classes with a predetermined probability.
|