| CPC G06F 21/575 (2013.01) [G06F 21/572 (2013.01); G06F 21/577 (2013.01); G06F 21/107 (2023.08); G06F 2221/2105 (2013.01)] | 13 Claims |
|
1. A device unit comprising a module that configures the device unit with one operating state from various operating states when the device unit is booted and/or during ongoing operation of the device unit;
wherein a first protected operating state of the various operating states is designed to permit an execution of at least one predeterminable operating procedure and to protect it, using defined cryptographic means,
wherein a second operating state of the various operating states is designed to permit at least one changeable operating procedure and to protect it, using predefinable cryptographic means,
wherein when the operating state is intended to be protected during a boot procedure and/or during ongoing operation of the device unit, integrity protection measures for booting and for ongoing operation are provided by the module, the integrity protection measures comprise device authentication and device integrity attestation;
wherein the module is able to freeze a software state loaded by the user that is not authorized by the device manufacturer, wherein the software state loaded by the user is recorded in a reference database during the freeze; and
wherein a third operating state of the device unit is designed to simultaneously permit the first and the second operating states executing simultaneously in a combined mode.
|