Patent application number | Description | Published |
20100146303 | PROTECTING EXTERNAL VOLATILE MEMORIES USING LOW LATENCY ENCRYPTION/DECRYPTION - A data processing apparatus includes a volatile memory, a random number generator adapted for generating random numbers from which one or more keys are generated, and a memory encryption unit (MEU). The MEU is configured to receive an N-bit block of data and to divide the N-bit block of data into two more sub-blocks of data, where each sub-block contains fewer than N-bits. The MEU is further configured to encrypt each sub-block of data using the one more keys, to combine the encrypted sub-blocks into an N-bit block of encrypted data, and to write the encrypted N-bit block of data to the volatile memory. | 06-10-2010 |
20110066787 | METHOD AND SYSTEM FOR SECURELY PROGRAMMING OTP MEMORY - A semiconductor chip may be operable to receive and copy an OTP programming vector presented by the semiconductor chip programming device into its memory after it boots up from the boot read-only memory (ROM). The OTP programming vector which is a computer program may comprise an encrypted data to be programmed into the one-time programmable (OTP) memory in the semiconductor chip and may be signed with an electronic signature. The semiconductor chip may be operable to authenticate the OTP programming vector in the memory. The authenticated OTP programming vector in the memory may be executed to decrypt the data and program the data in a random data format into the OTP memory and then report the status via one or more general purpose input/output (GPIO) pins on the semiconductor chip. | 03-17-2011 |
20110066835 | METHOD AND SYSTEM FOR SECURELY PROTECTING A SEMICONDUCTOR CHIP WITHOUT COMPROMISING TEST AND DEBUG CAPABILITIES - A semiconductor chip may be operable to block the debug interfaces when the semiconductor chip boots up from the boot read-only memory (ROM). The semiconductor chip may be operable to authenticate a debug certificate received by the semiconductor chip and enable one or more debug interfaces in the semiconductor chip based on the information resulting from the authentication of the debug certificate. The debug certificate may be in a form of a cryptographic public key certificate. A unique device ID which may be generated at boot and stored in the memory may be used by the semiconductor chip to authenticate the debug certificate. The device ID may be generated using the cryptographic public key that is stored in the one-time programmable (OTP) memory in the semiconductor chip and a cryptographic hash algorithm. | 03-17-2011 |
20110067110 | METHOD AND SYSTEM FOR HARDWARE ENFORCED VIRTUALIZATION IN AN INTEGRATED CIRCUIT - Aspects of a method and system for hardware enforced virtualization in an integrated circuit are provided. In this regard, a mode of operation of an integrated circuit may be controlled such that the integrated circuit alternates between a secure mode of operation and an open mode of operation. Various resources of the integrated circuit may be designated as open or secure, and secure resources may be made inaccessible while the integrated circuit operates in the open mode. Access to the secure resources may be controlled based on a configuration of one or more registers and/or switching elements. Resources designated as secure may comprise, for example, a one-time-programmable memory. The integrated circuit may comprise ROM and/or one-time-programmable memory that stores one or more instructions, wherein execution of the one or more instructions may control transitions between the secure mode and the open mode. | 03-17-2011 |
20110191562 | Apparatus and method for partitioning, sandboxing and protecting external memories - A technique to provide an integrated circuit that performs memory partitioning to partition a memory into a plurality of regions, in which the memory is accessed by a plurality of heterogeneous processing devices that operate to access the memory. The integrated circuit also assigns a security level for each region of the memory and permits a memory access by a transaction to a particular region of the memory, only when a level of security assigned to the transaction meets or exceeds the assigned security level for the particular region. The integrated circuit also performs sandboxing by assigning which of the plurality of processing devices are permitted access to each of the plurality of regions. The integrated circuit may implement only the security level function or only the sandboxing function, or the integrated circuit may implement them both. In some instances, a scrambling/descrambling function is included to scramble/descramble data. In one application, the integrated circuit is included within a mobile phone. | 08-04-2011 |
20110191599 | Apparatus and method for providing hardware security - A technique to provide a hardware security module that provides a secure boundary for retention of a secure key within the secure boundary and prevention of unauthorized accesses from external sources outside of the secure boundary to obtain the secure key. The hardware security module includes a security processor to unwrap and authenticate a secure key within the secure boundary to decrypt or encrypt data and to provide data through a single interface that communicates with external sources, so that all data transfers between the secure boundary, formed by the hardware security module, and external sources are transferred only through the interface. The hardware security module ensures no unwrapped key leaves the secure boundary established by the hardware security module. | 08-04-2011 |
20130043939 | Integrated Circuit With an Adaptable Contact Pad Reconfiguring Architecture - An apparatus and method are disclosed for providing test mode contact pad reconfigurations that expose individual internal functional modules or block groups in an integrated circuit for testing and for monitoring. A plurality of switches between each functional module switches between passing internal signals among the blocks and passing in/out signals external to the block when one or more contact pads are strapped to input a pre-determined value. Another set of switches between the functional modules and input/output contact pads switch between functional inputs to and from the functional modules and monitored signals or input/output test signals according to the selected mode of operation. | 02-21-2013 |
20130044844 | ELECTRONICS DEVICE CAPABLE OF EFFICIENT COMMUNICATION BETWEEN COMPONENTS WITH ASYNCRONOUS CLOCKS - An electronics device is disclosed that reduces latency resulting from communication between a first electronics component operating based on a fast clock and a second electronics component operating based on a slow clock reduces communication latency. When transferring the data from the first component to the second, the data is written into a buffer using the first clock, and then extracted by the second component using the second clock. Alternatively, when transferring the data from the second component to the first component, the first component reads the data from the second component and monitors whether the data was extracted during a relevant edge of the second clock signal, in which case the first component again extracts the data from the second component. | 02-21-2013 |
20130045779 | Clock Signal Multiplication to Reduce Noise Coupled onto a Transmission Communication Signal of a Communications Device - A communications device is disclosed that implements a phase-locked-loop to multiply a clock signal provided to a power management unit (PMU) by a variable integer value. Multiplying the PMU clock signal provides a second clock signal where the second clock signal is characterized by a fundamental component with one or more harmonics of the fundamental component that differ from the fundamental component and the one or more harmonics of the PMU clock signal. The fundamental component with one or more harmonics of the second clock signal does not occupy the same communication channel as the transmission communication signal of the communications device. Thus, minimizing the degradation of the transmission communication signal. | 02-21-2013 |
20130046915 | Scalable and Configurable System on a Chip Interrupt Controller - Embodiments include a system and method for an interrupt controller that propagates interrupts to a subsystem in a system-on-a-chip (SOC). Interrupts are provided to an interrupt controller that controls access of interrupts to a particular subsystem in the SOC that includes multiple subsystems. Each subsystem in the SOC generates multiple interrupts to other subsystems in the SOC. The interrupt controller processes multiple interrupts and generates an interrupt output. The interrupt output is then transmitted to a particular subsystem. | 02-21-2013 |
20130047000 | INTEGRATED CIRCUIT ALLOWING FOR TESTING AND ISOLATION OF INTEGRATED POWER MANAGEMENT UNIT - An integrated circuit is disclosed that contains both a PMU and another processing portion, such as a baseband. Because of the limited pins devoted to the PMU, the PMU receives most of its signals through the other processing portion of the integrated circuit, Thus, in order to protect the PMU, the integrated circuit isolates the PMU portion from receiving different signals from the other processing portion until after certain conditions are satisfied. In addition, the integrated circuit includes a GPIO pin bank in the other processing portion that can be freely configured so as to allow for testing of the PMU. | 02-21-2013 |
20130047166 | Systems and Methods for Distributing an Aging Burden Among Processor Cores - Systems and methods are presented for reducing the impact of high load and aging on processor cores in a processor. A Power Management Unit (PMU) can monitor aging, temperature, and increased load on the processor cores. The PMU instructs the processor to take action such that aging, temperature, and/or increased load are approximately evenly distributed across the processor cores, so that the processor can continue to efficiently process instructions. | 02-21-2013 |
20130047250 | Methods of On-Chip Memory Partitioning and Secure Access Violation Checking in a System-on-Chip - Systems and methods for partitioning memory into multiple secure and open regions are provided. The systems enable the security level of a given region to be determined without an increase in the time needed to determine the security level. Also, systems and methods for identifying secure access violations are disclosed. A secure trap module is provided for master devices in a system-on-chip. The secure trap module generates an interrupt when an access request for a transaction generates a security error. | 02-21-2013 |
20130047272 | INTEGRATED CIRCUIT FOR PREVENTING CHIP SWAPPING AND/OR DEVICE CLONING IN A HOST DEVICE - An integrated circuit is disclosed that can be included in a host electronic device that can be commonly manufactured, where the integrated circuit can be designated (“locked”) for a specific manufacturer, thereby substantially reducing the likelihood that a third party will be able to successfully clone a host electronic device manufactured by the specific manufacturer and/or swap the chip containing the integrated circuit for one having more enabled features. The integrated circuit includes an ID module that can be programmed after fabrication. Components within the integrated circuit designate manufacturer-specific configurations (e.g., address mapping, pin routing and/or vital function releasing) based on the programmed manufacturer ID. As a result, once the integrated circuit has been programmed with the manufacturer ID, the integrated circuit will function correctly only within a host device manufactured by the manufacturer associated with the programmed manufacturer ID. | 02-21-2013 |
20130082764 | APPARATUS AND METHOD TO COMBINE PIN FUNCTIONALITY IN AN INTEGRATED CIRCUIT - An apparatus and method are disclosed to combine pad functionality in an integrated circuit. A power, ground, or signal pad is connected to a power, ground, or signal source, respectively. The power, ground, or signal pad is additionally connected to an additional signal source, such as automatic test equipment in a testing environment. By temporarily disconnecting either the power, ground, or signal source, from the functional block within the integrated circuit to which the source is delivered, the same pad may pass in another signal to other portions of the integrated circuit. In the alternative, the same pad may pass in another signal to other portions of the integrated circuit without disconnecting the original signal by coupling the additional signal over the original signal. Further, combining pad functionality enables reuse of an input pad as an output pad for signals originating from within the integrated circuit. | 04-04-2013 |
20140223031 | CLOCK DOMAIN CROSSING SERIAL INTERFACE, DIRECT LATCHING, AND RESPONSE CODES - Aspects of a clock domain crossing serial interface, direct latching over the serial interface, and response codes are described. In various embodiments, a data communication command received over a serial interface is identified, and an address received over the serial interface is resolved to access a register bank. In a write operation, depending upon whether the address falls within a direct latch address range of the register bank, data may be directly latched into a direct latch register of the register bank or into a first-in-first-out register. For both read and write operations, reference may be made to a status register of the serial interface to identify or mitigate error conditions, and wait times may be relied upon to account for a clock domain crossing. After each of the read and write operations, a response code including a status indictor may be communicated. | 08-07-2014 |
20150052367 | APPARATUS AND METHOD FOR PROVIDING HARDWARE SECURITY - A technique to provide a hardware security module that provides a secure boundary for retention of a secure key within the secure boundary and prevention of unauthorized accesses from external sources outside of the secure boundary to obtain the secure key. The hardware security module includes a security processor to unwrap and authenticate a secure key within the secure boundary to decrypt or encrypt data and to provide data through a single interface that communicates with external sources, so that all data transfers between the secure boundary, formed by the hardware security module, and external sources are transferred only through the interface. The hardware security module ensures no unwrapped key leaves the secure boundary established by the hardware security module. | 02-19-2015 |