公开(公告)号：US20230297727A1

公开(公告)日：2023-09-21

申请号：US18300622

申请日：2023-04-14

Applicant: Intel Corporation

Inventor： Alpa Trivedi ,  Scott Weber ,  Steffen Schulz ,  Patrick Koeberl

IPC: G06F21/85 ,  G06F30/398 ,  G06N3/04 ,  H04L9/08 ,  G06F9/30 ,  G06F9/50 ,  G06F15/177 ,  G06F15/78 ,  H04L9/40 ,  G06F11/07 ,  G06F30/331 ,  G06F9/38 ,  G06F11/30

CPC classification number: G06F21/85 ,  G06F9/30101 ,  G06F9/3877 ,  G06F9/505 ,  G06F11/0709 ,  G06F11/0751 ,  G06F11/0754 ,  G06F11/0793 ,  G06F11/3058 ,  G06F15/177 ,  G06F15/7825 ,  G06F15/7867 ,  G06F30/331 ,  G06F30/398 ,  G06N3/04 ,  H04L9/0877 ,  H04L63/0442 ,  H04L63/12 ,  H04L63/20 ,  G06F2119/12

Abstract: An apparatus to facilitate enabling secure state-clean during configuration of partial reconfiguration bitstreams on accelerator devices is disclosed. The apparatus includes a security engine to perform, as part of a PR configuration sequence for a new partial reconfiguration (PR) persona corresponding to a PR bitstream, a first clear operation to clear previously-set persona configuration bits in the region; perform, as part of the PR configuration sequence subsequent to the first clear operation, a set operation to set new persona configuration bits in the region; and perform, as part of the PR configuration sequence, a second clear operation to clear memory blocks of the region that became unfrozen subsequent to the set operation.

公开(公告)号：US20210384912A1

公开(公告)日：2021-12-09

申请号：US17407700

申请日：2021-08-20

Applicant: Intel Corporation

Inventor： Scott Jeremy Weber ,  Aravind Raghavendra Dasu ,  Mahesh A. Iyer ,  Patrick Koeberl

IPC: H03K19/17756 ,  H01L25/065 ,  H01L25/00

Abstract: An integrated circuit device may include a programmable fabric die having programmable logic fabric and configuration memory that may configure the programmable logic fabric. The integrated circuit device may also include a base die that may provide fabric support circuitry, including memory and/or communication interfaces as well as compute elements that may also be application-specific. The memory in the base die may be directly accessed by the programmable fabric die using a low-latency, high capacity, and high bandwidth interface.

公开(公告)号：US20180089433A1

公开(公告)日：2018-03-29

申请号：US15277195

申请日：2016-09-27

Applicant: Intel Corporation

Inventor： Sanu K. Mathew ,  Sudhir K. Satpathy ,  Vikram B. Suresh ,  Patrick Koeberl

IPC: G06F21/56 ,  H01L27/02 ,  G06F21/72

CPC classification number: G06F21/567 ,  G06F21/72 ,  G06F21/75 ,  H01L23/573 ,  H01L27/0207

Abstract: Some embodiments include apparatuses having diffusion regions located adjacent each other in a substrate, and connections coupled to the diffusion regions. The diffusion regions include first diffusion regions, second diffusion regions, and third diffusion regions. One of the second diffusion regions and one of the third diffusion regions are between two of the first diffusion regions. One of the first diffusion regions and one of the third diffusion regions are between two of the second diffusion regions. The connections include a first connection coupled to each of the first diffusion regions, a second connection coupled to each of the second diffusion regions, and a third connection coupled to each of the third diffusion regions.

公开(公告)号：US09710404B2

公开(公告)日：2017-07-18

申请号：US14666087

申请日：2015-03-23

Applicant: Intel Corporation

Inventor： Steffen Schulz ,  Patrick Koeberl

IPC: G06F12/00 ,  G06F13/00 ,  G06F13/28 ,  G06F12/14 ,  G06F11/30 ,  G06F11/07

CPC classification number: G06F12/145 ,  G06F11/073 ,  G06F11/0757 ,  G06F11/3034 ,  G06F11/3037 ,  G06F12/1483 ,  G06F21/00 ,  G06F2212/1052

Abstract: In various implementations, a system includes a memory, a processor, and an execution-aware memory protection unit (EA-MPU). The EA-MPU is configured to regulate memory access by the processor based at least on the identity of a subject executable that requests access, and on the address to which access is requested, and on permissions information that identifies which subject executables are to be granted access to each of several memory regions. In various implementations, the permissions information itself is stored among the several memory regions. Various configurations of the permissions information can be used to provide shared memory regions for communication among two or more stand-alone trusted software modules, to protect access to devices accessible through memory-mapped I/O (MMIO), to implement a flexible watchdog timer, to provide security for software updates, to provide dynamic root of trust measurement services, and/or to support an operating system.

公开(公告)号：US20160379207A1

公开(公告)日：2016-12-29

申请号：US14750992

申请日：2015-06-25

Applicant: INTEL CORPORATION

Inventor： Patrick Koeberl ,  Nikhil M. Deshpande ,  Anand Rajan

IPC: G06Q20/34 ,  G06Q20/22 ,  G06Q20/40

CPC classification number: G06Q20/3572 ,  G06Q20/227 ,  G06Q20/341 ,  G06Q20/3576 ,  G06Q20/40145 ,  G06Q20/409

Abstract: An apparatus for aggregating secured credentials is described herein. The apparatus includes a processor and a memory. The memory includes code causing the processor to provision a plurality of secured credentials on the apparatus. The code causes the processor to isolate the secured credentials from each other in the memory. The code also causes the processor to emulate a selected secured credential from the secured credentials for a transaction.

Abstract translation: 本文描述了用于聚合安全凭证的装置。 该装置包括处理器和存储器。 存储器包括使处理器在设备上提供多个安全凭证的代码。 该代码使处理器将存储器中的安全证书彼此隔离开。 该代码还使得处理器从事务的安全凭证中模拟选定的安全凭证。

公开(公告)号：US09307409B2

公开(公告)日：2016-04-05

申请号：US14141477

申请日：2013-12-27

Applicant: Intel Corporation

Inventor： Farhana Asrar Sheikh ,  Patrick Koeberl ,  Jesse Walker ,  Hossein Alavi ,  Men Long ,  Ram Kumar Krishnamurthy ,  Alpa T. Narendra Trivedi

IPC: H04L29/06 ,  H04W12/08 ,  H04W24/04 ,  H04W88/06

CPC classification number: H04W12/08 ,  H04L63/10 ,  H04L67/025 ,  H04L67/04 ,  H04W24/04 ,  H04W88/06

Abstract: Some demonstrative embodiments include apparatuses, systems and/or methods of protecting domains of a multimode wireless radio transceiver. For example, an apparatus may include a protection domain controller (PDC) to restrict access of a configuration software to a protection domain of a plurality of protection domains of a multimode wireless radio transceiver based on a security level of the configuration software, wherein the protection domain includes one or more radio configuration parameters of the multimode wireless radio transceiver.

Abstract translation: 一些演示实施例包括保护多模无线电收发机的域的设备，系统和/或方法。 例如，设备可以包括保护域控制器（PDC），其基于配置软件的安全级别来限制配置软件到多模无线无线电收发器的多个保护域的保护域的访问，其中保护 域包括多模无线收发器的一个或多个无线电配置参数。

公开(公告)号：US20140218067A1

公开(公告)日：2014-08-07

申请号：US13997268

申请日：2013-01-16

Applicant: Intel Corporation

Inventor： Jiangtao Li ,  Patrick Koeberl ,  Sanu K. Mathew ,  Wei Wu

IPC: H03K19/177

CPC classification number: H03K19/17768 ,  G06F21/72 ,  H04L9/3247 ,  H04L9/3278

Abstract: A physically unclonable function (PUF) includes a plurality of PUF elements to generate an N-bit PUF signature. For each bit in the N-bit PUF signature, a PUF group of K number of individual PUF elements indicating a single-bit PUF value is used to generate a group bit. The group bits are more repeatable than the individual PUF elements. The value K may be selected such that (K+1)/2 is an odd number.

Abstract translation: 物理上不可克隆的功能（PUF）包括多个PUF元件以产生N位PUF签名。 对于N位PUF签名中的每个比特，使用指示单位PUF值的K个个体PUF元素的PUF组来生成组比特。 组位比PUF单个元件更可重复。 可以选择值K使得（K + 1）/ 2是奇数。

公开(公告)号：US11853468B2

公开(公告)日：2023-12-26

申请号：US18049781

申请日：2022-10-26

Applicant: Intel Corporation

Inventor： Steffen Schulz ,  Alpa Trivedi ,  Patrick Koeberl

IPC: G06F21/85 ,  G06F30/398 ,  G06N3/04 ,  H04L9/08 ,  G06F9/30 ,  G06F9/50 ,  G06F15/177 ,  G06F15/78 ,  H04L9/40 ,  G06F11/07 ,  G06F30/331 ,  G06F9/38 ,  G06F11/30 ,  G06F21/53 ,  G06F21/57 ,  G06F21/73 ,  G06F21/74 ,  G06N20/00 ,  G06F21/71 ,  G06F21/44 ,  G06F119/12 ,  G06F21/76 ,  G06N3/08 ,  H04L9/00 ,  G06F111/04 ,  G06F30/31 ,  G06F21/30

CPC classification number: G06F21/85 ,  G06F9/30101 ,  G06F9/3877 ,  G06F9/505 ,  G06F11/0709 ,  G06F11/0751 ,  G06F11/0754 ,  G06F11/0793 ,  G06F11/3058 ,  G06F15/177 ,  G06F15/7825 ,  G06F15/7867 ,  G06F30/331 ,  G06F30/398 ,  G06N3/04 ,  H04L9/0877 ,  H04L63/0442 ,  H04L63/12 ,  H04L63/20 ,  G06F11/0772 ,  G06F11/3051 ,  G06F21/30 ,  G06F21/44 ,  G06F21/53 ,  G06F21/57 ,  G06F21/575 ,  G06F21/71 ,  G06F21/73 ,  G06F21/74 ,  G06F21/76 ,  G06F30/31 ,  G06F2111/04 ,  G06F2119/12 ,  G06F2221/034 ,  G06N3/08 ,  G06N20/00 ,  H04L9/008 ,  H04L9/0841

Abstract: An apparatus to facilitate transparent network access controls for spatial accelerator device multi-tenancy is disclosed. The apparatus includes a secure device manager (SDM) to: establish a network-on-chip (NoC) communication path in the apparatus, the NoC communication path comprising a plurality of NoC nodes for ingress and egress of communications on the NoC communication path; for each NoC node of the NoC communication path, configure a programmable register of the NoC node to indicate a node group that the NoC node is assigned, the node group corresponding to a persona configured on the apparatus; determine whether a prefix of received data at the NoC node matches the node group indicated by the programmable register of the NoC; and responsive to determining that the prefix does not match the node group, discard the data from the NoC node.

公开(公告)号：US11651111B2

公开(公告)日：2023-05-16

申请号：US17129250

申请日：2020-12-21

Applicant: Intel Corporation

Inventor： Alpa Trivedi ,  Scott Weber ,  Steffen Schulz ,  Patrick Koeberl

IPC: G06F21/76 ,  G06F21/57 ,  G06F21/53 ,  G06F21/30 ,  G06F21/85 ,  G06F30/398 ,  G06N3/04 ,  H04L9/08 ,  G06F9/30 ,  G06F9/50 ,  G06F15/177 ,  G06F15/78 ,  H04L9/40 ,  G06F11/07 ,  G06F30/331 ,  G06F9/38 ,  G06F11/30 ,  G06F119/12 ,  G06N3/08 ,  H04L9/00 ,  G06F111/04 ,  G06F30/31 ,  G06F21/73 ,  G06F21/74 ,  G06N20/00 ,  G06F21/71 ,  G06F21/44

CPC classification number: G06F21/85 ,  G06F9/30101 ,  G06F9/3877 ,  G06F9/505 ,  G06F11/0709 ,  G06F11/0751 ,  G06F11/0754 ,  G06F11/0793 ,  G06F11/3058 ,  G06F15/177 ,  G06F15/7825 ,  G06F15/7867 ,  G06F30/331 ,  G06F30/398 ,  G06N3/04 ,  H04L9/0877 ,  H04L63/0442 ,  H04L63/12 ,  H04L63/20 ,  G06F11/0772 ,  G06F11/3051 ,  G06F21/30 ,  G06F21/44 ,  G06F21/53 ,  G06F21/57 ,  G06F21/575 ,  G06F21/71 ,  G06F21/73 ,  G06F21/74 ,  G06F21/76 ,  G06F30/31 ,  G06F2111/04 ,  G06F2119/12 ,  G06F2221/034 ,  G06N3/08 ,  G06N20/00 ,  H04L9/008 ,  H04L9/0841

Abstract: An apparatus to facilitate enabling secure state-clean during configuration of partial reconfiguration bitstreams on accelerator devices is disclosed. The apparatus includes a security engine to receive an incoming partial reconfiguration (PR) bitstream corresponding to a new PR persona to configure a region of the apparatus; perform, as part of a PR configuration sequence for the new PR persona, a first clear operation to clear previously-set persona configuration bits in the region; perform, as part of the PR configuration sequence subsequent to the first clear operation, a set operation to set new persona configuration bits in the region; and perform, as part of the PR configuration sequence, a second clear operation to clear memory blocks of the region that became unfrozen subsequent to the set operation, the second clear operation performed using a persona-dependent mask corresponding to the new PR persona.

公开(公告)号：US20230089869A1

公开(公告)日：2023-03-23

申请号：US18070655

申请日：2022-11-29

Applicant: Intel Corporation

Inventor： Furkan Turan ,  Patrick Koeberl ,  Alpa Trivedi ,  Steffen Schulz ,  Scott Weber

IPC: G06F21/85 ,  G06F30/398 ,  G06N3/04 ,  H04L9/08 ,  G06F9/30 ,  G06F9/50 ,  G06F15/177 ,  G06F15/78 ,  H04L9/40 ,  G06F11/07 ,  G06F30/331 ,  G06F9/38 ,  G06F11/30

Abstract: An apparatus to facilitate scalable runtime validation for on-device design rule checks is disclosed. The apparatus includes a memory to store a contention set, multiplexers, and a validator. In one implementation, the validator is to: receive design rule information for the multiplexers, the design rule information referencing the contention set, wherein the contention set identifies a determined harmful bitstream configuration for each multiplexer instance of the multiplexers, and wherein the contention set comprises a mapping of contents of a user bitstream to configuration bits of the multiplexers; receive, at the validator of the apparatus, the user bitstream for programming the multiplexers of the apparatus; analyze, at the validator using the design rule information, the user bitstream against the contention set at a programming time of the apparatus; and provide an error indication responsive to identifying a match between the user bitstream and the contention set.