公开(公告)号：US11416150B2

公开(公告)日：2022-08-16

申请号：US17016334

申请日：2020-09-09

Applicant: Axiado Corporation

Inventor： Axel K. Kloth

IPC: G06F3/06 ,  H04L9/08 ,  G06F21/57 ,  G06F21/12 ,  H04L9/32 ,  G06F21/64 ,  G06F21/72 ,  G06F21/79 ,  G06F21/54 ,  G06F21/60 ,  G06F21/82 ,  G06F21/75 ,  G06F8/654 ,  H04L9/14 ,  G06F9/4401

Abstract: Techniques in electronic systems, such as in systems including a processing chip and one or more external memory chips, provide improvements in one or more of system security, performance, cost, and efficiency. The processing chip includes autonomous hardware that enables the processing chip, without a use of any CPUs, to form an association between itself and a particular flash chip. Prior to an initial operational use of the processing chip, the autonomous hardware is able to generate a key unique to the processing chip using a physically unclonable function, and then to form the association by encrypting a stream of data using the key and writing the encrypted result to the flash chip. For example, the stream of data comprises a bootloader and an operating system, and the processing chip is able to begin the initial operational use by securely booting using data copied from the flash chip.

公开(公告)号：US11644984B2

公开(公告)日：2023-05-09

申请号：US17025925

申请日：2020-09-18

Applicant: Axiado Corporation

Inventor： Axel K. Kloth

IPC: G06F3/06 ,  H04L9/08 ,  G06F21/57 ,  G06F8/654 ,  G06F21/12 ,  H04L9/14 ,  H04L9/32 ,  G06F9/4401 ,  G06F21/64 ,  G06F21/72 ,  G06F21/79 ,  G06F21/54 ,  G06F21/60 ,  G06F21/82 ,  G06F21/75

CPC classification number: G06F3/0623 ,  G06F3/0655 ,  G06F3/0679 ,  G06F8/654 ,  G06F9/4401 ,  G06F9/4403 ,  G06F9/4406 ,  G06F21/12 ,  G06F21/54 ,  G06F21/57 ,  G06F21/572 ,  G06F21/575 ,  G06F21/602 ,  G06F21/64 ,  G06F21/72 ,  G06F21/75 ,  G06F21/79 ,  G06F21/82 ,  H04L9/088 ,  H04L9/0861 ,  H04L9/0894 ,  H04L9/14 ,  H04L9/3278 ,  G06F2221/033 ,  G06F2221/034 ,  G06F2221/0751 ,  G06F2221/0755

Abstract: Techniques in electronic systems, such as in systems including a processing chip and one or more external memory chips, provide improvements in one or more of system security, performance, cost, and efficiency. In some embodiments, the processing chip includes immutable hardware enabled to securely boot one or more CPUs of the processing chip to execute code stored encrypted in a non-volatile one of the memory chips. An encrypted update to the code is written to a portion of one of the memory chips and the immutable hardware copies the update to the non-volatile memory chip. The immutable hardware is then able to securely boot the one or more CPUs to execute the encrypted update stored in the non-volatile memory chip. In further embodiments, the non-volatile memory chip and/or the portion of one of the memory chips are not accessible by the one or more CPUs.

公开(公告)号：US11520494B2

公开(公告)日：2022-12-06

申请号：US17025083

申请日：2020-09-18

Applicant: Axiado Corporation

Inventor： Axel K. Kloth

IPC: G06F9/44 ,  G06F3/06 ,  H04L9/08 ,  G06F21/57 ,  G06F8/654 ,  G06F21/12 ,  H04L9/14 ,  H04L9/32 ,  G06F9/4401 ,  G06F21/64 ,  G06F21/72 ,  G06F21/79 ,  G06F21/54 ,  G06F21/60 ,  G06F21/82 ,  G06F21/75

Abstract: Techniques in electronic systems, such as in systems including a processing chip and one or more external memory chips, provide improvements in one or more of system security (such as intrusion and/or virus/malware prevention), performance, cost, and efficiency. For example, the processing chip includes at least one CPU and circuitry enabling the at least one CPU to securely boot from an external, non-volatile memory chip containing encrypted, executable code, and does not expose un-encrypted data, including the executable code, on an external memory interface, including a DRAM interface. Further, only the specific processing chip that was used to initially write the encrypted executable code to the external non-volatile memory chip is able to decrypt the encrypted executable code. The decryption uses a key unique to the processing chip and created at manufacturing time that is never CPU-accessible, forming a secure hardware association between the two chips.

公开(公告)号：US11650741B2

公开(公告)日：2023-05-16

申请号：US17023341

申请日：2020-09-16

Applicant: Axiado Corporation

Inventor： Axel K. Kloth

IPC: G06F3/06 ,  H04L9/08 ,  G06F21/57 ,  G06F8/654 ,  G06F21/12 ,  H04L9/14 ,  H04L9/32 ,  G06F9/4401 ,  G06F21/64 ,  G06F21/72 ,  G06F21/79 ,  G06F21/54 ,  G06F21/60 ,  G06F21/82 ,  G06F21/75

CPC classification number: G06F3/0623 ,  G06F3/0655 ,  G06F3/0679 ,  G06F8/654 ,  G06F9/4401 ,  G06F9/4403 ,  G06F9/4406 ,  G06F21/12 ,  G06F21/54 ,  G06F21/57 ,  G06F21/572 ,  G06F21/575 ,  G06F21/602 ,  G06F21/64 ,  G06F21/72 ,  G06F21/75 ,  G06F21/79 ,  G06F21/82 ,  H04L9/088 ,  H04L9/0861 ,  H04L9/0894 ,  H04L9/14 ,  H04L9/3278 ,  G06F2221/033 ,  G06F2221/034 ,  G06F2221/0751 ,  G06F2221/0755

Abstract: Techniques in electronic systems, such as in systems including a processor complex having one or more system processors and one or more memories, provide improvements in one or more of system security, performance, cost, and efficiency. In some embodiments, the system includes secure boot logic (SBL) having immutable hardware enabled, in response to a reset of the system, to securely boot one or more boot processors of the SBL to execute known-good executable code. The SBL is then enabled to securely boot the one or more system processors to execute system code stored in a non-volatile one of the memories by copying the system code to another one of the memories from which at least one of the system processors is able to access the system code for a respective initial instruction fetch. The non-volatile memory is not accessible to the system processors.

公开(公告)号：US11640250B2

公开(公告)日：2023-05-02

申请号：US17025731

申请日：2020-09-18

Applicant: Axiado Corporation

Inventor： Axel K. Kloth

IPC: G06F21/57 ,  G06F3/06 ,  H04L9/08 ,  G06F8/654 ,  G06F21/12 ,  H04L9/14 ,  H04L9/32 ,  G06F9/4401 ,  G06F21/64 ,  G06F21/72 ,  G06F21/79 ,  G06F21/54 ,  G06F21/60 ,  G06F21/82 ,  G06F21/75

Abstract: Techniques in electronic systems, such as in systems including a processing chip and one or more external memory chips, provide improvements in one or more of system security, performance, cost, and efficiency. In some embodiments, the processing chip includes immutable hardware that is enabled, without a use of any CPUs, to determine and/or confirm an expected configuration of one or more external memory chips (such as with a Serial Presence Detect operation), and/or to enable communication with the one or more external memory chips. The immutable hardware is further enabled to copy executable code from a non-volatile one of the one or more external memory chips to another of the one or more external memory chips so that a CPU of the processing chip is able to securely boot by fetching initial instructions from the copy of the executable code.

公开(公告)号：US12008246B2

公开(公告)日：2024-06-11

申请号：US17023308

申请日：2020-09-16

Applicant: Axiado Corporation

Inventor： Axel K. Kloth

IPC: G06F21/57 ,  G06F3/06 ,  G06F8/654 ,  G06F9/44 ,  G06F9/4401 ,  G06F21/12 ,  G06F21/54 ,  G06F21/60 ,  G06F21/64 ,  G06F21/72 ,  G06F21/75 ,  G06F21/79 ,  G06F21/82 ,  H04L9/08 ,  H04L9/14 ,  H04L9/32 ,  G06F21/10

CPC classification number: G06F3/0623 ,  G06F3/0655 ,  G06F3/0679 ,  G06F8/654 ,  G06F9/4401 ,  G06F9/4403 ,  G06F9/4406 ,  G06F21/12 ,  G06F21/54 ,  G06F21/57 ,  G06F21/572 ,  G06F21/575 ,  G06F21/602 ,  G06F21/64 ,  G06F21/72 ,  G06F21/75 ,  G06F21/79 ,  G06F21/82 ,  H04L9/0861 ,  H04L9/088 ,  H04L9/0894 ,  H04L9/14 ,  H04L9/3278 ,  G06F21/107 ,  G06F2221/033 ,  G06F2221/034

Abstract: Techniques in electronic systems, such as in systems including a processing chip and one or more external memory chips, provide improvements in one or more of system security, performance, cost, and efficiency. The processing chip includes immutable hardware enabled to securely boot one or more CPUs of the processing chip to execute code stored in a non-volatile one of the external memory chips, and to update the code. An update to the code is written to a portion of one of the external memory chips that is not accessible to the CPUs, and the immutable hardware copies the update to the non-volatile memory chip. The update is encrypted with a public portion of a key possessed by an entity sending the update, and a private portion of the key, used to decrypt code stored in the non-volatile memory chip, is unique to and solely possessed by the processing chip.

公开(公告)号：US11768611B2

公开(公告)日：2023-09-26

申请号：US17006717

申请日：2020-08-28

Applicant: Axiado Corporation

Inventor： Axel K. Kloth

IPC: G06F3/06 ,  H04L9/08 ,  G06F21/57 ,  G06F8/654 ,  G06F21/12 ,  H04L9/14 ,  H04L9/32 ,  G06F9/4401 ,  G06F21/64 ,  G06F21/72 ,  G06F21/79 ,  G06F21/54 ,  G06F21/60 ,  G06F21/82 ,  G06F21/75

CPC classification number: G06F3/0623 ,  G06F3/0655 ,  G06F3/0679 ,  G06F8/654 ,  G06F9/4401 ,  G06F9/4403 ,  G06F9/4406 ,  G06F21/12 ,  G06F21/54 ,  G06F21/57 ,  G06F21/572 ,  G06F21/575 ,  G06F21/602 ,  G06F21/64 ,  G06F21/72 ,  G06F21/75 ,  G06F21/79 ,  G06F21/82 ,  H04L9/088 ,  H04L9/0861 ,  H04L9/0894 ,  H04L9/14 ,  H04L9/3278 ,  G06F2221/033 ,  G06F2221/034 ,  G06F2221/0751 ,  G06F2221/0755

Abstract: Techniques in electronic systems, such as in systems including a processing chip and one or more external memory chips, provide improvements in one or more of system security (such as intrusion and/or virus/malware prevention), performance, cost, and efficiency. For example, the processing chip includes at least one CPU and circuitry enabling the at least one CPU to securely boot from an external, non-volatile memory chip containing encrypted, executable code. The circuitry comprises immutable hardware to copy the executable code from the non-volatile memory to another external memory from which the at least one CPU is able to access it. The encryption uses a key created at a manufacturing time of and unique to the processing chip that is never CPU-accessible, forming a secure hardware association between the processing chip and the non-volatile memory chip.