公开(公告)号：US10223531B2

公开(公告)日：2019-03-05

申请号：US15396052

申请日：2016-12-30

Applicant: Google Inc.

Inventor： Marius Schilder ,  Timothy Chen ,  Scott Johnson ,  Harrison Pham ,  Derek Martin

IPC: G06F21/57 ,  G06F21/30 ,  H04L9/08 ,  G01R31/3185 ,  G01R31/317 ,  G06F21/73 ,  G06F21/74 ,  G06F21/75 ,  G06F21/79 ,  G11C7/24 ,  G11C16/22 ,  G11C29/36 ,  G11C29/40 ,  G11C29/46 ,  G11C17/14 ,  G11C17/18 ,  G11C29/04 ,  G11C29/44

Abstract: A semiconductor chip device include device state fuses that may be used to configure various device states and corresponding security levels for the semiconductor chip as it transitions from wafer manufacturing to provisioned device. The device states and security levels prevent the semiconductor chip from being accessed and exploited, for example, during manufacturing testing. A secure boot flow process for a semiconductor chip over its lifecycle is also disclosed. The secure boot flow may start at the wafer manufacturing stage and continue on through the insertion of keys and firmware.

公开(公告)号：US09946899B1

公开(公告)日：2018-04-17

申请号：US15294525

申请日：2016-10-14

Applicant: Google Inc.

Inventor： William Wesson ,  Scott Johnson ,  Lynn Bos

IPC: G06F21/00 ,  G06F21/76 ,  G06F21/50 ,  G06F1/14 ,  G06F1/26

CPC classification number: G06F21/76 ,  G06F1/14 ,  G06F1/26 ,  G06F21/50 ,  G06F21/87 ,  H01L23/576

Abstract: Provided are systems, methods, and apparatus for protecting an integrated circuit against invasive attacks and various forms of tampering. A defensive mechanism is an active physical security shield that includes an array of traces at a high metal of the integrated circuit, covering a high percentage of the surface area of that layer, and a collection of digital logic components that drive signals across the traces. The driving of the signals across the traces is done in an active manner such that a short, open, or stuck-at fault on any of the traces is detected within a very short period of time. The active security system is connected to or in communication with an alert response mechanism, such that a fault detected by the security system results in a signal being sent to the alert response mechanism.

公开(公告)号：US10331410B2

公开(公告)日：2019-06-25

申请号：US15347593

申请日：2016-11-09

Applicant: Google Inc.

Inventor： William Wesson ,  Scott Johnson ,  Karthika Periyathambi ,  Lynn Bos

IPC: G06F7/58 ,  G06F21/55

Abstract: A true random number generator (TRNG) uses an analog circuit with a ring oscillator configured to collapse from an unstable oscillation state to a stable oscillation state at a random collapse time and counter counting a counter value representing the random collapse time. Various techniques are used to harden the TRNG including a truncator generating a true random number based on a truncation of the reference count value and a dedicated voltage regulator supplying power to the analog core including the ring oscillator. Techniques also include various solutions for drawing a constant current such as using a Gray code counter and adding noise current during and/or after the collapse event with a dummy inverter chain. Bit churning, bit obfuscation entropy enhancers and various post processing techniques may be employed to further harden the TRNG. An attack detection module may raise alerts when the TRNG is being attacked.

公开(公告)号：US10126966B1

公开(公告)日：2018-11-13

申请号：US15247626

申请日：2016-08-25

Applicant: GOOGLE INC.

Inventor： Benjamin Charles Serebrin ,  Scott Johnson ,  Timothy Chen

IPC: G06F3/06 ,  G11C16/32 ,  G06F21/52 ,  G11C16/28

Abstract: A method for reading a first data bit from a non-volatile memory of a memory system is disclosed. The N most-significant bits are stored for each of M words in a rotated storage section. Address bits are serially received according to the clock signals. Before receiving a final address bit, a rotated word made up of the most significant bit of the M words is fetched from the rotated storage section. Address bits are serially received and rotated words are fetched until the N most-significant bits of the M words have been fetched. Then, un-rotated words are serially fetched from the non-volatile memory. Within one clock signal of the final address bit receipt, a bit is selected out of the fetched rotated words based on the received address bits. The first data bit is returned based on the selected bit and un-rotated words are returned based on the address.

公开(公告)号：US10133497B1

公开(公告)日：2018-11-20

申请号：US15247199

申请日：2016-08-25

Applicant: GOOGLE INC.

Inventor： Benjamin Charles Serebrin ,  Timothy Chen ,  Scott Johnson

IPC: G06F3/06 ,  G06F21/52

Abstract: A method in a memory system having a security device and a serial external electrically erasable read-only memory (EEPROM) is disclosed. The method includes accepting N bits of a command prefix and matching the bits to command filtering rules. Upon matching the prefix to a command filtering rule, the method may perform a filter action associated with the matched rule. When the command prefix is for a destructive command prefix that can modify data in the EEPROM, the filter action may convert the command into a non-destructive command and inspect it for authentication. The converted command may be output to the external EEPROM without security processing in the security device and the external EEPROM may return read data without outputting. When the command prefix is for a non-destructive command prefix, the command may be allowed to pass through the external EEPROM unchanged without performing security processing in the security device.