-
公开(公告)号:US11562079B2
公开(公告)日:2023-01-24
申请号:US16662271
申请日:2019-10-24
Applicant: Infineon Technologies AG
Inventor: Albrecht Mayer , Reinhard Deml , Viola Rieger , Alexander Zeh
Abstract: In different example embodiments, a system-on-chip is provided. The system-on-chip can have a control circuit with a plurality of control circuit areas, wherein the control circuit is configured to control a device, a security circuit which has a separately secured key memory and a hardware accelerator for cryptographic operations, wherein the security circuit is configured to electively enable either a read-only access or a read and write access to at least one of the control circuit areas, wherein the security circuit is furthermore configured to provide a communication path by means of the key memory and the hardware accelerator for the secured communication with a diagnostic system disposed outside the security circuit, to make the selection between the read access and the read and write access to the at least one selected area of the control circuit depending on a certificate supplied to the security circuit and authenticated by means of information stored in the key memory, and to execute the read access or the read and write access.
-
公开(公告)号:US12099638B2
公开(公告)日:2024-09-24
申请号:US17403075
申请日:2021-08-16
Applicant: Infineon Technologies AG
Inventor: Avni Bildhaiya , Viola Rieger , Frank Hellwig , Alexander Zeh
CPC classification number: G06F21/74 , G06F21/50 , G06F21/554 , G06F21/62 , G07C5/0808
Abstract: A security hardware device is configured to secure a control apparatus. The security hardware device includes a data security domain; a functional safety domain; a data security processor provided in the data security domain and is configured to secure data from unauthorized access or manipulation; a functional safety processor provided in the functional safety domain and is configured to detect functional errors and generate respective safety alerts in response to detecting the functional errors; and a monitoring processor configured to analyze the respective safety alerts provided by the functional safety processor for at least one pattern of safety alerts indicative of a security attack and generate a response signal in response to the respective safety alerts having at least one of the at least one pattern of safety alerts.
-
公开(公告)号:US10972268B2
公开(公告)日:2021-04-06
申请号:US16134202
申请日:2018-09-18
Applicant: Infineon Technologies AG
Inventor: Alexander Zeh , Viola Rieger
Abstract: A Cryptographic Unit (CU) of a microcontroller, the CU including a first accelerator configured to generate first encrypted output data based on input data; and a second accelerator which is configured to be diversely implemented with respect to the first accelerator, and is configured to generate second encrypted output data based on the input data; and a comparator configured to compare a first comparator data obtained from the generation of the first encrypted output data with a second comparator data obtained from the generation of the second encrypted output data, and if the comparison indicates that the first and second comparator data differ, output an event signal pertaining to an event in a safety domain or a security domain.
-
公开(公告)号:US11531566B2
公开(公告)日:2022-12-20
申请号:US16946885
申请日:2020-07-10
Applicant: Infineon Technologies AG
Inventor: Viola Rieger , Uli Kretzschmar
Abstract: A message processing component may include an execution unit configurable to execute a set of tasks associated with one or more communication network messages. The set of tasks may include at least one of a message evaluation task or a cryptography task. The execution unit may be configured to provide functional safety in association with executing the set of tasks. The execution unit includes a set of time-multiplexed partitions. Each partition in the set of time-multiplexed partitions may be configurable to execute only one task included in the set of tasks. The message processing component may include an interface to one or more hardware accelerators available for use in association with the execution of the set of tasks. Only one partition, of the set of time-multiplexed partitions, may have access to the one or more hardware accelerators at a time.
-
公开(公告)号:US11227072B2
公开(公告)日:2022-01-18
申请号:US16108505
申请日:2018-08-22
Applicant: Infineon Technologies AG
Inventor: Avni Bildhaiya , Viola Rieger , Frank Hellwig , Alexander Zeh
Abstract: The present disclosure relates to a security device, a system, and a method for securing a control apparatus. The security device includes a data security unit which is configured to secure data, data communication and information, and includes a first security component inside the data security unit to operate in a first operating mode, and at least one first monitoring unit to operate in a high-availability mode which, said first monitoring unit being configured to detect a fault present in the first security component. The high-availability mode is different from the first operating mode. The security device further includes a second security component which is configured to operate in the high-availability mode and to output a first response signal if a fault is detected by the first monitoring, where the high-availability mode is available independently from the first operating mode.
-
公开(公告)号:US10970399B2
公开(公告)日:2021-04-06
申请号:US16161440
申请日:2018-10-16
Applicant: Infineon Technologies AG
Inventor: Alexander Zeh , Viola Rieger
Abstract: A method for processing data in a plurality of processing acts includes: configuring a plurality of processing circuits in a first configuration, in such a way that both a first and a second of the plurality of processing circuits execute a first of the plurality of processing acts; and configuring the plurality of processing circuits in a second configuration, in such a way that the first processing circuit executes a second processing act and the second processing circuit executes a third processing act, which is different than the second processing act. An apparatus is designed for carrying out the method.
-
公开(公告)号:US11861046B2
公开(公告)日:2024-01-02
申请号:US17302312
申请日:2021-04-29
Applicant: Infineon Technologies AG
Inventor: Viola Rieger , Manuela Meier , Andreas Graefe
CPC classification number: G06F21/72 , G06F11/0706 , G06F11/0751 , G06F11/0772 , G06F21/64 , H04L9/3242 , H04L2209/12
Abstract: A system may include a cryptographic accelerator to generate a first check value based on a payload received in a message, and provide the first check value to a first comparator and to a second comparator. The system may include the first comparator to receive the first check value from the cryptographic accelerator, determine whether the first check value matches a second check value, the second check value being a check value received in the message, and provide a first output indicating whether the first check value matches the second check value. The system may include the second comparator to receive the first check value from the cryptographic accelerator, determine whether the first check value matches the second check value, and provide a second output indicating whether the first check value matches the second check value.
-
公开(公告)号:US20220309169A1
公开(公告)日:2022-09-29
申请号:US17700643
申请日:2022-03-22
Applicant: Infineon Technologies AG
Inventor: Joerg Syassen , Avni Bildhaiya , Andreas Graefe , Albrecht Mayer , Manuela Meier , Viola Rieger
Abstract: A device includes a safety domain having a processing unit and a memory and is configured to provide at least one functionality and to implement one more safety measures for detecting faults. The safety domain is configured to transmit at least one alarm signal indicating one or more detected errors in response to detecting the faults. The device further includes a security domain having a processing unit and a memory and is configured to provide cryptographic services and to obtain alarm signals. The security domain is configured to perform security-related operations in a secure state in response to obtaining an alarm signal from the safety domain.
-
公开(公告)号:US11362823B2
公开(公告)日:2022-06-14
申请号:US16947725
申请日:2020-08-13
Applicant: Infineon Technologies AG
Inventor: Viola Rieger , Alexander Zeh
Abstract: A device is provided comprising a first memory for storing a first key, a second memory for storing a second key, the device being capable of conducting a first cryptographic algorithm, wherein the first cryptographic algorithm uses the first key, the device being capable of conducting a second cryptographic algorithm, wherein the second cryptographic algorithm uses the second key, and a selection unit, which is programmable to use either the first cryptographic algorithm or the second cryptographic algorithm. Also, a method for operating such device is provided.
-
公开(公告)号:US11308240B2
公开(公告)日:2022-04-19
申请号:US16051775
申请日:2018-08-01
Applicant: Infineon Technologies AG
Inventor: Alexander Zeh , Viola Rieger , Klaus Scheibert
Abstract: A method for cryptographic data processing by means of a circuit comprises using a first circuit section to perform a first cryptographic operation in order to obtain first cryptographic data. The method further includes transmitting the first cryptographic data to a second circuit section via a transmission area of the circuit that physically separates the second circuit section from the first circuit section and whose resistance to attacks is at most as high as the resistance of the first circuit section. The method includes using the second circuit section to perform a second cryptographic operation using the first cryptographic data in order to obtain second cryptographic data.
-
-
-
-
-
-
-
-
-