公开(公告)号：US12265772B2

公开(公告)日：2025-04-01

申请号：US17850560

申请日：2022-06-27

Applicant: Intel Corporation

Inventor： Scott Weber ,  Sean R. Atsatt ,  David Goldman

IPC: G06F30/34 ,  G06F111/04

Abstract: Methods and apparatus for extracting a setting of configuration bits to create an exclusion configuration for providing protection against peek and poke attacks in a multi-tenant usage model of a configurable device is provided. The device may host multiple parties that do not trust each other. Peek and poke attacks are orchestrated by tapping (peeking) and driving (poking) wires associated with other parties. Such attacks may be disabled by excluding the settings of configuration bits that would allow these attacks by other parties. This set of configuration bits that should be excluded for preventing all peek and poke attacks creates the exclusion configuration. Methods are described that disable a particular class of peek and/or poke attacks through the use of partial reconfiguration. Methods and apparatus are described to dynamically detect peek and/or poke attacks.

公开(公告)号：US20190050604A1

公开(公告)日：2019-02-14

申请号：US16020805

申请日：2018-06-27

Applicant: Intel Corporation

Inventor： Scott J. Weber ,  Sean R. Atsatt ,  Andrew Martyn Draper ,  David Goldman

IPC: G06F21/76 ,  G06F21/73 ,  G06F7/58 ,  H03M13/27

Abstract: A programmable logic device verifies that configuration data permissibly programs the programmable logic device. The programmable logic device includes a programmable fabric having partitions to be programmed by the configuration data, a secure device manager that may generate masks based on the configuration data, and a local sector manager. The masks determine that the configuration data is configured to permissibly program the permitted partitions or that the permitted partitions have been permissibly programmed. The local sector manager applies the masks to generate an interleaved result, compares the interleaved result to an expected result, and sends an indication that the configuration data is configured to permissibly program the permitted partitions or permissibly programmed the permitted partitions in response to determining that the interleaved result is the expected result, or sends an alert to stop programming in response to determining that the interleaved result is not the expected result.

公开(公告)号：US20220327271A1

公开(公告)日：2022-10-13

申请号：US17850560

申请日：2022-06-27

Applicant: Intel Corporation

Inventor： Scott Weber ,  Sean R. Atsatt ,  David Goldman

IPC: G06F30/34

Abstract: Methods and apparatus for extracting a setting of configuration bits to create an exclusion configuration for providing protection against peek and poke attacks in a multi-tenant usage model of a configurable device is provided. The device may host multiple parties that do not trust each other. Peek and poke attacks are orchestrated by tapping (peeking) and driving (poking) wires associated with other parties. Such attacks may be disabled by excluding the settings of configuration bits that would allow these attacks by other parties. This set of configuration bits that should be excluded for preventing all peek and poke attacks creates the exclusion configuration. Methods are described that disable a particular class of peek and/or poke attacks through the use of partial reconfiguration. Methods and apparatus are described to dynamically detect peek and/or poke attacks.

公开(公告)号：US11379645B2

公开(公告)日：2022-07-05

申请号：US15719413

申请日：2017-09-28

Applicant: Intel Corporation

Inventor： Scott Weber ,  Sean R. Atsatt ,  David Goldman

IPC: G06F30/34 ,  G06F111/04

Abstract: Methods and apparatus for extracting a setting of configuration bits to create an exclusion configuration for providing protection against peek and poke attacks in a multi-tenant usage model of a configurable device is provided. The device may host multiple parties that do not trust each other. Peek and poke attacks are orchestrated by tapping (peeking) and driving (poking) wires associated with other parties. Such attacks may be disabled by excluding the settings of configuration bits that would allow these attacks by other parties. This set of configuration bits that should be excluded for preventing all peek and poke attacks creates the exclusion configuration. Methods are described that disable a particular class of peek and/or poke attacks through the use of partial reconfiguration. Methods and apparatus are described to dynamically detect peek and/or poke attacks.

公开(公告)号：US20190095567A1

公开(公告)日：2019-03-28

申请号：US15719413

申请日：2017-09-28

Applicant: Intel Corporation

Inventor： Scott Weber ,  Sean R. Atsatt ,  David Goldman

IPC: G06F17/50

Abstract: Methods and apparatus for extracting a setting of configuration bits to create an exclusion configuration for providing protection against peek and poke attacks in a multi-tenant usage model of a configurable device is provided. The device may host multiple parties that do not trust each other. Peek and poke attacks are orchestrated by tapping (peeking) and driving (poking) wires associated with other parties. Such attacks may be disabled by excluding the settings of configuration bits that would allow these attacks by other parties. This set of configuration bits that should be excluded for preventing all peek and poke attacks creates the exclusion configuration. Methods are described that disable a particular class of peek and/or poke attacks through the use of partial reconfiguration. Methods and apparatus are described to dynamically detect peek and/or poke attacks.