Integrated circuit with peek and poke protection circuitry for multi-tenant usage model

    公开(公告)号:US12265772B2

    公开(公告)日:2025-04-01

    申请号:US17850560

    申请日:2022-06-27

    Abstract: Methods and apparatus for extracting a setting of configuration bits to create an exclusion configuration for providing protection against peek and poke attacks in a multi-tenant usage model of a configurable device is provided. The device may host multiple parties that do not trust each other. Peek and poke attacks are orchestrated by tapping (peeking) and driving (poking) wires associated with other parties. Such attacks may be disabled by excluding the settings of configuration bits that would allow these attacks by other parties. This set of configuration bits that should be excluded for preventing all peek and poke attacks creates the exclusion configuration. Methods are described that disable a particular class of peek and/or poke attacks through the use of partial reconfiguration. Methods and apparatus are described to dynamically detect peek and/or poke attacks.

    ON-DEVICE BITSTREAM VALIDATION
    2.
    发明申请

    公开(公告)号:US20190050604A1

    公开(公告)日:2019-02-14

    申请号:US16020805

    申请日:2018-06-27

    Abstract: A programmable logic device verifies that configuration data permissibly programs the programmable logic device. The programmable logic device includes a programmable fabric having partitions to be programmed by the configuration data, a secure device manager that may generate masks based on the configuration data, and a local sector manager. The masks determine that the configuration data is configured to permissibly program the permitted partitions or that the permitted partitions have been permissibly programmed. The local sector manager applies the masks to generate an interleaved result, compares the interleaved result to an expected result, and sends an indication that the configuration data is configured to permissibly program the permitted partitions or permissibly programmed the permitted partitions in response to determining that the interleaved result is the expected result, or sends an alert to stop programming in response to determining that the interleaved result is not the expected result.

    INTEGRATED CIRCUIT WITH PEEK AND POKE PROTECTION CIRCUITRY FOR MULTI-TENANT USAGE MODEL

    公开(公告)号:US20220327271A1

    公开(公告)日:2022-10-13

    申请号:US17850560

    申请日:2022-06-27

    Abstract: Methods and apparatus for extracting a setting of configuration bits to create an exclusion configuration for providing protection against peek and poke attacks in a multi-tenant usage model of a configurable device is provided. The device may host multiple parties that do not trust each other. Peek and poke attacks are orchestrated by tapping (peeking) and driving (poking) wires associated with other parties. Such attacks may be disabled by excluding the settings of configuration bits that would allow these attacks by other parties. This set of configuration bits that should be excluded for preventing all peek and poke attacks creates the exclusion configuration. Methods are described that disable a particular class of peek and/or poke attacks through the use of partial reconfiguration. Methods and apparatus are described to dynamically detect peek and/or poke attacks.

    Integrated circuit with peek and poke protection circuitry for a multi-tenant usage model

    公开(公告)号:US11379645B2

    公开(公告)日:2022-07-05

    申请号:US15719413

    申请日:2017-09-28

    Abstract: Methods and apparatus for extracting a setting of configuration bits to create an exclusion configuration for providing protection against peek and poke attacks in a multi-tenant usage model of a configurable device is provided. The device may host multiple parties that do not trust each other. Peek and poke attacks are orchestrated by tapping (peeking) and driving (poking) wires associated with other parties. Such attacks may be disabled by excluding the settings of configuration bits that would allow these attacks by other parties. This set of configuration bits that should be excluded for preventing all peek and poke attacks creates the exclusion configuration. Methods are described that disable a particular class of peek and/or poke attacks through the use of partial reconfiguration. Methods and apparatus are described to dynamically detect peek and/or poke attacks.

    INTEGRATED CIRCUIT WITH PEEK AND POKE PROTECTION CIRCUITRY FOR A MULTI-TENANT USAGE MODEL

    公开(公告)号:US20190095567A1

    公开(公告)日:2019-03-28

    申请号:US15719413

    申请日:2017-09-28

    Abstract: Methods and apparatus for extracting a setting of configuration bits to create an exclusion configuration for providing protection against peek and poke attacks in a multi-tenant usage model of a configurable device is provided. The device may host multiple parties that do not trust each other. Peek and poke attacks are orchestrated by tapping (peeking) and driving (poking) wires associated with other parties. Such attacks may be disabled by excluding the settings of configuration bits that would allow these attacks by other parties. This set of configuration bits that should be excluded for preventing all peek and poke attacks creates the exclusion configuration. Methods are described that disable a particular class of peek and/or poke attacks through the use of partial reconfiguration. Methods and apparatus are described to dynamically detect peek and/or poke attacks.

Patent Agency Ranking