-
公开(公告)号:US12265772B2
公开(公告)日:2025-04-01
申请号:US17850560
申请日:2022-06-27
Applicant: Intel Corporation
Inventor: Scott Weber , Sean R. Atsatt , David Goldman
IPC: G06F30/34 , G06F111/04
Abstract: Methods and apparatus for extracting a setting of configuration bits to create an exclusion configuration for providing protection against peek and poke attacks in a multi-tenant usage model of a configurable device is provided. The device may host multiple parties that do not trust each other. Peek and poke attacks are orchestrated by tapping (peeking) and driving (poking) wires associated with other parties. Such attacks may be disabled by excluding the settings of configuration bits that would allow these attacks by other parties. This set of configuration bits that should be excluded for preventing all peek and poke attacks creates the exclusion configuration. Methods are described that disable a particular class of peek and/or poke attacks through the use of partial reconfiguration. Methods and apparatus are described to dynamically detect peek and/or poke attacks.
-
公开(公告)号:US20190050604A1
公开(公告)日:2019-02-14
申请号:US16020805
申请日:2018-06-27
Applicant: Intel Corporation
Inventor: Scott J. Weber , Sean R. Atsatt , Andrew Martyn Draper , David Goldman
Abstract: A programmable logic device verifies that configuration data permissibly programs the programmable logic device. The programmable logic device includes a programmable fabric having partitions to be programmed by the configuration data, a secure device manager that may generate masks based on the configuration data, and a local sector manager. The masks determine that the configuration data is configured to permissibly program the permitted partitions or that the permitted partitions have been permissibly programmed. The local sector manager applies the masks to generate an interleaved result, compares the interleaved result to an expected result, and sends an indication that the configuration data is configured to permissibly program the permitted partitions or permissibly programmed the permitted partitions in response to determining that the interleaved result is the expected result, or sends an alert to stop programming in response to determining that the interleaved result is not the expected result.
-
公开(公告)号:US20220327271A1
公开(公告)日:2022-10-13
申请号:US17850560
申请日:2022-06-27
Applicant: Intel Corporation
Inventor: Scott Weber , Sean R. Atsatt , David Goldman
IPC: G06F30/34
Abstract: Methods and apparatus for extracting a setting of configuration bits to create an exclusion configuration for providing protection against peek and poke attacks in a multi-tenant usage model of a configurable device is provided. The device may host multiple parties that do not trust each other. Peek and poke attacks are orchestrated by tapping (peeking) and driving (poking) wires associated with other parties. Such attacks may be disabled by excluding the settings of configuration bits that would allow these attacks by other parties. This set of configuration bits that should be excluded for preventing all peek and poke attacks creates the exclusion configuration. Methods are described that disable a particular class of peek and/or poke attacks through the use of partial reconfiguration. Methods and apparatus are described to dynamically detect peek and/or poke attacks.
-
4.
公开(公告)号:US11379645B2
公开(公告)日:2022-07-05
申请号:US15719413
申请日:2017-09-28
Applicant: Intel Corporation
Inventor: Scott Weber , Sean R. Atsatt , David Goldman
IPC: G06F30/34 , G06F111/04
Abstract: Methods and apparatus for extracting a setting of configuration bits to create an exclusion configuration for providing protection against peek and poke attacks in a multi-tenant usage model of a configurable device is provided. The device may host multiple parties that do not trust each other. Peek and poke attacks are orchestrated by tapping (peeking) and driving (poking) wires associated with other parties. Such attacks may be disabled by excluding the settings of configuration bits that would allow these attacks by other parties. This set of configuration bits that should be excluded for preventing all peek and poke attacks creates the exclusion configuration. Methods are described that disable a particular class of peek and/or poke attacks through the use of partial reconfiguration. Methods and apparatus are described to dynamically detect peek and/or poke attacks.
-
5.
公开(公告)号:US20190095567A1
公开(公告)日:2019-03-28
申请号:US15719413
申请日:2017-09-28
Applicant: Intel Corporation
Inventor: Scott Weber , Sean R. Atsatt , David Goldman
IPC: G06F17/50
Abstract: Methods and apparatus for extracting a setting of configuration bits to create an exclusion configuration for providing protection against peek and poke attacks in a multi-tenant usage model of a configurable device is provided. The device may host multiple parties that do not trust each other. Peek and poke attacks are orchestrated by tapping (peeking) and driving (poking) wires associated with other parties. Such attacks may be disabled by excluding the settings of configuration bits that would allow these attacks by other parties. This set of configuration bits that should be excluded for preventing all peek and poke attacks creates the exclusion configuration. Methods are described that disable a particular class of peek and/or poke attacks through the use of partial reconfiguration. Methods and apparatus are described to dynamically detect peek and/or poke attacks.
-
-
-
-