摘要:
Partial configuration of programmable circuitry with validation for an integrated circuit is described. An integrated circuit with programmable circuitry is obtained. The programmable circuitry is configured with a first bitstream in a non-dynamic mode of operation, after which the integrated circuit includes a configuration controller coupled to a buffer, an internal configuration access port, and an error checker. A portion of a second bitstream is loaded into the buffer for a dynamic partial configuration mode of operation. The portion of the second bitstream loaded into the buffer is validated with the error checker as being acceptable, after which the portion of the second bitstream is instantiated in the programmable circuitry via the internal configuration access port.
摘要:
In one embodiment of the invention, a method is provided for protecting against attacks on security of a programmable integrated circuit (IC). At least a portion of an encrypted bitstream input to the programmable IC is decrypted with a cryptographic key stored in the programmable IC. A number of failures to decrypt the encrypted bitstream is tracked. The tracked number is stored in a memory of the programmable IC that retains the number across on-off power cycles of the programmable IC. In response to the number of failures exceeding a threshold, data that prevents the decryption key from being used for a subsequent decryption of a bitstream is stored in the programmable IC.
摘要:
In one embodiment, a cryptographic device is provided. The cryptographic device includes a persistent memory and a decryption control circuit coupled to the persistent memory. The decryption control circuit is configured to receive an encrypted data stream and decrypt a first portion of the encrypted data stream using a first cryptographic key stored in the persistent memory, the first portion including a second cryptographic key. The decryption circuit is configured to decrypt a second portion of the encrypted data stream using the second cryptographic key, the second portion of the encrypted data stream including payload data.
摘要:
Methods and systems for redundant operation of a first and second processor are provided. A set of instructions is executed in parallel on the first and second processors. In response to a first access transaction for a peripheral device being issued from execution of an instruction by the first processor, the first processor suspends operation. In response to the first access transaction being a write transaction, the write transaction is not issued to the peripheral device until the second processor executes the instruction and issues a second access transaction that is equal to the write transaction. In response to the first access transaction being a read transaction, the read transaction is not issued to the peripheral device until the second processor executes the instruction.
摘要:
A system and method are provided for verifying implementation of a logic core in a complete bitstream. A logic core bitstream is extracted from the complete bitstream. The logic core bitstream is compared to a reference bitstream of the logic core for a target device. In response to no discrepancy in the comparison of the logic core bitstream and the reference bitstream, a data value is stored indicating that the logic core implementation contained in the complete bitstream is verified.
摘要:
A method of verifying a triple module redundant circuit. The method comprises providing three circuits, each comprising a redundant circuit; coupling a feedback voter circuit at the output of each circuit of the three circuits, each feedback voter receiving the output of each of the three circuits; disabling a first circuit of the three circuits; enabling the first circuit; disabling a second circuit of the three circuits; and verifying the output of the triple module redundant design to determine whether an error has occurred. A article of manufacture for verifying a design implemented as a triple redundancy module is also described.
摘要:
Methods and tools for detecting and correcting problems arising in the configuration process of a programmable logic device are described. An analyzer is used to aid a user in debugging the configuration process. The analyzer can access the programmable logic device through a boundary scan architecture such as JTAG. The analyzer can step through the configuration process, capturing the data received by the programmable logic device at each step, and compare that captured data with expected data. Mismatches can indicate errors in the configuration process, and the analyzer can help a user correct such errors.