Secure storage of program code for an embedded system
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06F-011/30
G06F-012/14
출원번호
UP-0286633
(2002-11-01)
등록번호
US-7802108
(2010-10-11)
발명자
/ 주소
Master, Paul L.
Murray, Eric
Mehegan, Joseph
Plunkett, Robert Thomas
출원인 / 주소
NVIDIA Corporation
대리인 / 주소
Patterson & Sheridan, LLP
인용정보
피인용 횟수 :
7인용 특허 :
83
초록
Aspects for securely storing program code of an embedded system includes accepting a digitation file from a distribution source into on-chip memory of an adaptive computing engine (ACE). The digitation file is then secured and transferred to off-chip memory.
대표청구항▼
What is claimed is: 1. A system to securely store a program code of an embedded system, the system comprising: a configurable integrated circuit, the configurable integrated circuit comprising: a memory to store a digitation file, the digitation file comprising a tightly coupled interdigitated stre
What is claimed is: 1. A system to securely store a program code of an embedded system, the system comprising: a configurable integrated circuit, the configurable integrated circuit comprising: a memory to store a digitation file, the digitation file comprising a tightly coupled interdigitated stream comprising configuration information and data to be processed, wherein the memory includes an adaptive silicon foundation, and wherein the digitation file, when applied to the adaptive silicon foundation, provides a hardware designation and software application for the adaptive silicon foundation, a plurality of computational elements, and an interconnection network, the interconnection network adapted to configure the plurality of computational elements in response to the configuration information to perform any one of a plurality of algorithms in response to the configuration information; and computer readable medium storage external to the configurable integrated circuit for receiving a plurality of segmented encrypted digitation files from the configurable integrated circuit, each of the plurality of segmented encrypted digitation files including one or more of the algorithms, wherein the configurable integrated circuit is further adapted to: encrypt each of the digitation files and hash each of the digitation files to form hash data, separate each of the encrypted digitation files into a set of data blocks, wherein a size of the data blocks is based on the functions and subroutines included in the encrypted digitation file and is further based on module types associated with the modules included in the configurable integrated circuit, transfer each data block in the set of data blocks to the computer readable medium storage, retain an encryption key and the hash data in on-chip memory, retrieve a selected one of the segmented digitation files from the computer readable medium storage, decrypt on-chip the retrieved segmented encrypted digitation file and hash the decrypted digitation file, and when the hash data of the decrypted digitation file matches the retained hash data, separate the decrypted digitation file into a set of data blocks, wherein the size of the data blocks is based on the functions and subroutines included in the decrypted digitation file and is further based on module types associated with the modules included in the configurable integrated circuit, and provide the configuration information of the retrieved segmented digitation file to the interconnection network to configure the plurality of computational elements into one of a plurality of modes of operation to process the coupled data of the retrieved digitation file according to an algorithm in the retrieved segmented digitation file. 2. The system of claim 1 wherein the computer readable medium storage further comprises storage of a host computer system. 3. The system of claim 1 wherein the configurable integrated circuit further verifies the digitation file data when retrieved from the computer readable medium storage before utilization. 4. The system of claim 3 wherein the configurable integrated circuit decrypts and hashes the retrieved digitation file data and halts use of the retrieved digitation file data when the hash data of the retrieved digitation file data does not match the hash data of the transferred digitation file. 5. The system of claim 4 wherein the digitation file further comprises data, and wherein configurable integrated circuit proceeds with digitation file data use when the hash of the returned digitation file data matches the hash of the transferred digitation file date. 6. A system as claimed in claim 1 wherein the modes of operation comprise differing calculations, algorithms or processing functions to support any one of a plurality of differing types of computational units. 7. The system as claimed in claim 6 wherein the types of units include linear operations, non-linear operations, format state machines, memory management and digitation level manipulation. 8. A system as claimed in claim 1, wherein the coupled data is processed within the next two processor cycles. 9. A method for securely transferring program code of a configurable integrated circuit in an embedded system from an off chip distribution source to an on chip memory of an adaptive computing engine which is operable in a plurality of different modes, the configurable integrated circuit comprising the memory, a plurality of computational elements and an interconnection network, the interconnection network adapted to configure the plurality of computational elements to execute one of a plurality of different modes of operation in response to the configuration information, the method comprising: encrypting a digitation file at the configurable integrated circuit, the digitation file comprising configuration information for a selected one of the modes of the configurable integrated circuit and coupled data to be executed by the integrated circuit upon being configured according to the mode, wherein the memory includes an adaptive silicon foundation, and wherein the digitation file, when applied to the adaptive silicon foundation, provides a hardware designation and software application for the adaptive silicon foundation; hashing the digitation file on chip to form hash data; separating the digitation file into a set of data blocks, wherein a size of the data blocks is based on the functions and subroutines included in the digitation file and is further based on module types associated with the modules included in the configurable integrated circuit; transferring the encrypted and separated digitation file to a data storage device, the data storage device receiving and storing a plurality of different encrypted and separated digitation files from the configurable integrated circuit, and retaining an encryption key and the hash data in the on chip memory; the configurable integrated circuit retrieving the encrypted and separated digitation file from the off chip data storage device and decrypting the encrypted and separated digitation file in response to a received command; hashing the decrypted digitation file; and when the hash data of the decrypted digitation file matches the retained hash data, separating the decrypted digitation file into a set of data blocks, wherein the size of the data blocks is based on the functions and subroutines included in the decrypted digitation file and is further based on module types associated with the modules included in the configurable integrated circuit, and providing configuration from the decrypted digitation file information to the interconnection network to configure the plurality of computational elements into one of the plurality of modes of operation as defined by the decrypted digitation file to process the coupled data of the decrypted digitation file according to the one mode of operation, whereby the configurable integrated circuit is protected from tampered digitation file data. 10. The method of claim 9 further comprising utilizing algorithms within the configurable integrated circuit for encrypting and hashing digitation file data being moved from the memory to the data storage device. 11. The method of claim 10 further comprising utilizing algorithms within the configurable integrated circuit for decrypting and hashing the digitation file data retrieved from the data storage device. 12. The method of claim 11 further determining within the configurable integrated circuit whether the hash data of the retrieved digitation file data matches the retained hash data of the digitation file, and halting use of the retrieved digitation file data when the hash does not match. 13. The method of claim 9 wherein the step of transferring comprises transferring the digitation file data as segmented blocks of program code. 14. The method of claim 9, including repeating the steps of retrieving, hashing and processing at the same configurable integrated circuit for a plurality of the different modes of operation as defined by the hashed digitation files. 15. A system as claimed in claim 9, wherein the coupled data is processed within the next two processor cycles.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (83)
Bennett Toby D. ; Davis Donald J. ; Harris Jonathan C. ; Miller Ian D., Apparatus and method for constructing data for transmission within a reliable communication protocol by performing portions of the protocol suite concurrently.
Robert D. Cassagnol ; Douglas M. Dillon ; David S. Kloper ; Sandra J. Weber ; Brandon E. Bautz, Apparatus for providing a secure processing environment.
Master, Paul L.; Watson, John, Apparatus, method and system for generating a unique hardware adaptation inseparable from correspondingly unique content.
Kawan Joseph C. (Hollywood CA) Takata Melvin M. (Hermosa Beach CA) Samulon Alfred S. (Malibu CA) Parekh Dilip J. (Los Angeles CA) Marks Harvey (Canoga Park CA) Caruthers Douglas W. (Marina Del Rey CA, Computer and telephone apparatus with user friendly interface and enhanced integrity features.
Martin Vorbach DE; Robert Munch DE, Internal bus system for DFPS and units with two- or multi-dimensional programmable cell architectures, for managing large volumes of data with a high interconnection complexity.
Fisher, Jr., David L.; Radcliffe, Matthew H.; Casimiro-Garcia, Cristina; Rivera, Jorge Arturo, Method and apparatus for formatting smart cards and card readers.
Bertolet Allan Robert ; Clinton Kim P.N. ; Gould Scott Whitney ; Keyser III Frank Ray ; Reny Timothy Shawn ; Zittritsch Terrance John, Method and system for layout and schematic generation for heterogeneous arrays.
Lin, Jyh-Han; Geiger, Robert L.; Smith, Ronald R.; Chan, Alan W.; Wanchoo, Sanjay, Method for authenticating a JAVA archive (JAR) for portable devices.
Cooke Laurence H. ; Phillips Christopher E. ; Wong Dale, Method for compiling high level programming languages into an integrated processor with reconfigurable logic.
Vorbach, Martin; Munch, Robert, Method for deadlock-free configuration of dataflow processors and modules with a two- or multidimensional programmable cell structure (FPGAs, DPGAs, etc.).
Wang, Alex C.; Chan, Wai Alan; Lin, Jy-Han; Geiger, Robert L.; Smith, Ronald R.; Wanchoo, Sanjay, Method for enforcing a time limited software license in a mobile communication device.
Martin Vorbach DE; Robert Munch DE, Method for hierarchical caching of configuration data having dataflow processors and modules having two-or multidimensional programmable cell structure (FPGAs, DPGAs, etc.)--.
Getreuer Kurt W. (Colorado Springs CO) Verboom Johannes J. (Bergeijk NLX) Sonneville Pierre R. (Weert NLX), Optical disk tracking and seeking systems specific track formats using discontinuities.
Force Gordon (San Jose CA) Davis Timothy D. (Arlington TX) Duncan Richard L. (Bedford TX) Norcross Thomas M. (Arlington TX) Shay Michael J. (Arlington TX) Short Timothy A. (Duncanville TX), Programmable distributed personal security.
Trimberger Stephen M. ; Carberry Richard A. ; Johnson Robert Anders ; Wong Jennifer, Programmable logic device including configuration data or user data memory slices.
Davis Donald J. ; Bennett Toby D. ; Harris Jonathan C. ; Miller Ian D. ; Edwards Stephen G., System and method for programming the hardware of field programmable gate arrays (FPGAs) and related reconfiguration resources as if they were software by creating hardware objects.
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter, Karl L.; Shear, Victor H.; Spahn, Francis J.; Van Wie, David M., Systems and methods for secure transaction management and electronic rights protection.
Martin Vorbach DE; Robert Munch DE, UNIT FOR PROCESSING NUMERIC AND LOGIC OPERATIONS FOR USE IN CENTRAL PROCESSING UNITS (CPUS), MULTIPROCESSOR SYSTEMS, DATA-FLOW PROCESSORS (DSPS), SYSTOLIC PROCESSORS AND FIELD PROGRAMMABLE GATE ARRAY.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.