Fault-tolerant embedded root of trust using lockstep processor cores on an FPGA

US 10,606,764 B1
Filed: 10/02/2017
Issued: 03/31/2020
Est. Priority Date: 10/02/2017
Status: Active Grant

First Claim

Patent Images

1. A field programmable gate array (FPGA) including a root of trust architecture, said architecture comprising:

a system controller providing system control commands for the architecture;

a cryptography processor for performing a hash, symmetric and/or asymmetric key operation to provide a digital signature for authentication of controller-em bedded software that will be used in an external system processor; and

a lock-step fault-tolerant processor being responsive to messages from the system controller, said fault-tolerant processor including a plurality of soft lock-step cores, each soft lock-step core including separate memory and resources, where each core receives the same instructions and data and performs the same operations in lock-step with the other soft lock-step cores using its resources and provides an output message determined by the operations, said fault-tolerant processor including processor logic that selects one of the output messages from all of the soft lock-step cores to be output to the cryptography processor.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A field programmable gate array (FPGA) including a root of trust architecture. The architecture includes a system controller providing system control commands for the architecture and a cryptography processor for performing a hash or key operation for authentication of controller-embedded software and attestation of correct firmware in external system resources. The architecture also includes a lock-step fault-tolerant processor being responsive to messages from the system controller, and including a plurality of soft lock-step cores. Each soft core including separate memory and resources and operating on the same input, where each soft core provides output messages that are analyzed by a logic in the fault-tolerant processor that selects one of the messages to be output to the cryptography processor.

39 Citations

View as Search Results

20 Claims

1. A field programmable gate array (FPGA) including a root of trust architecture, said architecture comprising:
- a system controller providing system control commands for the architecture;
  
  a cryptography processor for performing a hash, symmetric and/or asymmetric key operation to provide a digital signature for authentication of controller-em bedded software that will be used in an external system processor; and
  
  a lock-step fault-tolerant processor being responsive to messages from the system controller, said fault-tolerant processor including a plurality of soft lock-step cores, each soft lock-step core including separate memory and resources, where each core receives the same instructions and data and performs the same operations in lock-step with the other soft lock-step cores using its resources and provides an output message determined by the operations, said fault-tolerant processor including processor logic that selects one of the output messages from all of the soft lock-step cores to be output to the cryptography processor.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The FPGA according to claim 1 wherein the plurality of soft lock-step cores is two soft lock-step cores.
  - 3. The FPGA according to claim 2 wherein the processor logic is a comparator logic.
  - 4. The FPGA according to claim 1 wherein the plurality of soft lock-step cores is three or more soft lock-step cores.
  - 5. The FPGA according to claim 4 wherein the processor logic is a voting logic.
  - 6. The FPGA according to claim 1 wherein the architecture further comprises a non-volatile memory for storing keys for the cryptography processor.
  - 7. The FPGA according to claim 6 wherein the architecture further comprises a physically unclonable function for generating the keys and/or a memory provisioned with keys.
  - 8. The FPGA according to claim 6 wherein the architecture further comprises user logic that receives and authenticates the keys and provides authenticated keys to the fault-tolerant processor.
  - 9. The FPGA according to claim 1 wherein the FPGA is part of an aircraft system on an aircraft.
  - 10. The FPGA according to claim 9 wherein the aircraft system is a safety critical system.

11. A field programmable gate array (FPGA) including a root of trust architecture, said architecture comprising:
- a system controller providing system control commands for the architecture;
  
  a cryptography processor for providing authentication of controller-embedded software that will be used in an external system processor; and
  
  a lock-step fault-tolerant processor being responsive to messages from the system controller, said fault-tolerant processor including a plurality of soft lock-step cores, each soft lock-step core including separate memory and resources, where each core receives the same instructions and data and performs the same operations in lock-step with the other soft lock-step cores using its resources and provides an output message determined by the operations, said fault-tolerant processor including processor logic that selects one of the output messages from all of the soft lock-step cores to be output.
- View Dependent Claims (12, 13, 14, 15, 16, 17)
- - 12. The FPGA according to claim 11 wherein the plurality of soft lock-step cores is two soft lock-step cores.
  - 13. The FPGA according to claim 12 wherein the processor logic is a comparator logic.
  - 14. The FPGA according to claim 11 wherein the plurality of soft lock-step cores is three or more soft lock-step cores.
  - 15. The FPGA according to claim 14 wherein the processor logic is a voting logic.
  - 16. The FPGA according to claim 11 wherein the FPGA is part of an aircraft system on an aircraft.
  - 17. The FPGA according to claim 16 wherein the aircraft system is a safety critical system.

18. A field programmable gate array (FPGA) including a root of trust architecture, said architecture comprising:
- a system controller providing system control commands for the architecture;
  
  a cryptography processor for performing a hash, symmetric and/or asymmetric key operation to provide a digital signature for authentication of controller-em bedded software that will be used in an external system processor;
  
  a lock-step fault-tolerant processor being responsive to messages from the system controller, said fault-tolerant processor including a plurality of soft lock-step cores, each soft lock-step core including separate memory and resources, where each core receives the same instructions and data and performs the same operations in lock-step with the other soft lock-step cores using its resources and provides an output message determined by the operations, said fault-tolerant processor including processor logic that selects one of the output messages from all of the soft lock-step cores to be output to the cryptography processor;
  
  a non-volatile memory for storing keys for the cryptography processor;
  
  a physically unclonable function for generating the keys and/or a memory provisioned with keys; and
  
  user logic that receives and authenticates the keys and provides authenticated keys to the fault-tolerant processor.
- View Dependent Claims (19, 20)
- - 19. The FPGA according to claim 18 wherein the plurality of soft lock-step cores is two soft lock-step cores.
  - 20. The FPGA according to claim 18 wherein the plurality of soft lock-step cores is three or more soft lock-step cores.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Northrop Grumman Systems Corporation (Northrop Grumman Corporation)
Original Assignee
Northrop Grumman Systems Corporation (Northrop Grumman Corporation)
Inventors
Kravit, Gregory D., Weidele, Kenneth R., McKinney, Kenneth F.
Primary Examiner(s)
Duncan, Marc
Assistant Examiner(s)
Gibson, Jonathan D

Application Number

US15/722,651
Time in Patent Office

911 Days
Field of Search
US Class Current
CPC Class Codes

G06F 11/1608   Error detection by comparin...

G06F 11/1629   Error detection by comparin...

G06F 11/1637   using additional compare fu...

G06F 11/183   by voting, the voting not b...

G06F 12/1408   by using cryptography for d...

G06F 21/123   by using dedicated hardware...

G06F 21/57   Certifying or maintaining t...

G06F 21/76   in application-specific int...

G06F 2212/1052   Security improvement

G06F 2221/2101   Auditing as a secondary aspect

H04L 2209/24   Key scheduling, i.e. genera...

Fault-tolerant embedded root of trust using lockstep processor cores on an FPGA

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

39 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Fault-tolerant embedded root of trust using lockstep processor cores on an FPGA

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

39 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links