Fault-tolerant embedded root of trust using lockstep processor cores on an FPGA
First Claim
1. A field programmable gate array (FPGA) including a root of trust architecture, said architecture comprising:
- a system controller providing system control commands for the architecture;
a cryptography processor for performing a hash, symmetric and/or asymmetric key operation to provide a digital signature for authentication of controller-em bedded software that will be used in an external system processor; and
a lock-step fault-tolerant processor being responsive to messages from the system controller, said fault-tolerant processor including a plurality of soft lock-step cores, each soft lock-step core including separate memory and resources, where each core receives the same instructions and data and performs the same operations in lock-step with the other soft lock-step cores using its resources and provides an output message determined by the operations, said fault-tolerant processor including processor logic that selects one of the output messages from all of the soft lock-step cores to be output to the cryptography processor.
1 Assignment
0 Petitions
Accused Products
Abstract
A field programmable gate array (FPGA) including a root of trust architecture. The architecture includes a system controller providing system control commands for the architecture and a cryptography processor for performing a hash or key operation for authentication of controller-embedded software and attestation of correct firmware in external system resources. The architecture also includes a lock-step fault-tolerant processor being responsive to messages from the system controller, and including a plurality of soft lock-step cores. Each soft core including separate memory and resources and operating on the same input, where each soft core provides output messages that are analyzed by a logic in the fault-tolerant processor that selects one of the messages to be output to the cryptography processor.
39 Citations
20 Claims
-
1. A field programmable gate array (FPGA) including a root of trust architecture, said architecture comprising:
-
a system controller providing system control commands for the architecture; a cryptography processor for performing a hash, symmetric and/or asymmetric key operation to provide a digital signature for authentication of controller-em bedded software that will be used in an external system processor; and a lock-step fault-tolerant processor being responsive to messages from the system controller, said fault-tolerant processor including a plurality of soft lock-step cores, each soft lock-step core including separate memory and resources, where each core receives the same instructions and data and performs the same operations in lock-step with the other soft lock-step cores using its resources and provides an output message determined by the operations, said fault-tolerant processor including processor logic that selects one of the output messages from all of the soft lock-step cores to be output to the cryptography processor. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A field programmable gate array (FPGA) including a root of trust architecture, said architecture comprising:
-
a system controller providing system control commands for the architecture; a cryptography processor for providing authentication of controller-embedded software that will be used in an external system processor; and a lock-step fault-tolerant processor being responsive to messages from the system controller, said fault-tolerant processor including a plurality of soft lock-step cores, each soft lock-step core including separate memory and resources, where each core receives the same instructions and data and performs the same operations in lock-step with the other soft lock-step cores using its resources and provides an output message determined by the operations, said fault-tolerant processor including processor logic that selects one of the output messages from all of the soft lock-step cores to be output. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
-
18. A field programmable gate array (FPGA) including a root of trust architecture, said architecture comprising:
-
a system controller providing system control commands for the architecture; a cryptography processor for performing a hash, symmetric and/or asymmetric key operation to provide a digital signature for authentication of controller-em bedded software that will be used in an external system processor; a lock-step fault-tolerant processor being responsive to messages from the system controller, said fault-tolerant processor including a plurality of soft lock-step cores, each soft lock-step core including separate memory and resources, where each core receives the same instructions and data and performs the same operations in lock-step with the other soft lock-step cores using its resources and provides an output message determined by the operations, said fault-tolerant processor including processor logic that selects one of the output messages from all of the soft lock-step cores to be output to the cryptography processor; a non-volatile memory for storing keys for the cryptography processor; a physically unclonable function for generating the keys and/or a memory provisioned with keys; and user logic that receives and authenticates the keys and provides authenticated keys to the fault-tolerant processor. - View Dependent Claims (19, 20)
-
Specification