Lockstep mechanism to ensure security in hardware at power-up
First Claim
1. A method of securing an electronic device, the method comprising:
- initializing the electronic device in a disabled state;
receiving an access key vector;
comparing the access key vector to a stored access key; and
setting the electronic device to an enabled state based in part on a result of comparing the access key vector to the stored access key.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method of ensuring hardware security of a device, such as an integrated circuit having secure data stored thereon. The integrated circuit or other hardware device can implement one or more configurable fuses that limit access to one or more secure locations within the device. The secure locations may contain secure data. The state of the configurable fuses can be ensured, thereby limiting access to secure locations, by forcing the occurrence of a logical state prior to allowing access to hardware locations configured by the fuses. A configurable non-secure access code can be used to force the occurrence of the logical state. Receipt of the non-secure access code by the hardware device forces the occurrence of the hardware state, thereby ensuring access only to those secure locations configured by the fuses.
-
Citations
24 Claims
-
1. A method of securing an electronic device, the method comprising:
-
initializing the electronic device in a disabled state;
receiving an access key vector;
comparing the access key vector to a stored access key; and
setting the electronic device to an enabled state based in part on a result of comparing the access key vector to the stored access key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method of securing an electronic device, the method comprising:
-
initializing the electronic device in a boundary scan test disabled state;
receiving a non-secure access key vector via a boundary scan test interface;
comparing the non-secure access key vector to a stored access key;
performing an initialization process if the non-secure access key vector and the stored access key have a predetermined relationship;
sensing at least one fuse state following the initialization process; and
setting the electronic device to a boundary scan enabled state based in part on the at least one fuse state. - View Dependent Claims (12)
-
-
13. A secure electronic device, the device comprising:
-
means for receiving a non-secure access key vector via a boundary scan test interface;
means for comparing the non-secure access key vector to a stored access key;
means for performing an initialization process if the non-secure access key vector and the stored access key have a predetermined relationship;
means for sensing at least one fuse state following the initialization process; and
means for setting the electronic device to a boundary scan enabled state based in part on the at least one fuse state.
-
-
14. A secure electronic device, the device comprising:
-
a boundary scan interface configured to selectively provide a boundary scan access to the device based in part on a test access state;
an unlock chain module configured to receive an access key vector via the boundary scan interface;
an access key module configured to store an access key value; and
a comparator configured to compare the and initialize the test access state based in part on a relationship of the access key vector to the access key value. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. A secure test system, the system comprising:
-
a tester configured to store at least one test vector pre-pended by an access key vector;
an electronic device having a test interface coupled to the tester, the electronic device comprising;
a test access module configured to selectively provide a test access to the device based in part on a test access state;
an unlock chain module configured to receive an access key vector via the boundary scan interface;
an access key module configured to store an access key value; and
a comparator configured to compare the and initialize the test access state based in part on a relationship of the access key vector to the access key value.
-
Specification