Secure processing module and method for making the same

US 8,930,717 B2
Filed: 03/01/2012
Issued: 01/06/2015
Est. Priority Date: 03/01/2011
Status: Active Grant

First Claim

Patent Images

1. A method of making a trustworthy electronic processing module, comprising:

providing remotely, by a system comprising a processor, an untrustworthy fabrication facility with a partial technical specification of the electronic processing module, intentionally excluding a critical hardware design feature of the electronic processing module to obtain an excluded critical hardware design feature during the fabrication of the electronic processing module at the untrustworthy fabrication facility;

monitoring, by the system, from a trustworthy remote location, manufacture of the electronic processing module;

implementing remotely, by the system, from a trustworthy facility remote from the untrustworthy fabrication facility, the excluded critical hardware design feature, thereby completing manufacture of the trustworthy electronic processing module; and

monitoring, by the system, from a trustworthy remote location, one of trustworthiness of the electronic processing module, manufacturing methods of the untrustworthy fabrication facility, or both, and where the critical hardware design feature corresponds to a semiconductor chip design,wherein tests for manufacturing integrity at the untrusted fabrication facility comprise using orthogonal values from a scenario in which the module is being fabricated.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Described herein are devices and techniques related to implementation of a trustworthy electronic processing module. During fabrication, a manufacturer is provided with partial technical specifications that intentionally exclude at least one critical design feature. Fabrication of the electronic processing module is monitored from a trusted remote location; wherefrom, the intentionally excluded at least one critical design feature is implemented, thereby completing manufacture of the trustworthy electronic processing module. At least one of the acts of monitoring and implementing can be accomplished by instantiating executable software remotely from a trusted remote location and immediately prior to execution. It is the executable software that enables at least one of the acts of monitoring and implementing. Further, the instantiated executable software is removed or otherwise rendered inoperable immediately subsequent to execution. In some embodiments the critical design feature can be implemented within a configurable element, such as a field programmable gate array (FPGA).

Citations

17 Claims

1. A method of making a trustworthy electronic processing module, comprising:
- providing remotely, by a system comprising a processor, an untrustworthy fabrication facility with a partial technical specification of the electronic processing module, intentionally excluding a critical hardware design feature of the electronic processing module to obtain an excluded critical hardware design feature during the fabrication of the electronic processing module at the untrustworthy fabrication facility;
  
  monitoring, by the system, from a trustworthy remote location, manufacture of the electronic processing module;
  
  implementing remotely, by the system, from a trustworthy facility remote from the untrustworthy fabrication facility, the excluded critical hardware design feature, thereby completing manufacture of the trustworthy electronic processing module; and
  
  monitoring, by the system, from a trustworthy remote location, one of trustworthiness of the electronic processing module, manufacturing methods of the untrustworthy fabrication facility, or both, and where the critical hardware design feature corresponds to a semiconductor chip design,wherein tests for manufacturing integrity at the untrusted fabrication facility comprise using orthogonal values from a scenario in which the module is being fabricated.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, further comprising irrevocably changing, by the system, a state of the electronic processing module responsive to the monitoring detecting a lack of trustworthiness.
  - 3. The method of claim 2, wherein the irrevocably changing of the state of the electronic processing module renders the electronic processing module unfit for an intended purpose.
  - 4. The method of claim 1, wherein the monitoring occurs during subsequent use of a manufactured electronic processing module.
  - 5. The method of claim 1, wherein the implementing remotely of the excluded critical hardware design feature comprises enabling, by the system, communication between the electronic processing module and the trustworthy remote location using a controlled-access agent process.
  - 6. The method of claim 1, wherein one of the monitoring, the implementing, or both are accomplished by:
    - instantiating, by the system, at a trustworthy location remote from the untrustworthy fabrication facility, executable software in the electronic processing module to obtain instantiated executable software enabling the one of the monitoring, the implementing or both, wherein the instantiating occurs immediately prior to execution of the executable software; and
      
      rendering inoperable, by the system, the instantiated executable software immediately subsequent to execution.
  - 7. The method of claim 6, wherein at least one of instantiating and removing comprises pre-enabling, by the system, communication between the electronic processing module and the trustworthy facility using a controlled-access agent process.
  - 8. The method of claim 2, wherein irrevocably changing the state of the electronic processing module is detectable by monitors of subsequent manufacturing processes of the electronic processing module.
  - 9. The method of claim 1, wherein the monitoring of the trustworthiness of the electronic processing module comprises inserting, from a remote monitor, executable software into the electronic processing module to obtain inserted monitoring, wherein the inserting of the software occurs immediately before execution of the executable software.
  - 10. The method of claim 9, wherein the inserting of the software to obtain inserted software immediately before execution minimizes exposure of the inserted software to a manufacturing process of the electronic processing.
  - 11. The method of claim 10, further comprising inserting software into the remote manufacturing process to obtain inserted software, wherein the software is inserted just in time into the manufacturing process.
  - 12. The method of claim 10, wherein the inserted software imprints a number into the module, while being fabricated at one facility responsive to an investigation undertaken by the software, and wherein the remote monitor tests the number later in the manufacturing process at a second fabrication facility.
  - 13. The method of claim 12, wherein the tests at the second fabrication facility involves tests developed just-in-time that do not require the number being sent outside the module being manufactured.
  - 14. The method of claim 1, wherein the monitoring comprises:
    - obtaining an image of a hardware design of the electronic processing module as the manufacture of the electronic processing module proceeds to obtain an image of a manufactured hardware design of the electronic processing module; and
      
      comparing the image of the manufactured hardware design with a correct hardware design.

15. A machine-readable storage medium, comprising executable instructions which, responsive to being executed by a processor, cause the processor to perform operations comprising:
- providing remotely, by a system comprising a processor, an untrustworthy fabrication facility with a partial technical hardware specification of an electronic processing module, intentionally excluding a critical hardware design feature of the electronic processing module to obtain an excluded critical hardware design feature during the fabrication of the electronic processing module at the untrustworthy fabrication facility;
  
  monitoring, by the system, from a trustworthy remote location, manufacture of the electronic processing module;
  
  implementing remotely, by the system, from a trustworthy facility remote from the untrustworthy fabrication facility, the excluded critical hardware design feature, thereby completing manufacture of the electronic processing module; and
  
  monitoring, by the system, from a trustworthy remote location, one of trustworthiness of the electronic processing module, manufacturing methods of the untrustworthy fabrication facility, or both, and where the critical hardware design feature corresponds to a semiconductor chip design,wherein tests for manufacturing integrity at the untrusted fabrication facility comprise using orthogonal values from a scenario in which the module is being fabricated.
- View Dependent Claims (16, 17)
- - 16. The machine-readable storage medium of claim 15, further comprisingirrevocably changing a state of the electronic processing module responsive to the monitoring detecting a lack of trustworthiness.
  - 17. The machine-readable storage medium of claim 15, wherein one of the monitoring, the implementing, or both are accomplished by:
    - instantiating remotely from a trustworthy remote location and immediately prior to execution, executable software to obtain instantiated executable software enabling one of the monitoring, the implementing or both; and
      
      rendering inoperable the instantiated executable software immediately subsequent to execution.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
ANGEL Secure Networks, Inc.
Original Assignee
ANGEL Secure Networks, Inc.
Inventors
Smith, Fred Hewitt
Primary Examiner(s)
PERUNGAVOOR, VENKATANARAY

Application Number

US13/410,204
Publication Number

US 20120227117A1
Time in Patent Office

1,041 Days
Field of Search
US Class Current

713/192
CPC Class Codes

G06F 21/305   by remotely controlling dev...

G06F 21/56   Computer malware detection ...

G06F 21/57   Certifying or maintaining t...

G06F 21/76   in application-specific int...

G06F 2221/2115   Third party

H01L 22/20   Sequence of activities cons...

H04L 63/126   the source of the received ...

Secure processing module and method for making the same

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Secure processing module and method for making the same

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links