Secure dynamically reconfigurable logic
First Claim
1. A method, in a data processing system, for securely and dynamically reconfiguring reconfigurable logic, the method comprising:
- establishing, by a state machine within the data processing system, a hardware boundary to the reconfigurable logic within the data processing system thereby forming isolated reconfigurable logic;
clearing, by the state machine, any prior state existing within the isolated reconfigurable logic;
authenticating, by the state machine, a new configuration to be loaded into the isolated reconfigurable logic;
determining, by the state machine, whether the authentication of the new configuration is successful;
responsive to the authentication of the new configuration being successful, loading, by the state machine, the new configuration into the isolated reconfigurable logic; and
starting, by the state machine, operation of the isolated reconfigurable logic, wherein the hardware boundary restricts access such that the reconfigurable logic is only written to by the state machine and wherein none of the state or transitions inside the reconfigurable logic are observable except for modifications made by the reconfigurable logic to a non-secure communication area.
1 Assignment
0 Petitions
Accused Products
Abstract
A mechanism for securely and dynamically reconfiguring reconfigurable logic is provided. A state machine within a data processing system establishes a hardware boundary to the reconfigurable logic within the data processing system thereby forming isolated reconfigurable logic. The state machine clears any prior state existing within the isolated reconfigurable logic. The state machine authenticates a new configuration to be loaded into the isolated reconfigurable logic. The state machine determines whether the authentication of the new configuration is successful. Responsive to the authentication of the new configuration being successful, the state machine loads the new configuration into the isolated reconfigurable logic. The state machine then starts operation of the isolated reconfigurable logic.
29 Citations
22 Claims
-
1. A method, in a data processing system, for securely and dynamically reconfiguring reconfigurable logic, the method comprising:
-
establishing, by a state machine within the data processing system, a hardware boundary to the reconfigurable logic within the data processing system thereby forming isolated reconfigurable logic; clearing, by the state machine, any prior state existing within the isolated reconfigurable logic; authenticating, by the state machine, a new configuration to be loaded into the isolated reconfigurable logic; determining, by the state machine, whether the authentication of the new configuration is successful; responsive to the authentication of the new configuration being successful, loading, by the state machine, the new configuration into the isolated reconfigurable logic; and starting, by the state machine, operation of the isolated reconfigurable logic, wherein the hardware boundary restricts access such that the reconfigurable logic is only written to by the state machine and wherein none of the state or transitions inside the reconfigurable logic are observable except for modifications made by the reconfigurable logic to a non-secure communication area. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer program product comprising a non-transitory computer readable storage medium having a computer readable program stored therein, wherein the computer readable program, when executed on a computing device, causes the computing device to:
-
establish a hardware boundary to reconfigurable logic within a data processing system thereby forming isolated reconfigurable logic; clear any prior state existing within the isolated reconfigurable logic; authenticate a new configuration to be loaded into the isolated reconfigurable logic; determine whether the authentication of the new configuration is successful; responsive to the authentication of the new configuration being successful, load the new configuration into the isolated reconfigurable logic; and start an operation of the isolated reconfigurable logic, wherein the hardware boundary restricts access such that the reconfigurable logic is only written to by the state machine and wherein none of the state or transitions inside the reconfigurable logic are observable except for modifications made by the reconfigurable logic to a non-secure communication area. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. An apparatus, comprising:
-
a processor; and a memory coupled to the processor, wherein the memory comprises instructions which, when executed by the processor, cause the processor to; establish a hardware boundary to reconfigurable logic within a data processing system thereby forming isolated reconfigurable logic; clear any prior state existing within the isolated reconfigurable logic; authenticate a new configuration to be loaded into the isolated reconfigurable logic; determine whether the authentication of the new configuration is successful; responsive to the authentication of the new configuration being successful, load the new configuration into the isolated reconfigurable logic; and start an operation of the isolated reconfigurable logic, wherein the hardware boundary restricts access such that the reconfigurable logic is only written to by the state machine and wherein none of the state or transitions inside the reconfigurable logic are observable except for modifications made by the reconfigurable logic to a non-secure communication area. - View Dependent Claims (17, 18, 19, 20, 21, 22)
-
Specification