Semiconductor memory and system using the same
US-2016189802-A1 · Jun 30, 2016 · US
Detection of Hardware Tampering
US2016247002A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2016247002-A1 |
| Application number | US-201514628870-A |
| Country | US |
| Kind code | A1 |
| Filing date | Feb 23, 2015 |
| Priority date | Feb 23, 2015 |
| Publication date | Aug 25, 2016 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A trusted guard module stores one or more identifiers, each identifier uniquely identifying a respective electronic component of one or more electronic components in a circuit, wherein each electronic component is previously programmed with its respective identifier. In one embodiment, the one or more electronic components are in communication with the guard module via a test data channel. A query is sent from the guard module to one of the components via the test data channel, requesting that the queried component provide its respective identifier to the guard module. The guard module then receives a response from the queried component via the test data channel. The guard module compares the response to the stored identifier for the queried component. If the response fails to correspond to the stored identifier for the queried component, the guard module asserts an alarm condition.
First claim
Opening claim text (preview).
What is claimed is: 1 . A method comprising: storing one or more identifiers in a trusted guard module, each identifier uniquely identifying a respective electronic component of one or more electronic components in a circuit, wherein each electronic component of the one or more electronic components is previously programmed with its respective identifier; sending a query from the trusted guard module to a first electronic component of the one or more electronic components via a test data channel, the query requesting that the first electronic component provide its respective identifier to the guard module; receiving a response from the first electronic component via the test data channel; comparing the response to a stored identifier for the first electronic component; and when the response fails to correspond to the stored identifier for the first electronic component, asserting an alarm condition. 2 . The method of claim 1 , wherein the test data channel operates in a manner consistent with IEEE Standard 1149.1. 3 . The method of claim 1 , wherein the one or more identifiers each comprises an electronic chip identifier (ECID). 4 . The method of claim 1 , wherein the one or more identifiers each comprises a unique secret value. 5 . The method of claim 1 , wherein the trusted guard module derives its trust from a secure trust anchor. 6 . The method of claim 1 , further comprising: counting a number of clock cycles between the sending of the query and the receipt of the response; determining when the number of clock cycles is equal to an expected number of clock cycles for the first electronic component; and when the number of clock cycles is not equal to the expected number of clock cycles for the first electronic component, asserting the alarm condition. 7 . The method of claim 1 , further comprising: sending information regarding the alarm condition to an analysis module that is remote from the circuit; and sending information identifying the first electronic component to the analysis module. 8 . An apparatus, comprising: one or more electronic components; a guard module; and a test data channel connecting the one or more electronic components and the guard module in a boundary scan system, wherein the guard module comprises trusted logic that is configured to: store one or more identifiers in the guard module, each identifier uniquely identifying a respective one of the one or more electronic components, wherein each electronic component of the one or more electronic components is previously programmed with its respective identifier; send a query from the trusted guard module to a first electronic component of the one or more electronic components via the test data channel, the query requesting that the first electronic component provide its respective identifier to the guard module; receive a response from the first electronic component via the test data channel; compare the response to a stored identifier for the first electronic component; and when the response fails to correspond to the stored identifier for the first electronic component, assert an alarm condition. 9 . The apparatus of claim 8 , wherein the test data channel is configured to operate in a manner consistent with IEEE Standard 1149.1. 10 . The apparatus of claim 8 , wherein the one or more identifiers each comprises an electronic chip identifier (ECID). 11 . The apparatus of claim 8 , wherein the one or more identifiers each comprises a unique secret value. 12 . The apparatus of claim 8 , wherein the guard module derives its trust from a secure trust anchor. 13 . The apparatus of claim 8 , wherein the guard module is further configured to: count a number of clock cycles between sending the query and receipt of the response; determine when the number of clock cycles is equal to an expected number of clock cycles for the first electronic component; and when the number of clock cycles is not equal to an expected number of clock cycles for the first electronic component, assert the alarm condition. 14 . The apparatus of claim 8 , wherein the guard module is further configured to: send information regarding the alarm condition to an analysis module that is remote from the apparatus; and send information identifying the first electronic component to the analysis module. 15 . One or more non-transitory computer readable storage media encoded with software comprising computer executable instructions that, when executed on a programmable processor, are operable to: store one or more identifiers, each identifier uniquely identifying a respective one of one or more electronic components, wherein each electronic component of the one or more electronic components is previously programmed with its respective identifier; send a query to a first electronic component of the one or more electronic components via a test data channel, the query requesting that the first electronic component provide its respective identifier to a processor; receive a response from the first electronic component via the test data channel; compare the response to a stored identifier for the first electronic component; and when the response fails to correspond to the stored identifier for the first electronic component, assert an alarm condition. 16 . The computer readable storage media of claim 15 , wherein further comprising instructions operable to communicate over the test data channel in a manner consistent with IEEE Standard 1149.1. 17 . The computer readable storage media of claim 15 , wherein the one or more identifiers each comprises an electronic chip identifier (ECID). 18 . The computer readable storage media of claim 15 , wherein the one or more identifiers each comprises a unique secret value. 19 . The computer readable storage media of claim 15 , further comprising instructions that, when executed, are operable to: count the number of clock cycles between the sending of the query and the receipt of the response; determine when the number of clock cycles is equal to an expected number of clock cycles for the first electronic component; and when a number of clock cycles is not equal to an expected number of clock cycles for the first electronic component, assert the alarm condition. 20 . The computer readable storage media of claim 15 , further comprising instructions that, when executed, are operable to: send information regarding the alarm condition to an analysis module that is remote from the processor; and send information identifying the first electronic component to the analysis module.
Assignees
Inventors
Classifications
Challenge-response · CPC title
- G06F21/86Primary
Secure or tamper-resistant housings · CPC title
Detecting or preventing theft or loss · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2016247002A1 cover?
- A trusted guard module stores one or more identifiers, each identifier uniquely identifying a respective electronic component of one or more electronic components in a circuit, wherein each electronic component is previously programmed with its respective identifier. In one embodiment, the one or more electronic components are in communication with the guard module via a test data channel. A qu…
- Who is the assignee on this patent?
- Cisco Tech Inc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/86. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Thu Aug 25 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).