Abstract: An apparatus, system and method for protecting the confidentiality and integrity of a secure object running on a computer system by protecting the memory pages owned by the secure object, including assigning a secure object an ID, labeling the memory pages owned by a secure object with the ID of the secure object, maintaining an Access Control Monitor (ACM) table for the memory pages on the system, controlling access to memory pages by monitoring load and store instructions and comparing information in the ACM table with the ID of the software that is executing these instructions; and limiting access to a memory page to the owner of the memory page.

Abstract: An apparatus, system and method for protecting the confidentiality and integrity of a secure object running on a computer system by protecting the memory pages owned by the secure object, including assigning a secure object an ID, labeling the memory pages owned by a secure object with the ID of the secure object, maintaining an Access Control Monitor (ACM) table for the memory pages on the system, controlling access to memory pages by monitoring load and store instructions and comparing information in the ACM table with the ID of the software that is executing these instructions; and limiting access to a memory page to the owner of the memory page.

Abstract: A processor in a computer system, the processor including a mechanism supporting a Secure Object that comprises information that is protected so that other software on said computer system cannot access or undetectably tamper with said information, thereby protecting both a confidentiality and an integrity of the Secure Object information while making the Secure Object information available to the Secure Object itself during execution of the Secure Object. The mechanism includes a crypto mechanism that decrypts and integrity-checks Secure Object information as said Secure Object information moves into the computer system from an external storage system, and encrypts and updates an integrity value for Secure Object information as said Secure Object information moves out of the computer system to the external storage system, and a memory protection mechanism that protects the confidentiality and integrity of Secure Object information when that information is in the memory of the computer system.

Abstract: A processor in a computer system, the processor including a mechanism supporting a Secure Object that comprises information that is protected so that other software on said computer system cannot access or undetectably tamper with said information, thereby protecting both a confidentiality and an integrity of the Secure Object information while making the Secure Object information available to the Secure Object itself during execution of the Secure Object. The mechanism includes a crypto mechanism that decrypts and integrity-checks Secure Object information as said Secure Object information moves into the computer system from an external storage system, and encrypts and updates an integrity value for Secure Object information as said Secure Object information moves out of the computer system to the external storage system, and a memory protection mechanism that protects the confidentiality and integrity of Secure Object information when that information is in the memory of the computer system.

Abstract: A method, system, and computer program product for verification of a state transition machine (STM) are provided in the illustrative embodiments. The STM representing the operation of a circuit configured to perform a computation is received. A segment of the STM is selected from a set of segments of the STM. A set of properties of the segment is determined. The set of properties is translated into a hardware description to form a translation. The segment is verified by verifying whether all relationships between a pre-condition and a post condition in the translation hold true for any set of inputs and any initial state of a hardware design under test. A verification result for the segment is generated. Verification results for each segment in the set of segments are combined to generate a verification result for the STM.

Abstract: A method, system, and computer program product for improved model checking for verification of a state transition machine (STM) are provided. A hardware design under test and a property to be verified are received. A level (k) of induction proof needed for the verification is determined. A circuit representation of the property using the hardware design under test for k base cases is configured for checking that the circuit representation holds true for the property for each of the k base cases, and for testing an induction without hypothesis by testing whether the property holds true after k clock cycles starting from a randomized state, where induction without hypothesis is performed by omitting a test whether the property holds true for the next cycle after the property holds for k successive cycles. The induction proof of the property using the hardware design under test by induction without hypothesis is produced.

Abstract: A design structure including universal peripheral processor architecture on an integrated circuit (IC) includes a first data bus and a second data bus communicating with first and second ternary content addressable memory (TCAM) devices configured as state machines. First and second processors are coupled to the first bus interface logic and the second bus interface logic. First and second data storage devices communicate with the first and second processors and are coupled to the first and second data buses and communicate with each other. The TCAM devices are configured as state machines and are coupled to and adapted to interface with the processors, the data storage devices, and the bus interface logic using predefined protocols.

Abstract: A method, system, and computer program product for verification of a state transition machine (STM) are provided in the illustrative embodiments. The STM representing the operation of a circuit configured to perform a computation is received. A segment of the STM is selected from a set of segments of the STM. A set of properties of the segment is determined. The set of properties is translated into a hardware description to form a translation. The segment is verified by verifying whether all relationships between a pre-condition and a post condition in the translation hold true for any set of inputs and any initial state of a hardware design under test. A verification result for the segment is generated. Verification results for each segment in the set of segments are combined to generate a verification result for the STM.

Abstract: A method, system, and computer program product for improved model checking for verification of a state transition machine (STM) are provided. A hardware design under test and a property to be verified are received. A level (k) of induction proof needed for the verification is determined. A circuit representation of the property using the hardware design under test for k base cases is configured for checking that the circuit representation holds true for the property for each of the k base cases, and for testing an induction without hypothesis by testing whether the property holds true after k clock cycles starting from a randomized state, where induction without hypothesis is performed by omitting a test whether the property holds true for the next cycle after the property holds for k successive cycles. The induction proof of the property using the hardware design under test by induction without hypothesis is produced.

Abstract: A design structure including design data describing a semiconductor structure. The semiconductor structure includes a first semiconductor chip and a second semiconductor chip. The first semiconductor chip is on top of and bonded to the second semiconductor chip. The first and second semiconductor chips include a first and a second electric nodes. The second semiconductor chip further includes a first comparing circuit. The semiconductor structure further includes a first coupling via electrically connecting the first electric node of the first semiconductor chip to the first comparing circuit of the second semiconductor chip. The first comparing circuit is capable of (i) receiving an input signal from the second electric node directly, (ii) receiving an input signal from the first electric node indirectly through the first coupling via, and (iii) asserting a first mismatch signal in response to the input signals from the first and second electric nodes being different.

Abstract: A semiconductor structure and a method for operating the same. The semiconductor structure includes a first semiconductor chip and a second semiconductor chip. The first semiconductor chip is on top of and bonded to the second semiconductor chip. The first and second semiconductor chips include a first and a second electric nodes. The second semiconductor chip further includes a first comparing circuit. The semiconductor structure further includes a first coupling via electrically connecting the first electric node of the first semiconductor chip to the first comparing circuit of the second semiconductor chip. The first comparing circuit is capable of (i) receiving an input signal from the second electric node directly, (ii) receiving an input signal from the first electric node indirectly through the first coupling via, and (iii) asserting a first mismatch signal in response to the input signals from the first and second electric nodes being different.

Abstract: A design structure including universal peripheral processor architecture on an integrated circuit (IC) includes a first data bus and a second data bus communicating with first and second ternary content addressable memory (TCAM) devices configured as state machines. First and second processors are coupled to the first bus interface logic and the second bus interface logic. First and second data storage devices communicate with the first and second processors and are coupled to the first and second data buses and communicate with each other. The TCAM devices are configured as state machines and are coupled to and adapted to interface with the processors, the data storage devices, and the bus interface logic using predefined protocols.

Abstract: A design structure including design data describing a semiconductor structure. The semiconductor structure includes a first semiconductor chip and a second semiconductor chip. The first semiconductor chip is on top of and bonded to the second semiconductor chip. The first and second semiconductor chips include a first and a second electric nodes. The second semiconductor chip further includes a first comparing circuit. The semiconductor structure further includes a first coupling via electrically connecting the first electric node of the first semiconductor chip to the first comparing circuit of the second semiconductor chip. The first comparing circuit is capable of (i) receiving an input signal from the second electric node directly, (ii) receiving an input signal from the first electric node indirectly through the first coupling via, and (iii) asserting a first mismatch signal in response to the input signals from the first and second electric nodes being different.

Abstract: A universal peripheral processor architecture on an integrated circuit (IC) includes a first data bus and a second data bus communicating with first and second ternary content addressable memory (TCAM) devices configured as state machines. First and second processors are coupled to the first bus interface logic and the second bus interface logic. First and second data storage devices communicate with the first and second processors and are coupled to the first and second data buses and communicate with each other. The TCAM devices are configured as state machines and are coupled to and adapted to interface with the processors, the data storage devices, and the bus interface logic using predefined protocols.

Abstract: A data processing system may include an interconnect and first and second components coupled to the interconnect for data transfer therebetween. The first component contains a write pipeline that includes an address register and a queue including storage locations for a plurality of data granules. In response to receipt of a plurality of data granules that are each associated with a single address specified by the address register, the queue loads the plurality of data granules into sequential storage locations in order of receipt. Upon the queue being filled with a predetermined number of data granules, the queue outputs, to the second component via the interconnect, the predetermined number of data granules at least two at a time according to the order of receipt. Thus, data transfer efficiency is enhanced while maintaining the relative ordering of the data granules.