Abstract: Tamper-proof electronic packages and fabrication methods are provided which include a glass substrate. The glass substrate is stressed glass with a compressively-stressed surface layer. Further, one or more electronic components are secured to the glass substrate within a secure volume of the tamper-proof electronic package. In operation, the glass substrate is configured to fragment with an attempted intrusion event into the electronic package, and the fragmenting of the glass substrate also fragments the electronic component(s) secured to the glass substrate, thereby destroying the electronic component(s). In certain implementations, the glass substrate has undergone ion-exchange processing to provide the stressed glass.

Abstract: Tamper-proof electronic packages and fabrication methods are provided which include a glass substrate. The glass substrate is stressed glass with a compressively-stressed surface layer. Further, one or more electronic components are secured to the glass substrate within a secure volume of the tamper-proof electronic package. In operation, the glass substrate is configured to fragment with an attempted intrusion event into the electronic package, and the fragmenting of the glass substrate also fragments the electronic component(s) secured to the glass substrate, thereby destroying the electronic component(s). In certain implementations, the glass substrate has undergone ion-exchange processing to provide the stressed glass.

Abstract: A method includes determining, by a persistent memory lockstep unit of a hardware security module, that a first processor is attempting to change a state of the hardware security module. The method also includes determining, by the persistent memory lockstep unit, whether a second processor has attempted the same change. The method also includes preventing the change until both the first processor and the second processor have attempted the same change. The method also includes permitting the change to the state of the hardware security module based on a determination that both the first processor and the second processor have both attempted the same change.

Abstract: A method includes determining, by a persistent memory lockstep unit of a hardware security module, that a first processor is attempting to change a state of the hardware security module. The method also includes determining, by the persistent memory lockstep unit, whether a second processor has attempted the same change. The method also includes preventing the change until both the first processor and the second processor have attempted the same change. The method also includes permitting the change to the state of the hardware security module based on a determination that both the first processor and the second processor have both attempted the same change.

Abstract: A method includes determining, by a tracker controller of a hardware security module, that a first processor has submitted a first request to access a computing resource. The method also includes determining, by the tracker controller, whether the first request and a second request both request access to the same computing resource. The second request is submitted by a second processor. The method also includes preventing access to the computing resource based on a determination that the first request and the second request do not request access to the same computing resource. The method also includes permitting access to the computing resource based on a determination that the first request and the second request both request access to the same computing resource.

Abstract: A method includes determining, by a tracker controller of a hardware security module, that a first processor has submitted a first request to access a computing resource. The method also includes determining, by the tracker controller, whether the first request and a second request both request access to the same computing resource. The second request is submitted by a second processor. The method also includes preventing access to the computing resource based on a determination that the first request and the second request do not request access to the same computing resource. The method also includes permitting access to the computing resource based on a determination that the first request and the second request both request access to the same computing resource.

Abstract: Tamper-respondent assemblies and methods of fabrication are provided which include a multi-layer stack having multiple discrete component layers stacked and electrically connected together via a plurality of electrical contacts in between the component layers. Further, the tamper-respondent assembly includes a tamper-respondent electronic circuit structure embedded within the multi-layer stack. The tamper-respondent electronic circuit structure includes at least one tamper-respondent sensor embedded, at least in part, within at least one component layer of the multiple discrete component layers of the multi-layer stack. The tamper-respondent electronic circuit structure defines a secure volume within the multi-layer stack. For instance, the tamper-respondent electronic circuit structure may be fully embedded within the multi-layer stack, with monitor circuitry of the tamper-respondent electronic circuit structure residing within the secure volume within the multi-layer stack.

Abstract: In one embodiment, a computer-implemented method includes assigning a time budget to each of a plurality of virtual functions in a single-root input/output (SRIOV) environment, where a first time budget of a first virtual function indicates a quantity of cycles on an engine of the SRIOV environment allowed to the first virtual function within a time slice. A plurality of requests issued by the plurality of virtual functions are selected by a computer processor, where the selecting excludes requests issued by virtual functions that have used their associated time budgets of cycles in a current time slice. The selected plurality of requests are delivered to the engine for processing. The time budgets of the virtual functions are reset and a new time slice begins, at the end of the current time slice.

Abstract: In one embodiment, a computer-implemented method includes assigning a time budget to each of a plurality of virtual functions in a single-root input/output (SRIOV) environment, where a first time budget of a first virtual function indicates a quantity of cycles on an engine of the SRIOV environment allowed to the first virtual function within a time slice. A plurality of requests issued by the plurality of virtual functions are selected by a computer processor, where the selecting excludes requests issued by virtual functions that have used their associated time budgets of cycles in a current time slice. The selected plurality of requests are delivered to the engine for processing. The time budgets of the virtual functions are reset and a new time slice begins, at the end of the current time slice.

Abstract: Methods of fabricating tamper-respondent assemblies with bond protection are provided which include at least one tamper-respondent sensor having unexposed circuit lines forming, at least in part, one or more tamper-detect network(s), and the tamper-respondent sensor having at least one external bond region. The tamper-respondent assembly further includes at least one conductive trace and an adhesive. The conductive trace(s) forms, at least in part, the one or more tamper-detect network(s), and is exposed, at least in part, on the tamper-respondent sensor(s) within the external bond region(s). The adhesive contacts the conductive trace(s) within the external bond region(s) of the tamper-respondent sensor(s), and the adhesive, in part, facilitates securing the at least one tamper-respondent sensor within the tamper-respondent assembly.

Abstract: Tamper-respondent assemblies and methods of fabrication are provided which include at least one tamper-respondent sensor having unexposed circuit lines forming, at least in part, one or more tamper-detect network(s), and the tamper-respondent sensor having at least one external bond region. The tamper-respondent assembly further includes at least one conductive trace and an adhesive. The conductive trace(s) forms, at least in part, the one or more tamper-detect network(s), and is exposed, at least in part, on the tamper-respondent sensor(s) within the external bond region(s). The adhesive contacts the conductive trace(s) within the external bond region(s) of the tamper-respondent sensor(s), and the adhesive, in part, facilitates securing the at least one tamper-respondent sensor within the tamper-respondent assembly. In enhanced embodiments, the conductive trace(s) is a chemically compromisable conductor susceptible to damage during a chemical attack on the adhesive within the external bond region(s).

Abstract: Tamper-proof electronic packages and fabrication methods are provided which include a glass substrate. The glass substrate is stressed glass with a compressively-stressed surface layer. Further, one or more electronic components are secured to the glass substrate within a secure volume of the tamper-proof electronic package. In operation, the glass substrate is configured to fragment with an attempted intrusion event into the electronic package, and the fragmenting of the glass substrate also fragments the electronic component(s) secured to the glass substrate, thereby destroying the electronic component(s). In certain implementations, the glass substrate has undergone ion-exchange processing to provide the stressed glass.

Abstract: Tamper-respondent assemblies and fabrication methods are provided which incorporate enclosure to circuit board protection. The tamper-respondent assemblies include a circuit board, and an electronic enclosure mounted to the circuit board and facilitating enclosing at least one electronic component within a secure volume. A tamper-respondent electronic circuit structure facilitates defining the secure volume, and the tamper-respondent electronic circuit structure includes a tamper-respondent circuit. An adhesive is provided to secure, in part, the electronic enclosure to the circuit board. The adhesive contacts, at least in part, the tamper-respondent circuit so that an attempted separation of the electronic enclosure from the circuit board causes the adhesive to break the tamper-respondent circuit, facilitating detection of the separation by a monitor circuit of the tamper-respondent electronic circuit structure.

Abstract: Tamper-proof electronic packages and fabrication methods are provided which include a glass enclosure enclosing, at least in part, at least one electronic component within a secure volume, and a tamper-respondent detector. The glass enclosure includes stressed glass with a compressively-stressed surface layer, and the tamper-respondent detector monitors, at least in part, the stressed glass to facilitate defining the secure volume. The stressed glass fragments with an attempted intrusion event through the stressed glass, and the tamper-respondent detector detects the fragmenting of the stressed glass. In certain embodiments, the stressed glass may be a machined glass enclosure that has undergone ion-exchange processing, and the compressively-stressed surface layer of the stressed glass may be compressively-stressed to ensure that the stressed glass fragments into glass particles of fragmentation size less than 1000 ?m with the intrusion event.

Abstract: Vented tamper-respondent assemblies and methods of fabrication are provided which include a multilayer circuit board, a tamper-detection sensor, and an in situ vent structure. The tamper-detection sensor is embedded within the multilayer circuit board, and defines, at least in part, a secure volume associated with the multilayer circuit board. The in situ vent structure is formed within the multilayer circuit board, and includes at least one vent channel. The vent channel(s) is in fluid communication with a space within the secure volume to facilitate venting the space of the secure volume. The space within the secure volume may accommodate, for instance, one or more electronic components to be protected, and the at least one vent channel may, for instance, allow air pressure within the space of the secure volume to equalize with air pressure external to the tamper-respondent assembly.

Abstract: Tamper-respondent assemblies and methods of fabrication are provided which include a multilayer circuit board, a tamper-detection sensor, and a vent structure. The tamper-detection sensor is embedded within the multilayer circuit board, and defines, at least in part, a secure volume associated with the multilayer circuit board. The vent structure is incorporated into the multilayer circuit board, and includes at least one vent channel. The vent channel(s) is in fluid communication with a space within the secure volume to facilitate venting the space of the secure volume. The space within the secure volume may accommodate, for instance, one or more electronic components to be protected, and the at least one vent channel may, for instance, allow air pressure within the space of the secure volume to equalize with air pressure external to the tamper-respondent assembly.

Abstract: Tamper-respondent assemblies and methods of fabrication are provided which include an enclosure, a tamper-detect sensor, a monitor, and a sensor connection adapter. The enclosure encloses, at least in part, one or more electronic components to be protected, and the tamper-detect sensor is disposed over an inner surface of the enclosure to facilitate defining a secure volume about the electronic component(s). The tamper-detect sensor includes sensor lines disposed over the inner surface of the enclosure, and the monitor monitors the tamper-detect sensor for a tamper event. The sensor connection adapter is coupled to the inner surface of the enclosure, and is disposed over the tamper-detect sensor within the secure volume. The sensor connection adapter facilitates electrically connecting the monitor to the sensor lines of the tamper-detect sensor.

Abstract: Tamper-respondent assemblies and methods of fabrication are provided which include a multi-layer stack having multiple discrete component layers stacked and electrically connected together via a plurality of electrical contacts in between the component layers. Further, the tamper-respondent assembly includes a tamper-respondent electronic circuit structure embedded within the multi-layer stack. The tamper-respondent electronic circuit structure includes at least one tamper-respondent sensor embedded, at least in part, within at least one component layer of the multiple discrete component layers of the multi-layer stack. The tamper-respondent electronic circuit structure defines a secure volume within the multi-layer stack. For instance, the tamper-respondent electronic circuit structure may be fully embedded within the multi-layer stack, with monitor circuitry of the tamper-respondent electronic circuit structure residing within the secure volume within the multi-layer stack.

Abstract: Tamper-proof electronic packages and fabrication methods are provided which include a glass enclosure enclosing, at least in part, at least one electronic component within a secure volume, and a tamper-respondent detector. The glass enclosure includes stressed glass with a compressively-stressed surface layer, and the tamper-respondent detector monitors, at least in part, the stressed glass to facilitate defining the secure volume. The stressed glass fragments with an attempted intrusion event through the stressed glass, and the tamper-respondent detector detects the fragmenting of the stressed glass. In certain embodiments, the stressed glass may be a machined glass enclosure that has undergone ion-exchange processing, and the compressively-stressed surface layer of the stressed glass may be compressively-stressed to ensure that the stressed glass fragments into glass particles of fragmentation size less than 1000 ?m with the intrusion event.

Abstract: Methods of fabricating tamper-respondent assemblies with bond protection are provided which include at least one tamper-respondent sensor having unexposed circuit lines forming, at least in part, one or more tamper-detect network(s), and the tamper-respondent sensor having at least one external bond region. The tamper-respondent assembly further includes at least one conductive trace and an adhesive. The conductive trace(s) forms, at least in part, the one or more tamper-detect network(s), and is exposed, at least in part, on the tamper-respondent sensor(s) within the external bond region(s). The adhesive contacts the conductive trace(s) within the external bond region(s) of the tamper-respondent sensor(s), and the adhesive, in part, facilitates securing the at least one tamper-respondent sensor within the tamper-respondent assembly.