Abstract: A system for secure testing and provisioning of an integrated circuit (IC) includes, in part, a secure reconfigurable key provisioning architecture (SLEEVE) module disposed in the IC, and a secure asset provisioning hardware entity (SAPHE) module. The IC may include, in part, a modified IEEE 1500 wrapper to control its operation modes. The SLEEVE module may include, in part, an encoding/decoding module and an unlocking module. The encoding/decoding module may include, in part, a decode key stream cipher module, an encode key stream cipher module, Seed Key programmable linear-feedback shift registers (LFSRs), Initialization Vector (IV) LFSRs, and configuration registers. The encoding/decoding module may be configured to generate key bits for decoding and encoding inputs and outputs of the IC. The unlocking module may include, in part, a pattern matching block and a counter. The unlocking module may be configured to enable write access to the configuration registers.

Abstract: A system for secure testing and provisioning of an integrated circuit (IC) includes, in part, a secure reconfigurable key provisioning architecture (SLEEVE) module disposed in the IC, and a secure asset provisioning hardware entity (SAPHE) module. The IC may include, in part, a modified IEEE 1500 wrapper to control its operation modes. The SLEEVE module may include, in part, an encoding/decoding module and an unlocking module. The encoding/decoding module may include, in part, a decode key stream cipher module, an encode key stream cipher module, Seed Key programmable linear-feedback shift registers (LFSRs), Initialization Vector (IV) LFSRs, and configuration registers. The encoding/decoding module may be configured to generate key bits for decoding and encoding inputs and outputs of the IC. The unlocking module may include, in part, a pattern matching block and a counter. The unlocking module may be configured to enable write access to the configuration registers.

Abstract: Systems and methods generate the design of a tiled multi-core system-on-chip (SoC). Design specification defining a multitude of cores to be used in the tiled multi-core SoC is analyzed and a multitude of subsystems based on the plurality of cores is built. The subsystems are augmented with one or more network adapters to generate the design of the tiled multi-core SoC. To achieve this, a multitude of IP blocks defined by the specification are retrieved from a design library. Design metadata associated with the IP blocks are extracted. Next, a standardized interface is generated for each of the IP blocks using the design metadata. Thereafter, a bus interface is generated for the IP blocks. Next, a tiled synthesizable register-transfer level code for the SoC design is generated in accordance with received configuration information.

Abstract: Trusted virtual process execution contexts using secure distributed ledger are disclosed herein. An example system can be configured to determine an allowable state for an IoT endpoint node of the IoT endpoint nodes, the allowable state having one or more trusted parameters for the IoT endpoint node; hashing the one or more trusted parameters of the allowable state for the IoT endpoint node into a parameter hash; store the hashed, trusted parameters along with the parameter hash; hashed, trusted and provision the one or more trusted elements with the one or more trusted parameters for the IoT endpoint node when the one or more trusted parameters are verified.

Abstract: Trusted virtual process execution contexts using secure distributed ledger are disclosed herein. An example system can be configured to determine an allowable state for an IoT endpoint node of the IoT endpoint nodes, the allowable state having one or more trusted parameters for the IoT endpoint node; hashing the one or more trusted parameters of the allowable state for the IoT endpoint node into a parameter hash; store the hashed, trusted parameters along with the parameter hash; hashed, trusted and provision the one or more trusted elements with the one or more trusted parameters for the IoT endpoint node when the one or more trusted parameters are verified.

Abstract: Aspects of system-on-chip (SoC) security architecture that supports systematic and efficient implementation, validation, and in-field upgrade of security policies are described. In one example, an apparatus can include at least one intellectual property (IP) core, a centralized reconfigurable security policy engine (RSPE) and at least one security wrapper. The RSPE implements actionable constraint based on a security policy and at least one event frame. A security wrapper is associated with an IP core. The security wrapper is configured to communicate an event frame to the RSPE in response to an event.

Abstract: Aspects of system-on-chip (SoC) security architecture that supports systematic and efficient implementation, validation, and in-field upgrade of security policies are described. In one example, an apparatus can include at least one intellectual property (IP) core, a centralized reconfigurable security policy engine (RSPE) and at least one security wrapper. The RSPE implements actionable constraint based on a security policy and at least one event frame. A security wrapper is associated with an IP core. The security wrapper is configured to communicate an event frame to the RSPE in response to an event.