Abstract: The present disclosure relates to a process for verifying the integrity of software by a verification circuit, the process comprising: loading (401) the software into a first volatile memory; computing (402) a first verification value by the verification circuit; computing (403) a second verification value by applying a physically unclonable function to the first verification value; comparing (404), by the verification circuit, the second verification value with a reference value; and if it is found that the second verification value differs from the reference value, generating a warning signal (405) at the output of the verification circuit.

Abstract: A system includes a memory device configured to store data at addressable locations in the memory device, a physically unclonable function (PUF) device including an array of PUF elements, and a memory interface coupled to the memory device and the PUF device. The memory interface is configured to receive a request to store first data in the memory device, store the first data in the memory device at a first location of the memory device, and transmit the first data and the first location to the PUF device. The PUF device is configured to create a first challenge value using the first data and the first location, generate a first response value using the first challenge value, and store the first response value as a first data integrity tag in the memory device, wherein the first data integrity tag is associated with the first data.

Abstract: Systems and methods for secure enrollment of physical unclonable function devices include providing a device with an enrollment controller. The enrollment controller receives an enrollment request from an enrollment system and authenticates the request. If the request is authentic, the enrollment controller generates challenges in a pseudorandom order determined by a random seed that is shared with the enrollment system. The enrollment controller issues the challenges to interrogation circuitry coupled to a PUF array and records the responses. The responses are transmitted in encrypted form, and in the pseudorandom order, to the enrollment system. The responses are encrypted using a random number shared with the enrollment system. The enrollment system and the enrollment controller can independently generate the encryption key using the shared random number and/or other securely shared information.

Abstract: A system includes a memory device configured to store data at addressable locations in the memory device, a physically unclonable function (PUF) device including an array of PUF elements, and a memory interface coupled to the memory device and the PUF device. The memory interface is configured to receive a request to store first data in the memory device, store the first data in the memory device at a first location of the memory device, and transmit the first data and the first location to the PUF device. The PUF device is configured to create a first challenge value using the first data and the first location, generate a first response value using the first challenge value, and store the first response value as a first data integrity tag in the memory device, wherein the first data integrity tag is associated with the first data.

Abstract: Systems and methods for secure enrollment of physical unclonable function devices include providing a device with an enrollment controller. The enrollment controller receives an enrollment request from an enrollment system and authenticates the request. If the request is authentic, the enrollment controller generates challenges in a pseudorandom order determined by a random seed that is shared with the enrollment system. The enrollment controller issues the challenges to interrogation circuitry coupled to a PUF array and records the responses. The responses are transmitted in encrypted form, and in the pseudorandom order, to the enrollment system. The responses are encrypted using a random number shared with the enrollment system. The enrollment system and the enrollment controller can independently generate the encryption key using the shared random number and/or other securely shared information.

Abstract: An exemplary system for wrapping an intellectual property core (IP) bus master(s), can include, for example, a plurality of IP cores associated with the IP core bus master(s), and a wrapper module connected to a serial input of the IP core bus master(s) and a serial output of the IP core bus master(s), where the wrapper module can be configured to capture and shift a plurality of values of a system bus for a plurality of bus transfers associated with the IP core bus master(s) and the IP cores. The wrapper module can be further configured to modify a wrapper control logic and a wrapper boundary register of the IP core bus master(s). A plurality of terminals can be included, which can be coupled to the IP core bus master(s), and a plurality of wrapper cells can be included, which can be associated with the plurality of terminals.

Abstract: An exemplary system for wrapping an intellectual property core (IP) bus master(s), can include, for example, a plurality of IP cores associated with the IP core bus master(s), and a wrapper module connected to a serial input of the IP core bus master(s) and a serial output of the IP core bus master(s), where the wrapper module can be configured to capture and shift a plurality of values of a system bus for a plurality of bus transfers associated with the IP core bus master(s) and the IP cores. The wrapper module can be further configured to modify a wrapper control logic and a wrapper boundary register of the IP core bus master(s). A plurality of terminals can be included, which can be coupled to the IP core bus master(s), and a plurality of wrapper cells can be included, which can be associated with the plurality of terminals.

Abstract: The present disclosure relates to a method for executing, by a processor, a program read in a program memory, comprising steps of: detecting a program memory read address jump; providing prior to a jump address instruction for jumping a program memory read address, an instruction for storing the presence of the jump address instruction; and activating an error signal if an address jump has been detected and if the presence of a jump address instruction has not been stored. The present disclosure also relates to securing integrated circuits.

Abstract: An electronic circuit includes configurable cells each having a test input and an output. The configurable cells are connected to one another in a chain in a predefined order via their test input and their output to form a test register based on receiving a chaining command signal. The electronic circuit also includes a detection circuit activated by the chaining command signal to produce a state signal representing a state of initialization of a first set of configurable cells A multiplexing circuit selectively connects the test input of each configurable cell to a second set of the configurable cells either to the output of a preceding configurable cell or to an output of a decoy data generator based on the state signal.

Abstract: An electronic circuit includes configurable cells capable of being functionally linked to logic cells with which they cooperate to form at least one logic circuit if a chaining command signal is in a first (inactive) state. The electronic circuit also includes a logic interconnection circuit for performing the following functions if the chaining command signal is in a second (active) state. Functionally connecting the configurable cells in a linear feedback shift register if an authentication signal is in a first state, or functionally connecting the configurable cells in a chain in a predefined order to form a shift register if the authentication signal is in a second state.

Abstract: A method and a circuit for detecting a disturbance of a state of at least one first flip-flop from a group of several first flip-flops of an electronic circuit, wherein: the respective outputs of the first flip-flops in the group are, independently from their functional purpose, combined to provide a signal and its inverse, triggering two second flip-flops having data inputs forced to a same state, the respective outputs of the second flip-flops being combined to provide the result of the detection; and a pulse signal comprising a pulse at least for each triggering edge of one of the first flip-flops in the group initializes the second flip-flops.

Abstract: A method reads a datum saved in a memory by selecting an address of the memory in which the datum to be read is saved, reading the datum in the memory at the selected address, saving the datum read in a storage space, and when the memory is not being accessed by a CPU, reading the datum in the memory, reading the datum saved in the storage space, and activating an error signal if the datum read in the memory is different from the datum saved. The method can be applied particularly to the protection of smart card integrated circuits.

Abstract: An electronic circuit, including: a logic circuit having a plurality of logic cells; storage cells able to form a shift register, able to be connected to the logic cells; a connection control module having an input for the reception of an identification key, the module connecting the storage cells so as to form a test shift register when the receive input receives a valid identification key, and the module connecting the storage cells so as to form randomly a diversion circuit when the input does not receive a valid identification key. The invention allows the electronic circuit to be protected against fraudulent access in read or write mode. The invention also relates to a smart card including this electronic circuit.

Abstract: An electronic circuit comprises configurable cells driven by command signals to adopt either a standard mode of operation in which they are integrated into a logic circuit, or a test mode in which they provide information on this logic circuit. The circuit includes a spy circuit capable of detecting an abnormal excitation of certain of the conductors through which the command signals travel, thus preventing fraudulent extraction of data out of the configurable cells. The spy circuit includes a logic combination circuit and a state detection cell.

Abstract: An electronic circuit includes configurable cells with a test input and an output. The configurable cells are capable of being connected to one another in a chain in a predefined order via the test inputs and the outputs to form a test shift register if they receive a chaining command signal. A connection control module disconnects the test input from at least one configurable cell if the connection control module receives an invalid identification key. The connection control module leaves disconnected the test input from the at least one configurable cell, or applies a constant potential on the test input of the at least one configurable cell, or connects the test input of the at least one configurable cell at an output of a random-data generator.

Abstract: A method and a circuit for detecting a disturbance of a state of at least one first flip-flop from a group of several first flip-flops of an electronic circuit, wherein: the respective outputs of the first flip-flops in the group are, independently from their functional purpose, combined to provide a signal and its inverse, triggering two second flip-flops having data inputs forced to a same state, the respective outputs of the second flip-flops being combined to provide the result of the detection; and a pulse signal comprising a pulse at least for each triggering edge of one of the first flip-flops in the group initializes the second flip-flops.

Abstract: The present disclosure relates to a method for executing, by a processor, a program read in a program memory, comprising steps of: detecting a program memory read address jump; providing prior to a jump address instruction for jumping a program memory read address, an instruction for storing the presence of the jump address instruction; and activating an error signal if an address jump has been detected and if the presence of a jump address instruction has not been stored. The present disclosure also relates to securing integrated circuits.

Abstract: An electronic circuit comprises a plurality of configurable cells configured according to a chaining command signal. These configurable cells are configured either in a chained state in which the configurable cells are functionally connected in a chain to form a shift register, if the chaining command signal is in a first state, or in a functional state in which the configurable cells are functionally linked to logic cells with which they co-operate to form at least one logic circuit, if the mode command signal is in a second state. It is provided that a test data word will be preceded by a signature. The set formed by the digital signature and the data word forms a test sequence. The signature is verified before the introduction of the test data word by an appropriate detection circuit.

Abstract: An electronic circuit includes a plurality of configurable cells configured by a control circuit such as a test access controller when it receives a mode command signal: either in a functional state in which the configurable cells are functionally linked to logic cells with which they co-operate to form at least one logic circuit if the mode command signal is in a first state or in a chained state in which the configurable cells are functionally connected in a chain to form a shift register, if the mode command signal is in a second state. The electronic circuit also includes a detection circuit laid out to produce an active state signal if it detects a chained state of the configurable cells while the controller receives the mode command signal in the first state.

Abstract: An electronic circuit, including: a logic circuit having a plurality of logic cells; storage cells able to form a shift register, able to be connected to the logic cells; a connection control module having an input for the reception of an identification key, the module connecting the storage cells so as to form a test shift register when the receive input receives a valid identification key, and the module connecting the storage cells so as to form randomly a diversion circuit when the input does not receive a valid identification key. The invention allows the electronic circuit to be protected against fraudulent access in read or write mode. The invention also relates to a smart card including this electronic circuit.