Abstract: Methods, circuits, and systems for preventing data remanence in memory systems are provided. Original data is stored in a first memory, which may be a static random access memory (SRAM). Data is additionally stored in a second memory. Data in the first memory is periodically inverted, preventing data remanence in the first memory. The data in the second memory is periodically inverted concurrently with the data in the first memory. The data in the second memory is used to keep track of the inversion state of the data in the first memory. The original data in the first memory can be reconstructed performing a logical exclusive-OR operation between the data in the first memory and the data in the second memory.

Abstract: Methods, circuits, and systems for preventing data remanence in memory systems are provided. Original data is stored in a first memory, which may be a static random access memory (SRAM). Data is additionally stored in a second memory. Data in the first memory is periodically inverted, preventing data remanence in the first memory. The data in the second memory is periodically inverted concurrently with the data in the first memory. The data in the second memory is used to keep track of the inversion state of the data in the first memory. The original data in the first memory can be reconstructed performing a logical exclusive-OR operation between the data in the first memory and the data in the second memory.

Abstract: Methods, circuits, and systems for preventing data remanence in memory systems are provided. Original data is stored in a first memory, which may be a static random access memory (SRAM). Data is additionally stored in a second memory. Data in the first memory is periodically inverted, preventing data remanence in the first memory. The data in the second memory is periodically inverted concurrently with the data in the first memory. The data in the second memory is used to keep track of the inversion state of the data in the first memory. The original data in the first memory can be reconstructed performing a logical exclusive-OR operation between the data in the first memory and the data in the second memory.

Abstract: Circuits, methods, and apparatus that provide for protection of configuration bitstreams from theft. One exemplary embodiment receives a scrambled configuration bitstream with an integrated circuit. The scrambled configuration bitstream is descrambled using a plurality of multiplexers under control of a security key. A configuration bitstream is received in portions. One specific embodiment uses a key stored in memory to control a bank of multiplexers that descramble each of the received portions of the configuration bitstream. Other embodiments store longer keys, and use portions of the keys to descramble one or more portions of their respective configuration bitstreams. The outputs of the multiplexers are then stored in configuration memory cells.

Abstract: Configuration data for a programmable integrated circuit device is at least partially encrypted according to at least one encryption scheme. A plurality of key stores store a plurality of decryption keys for the at least one encryption scheme. Control circuitry identifies a required key from the at least partially encrypted configuration data and generates a key selection signal. Key selection circuitry responsive to the key selection signal reads the plurality of key stores and provides the required key to the control circuitry. The control circuitry may include decryption circuitry that decrypts the at least partially encrypted configuration data using the required key. In some embodiments, different portions of the configuration data, which may represent separate partial reconfigurations of the device, require different decryption keys. Keys may be generated from combinations of the contents of the key stores.

Abstract: A kill switch is provided that, when triggered, may cause the programmable logic device (PLD) to become at least partially reset, disabled, or both. The kill switch may be implemented as a fuse or a volatile battery-backed memory bit. When, for example, a security threat is detected, the switch may be blown, and a reconfiguration of the device initiated in order to zero or clear some or all of the memory and programmable logic of the PLD.

Abstract: Integrated circuits may include partial reconfiguration (PR) circuitry for reconfiguring a portion of a memory array. The PR circuitry may include a host circuit, a control circuit, an address register, and first, second, and third data registers. The host circuit may send a series of PR instructions to the control circuit. The control circuit may include a decompression circuit for decompressing compressed instructions, a decryption circuit for decrypting encrypted instructions, an error checking circuit for detecting errors in the instructions, and a logic circuit. The address register may select a desired frame. The selected frame may be loaded into the third data register. The contents of the third data register may be shifted into the first data register. The contents of the first data register may be modified according to a desired logic function using the logic circuit, shifted into the second data register, and written into the selected frame.

Abstract: Configuration data for a programmable integrated circuit device is at least partially encrypted according to at least one encryption scheme. A plurality of key stores store a plurality of decryption keys for the at least one encryption scheme. Control circuitry identifies a required key from the at least partially encrypted configuration data and generates a key selection signal. Key selection circuitry responsive to the key selection signal reads the plurality of key stores and provides the required key to the control circuitry. The control circuitry may include decryption circuitry that decrypts the at least partially encrypted configuration data using the required key. In some embodiments, different portions of the configuration data, which may represent separate partial reconfigurations of the device, require different decryption keys. Keys may be generated from combinations of the contents of the key stores.

Abstract: Circuits, methods, and apparatus that provide for protection of configuration bitstreams from theft. One exemplary embodiment receives a scrambled configuration bitstream with an integrated circuit. The scrambled configuration bitstream is descrambled using a plurality of multiplexers under control of a security key. A configuration bitstream is received in portions. One specific embodiment uses a key stored in memory to control a bank of multiplexers that descramble each of the received portions of the configuration bitstream. Other embodiments store longer keys, and use portions of the keys to descramble one or more portions of their respective configuration bitstreams. The outputs of the multiplexers are then stored in configuration memory cells.

Abstract: Configuration data for a programmable integrated circuit device is at least partially encrypted according to at least one encryption scheme. A plurality of key stores store a plurality of decryption keys for the at least one encryption scheme. Control circuitry identifies a required key from the at least partially encrypted configuration data and generates a key selection signal. Key selection circuitry responsive to the key selection signal reads the plurality of key stores and provides the required key to the control circuitry. The control circuitry may include decryption circuitry that decrypts the at least partially encrypted configuration data using the required key. In some embodiments, different portions of the configuration data, which may represent separate partial reconfigurations of the device, require different decryption keys. Keys may be generated from combinations of the contents of the key stores.

Abstract: Systems and methods are disclosed for securing a programmable integrated circuit device against an over-voltage attack. Generally, programmable devices, such as FPGAs, contain volatile memory registers that may store sensitive information. To prevent tampering and/or reverse engineering of such a programmable device, an over-voltage detection circuit may be employed to disable the device and/or erase the sensitive information stored on the device when an over-voltage attack is suspected. In particular, once the over-voltage detection circuit detects that the voltage applied to the programmable device exceeds a trigger voltage, it may cause logic circuitry to erase the sensitive information stored on the device. Desirably, the over-voltage detection circuit includes components arranged in such a way as to render current consumption negligible when the voltage applied to the programmable device, e.g., by a battery, remains below the trigger voltage.

Abstract: Systems and methods are provided for destroying or erasing circuitry elements, data, or both, such as transistors, volatile keys, or fuse blocks, located in an integrated circuit device. An initiation signal may be provided to induce latch-up in a circuitry element in response to a user command, a tampering event, or both. As a result of the latch-up effect, the circuitry element, data, or both may be destroyed or erased.

Abstract: A kill switch is provided that, when triggered, may cause the programmable logic device (PLD) to become at least partially reset, disabled, or both. The kill switch may he implemented as a fuse or a volatile battery-backed memory bit. When, for example, a security threat is detected, the switch may be blown, and a reconfiguration of the device initiated in order to zero or clear some or all of the memory and programmable logic of the PLD.

Abstract: Integrated circuits may include partial reconfiguration (PR) circuitry for reconfiguring a portion of a memory array. The PR circuitry may include a host circuit, a control circuit, an address register, and first, second, and third data registers. The host circuit may send a series of PR instructions to the control circuit. The control circuit may include a decompression circuit for decompressing compressed instructions, a decryption circuit for decrypting encrypted instructions, an error checking circuit for detecting errors in the instructions, and a logic circuit. The address register may select a desired frame. The selected frame may be loaded into the third data register. The contents of the third data register may be shifted into the first data register. The contents of the first data register may be modified according to a desired logic function using the logic circuit, shifted into the second data register, and written into the selected frame.

Abstract: A kill switch is provided that, when triggered, may cause the programmable logic device (PLD) to become at least partially reset, disabled, or both. The kill switch may be implemented as a fuse or a volatile battery-backed memory bit. When, for example, a security threat is detected, the switch may be blown, and a reconfiguration of the device initiated in order to zero or clear some or all of the memory and programmable logic of the PLD.

Abstract: A method to configure a programmable device is disclosed. The method includes receiving a scrambled configuration data at the programmable device. A bit sequence of a device tag that is stored in the programmable device is verified by determining whether the bit sequence of the device tag stored in the programmable device matches a bit sequence of a device tag within the scrambled configuration data. If the bit sequences match, the scrambled configuration data is transferred to a data re-formatter for descrambling. The descrambled configuration data is then transferred to a configuration memory of the programmable device. Circuitry that enables the method is also disclosed.

Abstract: Systems and methods are disclosed for securing a programmable integrated circuit device against an over-voltage attack. Generally, programmable devices, such as FPGAs, contain volatile memory registers that may store sensitive information. To prevent tampering and/or reverse engineering of such a programmable device, an over-voltage detection circuit may be employed to disable the device and/or erase the sensitive information stored on the device when an over-voltage attack is suspected. In particular, once the over-voltage detection circuit detects that the voltage applied to the programmable device exceeds a trigger voltage, it may cause logic circuitry to erase the sensitive information stored on the device. Desirably, the over-voltage detection circuit includes components arranged in such a way as to render current consumption negligible when the voltage applied to the programmable device, e.g., by a battery, remains below the trigger voltage.

Abstract: Configuration data for a programmable integrated circuit device is at least partially encrypted according to at least one encryption scheme. A plurality of key stores store a plurality of decryption keys for the at least one encryption scheme. Control circuitry identifies a required key from the at least partially encrypted configuration data and generates a key selection signal. Key selection circuitry responsive to the key selection signal reads the plurality of key stores and provides the required key to the control circuitry. The control circuitry may include decryption circuitry that decrypts the at least partially encrypted configuration data using the required key. In some embodiments, different portions of the configuration data, which may represent separate partial reconfigurations of the device, require different decryption keys. Keys may be generated from combinations of the contents of the key stores.

Abstract: A kill switch is provided that, when triggered, may cause the programmable logic device (PLD) to become at least partially reset, disabled, or both. The kill switch may be implemented as a fuse or a volatile battery-backed memory bit. When, for example, a security threat is detected, the switch may be blown, and a reconfiguration of the device initiated in order to zero or clear some or all of the memory and programmable logic of the PLD.

Abstract: Systems and methods are provided for destroying or erasing circuitry elements, data, or both, such as transistors, volatile keys, or fuse blocks, located in an integrated circuit device. An initiation signal may be provided to induce latch-up in a circuitry element in response to a user command, a tampering event, or both. As a result of the latch-up effect, the circuitry element, data, or both may be destroyed or erased.