Abstract: A masked-vector-comparison instruction specifies a source vector operand comprising a plurality of source data elements, a mask value, and a comparison target operand. In response to the masked-vector-comparison instruction, an instruction decoder 10 controls processing circuitry 16 to: for each active source data element of the source vector operand, determine whether the active source data element satisfies a comparison condition, based on a masked comparison between one or more compared bits of the active source data element and one or more compared bits of the comparison target operand, the mask value specifying a pattern of compared bits and non-compared bits within the comparison target operand and the active source data element; and generate a result value indicative of which of the source data elements of the source vector operand, if any, is an active source data element satisfying the comparison condition. This instruction is useful for variable length decoding operations.

Abstract: Memory control circuitry controls access to data stored in memory, and memory security circuitry generates encrypted data to be stored in the memory. The encrypted data is based on target data and a first one-time-pad (OTP). In response to an OTP update event indicating that the first OTP is to be updated to a second OTP different from the first OTP, the memory security circuitry generates a re-encryption value based on the first OTP and the second OTP, and the memory security circuitry to issues a re-encryption request to cause updated encrypted data to be generated in a downstream component based on the encrypted data and the re-encryption value and to cause the encrypted data to be replaced in the memory by the updated encrypted data.

Abstract: An apparatus comprises capability checking circuitry 86 to perform a capability validity checking operation to determine whether use of a capability satisfies one or more use-limiting conditions. The capability comprises a pointer and pointer-use-limiting information specifying the one or more use-limiting conditions. The one or more use-limiting conditions comprise at least an allowable range of addresses for the pointer. In response to a capability write request requesting that a capability is written to a memory location associated with a capability write target address, when capability write address tracking is enabled, capability write address tracking circuitry 200 updates a capability write address tracking structure 100 based on the capability write target address.

Abstract: A method of operation concealment for a cryptographic system includes randomly selecting which one of at least two cryptographic operation blocks receives a key to apply a valid operation to data and outputs a result that is used for subsequent operations. Noise can be added by operating the other of the at least two cryptographic operation blocks using a modified key. The modified key can be generated by mixing the key with a block-unique-identifier, a device secret, a slowly adjusting output of a counter, or a combination thereof. In some cases, noise can be added to a cryptographic system by transforming input data of the other cryptographic operation block(s) by mixing the input data with the block-unique-identifier, device secret, counter output, or a combination thereof. A cryptographic system with operation concealment can further include a distributed (across a chip) or interweaved arrangement of subblocks of the cryptographic operation blocks.

Abstract: Analytics processing circuitry can include a data scavenger and a data analyzer coupled to receive the data from the data scavenger. The data scavenger collects data from at least one element of interest of a plurality of elements of interest of an IC. The data analyzer identifies patterns in the data from the data scavenger over a time frame or for a snapshot of time based on a predefined metric. The analytics processing circuitry can further include a moderator and a risk predictor. The risk predictor generates a risk assessment regarding whether the data collected by the data scavenger is indicative of normal behavior or abnormal behavior based at least on the output of the data analyzer and a behavioral model for the IC, which can be device and application specific. A threat response can be performed based on the risk assessment.

Abstract: A data processing apparatus (2) has scalar processing circuitry (32-42) and vector processing circuitry (38, 40, 42). When executing main scalar processing on the scalar processing circuitry (32-42), or main vector processing using a subset of said plurality of lanes on the vector processing circuitry (38, 40, 42), checker processing is executed using at least one lane of the plurality of lanes on the vector processing circuitry (38, 40, 42), the checker processing comprising operations corresponding to at least part of the main scalar/vector processing. Errors can then be detected based on a comparison of an outcome of the main processing and an outcome of the checker processing. This provides a technique for achieving functional safety in a high end processor with better performance and reduced hardware cost compared to a dual/triple core lockstep approach.

Abstract: An apparatus and method are provided for maintaining a counter value. The apparatus has first counter control circuitry for maintaining a first counter value representing a first portion of a hybrid counter value, and second counter control circuitry for maintaining a second counter value representing a second portion of the hybrid counter value, wherein the second portion is a higher order portion of the hybrid counter value than the first portion. The first counter control circuitry is arranged to maintain the first counter value as a binary value that indicates a magnitude of the first counter value, the first counter control circuitry comprising adder circuitry that is responsive to an adjustment value to update the first counter value by performing an addition operation to add the adjustment value to a current binary value of the first counter value, and to generate a carry out signal which is set when a carry out is generated by the addition operation.

Abstract: An apparatus has a processing pipeline (2) comprising an execute stage (30) and at least one front end stage (10), (20), (25) for controlling which micro operations are issued to the execute stage. The pipeline has an intra-core lockstep mode of operation in which the at least one front end stage (10), (20), (25) issues micro operations for controlling the execute stage (30) to perform main processing and checker processing. The checker processing comprises redundant operations corresponding to associated main operations of at least part of the main processing. Error handling circuitry (200), (210) is responsive to the detection of a mismatch between information associated with given checker and main operations to trigger a recovery operation to correct an error and continue forward progress of the main processing.

Abstract: Apparatuses and method are disclosed for protecting the integrity of data stored in a protected area of memory. Data in the protected area of memory is retrieved in data blocks and an authentication code is associated with a memory granule contiguously comprising a first data block and a second data block. Calculation of the authentication code comprises a cryptographic calculation based on a first hash value determined from the first data block and a second hash value determined from the second data block. A hash value cache is provided to store hash values determined from data blocks retrieved from the protected area of the memory. When the first data block and its associated authentication code are retrieved from memory, a lookup for the second hash value in the hash value cache is performed, and a verification authentication code is calculated for the memory granule to which that data block belongs.

Abstract: A method of operation concealment for a cryptographic system includes randomly selecting which one of at least two cryptographic operation blocks receives a key to apply a valid operation to data and outputs a result that is used for subsequent operations. Noise can be added by operating the other of the at least two cryptographic operation blocks using a modified key. The modified key can be generated by mixing the key with a block-unique-identifier, a device secret, a slowly adjusting output of a counter, or a combination thereof. In some cases, noise can be added to a cryptographic system by transforming input data of the other cryptographic operation block(s) by mixing the input data with the block-unique-identifier, device secret, counter output, or a combination thereof. A cryptographic system with operation concealment can further include a distributed (across a chip) or interweaved arrangement of subblocks of the cryptographic operation blocks.

Abstract: There is provided a data processing apparatus that includes memory circuitry that provides a physical address space, which is logically divided into a plurality of memory segments and stores a plurality of accessors with associated validity indicators. Each of the accessors controls access to a region of the physical address space in dependence on at least its associated validity indicator. Tracking circuitry tracks which of the memory segments contain the accessors and invalidation circuitry responds to a request to invalidate an accessor by determining a set of equivalent accessors with reference to the tracking circuitry, and invalidating the accessor and the equivalent accessors by setting the associated validity indicator of each of the accessor and the equivalent accessors to indicate that the accessor and the equivalent accessors are invalid.

Abstract: Analytics processing circuitry can include a data scavenger and a data analyzer coupled to receive the data from the data scavenger. The data scavenger collects data from at least one element of interest of a plurality of elements of interest of an IC. The data analyzer identifies patterns in the data from the data scavenger over a time frame or for a snapshot of time based on a predefined metric. The analytics processing circuitry can further include a moderator and a risk predictor. The risk predictor generates a risk assessment regarding whether the data collected by the data scavenger is indicative of normal behavior or abnormal behavior based at least on the output of the data analyzer and a behavioral model for the IC, which can be device and application specific. A threat response can be performed based on the risk assessment.

Abstract: A moderator system that can receive outputs of various stages of the security analytic framework and can receive input from external sources to provide information about emerging styles of attacks. One or more models/behavioral profiles can be curated by the moderator system, and the moderator system can provide updates to components of the security analytics framework.

Abstract: A processing system with a microarchitectural feature for mitigation of differential power analysis and electromagnetic analysis attacks can include a memory, a processor, and a mitigation response unit. The processor can include an instruction predictor that comprises a storage device for storing metadata associated with corresponding instruction blocks. The mitigation response unit is coupled to the instruction predictor to write and read the metadata associated with the corresponding instruction blocks. The mitigation response unit is configured to determine a mitigation technique for an instruction block based on an electromagnetic or power signature corresponding to execution of the instruction block and metadata associated with the instruction block.

Abstract: There is provided a data processing apparatus that includes memory circuitry that provides a physical address space, which is logically divided into a plurality of memory segments and stores a plurality of accessors with associated validity indicators. Each of the accessors controls access to a region of the physical address space in dependence on at least its associated validity indicator. Tracking circuitry tracks which of the memory segments contain the accessors and invalidation circuitry responds to a request to invalidate an accessor by determining a set of equivalent accessors with reference to the tracking circuitry, and invalidating the accessor and the equivalent accessors by setting the associated validity indicator of each of the accessor and the equivalent accessors to indicate that the accessor and the equivalent accessors are invalid.

Abstract: A data processing apparatus comprises branch prediction circuitry adapted to store at least one branch prediction state entry in relation to a stream of instructions, input circuitry to receive at least one input to generate a new branch prediction state entry, wherein the at least one input comprises a plurality of bits; and coding circuitry adapted to perform an encoding operation to encode at least some of the plurality of bits based on a value associated with a current execution environment in which the stream of instructions is being executed. This guards against potential attacks which exploit the ability for branch prediction entries trained by one execution environment to be used by another execution environment as a basis for branch predictions.

Abstract: A buffer (72), (74), (76), (60), (78), (20), (82-90) has a number of entries for buffering items associated with data processing operations. Buffer control circuitry (100) has a redundant allocation mode in which, on allocating a given item to the buffer, the item is allocated to two or more redundant entries of the buffer. On reading or draining an item from the buffer, the redundant entries are compared and an error handling response is triggered if a mismatch is detected. By effectively reducing the buffer capacity, this simplifies testing for faults in buffer entries.

Abstract: An apparatus comprising data processing circuitry for processing data in one of a plurality of operating states, an instruction decoder for decoding instructions and error checking circuitry for performing error checking operations. In response to a touch instruction being decoded by the instruction decoder, error checking operation is performed on selected architectural state. The architectural state is architecturally inaccessible to the operating state. As a result of the touch instruction, the architectural state remains unchanged, at least when no error is detected.

Abstract: An apparatus comprises capability checking circuitry 86 to perform a capability validity checking operation to determine whether use of a capability satisfies one or more use-limiting conditions. The capability comprises a pointer and pointer-use-limiting information specifying the one or more use-limiting conditions. The one or more use-limiting conditions comprise at least an allowable range of addresses for the pointer. In response to a capability write request requesting that a capability is written to a memory location associated with a capability write target address, when capability write address tracking is enabled, capability write address tracking circuitry 200 updates a capability write address tracking structure 100 based on the capability write target address.

Abstract: An apparatus and method are provided for maintaining a counter value. The apparatus has first counter control circuitry for maintaining a first counter value representing a first portion of a hybrid counter value, and second counter control circuitry for maintaining a second counter value representing a second portion of the hybrid counter value, wherein the second portion is a higher order portion of the hybrid counter value than the first portion. The first counter control circuitry is arranged to maintain the first counter value as a binary value that indicates a magnitude of the first counter value, the first counter control circuitry comprising adder circuitry that is responsive to an adjustment value to update the first counter value by performing an addition operation to add the adjustment value to a current binary value of the first counter value, and to generate a carry out signal which is set when a carry out is generated by the addition operation.