Abstract: In a data processing system having a processor and a memory protection unit (MPU), a method includes scheduling, in the processor, a new process to be executed; writing a process identifier (PID) corresponding to the new process into storage circuitry of the MPU; in response to updating the storage circuitry with the PID, configuring the MPU with region descriptors corresponding to the new process; configuring, by an operating system of the processor, the processor to execute the new process in parallel with the configuring the MPU with the region descriptors; and when the configuring the MPU is complete, giving control to the new process to execute on the processor.

Abstract: A device is disclosed. The device includes a read-only memory (ROM), a random key generator, a lifecycle controller, an access port and a processor. The processor is configured, based on a lifecycle status, to cause the random key generator to generate a secret key and store the secret key in the ROM. The lifecycle controller is configured to disable an external access via the access port until the secret key is stored in the ROM.

Abstract: A technique that reduces the startup time of a processing system authenticates a proxy for an image stored in tracked memory instead of authenticating the image stored in the tracked memory. A controller generates an alteration log authentication code based on an alteration log that is updated prior to programming the image stored in tracked memory. The controller records an alteration log authentication code in secure memory. The alteration log is indirectly related to a most recent image stored in the tracked memory. Authentication of the image of the alteration log is used as a proxy for authentication of the image stored in tracked memory, which is performed only when the tracked memory is modified. Use of the contents of the alteration log as a proxy for the contents of tracked memory accelerates the startup time of the system.

Abstract: An integrated circuit includes Controller Area Network (CAN) circuitry, and identifier (ID) filter circuitry coupled to the CAN circuitry and a CAN bus. The ID filter circuitry is configured to determine if a CAN message selected for transmission by the CAN circuitry should be blocked based on an ID of the selected CAN message. In response to determining that the selected message should not be blocked, the CAN circuitry broadcasts the selected message to all CAN nodes coupled to the CAN bus. In response to determining that the selected message should be blocked, the selected message is not transmitted to the CAN bus.

Abstract: A technique for providing access to a first storage structure of a system includes exposing a first key of a plurality of first keys stored in a second storage structure in response to a select code based on a plurality of corresponding select records stored in one-time programmable storage elements of the second memory structure. The technique includes providing the first key as a current first key of a memory access controller. Only one of the plurality of first keys stored in the second storage structure may be exposed at a time and other first keys of the plurality of first keys stored in the second storage structure are inaccessible from the second storage structure at the time.

Abstract: A hardware security module (HSM) transitions a first signal from a first state to a second state and transitions a second signal from a first state to a second state when a request to change boot code is received. In response to receipt of a boot request, the HSM, when the first signal is in the first state and the second signal is in the first state: does not execute the hash function; and maintains the second signal in the first state. An actuator control module, in response to the receipt of the boot request: executes the boot code when the second signal is in the first state; and does not execute the boot code when the second signal is in the second state.

Abstract: A reconfigurable register device includes an arrangement of storage elements arranged sequentially in a chain structure. Each storage element stores a state of a binary signal. A combinatorial logic circuitry connectable to the arrangement of storage elements enables the arrangement of storage elements to form a binary synchronous counter. A bypass logic circuitry connectable to the arrangement of storage elements enables the arrangement of storage elements to form a serial shift register. A switching circuitry has a mode signal input terminal receiving a mode signal indicative of at least one of a counter mode and a shift register mode. The switching circuitry is configured to connect the arrangement of storage elements to the combinatory logic circuitry if the mode signal indicates the counter mode, and to connect the arrangement of storage elements to the bypass logic circuitry if the mode signal indicates the shift register mode.

Abstract: In a data processing system having a processor and a memory protection unit (MPU), a method includes scheduling, in the processor, a new process to be executed; writing a process identifier (PID) corresponding to the new process into storage circuitry of the MPU; in response to updating the storage circuitry with the PID, configuring the MPU with region descriptors corresponding to the new process; configuring, by an operating system of the processor, the processor to execute the new process in parallel with the configuring the MPU with the region descriptors; and when the configuring the MPU is complete, giving control to the new process to execute on the processor.

Abstract: A technique that reduces the startup time of a processing system authenticates a proxy for an image stored in tracked memory instead of authenticating the image stored in the tracked memory. A controller generates an alteration log authentication code based on an alteration log that is updated prior to programming the image stored in tracked memory. The controller records an alteration log authentication code in secure memory. The alteration log is indirectly related to a most recent image stored in the tracked memory. Authentication of the image of the alteration log is used as a proxy for authentication of the image stored in tracked memory, which is performed only when the tracked memory is modified. Use of the contents of the alteration log as a proxy for the contents of tracked memory accelerates the startup time of the system.

Abstract: A hardware security module (HSM) transitions a first signal from a first state to a second state and transitions a second signal from a first state to a second state when a request to change boot code is received. In response to receipt of a boot request, the HSM, when the first signal is in the first state and the second signal is in the first state: does not execute the hash function; and maintains the second signal in the first state. An actuator control module, in response to the receipt of the boot request: executes the boot code when the second signal is in the first state; and does not execute the boot code when the second signal is in the second state.

Abstract: A reconfigurable register device includes an arrangement of storage elements arranged sequentially in a chain structure. Each storage element stores a state of a binary signal. A combinatorial logic circuitry connectable to the arrangement of storage elements enables the arrangement of storage elements to form a binary synchronous counter. A bypass logic circuitry connectable to the arrangement of storage elements enables the arrangement of storage elements to form a serial shift register. A switching circuitry has a mode signal input terminal receiving a mode signal indicative of at least one of a counter mode and a shift register mode. The switching circuitry is configured to connect the arrangement of storage elements to the combinatory logic circuitry if the mode signal indicates the counter mode, and to connect the arrangement of storage elements to the bypass logic circuitry if the mode signal indicates the shift register mode.

Abstract: A semiconductor device includes, in various embodiments, a memory and a processor, with the processor configured to perform a permission check prior to execution of a memory-access instruction. The permission check comprises evaluating a permission attribute of the memory-access instruction and a permission attribute of a memory location to be accessed. The memory-access instruction is denied unless the permission attribute of the memory-access instruction is compatible with the permission attribute of the memory location to be accessed. In various embodiments, permission attributes are obtained by the processor from a one-time-programmable (OTP) memory module. In various embodiments, the permission attributes are determined based on a source address of the memory-access instruction and an address of the memory location to be accessed. In various embodiments, the OTP memory module stores permission settings that are based on the identity of suppliers for various portions of code stored in the memory.

Abstract: A technique for providing access to a first storage structure of a system includes exposing a first key of a plurality of first keys stored in a second storage structure in response to a select code based on a plurality of corresponding select records stored in one-time programmable storage elements of the second memory structure. The technique includes providing the first key as a current first key of a memory access controller. Only one of the plurality of first keys stored in the second storage structure may be exposed at a time and other first keys of the plurality of first keys stored in the second storage structure are inaccessible from the second storage structure at the time.

Abstract: A semiconductor device includes, in various embodiments, a memory and a processor, with the processor configured to perform a permission check prior to execution of a memory-access instruction. The permission check comprises evaluating a permission attribute of the memory-access instruction and a permission attribute of a memory location to be accessed. The memory-access instruction is denied unless the permission attribute of the memory-access instruction is compatible with the permission attribute of the memory location to be accessed. In various embodiments, permission attributes are obtained by the processor from a one-time-programmable (OTP) memory module. In various embodiments, the permission attributes are determined based on a source address of the memory-access instruction and an address of the memory location to be accessed. In various embodiments, the OTP memory module stores permission settings that are based on the identity of suppliers for various portions of code stored in the memory.

Abstract: A method for tracking alteration of a non-volatile storage includes receiving a request to modify a tracked region of the non-volatile storage. In response to the request, it is determined whether or not a modification of data stored in a non-erasable one-time programmable (NEOTP) alteration log region has occurred. In response to determining that the modification of the data stored in the NEOTP alteration log region has occurred, the tracked region of non-volatile storage is modified in response to the request. In response to determining that the modification of the data stored in the NEOTP alteration log region has not occurred, the request to modify the tracked region of the non-volatile memory is denied.

Abstract: A method for tracking alteration of a non-volatile storage includes receiving a request to modify a tracked region of the non-volatile storage. In response to the request, it is determined whether or not a modification of data stored in a non-erasable one-time programmable (NEOTP) alteration log region has occurred. In response to determining that the modification of the data stored in the NEOTP alteration log region has occurred, the tracked region of non-volatile storage is modified in response to the request. In response to determining that the modification of the data stored in the NEOTP alteration log region has not occurred, the request to modify the tracked region of the non-volatile memory is denied.

Abstract: A method includes providing an effective address, providing an address space identifier which identifies a currently executing process, providing a mapping modifier to form a modified address space identifier where the mapping modifier is based on at least one external signal generated outside the processor, using the effective address and the modified address space identifier to form a logical address, and providing a physical address corresponding to the logical address. When the effective address has a first effective address value, the address space identifier has a first address space identifier value, and the mapping modifier has a first mapping value, the physical address has a first physical address value. When the effective address has the first effective address value, the address space identifier has the first address space identifier value, and the mapping modifier has a second mapping value, the physical address has a second physical address value.

Abstract: In a processor having an address translation table, a method includes providing a logical address and control signal. When the control signal has a first value, a first physical address is provided corresponding to the logical address, and when the control signal has a second value, a second physical address is provided. The first physical address and the second physical address are stored in at least one valid entry of the address translation table. In one case, the first physical address is stored in a first valid entry having a tag field which matches the logical address and the second physical address is stored in a second valid entry having a tag field which matches the logical address. Alternatively, the first physical address is stored in a first field of a first valid entry and the second physical address is stored in a second field of the first valid entry.

Abstract: In a processor having an address translation table, a method includes providing a logical address and control signal. When the control signal has a first value, a first physical address is provided corresponding to the logical address, and when the control signal has a second value, a second physical address is provided. The first physical address and the second physical address are stored in at least one valid entry of the address translation table. In one case, the first physical address is stored in a first valid entry having a tag field which matches the logical address and the second physical address is stored in a second valid entry having a tag field which matches the logical address. Alternatively, the first physical address is stored in a first field of a first valid entry and the second physical address is stored in a second field of the first valid entry.

Abstract: A method includes providing an effective address, providing an address space identifier which identifies a currently executing process, providing a mapping modifier to form a modified address space identifier where the mapping modifier is based on at least one external signal generated outside the processor, using the effective address and the modified address space identifier to form a logical address, and providing a physical address corresponding to the logical address. When the effective address has a first effective address value, the address space identifier has a first address space identifier value, and the mapping modifier has a first mapping value, the physical address has a first physical address value. When the effective address has the first effective address value, the address space identifier has the first address space identifier value, and the mapping modifier has a second mapping value, the physical address has a second physical address value.