Abstract: Methods and systems for protection of customer secrets in a secure reprogrammable system are disclosed, and may include controlling, via hardware logic and firmware, access to customer specific functions. The firmware may comprise trusted code, and may comprise boot code, stored in non-volatile memory, which may comprise read only memory, or a locked flash memory. A customer mode may be checked via the trusted code prior to allowing downloading of code written by a customer to the reprogrammable system. Access to customer specific functions may be restricted via commands from a trusted source. The hardware logic may be latched at startup in a disabled mode by the firmware, determined by the customer mode stored in a one time programmable memory. The customer mode may be re-checked utilizing the firmware, and may disallow the use of code other than trusted code in the reprogrammable system when the re-checking fails.

Abstract: Methods and systems for allowing customer or third party testing of secure programmable code are disclosed and may include verifying code loaded in a set-top box utilizing a test hash or a production hash prior to execution of the code, where the test hash and production hash may be stored in a memory, such as an OTP, within the set-top box, and may allow migration from corresponding test code to production code, which may be verified utilizing the test hash and production hash, respectively. The test and production hashes may be customer specific. The migration from test code to production code may be authenticated using at least a set-top box specific password. The test hash may be stored in a first portion of a one-time programmable memory and the production hash in a remaining portion, with the first portion being less than or equal to the remaining portion.

Abstract: Methods and systems for software security in a secure communication system are disclosed and may include verifying downloaded code in a reprogrammable system and reloading prestored unmodifiable first stage code upon failure. The prestored unmodifiable first stage code, which may comprise boot code for the reprogrammable system, may be stored in locked flash, and the downloaded software code may be stored in unlocked flash. The downloaded software code may be verified by comparing a signature of the downloaded code to a private key. A first sticky bit may be utilized to indicate a failure of the verification and a second sticky bit may be utilized to indicate passing of the verification and the use of the downloaded software code. Whether to reset the reprogrammable system and reload the prestored unmodifiable first stage code may be determined from within the reprogrammable system, which may comprise a set-top box.

Abstract: Methods and systems for preventing revocation denial of service attacks are disclosed and may include receiving and decrypting a command for revoking a secure key utilizing a hidden key, and revoking the secure key upon successful verification of a signature. The command may comprise a key ID that is unique to a specific set-top box. A key corresponding to the command for revoking the secure key may be stored in a one-time programmable memory, compared to a reference, and the security key may be revoked based on the comparison. The command for revoking the secure key may be parsed from a transport stream utilizing a hardware parser. The method and system may also comprise generating a command for revoking a secure key. The command may be encrypted and signed utilizing a hidden key and may comprise a key ID that is unique to a specific set-top box.

Abstract: Segmenting a boot code to allow separate and independent storage and validation of the segments in a manner that enable secure system boot by autonomous fetching and assembling of the boot code by a security sub-system. The code fetching may need to be done without the main CPU running on the chip for security reasons. Because the boot code may be stored in memory devices that require special software application to account for non-contiguous storage of data and/or code, for example a NAND flash memory which would require such an application as Bad Block Management, code segments stored in areas guaranteed to be usable may enable loading and validating remaining segment separately and independently.

Abstract: Methods and systems are disclosed for decrypting segmented code of varying segment lengths wherein each segment of code may be protected with a different set of decryption parameters. Sets of decryption parameter information may be embedded subsequent to and contiguous with corresponding code segments. Sets of decryption algorithm parameter information may comprise: decryption key information, IV bit, initialization vector information and code segment length. The decryption key information may comprise an index to a key table. The key table may be stored using combinatorial logic. Successive blocks of information may be decrypted with an initialization vector and/or with a decrypted output from a preceding decrypted block of information. Decryption parameter information corresponding to a current segment of code may be decrypted with a preceding segment of code.

Abstract: A stored predefined unmodifiable bootable code set may be verified during code reprogramming of a device, and executed as a first stage of code reprogramming of the device. The predefined unmodifiable bootable code set may be stored in a locked memory such as a locked flash memory and may comprise code that enables minimal communication functionality of the device. The predefined unmodifiable bootable code set may be verified using a security algorithm, for example, a SHA-based algorithm. Information necessary for the security algorithm may be stored in a memory, for example, a one-time programmable read-only memory (OTP ROM). The stored information necessary for the security algorithm may comprise a SHA digest, a signature, and/or a key. A second stage code set may be verified and executed during the code reprogramming of the device subsequent to the verification of the stored predefined unmodifiable bootable code set.

Abstract: Aspects of a method and system for command authentication to achieve a secure interface are provided. Command authentication between a host and a slave device in a multimedia system may be achieved by on-the-fly pairing or by an automatic one-time-programming via a security processor. In an on-the-fly pairing scheme, the host may generate a host key based on a host root key and host control words while the slave may generate slave key based the host key, a slave root key and slave control words. The slave key may be stored and later retrieved by the slave device to obtain the host key for authenticating host commands. The host may be disabled from generating and/or passing the host key to the slave. In an automatic one-time-programming scheme, the security processor may burn a random number onto a one-time-programmable memory in the host and slave devices for command authentication.

Abstract: Aspects of a method and system for memory attack protection to achieve a secure interface are provided. An integrated memory within a slave device may be configured into a plurality of memory portions or regions by commands from a host device. The memory regions may be utilized during operations associated with authentication of subsequent commands from the host device. A first memory region may enable storage of encrypted host commands and data. A second region may enable storage of decrypted host commands and data. A third region may enable storage of internal variables and/or intermediate results from operations performed by the slave device. Another region may comprise internal registers that enable storage of information only accessible to the slave device. Access to some of the memory regions may be controlled by a bus controller and/or a memory interface integrated within the slave device.

Abstract: Aspects of a method and system for command interface protection to achieve a secure interface are provided. A host device may encrypt a command based on a key index generated within the host device, a host device key, a command count, a random number from a slave device, at least one host control word, and a host variable value. The encrypted command may be communicated to the slave device where it may be decrypted based on the key index, the host device key decrypted from a slave device key generated by the slave device, the command count, the random number, at least one slave control word, and a slave variable value. The key index may be utilized in the host and slave devices to select a master key from a key table from which generational derivatives may be generated for command encryption and decryption respectively.

Abstract: A method and system are provided for flexible mapping of AV vs. Record channels in a programmable transport demultiplexer/PVR engine. The method may involve processing a portion of an incoming packet, which may result in a partially processed packet. The preprocessing may comprise extracting information from the packet to configure parameters associated with the packet and storing the configured parameters in memory. The configured parameters may be based on the type of the packet, AV v. Record, and used to configure the channels used to transport the packets to decoders and Record engines, respectively. The number of channels used for AV data and the number of channels used for Record data may vary depending on the needs of the system.

Abstract: In one embodiment, there is presented a method for processing data. The method comprises receiving a plurality of packets, wherein each packet comprises a payload, and wherein the plurality of packets carry video data encoded in accordance with an encoding standard from a plurality of encoding standards; identifying encoding standards encoding the video data carried in the payloads of the plurality of packets; and inserting identifiers that identify the encoding standard encoding the video data carried in the payloads of the plurality of packets into the plurality of packets.

Abstract: A system and a method for protecting the security of data stored externally to a data processing engine of a data processor using at least one secure pad memory that is mapped to internal memory of the data processing engine and to the external memory. The memory data protection system and method performs an arithmetic operation, such as a bitwise exclusive OR (“XOR”) operation, on data being read from the data processing engine or written to the external memory using data stored in secure pads of the secure pad memory, which data may be random numbers generated by a random number generator.

Abstract: A method and system are provided for using generic comparators with firmware interface to assist video/audio decoders in achieving frame sync. The method may involve processing a portion of an incoming packet by hardware components, which may result in a partially processed packet. The incoming packet may comprise audio, video, and/or record data. The partially processed packet may then be completely processed by firmware and sent to decoders if comprising audio/video data or to a record engine if comprising record data. Generic comparators may be utilized with the incoming packet to search for data patterns associated with synchronization information within the packet. The extracted data patterns may be sent to the firmware to utilize while processing the partially processed packet. The firmware may send synchronization information determined based on the extracted data patterns to aid decoders in decoding audio and video content.

Abstract: Presented herein are system(s) for demultiplexing, merging, and duplicating packetized elementary stream/program stream/elementary stream data. In one embodiment, there is presented a system for processing data. The system comprises a first circuit and a memory. The first circuit receives transport packets carrying the data. The memory stores data and comprises at least one context. The first circuit maps the data associated with at least one channel to the at least one context.

Abstract: A method and system are provided for architecture of a very fast programmable transport demultiplexer using a double-buffered approach. The method may involve utilizing a hardware assist block to process incoming packets, retrieve information about the packets, and write the retrieved information to a memory block. A firmware block may then utilize the information in memory to perform further processing on the packet data. The firmware and hardware assist blocks may work simultaneously so as to speed up the processing of the packet, which can comprise record data and/or audio/video data. The system may comprise the hardware assist block, the firmware assist block, and a memory block.

Abstract: A method and system are provided for sharing AV/record resources in a programmable transport/demultiplexer and personal video recorder (PVR) engine. The method may involve utilizing hardware assist architecture to partially process incoming packets, retrieve information about the packets, and write the retrieved information to a memory. A processor programmed with firmware may then utilize the information in memory to perform further processing on the packet data. The processor programmed with firmware may then set up configuration parameters that may be used by the hardware assist architecture to further process the packet. The parameters may be configured such that they may be independent of the format of the packet, where the hardware assist architecture functions may be utilized for processing packets regardless of their format. The system may comprise the hardware assist architecture, the processor programmed with firmware, and a memory.

Abstract: Presented herein are method(s) and apparatus for demultiplexing, merging, and duplicating packetized elementary stream/program stream/elementary stream data. In one embodiment, there is presented a method for processing data. The method comprises receiving a bitstream wherein said bitstream comprises a plurality of streams; mapping the plurality of streams to a plurality of identifiers; packetizing the plurality of streams, thereby resulting in a plurality of packets, and wherein each packet further comprises: a portion of only one of the plurality of streams; and a particular one of the identifiers, wherein the particular one of the identifiers is mapped to the only one of the plurality of streams.

Abstract: A method and system are provided for providing data commonality in a programmable transport demultiplexer engine. The method may involve utilizing a hardware assist block to process a portion of an incoming data packet, which may result in a partially processed data packet. The data packet may comprise data in any one of video formats and/or audio formats. A firmware block may then execute a plurality of instructions to process the partially processed data packet. The plurality of instructions may be independent of video and/or audio formats associated with the data packet.