US20140157001A1 - Secure testing of semiconductor device - Google Patents

Secure testing of semiconductor device Download PDF

Info

Publication number
US20140157001A1
US20140157001A1 US13/846,718 US201313846718A US2014157001A1 US 20140157001 A1 US20140157001 A1 US 20140157001A1 US 201313846718 A US201313846718 A US 201313846718A US 2014157001 A1 US2014157001 A1 US 2014157001A1
Authority
US
United States
Prior art keywords
secure portion
tester
semiconductor device
testing
processor
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US13/846,718
Inventor
Mark Leonard Buer
Norayr Norik Dzhendzhapanyan
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Avago Technologies International Sales Pte Ltd
Original Assignee
Broadcom Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Broadcom Corp filed Critical Broadcom Corp
Priority to US13/846,718 priority Critical patent/US20140157001A1/en
Assigned to BROADCOM CORPORATION reassignment BROADCOM CORPORATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: BUER, MARK LEONARD, DZHANDZHAPANYAN, NORAYR NORIK
Publication of US20140157001A1 publication Critical patent/US20140157001A1/en
Assigned to BANK OF AMERICA, N.A., AS COLLATERAL AGENT reassignment BANK OF AMERICA, N.A., AS COLLATERAL AGENT PATENT SECURITY AGREEMENT Assignors: BROADCOM CORPORATION
Assigned to AVAGO TECHNOLOGIES GENERAL IP (SINGAPORE) PTE. LTD. reassignment AVAGO TECHNOLOGIES GENERAL IP (SINGAPORE) PTE. LTD. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: BROADCOM CORPORATION
Assigned to BROADCOM CORPORATION reassignment BROADCOM CORPORATION TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENTS Assignors: BANK OF AMERICA, N.A., AS COLLATERAL AGENT
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/76Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in application-specific integrated circuits [ASIC] or field-programmable devices, e.g. field-programmable gate arrays [FPGA] or programmable logic devices [PLD]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1408Protection against unauthorised use of memory or access to memory by using cryptography
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/572Secure firmware programming, e.g. of basic input output system [BIOS]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Definitions

  • the technical field of the present disclosure relates to information security and, in particular to secure testing of semiconductor devices.
  • Maintaining security in processors can be critical for various reasons. Such security may be desirable to maintain secrecy of certain aspects of proprietary code, prevent malicious code from interfering with processing and avoid unintended interaction with other processing code.
  • FIG. 1 is an example schematic representation of a manufacturing flow
  • FIG. 2 is an example schematic representation of another manufacturing flow
  • FIG. 3 is a flow chart illustrating an example delivery of secure processing code in the manufacturing flows of FIGS. 1 and 2 ;
  • FIG. 4 is an example schematic representation of a testing arrangement
  • FIG. 5 is an example schematic representation of another testing arrangement.
  • FIG. 6 is a flow chart of an example testing process.
  • a semiconductor device such as a chip or chipset, that may be used in various communication devices.
  • Semiconductor devices may include various components, such as circuitry, memory, etc.
  • Some semiconductor devices may include an embedded flash memory which may be used to store various processing code, for example.
  • a semiconductor device such as a chip or a chipset
  • an external flash memory may be coupled to the semiconductor device subsequent to fabrication and testing of the semiconductor device.
  • the embedded flash memory may be included in the semiconductor device prior to testing.
  • a controlled or certified manufacturing flow arrangement 100 may be used to design, fabricate and test semiconductor devices.
  • the flow arrangement 100 begins with the design of the physical circuitry, processing code and other components and/or functionality of a semiconductor device in a secure zone 110 .
  • the secure zone 110 may be a physical or virtual location with access limited to certain individuals and/or entities.
  • design information of a semiconductor device may be transmitted to a fabrication facility 140 .
  • the design information may be transmitted via a stream of data in, for example, a graphic data system (GDS-II) format.
  • the fabrication facility 140 may produce semiconductor devices that are then delivered to a testing facility 150 .
  • the secure zone 110 , fabrication facility 140 and the testing facility 150 may be remotely located to each other, or two or more facilities may be co-located.
  • a secure processing code also known as an image
  • the encrypted image 130 may include, for example, operating system patches for customization of the destination semiconductor device.
  • the encrypted image 130 may also include, without limitation, customized or pre-personalized applets or confidential customer data.
  • the code is encrypted using the Triple Data Encryption Standard (3DES) algorithm.
  • 3DES Triple Data Encryption Standard
  • an identifier associated with a device or a set of devices may be used in the encryption process. For example, a serial number or a set of serial numbers may be used as the identifier.
  • the fabricated semiconductor devices are delivered to testing facility 150 from the fabrication facility 140 for testing.
  • a hardware security module (HSM) 120 containing certain encryption keys may be delivered to the testing facility.
  • the HSM 120 may be a hardware component which includes encryption keys associated with the encrypted image 130 .
  • the encryption keys may be used for testing of a secure portion of a semiconductor device using the HSM.
  • the semiconductor devices s are tested by operators at the testing facility 150 through one or more tests 152 .
  • the HSM places (e.g., writes, stores or injects) the encryption keys into the semiconductor device 154 .
  • the keys may be injected into a secure portion of the semiconductor device.
  • the semiconductor devices, such as the semiconductor device 190 may then be delivered to an original equipment manufacturer (OEM) 160 for implementing, for example, into a communication device.
  • OEM original equipment manufacturer
  • the encrypted image 130 is typically stored on a flash memory.
  • the semiconductor device design may not include an embedded flash memory. Accordingly, in accordance with the illustrated example of FIG. 1 , the encrypted image 130 is transmitted to the OEM 160 for storage in a memory device, such as an external flash memory 170 .
  • the semiconductor device 190 fabricated using the manufacturing flow 100 to the OEM 160 includes a non-secure portion 192 , also referred to herein as a peripheral processing system (PPS), and a secure portion 194 , also referred to herein as a secure processing system (SPS).
  • the secure portion 194 may include functionality associated with secure processing by the semiconductor device 190 .
  • the secure portion 194 may include the encryption keys injected into the semiconductor device 190 by the HSM 120 .
  • the encrypted image 130 received by the OEM 160 may be written to the flash memory 170 through the non-secure portion 192 of the semiconductor device 190 (arrow 182 ).
  • the encrypted image 130 in the flash memory 170 may be verified by decrypting the encrypted image in the secure portion 194 of the semiconductor device 190 using the encryption keys injected into the secure portion 194 (arrow 184 ).
  • code may be provided in the secure portion 194 to perform the decryption using the encryption keys.
  • the semiconductor device 190 may be securely customized, or pre-personalized, in the secure zone.
  • the encrypted image 130 may be associated with a specific semiconductor device, and the encryption keys used to decrypt the encrypted image at the secure portion 194 of the semiconductor device 190 may also be accordingly associated with the specific semiconductor device.
  • the encryption keys may be associated with, for example, a serial number of the target semiconductor device.
  • the secure portion 194 may then re-encrypt the image for writing to the flash memory 170 (arrow 186 ).
  • the re-encryption by the secure portion 194 may be accomplished using encryption keys that may be generated by the secure portion 194 and that may be unique to each semiconductor device.
  • the encrypted image 130 may be securely delivered to an external flash memory 170 .
  • the encrypted image 130 may be written to a flash memory 170 during, for example, manufacture of the flash memory 170 .
  • the encrypted image 130 may be delivered to a manufacturer of the flash memory 170 or to a post-manufacturing entity of the flash memory 170 .
  • the flash memory 170 with the encrypted image 130 may then be delivered to the OEM 160 for association with the semiconductor device 190 (e.g., installation on a user equipment having the semiconductor device 190 ).
  • the semiconductor device 190 e.g., installation on a user equipment having the semiconductor device 190 .
  • the secure portion 194 of the semiconductor device 190 may decrypt and verify the encrypted image 130 (arrow 184 ) and re-encrypt the decrypted image using encryption keys generated by the secure portion 194 for writing back onto the flash memory 170 (arrow 186 ).
  • the image may be encrypted with an encryption key (block 10 ) at, for example, a secure zone 110 .
  • an encryption key block 10
  • the encrypted image is delivered to an OEM (block 12 ), where the encrypted image may be written on a flash memory that is embedded in a user equipment having a semiconductor device associated with the encrypted image (block 14 ).
  • the flash memory may be external to a semiconductor device that is delivered to the OEM.
  • the encrypted image is written to a flash memory (block 16 ) during, for example, manufacturing of the flash memory.
  • the flash memory with the encrypted image may then be delivered to the OEM for coupling to a semiconductor device (block 18 ).
  • the encrypted image may be decrypted in a secure portion of the semiconductor device (block 20 ) by, for example, code provided in the secure portion to perform decryption using the encryption key.
  • the semiconductor device may be provided with the encryption key used to decrypt the image for verification, for example.
  • the secure portion of the semiconductor device may then re-encrypt the decrypted image (block 22 ) for re-writing the re-encrypted image to the flash memory (block 24 ).
  • the re-encryption of the decrypted image may be accomplished using any of a variety of encryption techniques.
  • the encryption keys used for the re-encryption may be generated by the secure portion of the semiconductor device to provide additional security.
  • the encryption keys since the encryption keys are generated by the secure portion and may be unique to each semiconductor device, the encryption keys may be unknown to any other entity and may thus be unbreakable.
  • the semiconductor devices may be delivered from the fabrication facility 140 to a testing facility 150 .
  • Such testing facilities may be used to test various devices, such as semiconductor devices. Further, such testing facilities may be used to test devices that may have secure and non-secure portions.
  • Traditional testing may use a test key which may serve as an encryption key used during the testing.
  • the test key may be embedded on the device, such as a semiconductor device, which may be referred to during testing as a device under test (DUT).
  • DUT device under test
  • sensitive information such as test keys or encryption keys to be injected into a secure portion
  • test keys may include encryption keys that are used specifically for testing of the DUT and may not be injected into the DUT for any later use.
  • other encryption keys that are injected into the secure portion may be used to decrypt and verify an encrypted image, as described above.
  • all sensitive information is securely removed from the tester 210 .
  • the tester 210 is shown connected to a load board 220 .
  • the load board 220 may accommodate one or more DUTs, such as the semiconductor device 190 .
  • the semiconductor device 190 includes a non-secure portion 192 and a secure portion 194 .
  • the load board 220 may further accommodate one or more HSMs, such as HSM 120 .
  • FIG. 4 illustrates a load board 220 having a single semiconductor device 190 and a single HSM 120
  • various examples may include any desired number of semiconductor devices and any appropriate number of HSMs.
  • the HSM 120 illustrated in FIG. 4 is provided with a first interface 124 for communication with the semiconductor device 190 and a second interface 126 for communication with the tester 210 .
  • the HSM 120 may also include a processor, such as a secure testing processor 122 , configured to perform various functions such as, for example, perform testing of the secure portion 194 of the semiconductor device 190 , as described below. Further, the secure testing processor 122 may also be configured to control operation of the HSM 120 and control communication with the semiconductor device 190 and/or the tester 210 . The secure testing processor 122 may also be provided with a memory for storage, for example, of data such as encryption keys.
  • the testing of the non-secure portion 192 may be performed by the tester 210
  • testing of the secure portion 194 may be performed by the HSM 120 without providing access to the secure portion to the tester 210 .
  • the HSM 120 may allow direct communication between the tester 210 and the non-secure portion 192 of the semiconductor device 190 .
  • the tester 210 may send signals to and receive signals from the non-secure portion 192 of the semiconductor device 190 , as illustrated by the line 224 in FIG. 4 .
  • the direct communication between the non-secure portion 192 and the tester 210 may be performed through the HSM 120 , through the interfaces 124 , 126 .
  • the HSM 120 may server merely as a conduit for the communication between the non-secure portion 194 and the tester 210 .
  • the communication between the non-secure portion 194 and the tester 210 may completely bypass the HSM 120 .
  • the secure portion 194 may be isolated from the tester 210 . As illustrated in the example of FIG. 4 , the testing of the secure portion 194 may be performed by the secure testing processor 122 of the HSM 120 . In this regard, the HSM 120 or the secure testing processor 122 may be provided with secure testing keys which may be delivered (e.g., injected or installed) into the secure portion 194 for purposes of testing. Any necessary testing of the secure portion 194 may be performed by the secure testing processor 122 of the HSM 120 with communication through the first interface 124 , as illustrated by the line 222 in FIG. 4 .
  • the results of the testing of the secure portion 194 may be communicated to the tester 210 by the HSM 120 through the second interface 126 as, for example, a simple pass or fail indication.
  • the result may be communicated as a 1-bit signal where a “0” is indicative of a pass and a “1” is indicative of a fail (or vice versa).
  • the tester 210 may test the non-secure portion 192 by commanding the HSM 120 to position a relay 230 to allow direct communication between the tester 210 and the non-secure portion 192 of the semiconductor device 190 .
  • the HSM 120 may position the relay 230 to a tester input/output position 234 .
  • the tester 210 may command the HSM 120 to switch the relay 230 to an interface 232 between the HSM 120 and the semiconductor device 190 .
  • the HSM 120 may then establish a secure channel with the secure portion 194 using a test key.
  • the secure portion 192 and the non-secure portion 194 may be tested in any order. For example, in some cases, the non-secure portion 194 may be tested first, while in other cases, the secure portion 192 may be tested first.
  • the testing of the secure portion 194 may be performed under the control of the HSM 120 .
  • the HSM may inject the secure testing keys into the secure portion 194 .
  • the HSM 120 may communicate the results of the testing of the secure portion 194 to the tester 210 with a simple indication of “pass” or “fail”.
  • the indication may be a 1-bit signal.
  • the load board Upon completion of the testing, the load board is removed from the tester. Along with the load board, all secure information (e.g., the secure portion 194 of the semiconductor device 190 and the test keys for testing of the secure portion) are also removed. Thus, the tester 210 is never provided with access to any secure information. For example, the test keys and encryption keys provided in the HSM 120 are kept isolated from the tester 210 .
  • a semiconductor device may be coupled to an HSM through a first interface (block 610 ).
  • the semiconductor device 190 shown in FIGS. 4 and 5 may be coupled to the HSM 120 through the first interface 124 .
  • a tester may be coupled to the HSM through a second interface (block 612 ).
  • the tester 210 may be coupled to the load board 220 and the HSM 120 through the second interface 126 .
  • the secure portion of the semiconductor device may then be tested by the HSM using a test key which may have been provided with the HSM (block 614 ).
  • a test key which may have been provided with the HSM
  • test keys and/or other secure information may be provided in the HSM 120 .
  • all secure information is kept isolated from the tester.
  • a simple “pass” or “fail” indication of the results of the testing of the secure portion may be communicated by the HSM 120 to the tester 210 through the second interface 126 .
  • the HSM may inject encryption keys into the secure portion (block 616 ).
  • the HSM may include secure information, such as encryption keys, that are injected into the secure portion. Again, this allows isolation of all secure information from the tester during testing.
  • the encryption keys may be used to decrypt processing code, such as the encrypted image 130 , as illustrated by the arrow 184 in FIGS. 1 and 2 .
  • the HSM may position a relay switch, such as relay switch 230 of FIG. 5 , to allow direct communication between the non-secure portion of the semiconductor device and the tester (block 618 ). As noted above, this allows the tester to test the non-secure portion of the semiconductor device (block 620 ).
  • the positioning of the relay switch by the HSM may be in response to commands from the tester, for example. While FIG. 6 illustrates an example in which the secure portion is tested before the non-secure portion, those skilled in the art will appreciate that the order of testing may be reversed. For example, the non-secure portion may be tested and then the relay switch may be positioned to allow the processor of the HSM to test the secure portion.
  • the secure portion of the semiconductor device may be tested and various keys (e.g., encryption keys) may be provided to the secure portion in a secure manner without the need for placing the tester in a secure location.
  • the various diagrams may depict an example architectural or other configuration for the various embodiments, which is done to aid in understanding the features and functionality that can be included in embodiments.
  • the present disclosure is not restricted to the illustrated example architectures or configurations, and the desired features can be implemented using a variety of alternative architectures and configurations. Indeed, it will be apparent to one of skill in the art how alternative functional, logical or physical partitioning and configurations can be implemented to implement various embodiments. Also, a multitude of different constituent module names other than those depicted herein can be applied to the various partitions. Additionally, with regard to flow diagrams, operational descriptions and method claims, the order in which the steps are presented herein shall not mandate that various embodiments be implemented to perform the recited functionality in the same order unless the context dictates otherwise.
  • various embodiments described herein are described in the general context of method steps or processes, which may be implemented in one embodiment by a computer program product, embodied in, e.g., a non-transitory computer-readable memory, including computer-executable instructions, such as program code, executed by computers in networked environments.
  • a computer-readable memory may include removable and non-removable storage devices including, but not limited to, Read Only Memory (ROM), Random Access Memory (RAM), compact discs (CDs), digital versatile discs (DVD), etc.
  • program modules may include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types.
  • Computer-executable instructions, associated data structures, and program modules represent examples of program code for executing steps of the methods disclosed herein. The particular sequence of such executable instructions or associated data structures represents examples of corresponding acts for implementing the functions described in such steps or processes.
  • module can describe a given unit of functionality that can be performed in accordance with one or more embodiments.
  • a module might be implemented utilizing any form of hardware, software, or a combination thereof.
  • processors, controllers, application-specific integrated circuits (ASICs), programmable logic arrays (PLAs), programmable array logic (PALs), complex programmable logic devices (CPLDs), field-programmable gate arrays (FPGAs), logical components, software routines or other mechanisms might be implemented to make up a module.
  • ASICs application-specific integrated circuits
  • PLAs programmable logic arrays
  • PALs programmable array logic
  • CPLDs complex programmable logic devices
  • FPGAs field-programmable gate arrays
  • the various modules described herein might be implemented as discrete modules or the functions and features described can be shared in part or in total among one or more modules.

Abstract

A method includes testing, by a processor, a secure portion of a semiconductor device through a first interface between the processor and the semiconductor device; and sending, by the processor, a pass or fail indication of a result of the testing of the secure portion of the semiconductor device to the tester through a second interface between the processor and the tester.

Description

    TECHNICAL FIELD
  • The technical field of the present disclosure relates to information security and, in particular to secure testing of semiconductor devices.
    • BACKGROUND
  • Maintaining security in processors can be critical for various reasons. Such security may be desirable to maintain secrecy of certain aspects of proprietary code, prevent malicious code from interfering with processing and avoid unintended interaction with other processing code.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • For a more complete understanding of various examples, reference is now made to the following descriptions taken in connection with the accompanying drawings in which:
  • FIG. 1 is an example schematic representation of a manufacturing flow;
  • FIG. 2 is an example schematic representation of another manufacturing flow;
  • FIG. 3 is a flow chart illustrating an example delivery of secure processing code in the manufacturing flows of FIGS. 1 and 2;
  • FIG. 4 is an example schematic representation of a testing arrangement;
  • FIG. 5 is an example schematic representation of another testing arrangement; and
  • FIG. 6 is a flow chart of an example testing process.
    •  DETAILED DESCRIPTION
  • In various embodiments, a semiconductor device, such as a chip or chipset, that may be used in various communication devices is provided. Semiconductor devices may include various components, such as circuitry, memory, etc. Some semiconductor devices may include an embedded flash memory which may be used to store various processing code, for example.
  • In various embodiments described herein, a semiconductor device, such as a chip or a chipset, may be manufactured without an embedded flash memory. Instead, an external flash memory may be coupled to the semiconductor device subsequent to fabrication and testing of the semiconductor device. In other examples, the embedded flash memory may be included in the semiconductor device prior to testing.
  • Referring now to FIG. 1, an example schematic representation of a manufacturing flow is illustrated. In the example of FIG. 1, a controlled or certified manufacturing flow arrangement 100 may be used to design, fabricate and test semiconductor devices. The flow arrangement 100 begins with the design of the physical circuitry, processing code and other components and/or functionality of a semiconductor device in a secure zone 110. The secure zone 110 may be a physical or virtual location with access limited to certain individuals and/or entities. From the secure zone 110, design information of a semiconductor device may be transmitted to a fabrication facility 140. In some embodiments, the design information may be transmitted via a stream of data in, for example, a graphic data system (GDS-II) format. The fabrication facility 140 may produce semiconductor devices that are then delivered to a testing facility 150. In various embodiments, the secure zone 110, fabrication facility 140 and the testing facility 150 may be remotely located to each other, or two or more facilities may be co-located.
  • Referring again to the secure zone 110, a secure processing code, also known as an image, may be generated and encrypted to produce encrypted processing code, or an encrypted image 130. The encrypted image 130 may include, for example, operating system patches for customization of the destination semiconductor device. In various embodiments, the encrypted image 130 may also include, without limitation, customized or pre-personalized applets or confidential customer data.
  • In encrypting the image, various encryption strategies may be used. For example, in one embodiment, the code is encrypted using the Triple Data Encryption Standard (3DES) algorithm. In one embodiment, in order to facilitate customization or pre-personalization of a destination device, an identifier associated with a device or a set of devices may be used in the encryption process. For example, a serial number or a set of serial numbers may be used as the identifier.
  • Referring now to the testing facility 150, as noted above, the fabricated semiconductor devices are delivered to testing facility 150 from the fabrication facility 140 for testing. Additionally, a hardware security module (HSM) 120 containing certain encryption keys may be delivered to the testing facility. In this regard, the HSM 120 may be a hardware component which includes encryption keys associated with the encrypted image 130. As described below, the encryption keys may be used for testing of a secure portion of a semiconductor device using the HSM.
  • The semiconductor devices s are tested by operators at the testing facility 150 through one or more tests 152. Upon successful completion of the testing, the HSM places (e.g., writes, stores or injects) the encryption keys into the semiconductor device 154. As described below, the keys may be injected into a secure portion of the semiconductor device. The semiconductor devices, such as the semiconductor device 190, may then be delivered to an original equipment manufacturer (OEM) 160 for implementing, for example, into a communication device.
  • The encrypted image 130 is typically stored on a flash memory. As noted above, in various embodiments, the semiconductor device design may not include an embedded flash memory. Accordingly, in accordance with the illustrated example of FIG. 1, the encrypted image 130 is transmitted to the OEM 160 for storage in a memory device, such as an external flash memory 170.
  • The semiconductor device 190 fabricated using the manufacturing flow 100 to the OEM 160 includes a non-secure portion 192, also referred to herein as a peripheral processing system (PPS), and a secure portion 194, also referred to herein as a secure processing system (SPS). The secure portion 194 may include functionality associated with secure processing by the semiconductor device 190. For example, as illustrated in FIG. 1, the secure portion 194 may include the encryption keys injected into the semiconductor device 190 by the HSM 120.
  • As illustrated in FIG. 1, the encrypted image 130 received by the OEM 160 may be written to the flash memory 170 through the non-secure portion 192 of the semiconductor device 190 (arrow 182). The encrypted image 130 in the flash memory 170 may be verified by decrypting the encrypted image in the secure portion 194 of the semiconductor device 190 using the encryption keys injected into the secure portion 194 (arrow 184). In this regard, code may be provided in the secure portion 194 to perform the decryption using the encryption keys.
  • Thus, the semiconductor device 190 may be securely customized, or pre-personalized, in the secure zone. For example, the encrypted image 130 may be associated with a specific semiconductor device, and the encryption keys used to decrypt the encrypted image at the secure portion 194 of the semiconductor device 190 may also be accordingly associated with the specific semiconductor device. In one example, the encryption keys may be associated with, for example, a serial number of the target semiconductor device. Thus, the verification may ensure that the pre-personalization of the encrypted image 130 corresponds to the proper semiconductor device 190. The secure portion 194 may then re-encrypt the image for writing to the flash memory 170 (arrow 186). In this regard, the re-encryption by the secure portion 194 may be accomplished using encryption keys that may be generated by the secure portion 194 and that may be unique to each semiconductor device.
  • Since the encryption keys are generated by the secure portion 194 and may be unique to each semiconductor device, they may be unknown to any other entity and may thus be unbreakable. Therefore, the encrypted image 130 may be securely delivered to an external flash memory 170.
  • In other embodiments, as illustrated in FIG. 2, the encrypted image 130 may be written to a flash memory 170 during, for example, manufacture of the flash memory 170. In this regard, the encrypted image 130 may be delivered to a manufacturer of the flash memory 170 or to a post-manufacturing entity of the flash memory 170. The flash memory 170 with the encrypted image 130 may then be delivered to the OEM 160 for association with the semiconductor device 190 (e.g., installation on a user equipment having the semiconductor device 190). As with the example of FIG. 1, the secure portion 194 of the semiconductor device 190 may decrypt and verify the encrypted image 130 (arrow 184) and re-encrypt the decrypted image using encryption keys generated by the secure portion 194 for writing back onto the flash memory 170 (arrow 186).
  • Referring now to FIG. 3, a flow chart illustrates an example delivery of secure processing code in the manufacturing flows of FIGS. 1 and 2. The image may be encrypted with an encryption key (block 10) at, for example, a secure zone 110. As noted above, any of a variety of encryption techniques may be used to encrypt the image. In one embodiment, the encrypted image is delivered to an OEM (block 12), where the encrypted image may be written on a flash memory that is embedded in a user equipment having a semiconductor device associated with the encrypted image (block 14). As noted above, the flash memory may be external to a semiconductor device that is delivered to the OEM.
  • In another embodiment, the encrypted image is written to a flash memory (block 16) during, for example, manufacturing of the flash memory. The flash memory with the encrypted image may then be delivered to the OEM for coupling to a semiconductor device (block 18).
  • At the OEM, the encrypted image may be decrypted in a secure portion of the semiconductor device (block 20) by, for example, code provided in the secure portion to perform decryption using the encryption key. As noted above with reference to FIGS. 1 and 2, the semiconductor device may be provided with the encryption key used to decrypt the image for verification, for example. The secure portion of the semiconductor device may then re-encrypt the decrypted image (block 22) for re-writing the re-encrypted image to the flash memory (block 24). As noted above, the re-encryption of the decrypted image may be accomplished using any of a variety of encryption techniques. Further, the encryption keys used for the re-encryption may be generated by the secure portion of the semiconductor device to provide additional security. As noted above, since the encryption keys are generated by the secure portion and may be unique to each semiconductor device, the encryption keys may be unknown to any other entity and may thus be unbreakable.
  • Referring now to FIG. 4, an example schematic representation of a testing arrangement is illustrated. As described above with reference to FIGS. 1 and 2, the semiconductor devices may be delivered from the fabrication facility 140 to a testing facility 150. Such testing facilities may be used to test various devices, such as semiconductor devices. Further, such testing facilities may be used to test devices that may have secure and non-secure portions. Traditional testing may use a test key which may serve as an encryption key used during the testing. The test key may be embedded on the device, such as a semiconductor device, which may be referred to during testing as a device under test (DUT).
  • In various examples, sensitive information, such as test keys or encryption keys to be injected into a secure portion, may be provided in the HSM 120. In this regard, test keys may include encryption keys that are used specifically for testing of the DUT and may not be injected into the DUT for any later use. Additionally, other encryption keys that are injected into the secure portion may be used to decrypt and verify an encrypted image, as described above. In various examples, when a load board having one or more DUTs and one or more HSMs 120 is removed from the tester 210, all sensitive information is securely removed from the tester 210.
  • Referring again to FIG. 4, the tester 210 is shown connected to a load board 220. The load board 220 may accommodate one or more DUTs, such as the semiconductor device 190. As noted above, the semiconductor device 190 includes a non-secure portion 192 and a secure portion 194. The load board 220 may further accommodate one or more HSMs, such as HSM 120. While FIG. 4 illustrates a load board 220 having a single semiconductor device 190 and a single HSM 120, various examples may include any desired number of semiconductor devices and any appropriate number of HSMs. The HSM 120 illustrated in FIG. 4 is provided with a first interface 124 for communication with the semiconductor device 190 and a second interface 126 for communication with the tester 210. The HSM 120 may also include a processor, such as a secure testing processor 122, configured to perform various functions such as, for example, perform testing of the secure portion 194 of the semiconductor device 190, as described below. Further, the secure testing processor 122 may also be configured to control operation of the HSM 120 and control communication with the semiconductor device 190 and/or the tester 210. The secure testing processor 122 may also be provided with a memory for storage, for example, of data such as encryption keys.
  • In various examples, the testing of the non-secure portion 192 may be performed by the tester 210, while testing of the secure portion 194 may be performed by the HSM 120 without providing access to the secure portion to the tester 210. Thus, as illustrated in the example of FIG. 4, the HSM 120 may allow direct communication between the tester 210 and the non-secure portion 192 of the semiconductor device 190. In this regard, the tester 210 may send signals to and receive signals from the non-secure portion 192 of the semiconductor device 190, as illustrated by the line 224 in FIG. 4. As illustrated in FIG. 4, the direct communication between the non-secure portion 192 and the tester 210 may be performed through the HSM 120, through the interfaces 124, 126. In this regard, the HSM 120 may server merely as a conduit for the communication between the non-secure portion 194 and the tester 210. In other examples, the communication between the non-secure portion 194 and the tester 210 may completely bypass the HSM 120.
  • For testing of the secure portion 194, the secure portion 194 may be isolated from the tester 210. As illustrated in the example of FIG. 4, the testing of the secure portion 194 may be performed by the secure testing processor 122 of the HSM 120. In this regard, the HSM 120 or the secure testing processor 122 may be provided with secure testing keys which may be delivered (e.g., injected or installed) into the secure portion 194 for purposes of testing. Any necessary testing of the secure portion 194 may be performed by the secure testing processor 122 of the HSM 120 with communication through the first interface 124, as illustrated by the line 222 in FIG. 4. The results of the testing of the secure portion 194 may be communicated to the tester 210 by the HSM 120 through the second interface 126 as, for example, a simple pass or fail indication. In one example, the result may be communicated as a 1-bit signal where a “0” is indicative of a pass and a “1” is indicative of a fail (or vice versa).
  • In one example, as illustrated in FIG. 5, the tester 210 may test the non-secure portion 192 by commanding the HSM 120 to position a relay 230 to allow direct communication between the tester 210 and the non-secure portion 192 of the semiconductor device 190. In response, the HSM 120 may position the relay 230 to a tester input/output position 234. When the tester 210 wishes the secure portion 194 to be tested, the tester 210 may command the HSM 120 to switch the relay 230 to an interface 232 between the HSM 120 and the semiconductor device 190. The HSM 120 may then establish a secure channel with the secure portion 194 using a test key. The secure portion 192 and the non-secure portion 194 may be tested in any order. For example, in some cases, the non-secure portion 194 may be tested first, while in other cases, the secure portion 192 may be tested first.
  • Thus, in accordance with the examples of FIGS. 4 and 5, the testing of the secure portion 194 may be performed under the control of the HSM 120. During or after successful testing of the secure portion 194, the HSM may inject the secure testing keys into the secure portion 194. The HSM 120 may communicate the results of the testing of the secure portion 194 to the tester 210 with a simple indication of “pass” or “fail”. As noted above, in some examples, the indication may be a 1-bit signal. Thus, the tester may be informed of the testing results without being given any information on the reasons for the results.
  • Upon completion of the testing, the load board is removed from the tester. Along with the load board, all secure information (e.g., the secure portion 194 of the semiconductor device 190 and the test keys for testing of the secure portion) are also removed. Thus, the tester 210 is never provided with access to any secure information. For example, the test keys and encryption keys provided in the HSM 120 are kept isolated from the tester 210.
  • Referring now to FIG. 6, a flowchart illustrating an example process for secure testing of semiconductor device is provided. As illustrated in FIG. 6, a semiconductor device may be coupled to an HSM through a first interface (block 610). For example, the semiconductor device 190 shown in FIGS. 4 and 5 may be coupled to the HSM 120 through the first interface 124.
  • Referring again to FIG. 6, a tester may be coupled to the HSM through a second interface (block 612). For example, as illustrated in FIGS. 4 and 5, the tester 210 may be coupled to the load board 220 and the HSM 120 through the second interface 126.
  • The secure portion of the semiconductor device may then be tested by the HSM using a test key which may have been provided with the HSM (block 614). For example, as noted above, in various examples, test keys and/or other secure information may be provided in the HSM 120. Thus, during the testing, all secure information is kept isolated from the tester. Further, as noted above, a simple “pass” or “fail” indication of the results of the testing of the secure portion may be communicated by the HSM 120 to the tester 210 through the second interface 126.
  • In various examples, the HSM may inject encryption keys into the secure portion (block 616). As noted above, the HSM may include secure information, such as encryption keys, that are injected into the secure portion. Again, this allows isolation of all secure information from the tester during testing. The encryption keys may be used to decrypt processing code, such as the encrypted image 130, as illustrated by the arrow 184 in FIGS. 1 and 2.
  • The HSM may position a relay switch, such as relay switch 230 of FIG. 5, to allow direct communication between the non-secure portion of the semiconductor device and the tester (block 618). As noted above, this allows the tester to test the non-secure portion of the semiconductor device (block 620). The positioning of the relay switch by the HSM may be in response to commands from the tester, for example. While FIG. 6 illustrates an example in which the secure portion is tested before the non-secure portion, those skilled in the art will appreciate that the order of testing may be reversed. For example, the non-secure portion may be tested and then the relay switch may be positioned to allow the processor of the HSM to test the secure portion. Thus, the secure portion of the semiconductor device may be tested and various keys (e.g., encryption keys) may be provided to the secure portion in a secure manner without the need for placing the tester in a secure location.
  • The various diagrams may depict an example architectural or other configuration for the various embodiments, which is done to aid in understanding the features and functionality that can be included in embodiments. The present disclosure is not restricted to the illustrated example architectures or configurations, and the desired features can be implemented using a variety of alternative architectures and configurations. Indeed, it will be apparent to one of skill in the art how alternative functional, logical or physical partitioning and configurations can be implemented to implement various embodiments. Also, a multitude of different constituent module names other than those depicted herein can be applied to the various partitions. Additionally, with regard to flow diagrams, operational descriptions and method claims, the order in which the steps are presented herein shall not mandate that various embodiments be implemented to perform the recited functionality in the same order unless the context dictates otherwise.
  • It should be understood that the various features, aspects and/or functionality described in one or more of the individual embodiments are not limited in their applicability to the particular embodiment with which they are described, but instead can be applied, alone or in various combinations, to one or more of the other embodiments, whether or not such embodiments are described and whether or not such features, aspects and/or functionality are presented as being a part of a described embodiment. Thus, the breadth and scope of the present disclosure should not be limited by any of the above-described exemplary embodiments.
  • Terms and phrases used in this document, and variations thereof, unless otherwise expressly stated, should be construed as open ended as opposed to limiting. As examples of the foregoing: the term “including” should be read as meaning “including, without limitation” or the like; the term “example” is used to provide exemplary instances of the item in discussion, not an exhaustive or limiting list thereof; the terms “a” or “an” should be read as meaning “at least one,” “one or more” or the like; and adjectives such as “conventional,” “traditional,” “normal,” “standard,” “known” and terms of similar meaning should not be construed as limiting the item described to a given time period or to an item available as of a given time, but instead should be read to encompass conventional, traditional, normal, or standard technologies that may be available or known now or at any time in the future. Likewise, where this document refers to technologies that would be apparent or known to one of ordinary skill in the art, such technologies encompass those apparent or known to the skilled artisan now or at any time in the future.
  • Additionally, the various embodiments set forth herein are described in terms of exemplary block diagrams, flow charts and other illustrations. As will become apparent to one of ordinary skill in the art after reading this document, the illustrated embodiments and their various alternatives can be implemented without confinement to the illustrated examples. For example, block diagrams and their accompanying description should not be construed as mandating a particular architecture or configuration.
  • Moreover, various embodiments described herein are described in the general context of method steps or processes, which may be implemented in one embodiment by a computer program product, embodied in, e.g., a non-transitory computer-readable memory, including computer-executable instructions, such as program code, executed by computers in networked environments. A computer-readable memory may include removable and non-removable storage devices including, but not limited to, Read Only Memory (ROM), Random Access Memory (RAM), compact discs (CDs), digital versatile discs (DVD), etc. Generally, program modules may include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. Computer-executable instructions, associated data structures, and program modules represent examples of program code for executing steps of the methods disclosed herein. The particular sequence of such executable instructions or associated data structures represents examples of corresponding acts for implementing the functions described in such steps or processes.
  • As used herein, the term module can describe a given unit of functionality that can be performed in accordance with one or more embodiments. As used herein, a module might be implemented utilizing any form of hardware, software, or a combination thereof. For example, one or more processors, controllers, application-specific integrated circuits (ASICs), programmable logic arrays (PLAs), programmable array logic (PALs), complex programmable logic devices (CPLDs), field-programmable gate arrays (FPGAs), logical components, software routines or other mechanisms might be implemented to make up a module. In implementation, the various modules described herein might be implemented as discrete modules or the functions and features described can be shared in part or in total among one or more modules. In other words, as would be apparent to one of ordinary skill in the art after reading this description, the various features and functionality described herein may be implemented in any given application and can be implemented in one or more separate or shared modules in various combinations and permutations. Even though various features or elements of functionality may be individually described or claimed as separate modules, one of ordinary skill in the art will understand that these features and functionality can be shared among one or more common software and hardware elements, and such description shall not require or imply that separate hardware or software components are used to implement such features or functionality. Where components or modules of the invention are implemented in whole or in part using software, in one embodiment, these software elements can be implemented to operate with a computing or processing module capable of carrying out the functionality described with respect thereto. The presence of broadening words and phrases such as “one or more,” “at least,” “but not limited to” or other like phrases in some instances shall not be read to mean that the narrower case is intended or required in instances where such broadening phrases may be absent.

Claims (20)

What is claimed is:
1. An apparatus, comprising:
a first interface configured to communicate with a semiconductor device;
a second interface configured to communicate with a tester; and
a processor configured to test a secure portion of the semiconductor device,
wherein the processor is configured to send a result of testing of the secure portion of the semiconductor device to the tester through the second interface.
2. The apparatus of claim 1, wherein the processor is configured to provide an encryption key into the secure portion, the encryption key being associated with a processing code.
3. The apparatus of claim 1, wherein the processor is configured to isolate the tester from the secure portion of the semiconductor device.
4. The apparatus of claim 1, wherein the processor includes a test key configured to facilitate testing of the secure portion.
5. The apparatus of claim 1, further comprising:
a relay switch configured to selectively allow communication between the tester and a non-secure portion of the semiconductor device.
6. The apparatus of claim 5, wherein the relay switch is configured to selectively allow the tester to test the non-secure portion of the semiconductor device.
7. The apparatus of claim 5, wherein the processor is configured to receive instructions from the tester to operate the relay switch.
8. The apparatus of claim 5, wherein the relay switch is configured to isolate the tester from the secure portion of the semiconductor device.
9. The apparatus of claim 5, wherein the communication between the tester and the non-secure portion of the semiconductor device passes through the first interface and the second interface.
10. A method, comprising:
testing, by a processor, a secure portion of a semiconductor device through a first interface between the processor and the semiconductor device; and
sending, by the processor, a pass or fail indication of a result of the testing of the secure portion of the semiconductor device to the tester through a second interface between the processor and the tester.
11. The method of claim 10, further comprising:
providing, by the processor, an encryption key into the secure portion, the encryption key being associated with a processing code.
12. The method of claim 10, further comprising isolating the tester from the secure portion of the semiconductor device.
13. The method of claim 10, wherein the testing the secure portion comprises using a test key by the processor to facilitate testing the secure portion.
14. The method of claim 10, further comprising:
operating a relay switch to allow communication between the tester and a non-secure portion of the semiconductor device.
15. The method of claim 14, wherein operating the relay switch is responsive to receiving, by the processor, instructions from the tester to operate the relay switch.
16. A computer program product, embodied on a non-transitory computer-readable medium, comprising:
computer code for testing a secure portion of a device by a processor; and
computer code for sending results of the testing from the processor to a tester, wherein the results include an indication of pass or fail, and wherein the tester is isolated from the secure portion of the device.
17. The computer program product of claim 16, further comprising:
computer code for allowing communication between the tester and a non-secure portion of the device.
18. The computer program product of claim 17, wherein the computer code for allowing communication between the tester and the non-secure portion of the device comprises:
computer code for operating a relay switch.
19. The computer program product of claim 18, further comprising:
computer code for receiving instructions from the tester to operate the relay switch.
20. The computer program product of claim 16, wherein the computer code for testing the secure portion comprises:
computer code for using a test key to facilitate testing the secure portion.
US13/846,718 2012-11-30 2013-03-18 Secure testing of semiconductor device Abandoned US20140157001A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US13/846,718 US20140157001A1 (en) 2012-11-30 2013-03-18 Secure testing of semiconductor device

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201261732215P 2012-11-30 2012-11-30
US13/846,718 US20140157001A1 (en) 2012-11-30 2013-03-18 Secure testing of semiconductor device

Publications (1)

Publication Number Publication Date
US20140157001A1 true US20140157001A1 (en) 2014-06-05

Family

ID=50826706

Family Applications (2)

Application Number Title Priority Date Filing Date
US13/730,766 Expired - Fee Related US9165163B2 (en) 2012-11-30 2012-12-28 Secure delivery of processing code
US13/846,718 Abandoned US20140157001A1 (en) 2012-11-30 2013-03-18 Secure testing of semiconductor device

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US13/730,766 Expired - Fee Related US9165163B2 (en) 2012-11-30 2012-12-28 Secure delivery of processing code

Country Status (1)

Country Link
US (2) US9165163B2 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10181124B2 (en) * 2013-05-30 2019-01-15 Dell Products, L.P. Verifying OEM components within an information handling system using original equipment manufacturer (OEM) identifier
US9230137B2 (en) * 2013-05-30 2016-01-05 Dell Products, L.P. Secure original equipment manufacturer (OEM) identifier for OEM devices

Citations (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030065931A1 (en) * 2001-07-11 2003-04-03 Matsushita Electric Industrial Co., Ltd. Semiconductor integrated circuit, method for testing semiconductor integrated circuit, and semiconductor storage apparatus
US20030065932A1 (en) * 2000-01-18 2003-04-03 Stefan Wallstab Chip card circuit with monitored access to a test mode
US20040080335A1 (en) * 2001-05-23 2004-04-29 Mosaid Technologies, Inc. Method and apparatus for selecting an encryption integrated circuit operating mode
US20050289355A1 (en) * 2004-06-29 2005-12-29 Dimitri Kitariev Lockstep mechanism to ensure security in hardware at power-up
US20060176068A1 (en) * 2005-02-07 2006-08-10 Micky Holtzman Methods used in a secure memory card with life cycle phases
US20060294397A1 (en) * 2005-06-24 2006-12-28 Sigmatel, Inc. System and method of using a protected non-volatile memory
US20070234138A1 (en) * 2006-02-10 2007-10-04 Yuishi Torisaki Semiconductor integrated circuit and method for testing semiconductor integrated circuit
US20070229313A1 (en) * 2004-09-03 2007-10-04 Koninklijke Philips Electronics, N.V. Testing an Electronic Device Having a Keypad by Simultaneously Pressing Several Keys
US20070241767A1 (en) * 2005-03-29 2007-10-18 Fujitsu Limited Semiconductor device and method for testing semiconductor device
US20070296403A1 (en) * 2006-06-05 2007-12-27 Renesas Technology Corp. Semiconductor device, unique ID of semiconductor device and method for verifying unique ID
US20080091993A1 (en) * 2006-10-13 2008-04-17 Texas Instruments Incorporated On-board FIFO memory module for high speed digital sourcing and capture to/from DUT (device under test) using a clock from DUT
US20090172489A1 (en) * 2007-11-08 2009-07-02 Infineon Technologies Ag Circuit arrangement and method for checking the function of a logic circuit in a circuit arrangement
US20100263043A1 (en) * 2009-04-09 2010-10-14 Freescale Semiconductor, Inc. Method and device for secure test port authentication
JP2011226981A (en) * 2010-04-22 2011-11-10 Yokogawa Electric Corp Semiconductor testing system
US20120069991A1 (en) * 2009-05-13 2012-03-22 Nagravision S. A. Method for authenticating access to a secured chip by test device
US20140201540A1 (en) * 2011-12-29 2014-07-17 Jiangtao Li Secure key storage using physically unclonable functions

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060168580A1 (en) * 2003-02-21 2006-07-27 Shunji Harada Software-management system, recording medium, and information-processing device
US8656161B2 (en) * 2004-11-30 2014-02-18 Nec Corporation Information sharing system, information sharing method, group management program and compartment management program
US7945788B2 (en) * 2005-05-03 2011-05-17 Strong Bear L.L.C. Removable drive with data encryption
US8627079B2 (en) * 2007-11-01 2014-01-07 Infineon Technologies Ag Method and system for controlling a device
JP6332970B2 (en) * 2011-02-11 2018-05-30 シーメンス・ヘルスケア・ダイアグノスティックス・インコーポレーテッドSiemens Healthcare Diagnostics Inc. System and method for secure software update
US8792637B2 (en) * 2011-11-22 2014-07-29 Combined Conditional Access Development & Support, LLC Downloading of data to secure devices

Patent Citations (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030065932A1 (en) * 2000-01-18 2003-04-03 Stefan Wallstab Chip card circuit with monitored access to a test mode
US20040080335A1 (en) * 2001-05-23 2004-04-29 Mosaid Technologies, Inc. Method and apparatus for selecting an encryption integrated circuit operating mode
US20030065931A1 (en) * 2001-07-11 2003-04-03 Matsushita Electric Industrial Co., Ltd. Semiconductor integrated circuit, method for testing semiconductor integrated circuit, and semiconductor storage apparatus
US20050289355A1 (en) * 2004-06-29 2005-12-29 Dimitri Kitariev Lockstep mechanism to ensure security in hardware at power-up
US20070229313A1 (en) * 2004-09-03 2007-10-04 Koninklijke Philips Electronics, N.V. Testing an Electronic Device Having a Keypad by Simultaneously Pressing Several Keys
US20060176068A1 (en) * 2005-02-07 2006-08-10 Micky Holtzman Methods used in a secure memory card with life cycle phases
US20070241767A1 (en) * 2005-03-29 2007-10-18 Fujitsu Limited Semiconductor device and method for testing semiconductor device
US20060294397A1 (en) * 2005-06-24 2006-12-28 Sigmatel, Inc. System and method of using a protected non-volatile memory
US20070234138A1 (en) * 2006-02-10 2007-10-04 Yuishi Torisaki Semiconductor integrated circuit and method for testing semiconductor integrated circuit
US20070296403A1 (en) * 2006-06-05 2007-12-27 Renesas Technology Corp. Semiconductor device, unique ID of semiconductor device and method for verifying unique ID
US20080091993A1 (en) * 2006-10-13 2008-04-17 Texas Instruments Incorporated On-board FIFO memory module for high speed digital sourcing and capture to/from DUT (device under test) using a clock from DUT
US20090172489A1 (en) * 2007-11-08 2009-07-02 Infineon Technologies Ag Circuit arrangement and method for checking the function of a logic circuit in a circuit arrangement
US20100263043A1 (en) * 2009-04-09 2010-10-14 Freescale Semiconductor, Inc. Method and device for secure test port authentication
US20120069991A1 (en) * 2009-05-13 2012-03-22 Nagravision S. A. Method for authenticating access to a secured chip by test device
JP2011226981A (en) * 2010-04-22 2011-11-10 Yokogawa Electric Corp Semiconductor testing system
US20140201540A1 (en) * 2011-12-29 2014-07-17 Jiangtao Li Secure key storage using physically unclonable functions

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
(NPL Snapshot) *

Also Published As

Publication number Publication date
US9165163B2 (en) 2015-10-20
US20140157000A1 (en) 2014-06-05

Similar Documents

Publication Publication Date Title
US10496811B2 (en) Counterfeit prevention
EP3491576B1 (en) Device programming with system generation
US10110380B2 (en) Secure dynamic on chip key programming
TWI569169B (en) Managing use of a field programmable gate array with reprogrammable cryptographic operations
Maes et al. A pay-per-use licensing scheme for hardware IP cores in recent SRAM-based FPGAs
US7675313B1 (en) Methods and systems for storing a security key using programmable fuses
US11562101B2 (en) On-device bitstream validation
EP2702526B1 (en) Method and apparatus for securing programming data of a programmable device
CN113826351A (en) Verifying identification of emergency vehicles during operation
US10305679B2 (en) Method for implementing a communication between control units
CN102456111B (en) Method and system for license control of Linux operating system
US7906983B2 (en) Programmable logic device having an embedded test logic with secure access control
CN104025500A (en) Secure key storage using physically unclonable functions
TW200935369A (en) Configurable asic-embedded cryptographic processing engine
CN103257937B (en) A kind of method and apparatus protecting fpga chip internal configuration memorizer
US9369274B2 (en) Cipher text translation
US10291402B2 (en) Method for cryptographically processing data
CN111670443B (en) Integrated circuit personalization
US8996869B1 (en) Secure mission module
US20140157001A1 (en) Secure testing of semiconductor device
US20140012761A1 (en) Method for operating a cash box with customer-specific keys
US20150347779A1 (en) Method for facilitating transactions, computer program product and mobile device
US20080104396A1 (en) Authentication Method
CN103984973A (en) Quality testing anti-fake control method based on two-dimensional bar code application
JP4989806B2 (en) System and method for remote device registration

Legal Events

Date Code Title Description
AS Assignment

Owner name: BROADCOM CORPORATION, CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:BUER, MARK LEONARD;DZHANDZHAPANYAN, NORAYR NORIK;REEL/FRAME:030507/0834

Effective date: 20130315

AS Assignment

Owner name: BANK OF AMERICA, N.A., AS COLLATERAL AGENT, NORTH CAROLINA

Free format text: PATENT SECURITY AGREEMENT;ASSIGNOR:BROADCOM CORPORATION;REEL/FRAME:037806/0001

Effective date: 20160201

Owner name: BANK OF AMERICA, N.A., AS COLLATERAL AGENT, NORTH

Free format text: PATENT SECURITY AGREEMENT;ASSIGNOR:BROADCOM CORPORATION;REEL/FRAME:037806/0001

Effective date: 20160201

AS Assignment

Owner name: AVAGO TECHNOLOGIES GENERAL IP (SINGAPORE) PTE. LTD., SINGAPORE

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:BROADCOM CORPORATION;REEL/FRAME:041706/0001

Effective date: 20170120

Owner name: AVAGO TECHNOLOGIES GENERAL IP (SINGAPORE) PTE. LTD

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:BROADCOM CORPORATION;REEL/FRAME:041706/0001

Effective date: 20170120

AS Assignment

Owner name: BROADCOM CORPORATION, CALIFORNIA

Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENTS;ASSIGNOR:BANK OF AMERICA, N.A., AS COLLATERAL AGENT;REEL/FRAME:041712/0001

Effective date: 20170119

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION