Disclosed approaches for validating initialization vectors determining by a configuration control circuit whether or not an input initialization vector is within a range of valid initialization vectors. In response to determining that the initialization vector is within the range of valid initialization vectors, the configuration control circuit decrypts the ciphertext into plaintext using the input initialization vector and configures a memory circuit with the plaintext. In response to determining that the first initialization vector is outside the range of valid initialization vectors, the configuration control circuit signals that the first initialization vector is invalid.

An integrated circuit (IC) can include a processor system configured to execute program code, a programmable logic, and a platform management controller coupled to the processor system and the programmable logic. The platform management controller is adapted to configure and control the processor system and the programmable logic independently.

A transient electronic device utilizes a glass-based interposer that is treated using ion-exchange processing to increase its fragility, and includes a trigger device operably mounted on a surface thereof. An integrated circuit (IC) die is then bonded to the interposer, and the interposer is mounted to a package structure where it serves, under normal operating conditions, to operably connect the IC die to the package I/O pins/balls. During a transient event (e.g., when unauthorized tampering is detected), a trigger signal is transmitted to the trigger device, causing the trigger device to generate an initial fracture force that is applied onto the glass-based interposer substrate. The interposer is configured such that the initial fracture force propagates through the glass-based interposer substrate with sufficient energy to both entirely powderize the interposer, and to transfer to the IC die, whereby the IC die also powderizes (i.e., visually disappears).

In an embodiment an integrated device includes a first physical unclonable function module configured to generate an initial data group and management module configured to generate an output data group from at least the initial data group, authorize only D successive deliveries of the output data group on a first output interface of the device, D being a non-zero positive integer, and prevent any new generation of the output data group.

In an embodiment an integrated device includes a first physical unclonable function module configured to generate an initial data group and management module configured to generate an output data group from at least the initial data group, authorize only D successive deliveries of the output data group on a first output interface of the device, D being a non-zero positive integer, and prevent any new generation of the output data group.

Systems and methods for analyzing applications (“apps”) on a mobile device for security risks for a company while maintaining the mobile device owner's privacy and confidentiality concerning the applications. The mobile device may be a user's personal device (a “bring your own device”). In an example method, a process generates one or more cryptographic representations of application information for each application on the mobile device. The cryptographic representations may comprise a hash or composite hash. The cryptographic representations may be transmit outside the mobile device to a system which makes a determination and provides an indication whether the application is permitted or not permitted for use at the company. The company can be associated with a hashed permitted or not permitted list. The application information can include application name, executable code, and a version number. The method may include automatically remediating the application if it matches a known risk.

Systems and methods for analyzing applications (“apps”) on a mobile device for security risks for a company while maintaining the mobile device owner's privacy and confidentiality concerning the applications. The mobile device may be a user's personal device (a “bring your own device”). In an example method, a process generates one or more cryptographic representations of application information for each application on the mobile device. The cryptographic representations may comprise a hash or composite hash. The cryptographic representations may be transmit outside the mobile device to a system which makes a determination and provides an indication whether the application is permitted or not permitted for use at the company. The company can be associated with a hashed permitted or not permitted list. The application information can include application name, executable code, and a version number. The method may include automatically remediating the application if it matches a known risk.

A three dimensional circuit system includes first and second integrated circuit (IC) dies. The first IC die includes programmable logic circuits arranged in sectors and first programmable interconnection circuits having first router circuits. The second IC die includes non-programmable circuits arranged in regions and second programmable interconnection circuits having second router circuits. Each of the regions in the second IC die is vertically aligned with at least one of the sectors in the first IC die. Each of the second router circuits is coupled to one of the first router circuits through a vertical die-to-die connection. The first and second programmable interconnection circuits are programmable to route signals between the programmable logic circuits and the non-programmable circuits through the first and second router circuits. The circuit system may include additional IC dies. The first and second IC dies and any additional IC dies are coupled in a vertically stacked configuration.

A three dimensional circuit system includes first and second integrated circuit (IC) dies. The first IC die includes programmable logic circuits arranged in sectors and first programmable interconnection circuits having first router circuits. The second IC die includes non-programmable circuits arranged in regions and second programmable interconnection circuits having second router circuits. Each of the regions in the second IC die is vertically aligned with at least one of the sectors in the first IC die. Each of the second router circuits is coupled to one of the first router circuits through a vertical die-to-die connection. The first and second programmable interconnection circuits are programmable to route signals between the programmable logic circuits and the non-programmable circuits through the first and second router circuits. The circuit system may include additional IC dies. The first and second IC dies and any additional IC dies are coupled in a vertically stacked configuration.

A reliable multi-information entropy PUF for Internet of Things security includes a control circuit, a data register, 128 glitch generation circuits, a 128-to-1 multiplexer, and a Schmidt glitch sampling module. The control circuit controls the data register to generate a square signal, the 128 glitch generation circuits to generate glitch signals to be output and the 128-to-1 multiplexer to select the glitch signals to be output. The Schmidt glitch sampling module samples the glitch signals to obtain PUF response outputs. Each glitch generation circuit generates a glitch signal by means of a fully symmetrical structure. The Schmidt glitch sampling module comprises a first PMOS transistor, a second PMOS transistor, a third PMOS transistor, a fourth PMOS transistor, a first NMOS transistor, a second NMOS transistor, a third NMOS transistor, a fourth NMOS transistor, a buffer module and a D flip-flop.