1. A method of restoring a selected operational state of a circuit design implemented within a programmable integrated circuit (IC), the method comprising:
pipelining a clock gating signal that selectively pauses a clock of the circuit design;
storing configuration data specifying an operational state of the circuit design at a first simulation clock cycle in non-configuration memory;
at a second simulation clock cycle, gating the clock of the circuit design;
loading the stored configuration data into configuration memory of the programmable IC that controls configuration of the circuit design, wherein loading the configuration data reconfigures the circuit design and restores the operational state of the circuit design in existence at the first simulation clock cycle; and
advancing the clock of the circuit design a number of clock cycles corresponding to a difference between the second simulation clock cycle and the first simulation clock cycle, wherein a state of the circuit design in existence at the second simulation clock cycle is implemented within the circuit design.
2. The method of claim 1, further comprising counting a number of simulation clock cycles occurring after storing the configuration data of the circuit design up to the second simulation clock cycle.
3. The method of claim 1, wherein the clock of the circuit design is disabled a predetermined number of clock cycles after gating is initiated due to the pipelining.
4. The method of claim 3, further comprising selecting a number of stages of pipelining in the clock gating signal, wherein the predetermined number of clock cycles after gating is initiated corresponds to a number of stages of pipelining introduced into the clock gating signal.
5. The method of claim 1, wherein storing configuration data specifying an operational state of the circuit design further comprises:
storing configuration data specifying a state of the circuit design at selected simulation clock cycles throughout operation of the circuit design; and
retaining, in the non-configuration memory, only the most recent configuration data.
6. The method of claim 1, further comprising:
prior to storing the configuration data of the circuit design, stopping the clock of the circuit design; and
responsive to completing the storing of the configuration data, starting the clock of the circuit design.
7. The method of claim 1, wherein storing configuration data specifying the operational state of the circuit design comprises storing the configuration data within a memory external to the programmable IC.
8. The method of claim 1, wherein storing the configuration data specifying the operational state of the circuit design comprises storing the configuration data within a memory disposed within the programmable IC.
9. A clock control module for use within a programmable integrated circuit (IC), the clock control module comprising:
a clock gating circuit generating a pipelined gating signal that disables a clock of a circuit design within the programmable IC, wherein the clock of the circuit design is disabled a predetermined number of clock cycles after the clock cycle in which the gating signal is initiated;
a snapshot module coupled to the clock gating circuit, the snapshot module storing configuration data specifying an operational state of the circuit design at different clock cycles during operation of the circuit design; and
a correction module coupled to the snapshot module and the clock gating circuit, wherein the correction module, responsive to a state restoration signal, selectively loads a most recent operational state of the circuit design into configuration memory of the programmable IC, and wherein the correction module advances the clock of the circuit design according to a number of simulation clock cycles occurring after a most recent storage of the configuration data until the state restoration signal is received.
10. The clock control module of claim 9, further comprising a counter counting simulation clock cycles starting from a first simulation clock cycle after storing the configuration data specifying the operational state of the circuit design is complete and ending on a second simulation clock cycle when the state restoration signal is received.
11. The clock control module of claim 9, wherein the snapshot module stores the configuration data by initiating a configuration readback of the configuration memory for the circuit design and storing the configuration data obtained from the configuration readback.
12. The clock control module of claim 9, wherein the clock of the circuit design continues to run for a number of clock cycles after the state restoration signal is received, and wherein the number of clock cycles corresponds to a number of stages of pipelining introduced into the pipelined gating signal.
13. The clock control module of claim 9, wherein prior to storing the configuration data specifying the operational state of the circuit design, the snapshot module stalls the clock gating circuit to disable the clock of the circuit design.
14. The clock control module of claim 13, wherein responsive to completing the storage of the configuration data specifying the operational state of the circuit design, the snapshot module terminates stalling of the clock gating circuit to restart the clock of the circuit design.
15. A computer program product, comprising:
a computer-usable medium comprising computer-usable program code that, when executed by a computer, implements a clock control module for use within a programmable integrated circuit (IC), the computer-usable medium comprising:
computer-usable program code that implements a clock gating circuit generating a pipelined gating signal that disables a clock of a circuit design within the programmable IC, wherein the clock of the circuit design is disabled a predetermined number of clock cycles after the clock cycle in which the gating signal is initiated;
computer-usable program code that implements a snapshot module storing configuration data specifying an operational state of the circuit design at different clock cycles during operation of the circuit design; and
computer-usable program code that implements a correction module that, responsive to a state restoration signal, selectively loads a most recent operational state of the circuit design into configuration memory of the programmable IC, wherein the correction module advances the clock of the circuit design according to a number of simulation clock cycles occurring after a most recent storage of the configuration data until the state restoration signal is received.
16. The computer program product of claim 15, wherein the computer-usable medium further comprises computer-usable program code that implements a counter counting simulation clock cycles starting from a first simulation clock cycle after storing the configuration data specifying the operational state of the circuit design is complete and ending on a second simulation clock cycle when the state restoration signal is received.
17. The computer program product of claim 15, wherein the snapshot module stores configuration data by initiating a configuration readback of the configuration memory for the circuit design and stores the configuration data obtained from the configuration readback.
18. The computer program product of claim 15, wherein the clock of the circuit design continues to run for a number of clock cycles after the state restoration signal is received, and wherein the number of clock cycles corresponds to a number of stages of pipelining introduced into the pipelined gating signal.
19. The computer program product of claim 15, wherein prior to storing the configuration data specifying the operational state of the circuit design, the snapshot module stalls the clock gating circuit to disable the clock of the circuit design.
20. The computer program product of claim 19, wherein responsive to completing the storage of the configuration data specifying the operational state of the circuit design, the snapshot module terminates stalling of the clock gating circuit to restart the clock of the circuit design.
The claims below are in addition to those above.
All refrences to claim(s) which appear below refer to the numbering after this setence.
1. A method for the establishment and maintenance of secure communications paths, comprising the steps of:
providing an intelligent communicating device at or near the edge of an electrical distribution grid, wherein the intelligent communicating device uses the electrical distribution grid as a transmission medium;
providing, at a substation, a receiver capable of inferring a grid location of a device associated with the intelligent communicating device, wherein said inferring uses an electrical phase and an electrical feeder upon which a signal was received by said receiver;
requesting, by the device, a secure communications path, session, or permission to perform a secured operation; and
granting Keys and Key Tokens based upon the grid location of the device.
2. The method of claim 1, wherein the device granted one or more Keys and Key Tokens is at a fixed location.
3. The method of claim 1, wherein the device granted one or more Keys and Key Tokens is mobile and may be at a different location each time a Key and Key Token is granted.
4. The method of claim 1, wherein the device is required to remain at the location where the Key and Key Token were granted for the duration of the secured communications path, session, or secured operation.
5. The method of claim 4, wherein the secured communications path, session, or secured operation is cancelled, deleted, erased, or otherwise destroyed if the device is detected to have been removed from the location where the Key and Key Token were granted.
6. The method of claim 4, where the continued presence of the device at the required location is established by means of a software program on the device that communicates over the power grid with the intelligent communicating device, wherein the intelligent communicating device is at the location’s service transformer or electrical meter.
7. The method of claim 1, wherein some sites within a building, structure, or location are authorized locations for the granting of a Key andor Key Token, and other sites are not authorized.
8. The method of claim 7, wherein a single intelligent communicating device communicates with both authorized and unauthorized sites within a Building, Structure, or Location, or with a plurality of Buildings, Structures, or Locations, wherein some of the plurality of buildings, structures, or locations are authorized and some are not.
9. The method of claim 8, wherein the intelligent communicating device distinguishes between authorized and unauthorized sites by means of a grid-location-aware addressing mechanism associated with individual electrical outlets or jacks with the Building, Structure, or Location.
10. The method of claim 1, further comprising establishing and supporting multiple simultaneous secure communications paths, sessions, or permissions for secured operations.
11. The method of claim 10, wherein the multiple secure communications paths, sessions, or permissions for secured operations are established for a multiplicity of different devices communicating via a single intelligent communicating device.
12. The method of claim 10, wherein the multiple secure communications paths, sessions, or permissions for secured operations are established for a multiplicity of different devices communicating via a multiplicity of intelligent communicating devices.
13. The method of claim 10, wherein the multiple secure communications paths, sessions, or permissions for secured operations are established for a multiplicity of different devices communicating via a multiplicity of Servers and Receivers at a multiplicity of substations.
14. The method of claim 1, wherein the Key and the Key Token are distributed to the requesting devices over distinct communication paths.
15. The method of claim 14, wherein the Key required to decrypt the Key Token reaches the requesting device by means of a combined communications path comprising multiple segments, wherein at least one segment of said path is the electrical distribution grid.
16. The method of claim 14, wherein the Key required to decrypt the Key Token reaches the requesting device by means of a combined communications path comprising multiple segments, wherein at least one segment of said path is a medium-voltage (>1 KV) or high-voltage segment of the electrical distribution grid.
17. The method of claim 1 wherein the request by the device for a Key Token travels over a combined communication path comprising multiple segments, wherein at least one segment is a medium-voltage (>1 KV) or high voltage segment of the electrical distribution grid.
18. The method of claim 1 wherein, if the Key Token authorizes the creation of a secure communications path or session, said secure communications path or session uses a distinct communication path from the path over which the request for the Key Token traveled from the device to the Key Distribution Server.
19. The method of claim 1 wherein, if the Key Token authorizes the creation of a secure communications path or session, said secure communications path or session uses a distinct communication path from the path over which the decryption Key reached the device.
20. The method of claim 1 wherein the Key Token contains an encryption key, authorizes the encryption of data residing on the server, and authorizes the writing of the encrypted data onto a removable storage medium attached to the device.
21. The method of claim 13 where the multiplicity of Servers and Receivers process requests from devices located in buildings serviced by a multiplicity of utilities.
22. The method of claim 20, where the resulting encrypted medium can only be read at the encryption site.
23. The method of claim 20, where the device reading the encrypted medium can be a device other than the device that wrote the encrypted medium.
24. The method of claim 20, wherein the resulting encrypted media can be read at other locations than the encryption site.
25. The method of claim 20, wherein the resulting encrypted media can be read at locations other than the encryption site, provided that the other locations contain an intelligent communicating device capable of forwarding a request to the key distribution server which holds the secret to decrypting the media, and where said key distribution server grants said request and provides the decryption secret to the requesting device based on grid location.
26. The method of claim 20, wherein the device that writes the encrypted medium is not attached to any conventional network, but is attached to the electrical distribution grid.
27. The method of claim 1, further comprising requiring the device carrying out a secured session or operation to remain connected to a power source for the duration of said session or operation.
28. The method of claim 1, further comprising requiring the device carrying out a secured session or operation to remain in communication with its authorizing intelligent communicating device for the duration of said session or operation.
29. The method of claim 1, further comprising invalidating the outcome of the secured session or operation and declaring the secured session or operation to be untrustworthy if a device carrying out a secured session or operation is disconnected from its power source andor loses communication with its authorizing intelligent communicating device.
30. The method of claim 1, further comprising, if the intelligent communicating device loses electrical power while authorization requests or timed secured sessions or operations which it has authorized are incomplete, invalidating and declaring to be untrustworthy all incomplete requests, sessions, or operations upon recovery.
31. The method of claim 1 further comprising, if an inferred Grid Location of a requesting intelligent communicating device is inconsistent with a Grid Map, refusing the request as invalid or untrustworthy.
32. The method of claim 8, further comprising the intelligent communicating device distinguishing between authorized and unauthorized sites by means of a grid-location addressing mechanism associated with a communicating device attached to an electrical meter at each site.
33. A system for the establishment and maintenance of secure communications paths, comprising:
an electrical distribution grid comprising at least one distribution substation;
an intelligent communicating device located at or near the edge of an electrical distribution grid, wherein the intelligent communicating device uses the electrical distribution grid as a transmission medium;
a server located at the distribution substation;
a receiver connected to the server at the substation;
a Key distribution server in bidirectional communication with the server located at the distribution substation; and
a device associated with the intelligent communicating device, wherein a location of the device on the electrical distribution grid is inferred by a receiver at the distribution substation wherein said inferred uses an electrical phase and an electrical feeder upon which a signal was received by said receiver, and wherein the requesting device requests a secure communications path, session, or permission to perform a secured operation; and wherein the Key distribution server grants Keys and Key Tokens to the device based upon the grid location of the device.
34. The system of claim 33, wherein the device granted one or more Keys and Key Tokens is at a fixed location.
35. The system of claim 33, wherein the device granted one or more Keys and Key Tokens is mobile and is at a different location each time a Key and Key Token is granted.
36. The system of claim 33, wherein the device is required to remain at the location where the Key and Key Token were granted for the duration of the secured communications path, session, or secured operation.
37. The system of claim 36, wherein the secured communications path, session, or secured operation is cancelled, deleted, erased, or otherwise destroyed if the device is detected to have been removed from the location where the Key and Key Token were granted.
38. The system of claim 36, further comprising a software program residing on a computer readable medium of the device and a communications interface at the device, wherein the software program communicates with the intelligent communicating device over the power grid through the communication interface to establish the continued presence of the device at the required location.
39. The system of claim 33, wherein the device is present at a building, structure, or location, and wherein some sites within the building, structure, or location are authorized locations for the granting of a Key andor Key Token, and other sites are not authorized.
40. The system of claim 39, wherein a single intelligent communicating device communicates with both authorized and unauthorized sites within a Building, Structure, or Location, or with a plurality of Buildings, Structures, or Locations, wherein some of the plurality of buildings, structures, or locations are authorized and some are not.
41. The system of claim 40, wherein the intelligent communicating device distinguishes between authorized and unauthorized sites by means of a grid-location-aware addressing mechanism associated with individual electrical outlets or jacks with the Building, Structure, or Location.
42. The system of claim 33, further comprising multiple secure communications paths, sessions, or permissions for secured operations.
43. The system of claim 42, wherein the multiple secure communications paths, sessions, or permissions for secured operations are established for a multiplicity of different devices communicating via a single intelligent communicating device.
44. The system of claim 42, wherein the multiple secure communications paths, sessions, or permissions for secured operations are established for a multiplicity of different devices communicating via a multiplicity of intelligent communicating devices.
45. The system of claim 42, wherein the multiple secure communications paths, sessions, or permissions for secured operations are established for a multiplicity of different devices communicating via a multiplicity of Servers and Receivers at a multiplicity of substations.
46. The system of claim 33, further comprising distinct communication paths over which the Key and the Key Token are distributed to the requesting devices.
47. The system of claim 46, wherein the distinct communication paths comprise a combined communication path of multiple segments, and wherein at least one segment of said combined communication path is the electrical distribution grid.
48. The system of claim 46, wherein the distinct communication paths comprise a combined communication path of multiple segments, and wherein at least one segment of said combined communication path is a medium-voltage (>1 KV) or high-voltage segment of the electrical distribution grid.
49. The system of claim 33, further comprising a combined communication path comprising multiple segments over which the request from the device travels, wherein at least one segment is a medium-voltage (>1 KV) or high voltage segment of the electrical distribution grid.
50. The system of claim 33, wherein, if the Key Token authorizes the creation of a secure communications path or session, said secure communications path or session uses a distinct communication path from the path over which the request for the Key Token traveled from the device to the Key Distribution Server.
51. The system of claim 33, wherein, if the Key Token authorizes the creation of a secure communications path or session, said secure communications path or session uses a distinct communication path from the path over which the decryption Key reached the device.
52. The system of claim 33, wherein the Key Token contains an encryption key, authorizes the encryption of data residing on the server, and authorizes the writing of the encrypted data onto a removable storage medium attached to the device.
53. The system of claim 45, wherein the multiplicity of Servers and Receivers process requests from devices located in buildings serviced by a multiplicity of utilities.
54. The system of claim 52, wherein the resulting encrypted medium can only be read at the encryption site.
55. The system of claim 52, wherein the device reading the encrypted medium can be a device other than the device that wrote the encrypted medium.
56. The system of claim 52, wherein the resulting encrypted media can be read at other locations than the encryption site.
57. The system of claim 52, wherein the resulting encrypted media can be read at locations other than the encryption site, provided that the other locations contain an intelligent communicating device capable of forwarding a request to the key distribution server which holds the secret to decrypting the media, and where said key distribution server grants said request and provides the decryption secret to the requesting device based on grid location.
58. The system of claim 52, wherein the device that writes the encrypted medium is not attached to any conventional network, but is attached to the electrical distribution grid.
59. The system of claim 33, wherein the device carrying out a secured session or operation remains connected to a power source for the duration of said session or operation.
60. The system of claim 33, wherein the device carrying out a secured session or operation remains in communication with its authorizing intelligent communicating device for the duration of said session or operation.
61. The system of claim 33, wherein the outcome of the secured session or operation and is invalidated and declared untrustworthy if a device carrying out a secured session or operation is disconnected from its power source andor loses communication with its authorizing intelligent communicating device.
62. The system of claim 33, wherein, if the intelligent communicating device loses electrical power while authorization requests or timed secured sessions or operations which it has authorized are incomplete, invalidating and declaring to be untrustworthy all incomplete requests, sessions, or operations upon recovery.
63. The system of claim 33, further comprising a Grid Map, and wherein, if an inferred Grid Location of a requesting intelligent communicating device is inconsistent with the Grid Map, refusing the request as invalid or untrustworthy.
64. The system of claim 33, further comprising the intelligent communicating device distinguishing between authorized and unauthorized sites through a grid-location addressing mechanism associated with a communicating device attached to an electrical meter at each site.