| CPC G06F 21/73 (2013.01) [G06F 21/79 (2013.01); G11C 17/12 (2013.01); G11C 17/16 (2013.01)] | 16 Claims |
|
1. A method for enterprise product configuration tracking, the method comprising:
having an enterprise product arrive at a first lifecycle site, wherein the first lifecycle site is one selected from a group consisting of a supplier manufacturing site (SMS), a customer staging site, and a customer deployment site, wherein the SMS at least services, upgrades, troubleshoots, tests, packages, and distributes the enterprise product;
ascertaining, for the enterprise product, a first current enterprise product configuration state;
generating, using a feature-fuse mapping, a site bitmask capturing at least a portion of the first current enterprise product configuration state,
wherein the feature-fuse mapping comprises at least a configuration feature (CF) of the enterprise product desired to be tracked,
wherein the CF specifies at least one selected from a group consisting of a requirement to install a hardware security chip, a requirement to enable a system lockdown mode, a requirement to enable a debug access path, a requirement to enable a complex programmable logic device secure boot, and a requirement to enable a subsystem attestation failure continued boot,
wherein a one-time programmable (OTP) fuse of an OTP memory block specifies a fuse status (FS) of the OTP fuse and a second OTP fuse of the OTP memory block specifies a second FS, wherein the FS specifies the OTP fuse has been associated with the CF and the second FS specifies the second OTP has not been associated with the CF;
locating a next available OTP memory block in OTP memory,
wherein the next available OTP memory block refers to a pre-determined size of adjacent OTP fuses in the OTP memory that have yet to be configured,
wherein the size of adjacent OTP fuses is equal to a size of the site bitmask; and
preserving, immutably, the at least the portion of the first current enterprise product configuration state using the site bitmask,
wherein the preserving is performed by programming the next available OTP memory block through a bitwise operation entailing the site bitmask.
|