	US 12,423,434 B2
	On-demand and secure hardware license-based SKU creation for ASICs
Sachin Agarwal, Fremont, CA (US); Srirajkumar Sundararaman, San Jose, CA (US); Aviran Kadosh, Moreshet (IL); Samir Valjibhai Rajgor, Santa Clara, CA (US); Chirag Shroff, Cary, NC (US); Kevin Shyh-Kang Chang, Saratoga, CA (US); and Dylan Walker, Austin, TX (US)
Assigned to Cisco Technology, Inc., San Jose, CA (US)
Filed by Cisco Technology, Inc., San Jose, CA (US)
Filed on Aug. 29, 2023, as Appl. No. 18/239,607.
Claims priority of provisional application 63/430,131, filed on Dec. 5, 2022.
Prior Publication US 2024/0184890 A1, Jun. 6, 2024
Int. Cl. G06F 15/177 (2006.01); G06F 21/44 (2013.01); G06F 21/57 (2013.01); G06F 9/4401 (2018.01)

CPC G06F 21/575 (2013.01) [G06F 21/44 (2013.01); G06F 9/4401 (2013.01)]

19 Claims

1. A method of operating a system-on-chip (SOC), comprising:

decrypting, by isolated Root of Trust (RoT) code, a Stock Keeping Unit (SKU) license code from a host during bootup of a device;

validating, by the isolated ROT code, the SKU license code with firmware and at least one built-in key of a plurality of built-in keys from a secure storage; and

enabling or disabling, by the isolated ROT code, at least one feature set of a plurality of feature sets comprising resources configured at the SOC based on at least one SKU license code which has been decrypted by isolated RoT code using at least one built-in key and authenticated by firmware wherein enabling or disabling of at least one feature set is on-demand and configured at the SOC, based on the at least one SKU license code decrypted by the isolated ROT code, for at least one port or speed for the device; and

monitoring, by the isolated ROT code, at least one component of performance of at least one feature set enabled to authenticate use of the SOC based on the at least one SKU license code.