Presently, system-on-a-chip vendors may sell many different varieties of the same chip, where each variety is configured for a particular application. Chip configuration often occurs by blowing one or more fuses or otherwise programming a one-time programmable memory on the chip. This type of chip configuration is generally a one-way process and cannot be undone. One method of circumventing the permanence of the configuration process is to add redundant or spare bits within the one-time programmable memory that can be combined to modify a previous setting (e.g., by exclusive-ORing multiple bits together to produce the final configuration setting). This type of redundancy has limited flexibility, however, and requires additional fuses which take up additional real estate on the chip. In addition, having multiple fuses behind a setting does not remove the need to perform multiple programming steps to configure chips adds cost. Likewise, configurations today continue to be performed by chip vendors (or their contractors), who then maintain inventories of chips with multiple fuse configurations.
The need for secure systems and applications is growing. Presently, allegedly secure chips are often programmed with security keys on the factory floor. Secure keys may be used in a variety of ways, such as, for example, to protect stored data, control access to digital content, or encrypt/authenticate data used in transactions. Today, these keys can be stored in a one-time programmable memory, which may hold keys directly or hold a base key that is used with cryptographic functions that derive keys for various functions. Typically, security is provided by performing the key loading process in a secured facility.