公开(公告)号：US10929261B1

公开(公告)日：2021-02-23

申请号：US16017736

申请日：2018-06-25

Applicant: Amazon Technologies, Inc.

Inventor： Alex Levin ,  Ziv Harel ,  Evgeny Khanin ,  David Ben-Dror ,  Georgy Machulsky ,  Daniel Elkaslassy ,  Sergei Shtern

IPC: G06F11/26 ,  G06Q30/00 ,  H04L29/08

Abstract: A technology is described for a device diagnosis station. The device diagnosis station may be configured to identify an electronic device physically connected to the device diagnosis station, evaluate an operational state of the electronic device by executing testing instructions configured to test the functionality of the electronic device and collect operational state information for the electronic device. The device diagnosis station may be configured to determine the operational state of the electronic device and execute recovery instructions to restore the electronic device to an improved state when a recoverable error is detected. The device diagnosis station may be configured to initiate a device return procedure for the electronic device when a non-recoverable error state is detected.

公开(公告)号：US10484348B1

公开(公告)日：2019-11-19

申请号：US15388548

申请日：2016-12-22

Applicant: AMAZON TECHNOLOGIES, INC.

Inventor： Alex Levin ,  Ron Diamant ,  Ihab Bishara ,  Michael Butler Fortin ,  Gary Lee Szilagyi ,  Georgy Machulsky

IPC: H04L29/00 ,  H04L29/06 ,  H04L29/08 ,  H04L9/08 ,  H04L9/06 ,  H04L9/32 ,  G06F16/14 ,  G06F16/182

Abstract: A network device includes a processor coupled to network interface circuitry and cryptographic circuitry. The network interface circuitry is configured to couple the network device to a local computer communication network. The processor is configured to generate an encryption key based on a hardware specific value recorded in the network device, and apply the cryptographic circuitry and the encryption key to encrypt files for storage in an Internet storage system coupled to a remote computer communication network, and present the encrypted files stored, by the processor, in the Internet storage system, to a computing device coupled to the network device via the local computer communication network, as a storage system attached to the local computer communication network.

公开(公告)号：US10423541B1

公开(公告)日：2019-09-24

申请号：US15388472

申请日：2016-12-22

Applicant: Amazon Technologies, Inc.

Inventor： Alex Levin ,  Ron Diamant ,  James Christopher Sorenson, III

IPC: G06F12/14 ,  G06F11/30 ,  G06F21/72 ,  G06F12/1009 ,  G06F12/0802

Abstract: The following description is directed to the use of encryption by a computing system. In one example, a method can include determining whether information associated with a logical address is stored unencrypted within an on-chip memory of an integrated circuit or whether the information associated with the logical address is stored encrypted within an off-chip memory external to the integrated circuit. When the information is not stored unencrypted within the on-chip memory and is stored encrypted within the off-chip memory: a page associated with the logical address can be retrieved from the off-chip memory containing the encrypted information; the retrieved page can be decrypted to generate unencrypted information; and the unencrypted information can be stored in a frame of the on-chip memory.

公开(公告)号：US10261880B1

公开(公告)日：2019-04-16

申请号：US15384026

申请日：2016-12-19

Applicant: Amazon Technologies, Inc.

Inventor： Alex Levin ,  Ron Diamant ,  Christopher James BeSerra

IPC: G06F11/00 ,  G06F11/30 ,  G06F11/22

Abstract: A smart add-in card can be leveraged to perform testing on a host server computer. The add-in card can include an embedded processor and memory. Tests can be downloaded to the add-in card to test a communication bus between the host server computer (motherboard) and the add-in card. In a particular example, a PCIe communication bus couples the motherboard to the add-in card and the tests can inject errors on the PCIe communication bus. The tests can be developed to test errors that are typically difficult to test without the use of special hardware. However, the smart add-in card can be a simple Network Interface Card (NIC) that resides on the host server computer during normal operation and is used for communication other than error testing. By using the NIC as a testing device, repeatable and reliable testing can be obtained.

公开(公告)号：US11231987B1

公开(公告)日：2022-01-25

申请号：US16456256

申请日：2019-06-28

Applicant: Amazon Technologies, Inc.

Inventor： Benita Bose ,  Ron Diamant ,  Georgy Zorik Machulsky ,  Alex Levin

IPC: G06F11/30 ,  G06F11/07 ,  G06F11/32 ,  G06F13/28 ,  G06F15/78 ,  G06F11/34

Abstract: A debugging tool, such as may take the form of a software daemon running in the background, can provide for the monitoring of utilization of access mechanisms, such as Direct Memory Access (DMA) mechanisms, for purposes such as debugging and performance improvement. Debugging tools can obtain and provide DMA utilization data, as may include statistics, graphs, predictive analytics, or other such information. The data can help to pinpoint issues that have arisen, or may arise, in the system, and take appropriate remedial or preventative action. Data from related DMAs can be aggregated intelligently, helping to identify bottlenecks where the individual DMA data might not. A debugging tool can store state information as snapshots, which may be beneficial if the system is in a state where current data is not accessible. The statistics and predictive analytics can also be leveraged to optimize system-performance.

公开(公告)号：US20200175170A1

公开(公告)日：2020-06-04

申请号：US16786742

申请日：2020-02-10

Applicant: Amazon Technologies, Inc.

Inventor： Ron Diamant ,  Alex Levin ,  Ihab Bishara

IPC: G06F21/57 ,  H04L9/08 ,  G06F9/4401

Abstract: Methods and apparatus are disclosed for securing executable code for execution with a processor using a trusted platform module (TPM). In one example of the disclosed technology, a method of decrypting executable code for execution includes measuring values stored in a CPU boot ROM and measuring second values for executable code stored in non-volatile memory, storing the resulting measurement value in a TPM platform configuration register. The PCR value is used to unseal a key stored in non-volatile memory of the TPM, which key is used to decrypt executable code for execution. Security can be further enhanced by destroying the values stored in the PCR by performing additional measurement operations with the TPM PCR used to generate the measurement value.

公开(公告)号：US10665319B1

公开(公告)日：2020-05-26

申请号：US16137187

申请日：2018-09-20

Applicant: Amazon Technologies, Inc.

Inventor： Alex Levin ,  Ron Diamant ,  Georgy Zorik Machulsky

IPC: G11C29/42 ,  G06F11/10 ,  G11C29/52

Abstract: Approaches for testing memory devices, such as DRAMs, are described that can quickly identify various potential storage issues. The memory space for a device can be divided into subspaces that can be tested concurrently. A starting address is determined for each memory sub-space, and addresses are identified that are within a Hamming distance of the starting address, where a single Hamming distance or multiple Hamming distances can be used. Once a list of addresses is generated, a test pattern can be written to, and read from, the corresponding addresses. Differences from the expected pattern can be indicative of problems with the memory device, whether before user deployment or while storing live data. If there are specific problems suspected, targeted testing can be utilized that does not test the entirety of the memory space.

公开(公告)号：US10565382B1

公开(公告)日：2020-02-18

申请号：US15389152

申请日：2016-12-22

Applicant: Amazon Technologies, Inc.

Inventor： Ron Diamant ,  Alex Levin ,  Ihab Bishara

IPC: H04L29/06 ,  G06F21/57 ,  G06F9/4401 ,  H04L9/08

Abstract: Methods and apparatus are disclosed for securing executable code for execution with a processor using a trusted platform module (TPM). In one example of the disclosed technology, a method of decrypting executable code for execution includes measuring values stored in a CPU boot ROM and measuring second values for executable code stored in non-volatile memory, storing the resulting measurement value in a TPM platform configuration register. The PCR value is used to unseal a key stored in non-volatile memory of the TPM, which key is used to decrypt executable code for execution. Security can be further enhanced by destroying the values stored in the PCR by performing additional measurement operations with the TPM PCR used to generate the measurement value.