公开(公告)号：US20200285457A1

公开(公告)日：2020-09-10

申请号：US16644720

申请日：2018-10-17

Applicant: ARM IP LIMITED

Inventor： Milosch MERIAC ,  Brendan James MORAN ,  Robert George TAYLOR ,  Amyas Edward Wykes PHILLIPS ,  Daniel ROS ,  John-Paul STANFORD

IPC: G06F8/65 ,  H04L29/08

Abstract: A method for managing an asset update service for one or more service requesters on a plurality of remote devices, the method comprising: receiving, at a management server, update data indicating an asset to be updated at one or more remote devices; receiving, at the management server, campaign data associated with the update data and indicating a subset of the remote devices to which an update is to be applied; and receiving, at the management server, a request to initiate the firmware update by transmitting to the subset of the remote devices an update communication indicating that the asset is to be retrieved for updating the asset of the remote device.

公开(公告)号：US20190354153A1

公开(公告)日：2019-11-21

申请号：US15982560

申请日：2018-05-17

Applicant: Arm IP Limited

Inventor： Niklas Lennart HAUSER ,  Brendan James MORAN ,  Milosch MERIAC

IPC: G06F1/28 ,  G06F1/32 ,  G01R31/36 ,  G06F8/65

Abstract: Broadly speaking, the present techniques provide methods, apparatus and systems for monitoring operation of a device. More particularly, the present techniques provide methods for monitoring operation of a device by observing state transitions which occur during the running of a device process following a firmware update, and either comparing the observed state transitions to a state transition map generated within the device or comparing the observed state transitions to a state transition model in, or associated with, the firmware update.

公开(公告)号：US20230153468A1

公开(公告)日：2023-05-18

申请号：US17594977

申请日：2020-01-21

Applicant: Arm IP Limited

Inventor： Brendan James MORAN

IPC: G06F21/64 ,  G06F21/44

CPC classification number: G06F21/64 ,  G06F21/44

Abstract: Provided is a technology including an apparatus and a machine-implemented method for operating a content sending apparatus attachable to a network, comprising acquiring a sequence comprising at least two content blocks; generating at least one authentication metadata block comprising at least one signed digest derived by a chaining digest technique from the sequence of content blocks; deriving a content transform encoding for each of the content blocks; and sending the at least one authentication metadata block and at least one content transform encoding to at least one of a set of recipient devices, the at least one device being operable to apply an inverse transformation to the content transform encoding and to authenticate at least one resultant content block according to the authentication metadata block.

公开(公告)号：US20220229656A1

公开(公告)日：2022-07-21

申请号：US17648058

申请日：2022-01-14

Applicant: Arm IP Limited

Inventor： Brendan James MORAN

IPC: G06F8/65 ,  G06F8/61

Abstract: A device, device initialisation and method of installing a delta update of executable code on a device, the method comprising: generating an unrelocation table based upon a symbol table and a relocation table associated with relocatable code by: identifying an entry in the relocation table that references a symbol in the symbol table; and storing in the unrelocation table the relocated address of the identified entry in the relocation table; generating a first executable program code based upon the symbol table, the relocation table, and the relocatable code; and storing the first executable program code and the unrelocation table on the device.

公开(公告)号：US20190354681A1

公开(公告)日：2019-11-21

申请号：US15982582

申请日：2018-05-17

Applicant: Arm IP Limited

Inventor： Niklas Lennart HAUSER ,  Brendan James MORAN ,  Milosch MERIAC

IPC: G06F21/55 ,  G06F8/65 ,  G06F1/32

Abstract: Broadly speaking, the present techniques provide methods, apparatus and systems for monitoring operation of a device. More particularly, the present techniques provide methods for monitoring operation of a device based on a device firmware update that is associated with at least one power profile.

公开(公告)号：US20190073481A1

公开(公告)日：2019-03-07

申请号：US16113241

申请日：2018-08-27

Applicant: Arm IP Limited

Inventor： Alessandro ANGELINO ,  Milosch MERIAC ,  Brendan James MORAN

IPC: G06F21/57 ,  G06F8/65

Abstract: An apparatus and methods are provided to defending device against attacks. When it is determined that a device is under attack, a determination is made as to whether a layout of objects within said at least one resource at said device is protecting said device against said attack. The determination is then transferred to a remote server together with a layout of the resource at the device. When it is determined that the layout of objects within the at least one resource at the device is not protecting the device against the attack, then the layout of the at least one resource is changed. Either the remote server or the device may determine whether to change the layout in response to the attack.

公开(公告)号：US20210089643A1

公开(公告)日：2021-03-25

申请号：US17040353

申请日：2019-07-19

Applicant: Arm IP Limited

Inventor： Brendan James MORAN

IPC: G06F21/53 ,  G06F21/56

Abstract: Methods and apparatus are described for processing transactions from untrusted sources which reduce the risk of a maliciously instructed transaction being processed at a target environment and thus preventing undesirable behaviour resulting from processing the transaction occurring at the target environment. An execution manager is provided to process transactions/portions of transactions in an emulated environment and monitor the resultant effects. Following execution of the transaction at the emulated environment, it is determined whether undesirable behaviour occurred at the emulated environment and whether the transaction may be executed in the target environment. The method enables transactions from untrusted sources to be processed with minimal risks of malicious consequences occurring at the target environment.

公开(公告)号：US20190026024A1

公开(公告)日：2019-01-24

申请号：US16070688

申请日：2016-12-23

Applicant: Arm IP Limited

Inventor： James CROSBY ,  Brendan James MORAN

IPC: G06F3/06 ,  G06F12/02 ,  G06F13/24

Abstract: A method for managing a discontinuous call stack is disclosed to more efficiently use the memory of devices without a memory management unit. The method comprising: storing a stack location indicator indicating a top of said discontinuous call stack in a data store; using said stack location indicator to identify a current memory block of said discontinuous call stack from said plurality of memory blocks, said current memory block storing said top of said discontinuous call stack and a previous location indicator indicating a location of a previous memory block of said discontinuous call stack; determining an amount of memory available in said current memory block; determining an amount of memory required for a stack frame; determining an amount of memory required for an interrupt allowance; allocating said stack frame and said interrupt allowance at least one memory block from said plurality of memory blocks in response to said determinations; storing said stack frame in said allocated memory block; and updating said stack location indicator in said data store.

公开(公告)号：US20210288944A1

公开(公告)日：2021-09-16

申请号：US16817852

申请日：2020-03-13

Applicant: Arm IP Limited

Inventor： Gustavo Federico PETRI ,  Guilhem Floréal BRYANT ,  Dominic Phillip MULLIGAN ,  Brendan James MORAN

IPC: H04L29/06 ,  H04L9/08 ,  H04L29/08

Abstract: Aspects of the present disclosure relate to an apparatus comprising first interface circuitry to communicate with a first computing device and second interface circuitry to communicate with a second computing device. The first interface circuitry is configured to receive a handshake message from the first computing device. The second interface circuitry is configured to transmit the handshake message to the second computing device and to receive a handshake response message from the second computing device. The first interface circuitry is configured to transmit the handshake response message to the first computing device, whereby to establish a communication session between the first computing device and the second computing device. Apparatus comprises trusted execution environment circuitry to determine a cryptographic session key associated with said communication session, and use said session key to decrypt content of messages transmitted between the first and second computing devices via the apparatus, and analyse said decrypted content.