公开(公告)号：US20210240830A1

公开(公告)日：2021-08-05

申请号：US17048744

申请日：2019-05-08

Applicant: Arm IP Limited

Inventor： Milosch MERIAC

IPC: G06F21/57 ,  G06F21/64 ,  H04L9/32 ,  G06F9/455

Abstract: There is provided a data processing apparatus that includes an input policy filter that receives input data and an input provenance that relates to the input data. The filter forwards some or all of the input data and the input provenance according to at least one input policy. A processing environment receives the input data forwarded by the input policy filter and processes the input data to generate output data A management environment produces an attestation of the processing environment and produces an output provenance based on the input provenance and the attestation. An output policy filter receives the output data and the output provenance and forwards the output data and the output provenance according to at least one output policy.

公开(公告)号：US20190213329A1

公开(公告)日：2019-07-11

申请号：US16303291

申请日：2017-04-06

Applicant: Arm IP Limited

Inventor： Milosch MERIAC ,  Alessandro ANGELINO

IPC: G06F21/55 ,  G06F9/46 ,  G06F9/455 ,  G06F1/24

CPC classification number: G06F21/556 ,  G06F1/24 ,  G06F9/455 ,  G06F9/461 ,  G06F2221/031

Abstract: A technology for mutually isolating accessors of a shared electronic device from leakage of context data after a context switch comprises: on making the shared electronic device available to the plurality of accessors, establishing a portion of storage as an indicator location for the shared electronic device; when a first accessor requests use of the shared electronic device, writing at least one device-reset-required indicator to the indicator location; on switching context to a new context, after context save, when a second accessor requests use of the shared electronic device, resetting context data of the shared electronic device to a known state and reconciling the first device-reset-required indicator and a second device-reset-required indicator for the new context.

公开(公告)号：US20190213038A1

公开(公告)日：2019-07-11

申请号：US16303305

申请日：2017-05-26

Applicant: Arm IP Limited

Inventor： Milosch MERIAC ,  Alessandro ANGELINO

IPC: G06F9/48 ,  G06F21/62

CPC classification number: G06F9/4837 ,  G06F9/4812 ,  G06F9/4887 ,  G06F21/6209

Abstract: A machine implemented method for prioritizing system interrupts in a processing system is provided. The method comprising: determining, at a supervisor module, for each interrupt, a relative interrupt priority in accordance with at least one interrupt parameter for said interrupt; prioritising, at said supervisor module, each said interrupt with respect to other interrupts of said system in compliance with said determined relative interrupt priority; and in response to a change to said at least one interrupt parameter during operation of said system, adjusting said determined relative interrupt priority, and re-prioritising each said interrupt with respect to said other interrupts of said system in compliance with said adjusted relative interrupt priority.

公开(公告)号：US20200285457A1

公开(公告)日：2020-09-10

申请号：US16644720

申请日：2018-10-17

Applicant: ARM IP LIMITED

Inventor： Milosch MERIAC ,  Brendan James MORAN ,  Robert George TAYLOR ,  Amyas Edward Wykes PHILLIPS ,  Daniel ROS ,  John-Paul STANFORD

IPC: G06F8/65 ,  H04L29/08

Abstract: A method for managing an asset update service for one or more service requesters on a plurality of remote devices, the method comprising: receiving, at a management server, update data indicating an asset to be updated at one or more remote devices; receiving, at the management server, campaign data associated with the update data and indicating a subset of the remote devices to which an update is to be applied; and receiving, at the management server, a request to initiate the firmware update by transmitting to the subset of the remote devices an update communication indicating that the asset is to be retrieved for updating the asset of the remote device.

公开(公告)号：US20190354153A1

公开(公告)日：2019-11-21

申请号：US15982560

申请日：2018-05-17

Applicant: Arm IP Limited

Inventor： Niklas Lennart HAUSER ,  Brendan James MORAN ,  Milosch MERIAC

IPC: G06F1/28 ,  G06F1/32 ,  G01R31/36 ,  G06F8/65

Abstract: Broadly speaking, the present techniques provide methods, apparatus and systems for monitoring operation of a device. More particularly, the present techniques provide methods for monitoring operation of a device by observing state transitions which occur during the running of a device process following a firmware update, and either comparing the observed state transitions to a state transition map generated within the device or comparing the observed state transitions to a state transition model in, or associated with, the firmware update.

公开(公告)号：US20170257372A1

公开(公告)日：2017-09-07

申请号：US15433297

申请日：2017-02-15

Applicant: ARM IP Limited

Inventor： Milosch MERIAC

IPC: H04L29/06 ,  G06F9/44 ,  H04L29/08

CPC classification number: H04L63/101 ,  G06F9/4411 ,  G06F9/4418 ,  H04L63/0823 ,  H04L63/108 ,  H04L67/12 ,  H04L67/34 ,  H04W12/00502 ,  H04W12/0802 ,  H04W84/18

Abstract: Broadly speaking, embodiments of the present techniques provide methods and apparatus to implement a time-limited configuration settings hierarchy. The time-limited configuration settings hierarchy introduces a temporary override setting that allows a fail-back to a prior setting after the expiry of a time period. This allows temporary users of IoT devices to have much higher levels of privilege over configuration settings, as an automatic revocation of the permission and reversion to the previous settings is guaranteed on the expiry of the specified time period.

公开(公告)号：US20170187536A1

公开(公告)日：2017-06-29

申请号：US15315659

申请日：2015-05-29

Applicant: ARM IP LIMITED

Inventor： Milosch MERIAC ,  Geraint LUFF

IPC: H04L9/32 ,  H04L9/14 ,  H04L29/08 ,  G06F12/0813 ,  G06F21/62 ,  H04L29/06 ,  H04L9/30

CPC classification number: H04L9/3247 ,  G06F12/0813 ,  G06F16/252 ,  G06F16/9566 ,  G06F19/00 ,  G06F21/6209 ,  G06F21/6245 ,  G06F2212/154 ,  G06F2212/60 ,  G06F2212/62 ,  G06F2221/2107 ,  G06F2221/2119 ,  G16H10/65 ,  G16H80/00 ,  H04L9/14 ,  H04L9/30 ,  H04L9/3263 ,  H04L63/0428 ,  H04L63/067 ,  H04L63/08 ,  H04L63/101 ,  H04L63/166 ,  H04L63/168 ,  H04L67/02 ,  H04L67/2842

Abstract: A method of accessing data sent between a remote resource and a data processing device, the method comprising: caching data uploaded from the remote resource or caching data sent to the remote resource at one or more intermediate network nodes between the data processing device and the remote resource; and accessing the cached data stored at the one or more intermediate network nodes.

公开(公告)号：US20180225458A1

公开(公告)日：2018-08-09

申请号：US15749169

申请日：2016-07-07

Applicant: ARM IP LIMITED

Inventor： Jonathan AUSTIN ,  Milosch MERIAC ,  Thomas GROCUTT ,  Geraint LUFF

IPC: G06F21/57 ,  G06F21/64 ,  G06F21/74 ,  G06F9/445 ,  G06F21/32

Abstract: A machine-implemented method is provided for securing a storage-equipped device against introduction of malicious configuration data into configuration data storage, the method comprising steps of receiving by the device, a trusted signal for modification of the configuration of the device; responsive to the receiving, placing the device into a restricted mode of operation and at least one of deactivating a service and rebooting the device, responsive to the placing the device into the restricted mode of operation and the deactivating or rebooting, permitting configuration data entry into a restricted portion of the configuration data storage. A corresponding device and computer program product are also described.

公开(公告)号：US20180218150A1

公开(公告)日：2018-08-02

申请号：US15578387

申请日：2016-05-31

Applicant: Arm IP Limited

Inventor： Alessandro ANGELINO ,  Milosch MERIAC

IPC: G06F21/54 ,  G06F21/74 ,  G06F21/78

CPC classification number: G06F21/54 ,  G06F8/63 ,  G06F8/654 ,  G06F21/50 ,  G06F21/51 ,  G06F21/52 ,  G06F21/572 ,  G06F21/70 ,  G06F21/71 ,  G06F21/74 ,  G06F21/78 ,  G06F21/79 ,  G06F2009/45583

Abstract: A data processing apparatus having a first secure area and a second secure area coupled by a monitor is provided. The monitor applies security credentials to processing circuitry transitioning from the first secure area to the second secure area to enable the processing circuitry to perform functions in the second secure area. A call gateway comprising a transition instruction and access parameters stored in a trusted storage device is used by the monitor to determine when to applying the security credentials to the processing circuitry. The access parameters comprising a target function or a memory location.

公开(公告)号：US20180026799A1

公开(公告)日：2018-01-25

申请号：US15549505

申请日：2016-01-25

Applicant: ARM IP Limited ,  ARM LIMITED

Inventor： Remy POTTIER ,  Amyas Edward Wykes PHILLIPS ,  Milosch MERIAC

IPC: H04L9/32 ,  H04L9/14 ,  H04L9/30

CPC classification number: H04L9/3263 ,  H04L9/14 ,  H04L9/30 ,  H04L9/3226 ,  H04L9/3247 ,  H04L9/3265 ,  H04L9/3271 ,  H04L63/0823

Abstract: There is disclosed a method of establishing trust between an agent device and a verification apparatus, the method comprising: obtaining, at the agent device, a trust credential, wherein the trust credential relates to an aspect of the agent device and comprises authentication information for identifying at least one party trusted by the verification apparatus and/or device data relating to the agent device; transmitting, from the agent device to the verification apparatus, the trust credential; obtaining, at the verification apparatus, the trust credential; analysing, at the verification apparatus, the trust credential; determining, at the verification apparatus, whether the agent device is trusted based on the analysis; and responsive to determining the agent device is trusted, establishing trust between the agent device and the verification apparatus.