公开(公告)号：US20200169422A1

公开(公告)日：2020-05-28

申请号：US16618544

申请日：2018-06-01

Applicant: BAE Systems Information and Electronic Systems Integration Inc.

Inventor： Jonathan P. Ingraham ,  Rudra Chakravorty ,  Tate J. Keegan

IPC: H04L9/32 ,  G06F21/60 ,  H04L9/08

Abstract: A system for securely customizing a computing environment based on cryptographic protections includes providing a key device; bringing the key device proximate to a computing environment (510); beginning an authentication protocol when the user approaches the environment with the device; validating user to the key device (520); comparing certificates (525); unlocking/regenerating a device split key (530); if authentication of certificates is not valid, log & return (540); if it is valid, a full key is generated on the computing environment in volatile memory, and the full key unlocks personal settings on the computing environment (545). Using the computing environment with the personal settings (550); disconnecting (555); and logging activity (560). The device can be a smart phone. Bringing the key proximate to a computing environment (510) can initiate Bluetooth or other near field communications. Initial steps can include enrolling the key (505). The environment can be a vehicle.

公开(公告)号：US20240202375A1

公开(公告)日：2024-06-20

申请号：US17907020

申请日：2022-03-24

Applicant: BAE SYSTEMS Information and Electronic Systems Integration Inc.

Inventor： David D. Moser ,  Daniel L. Stanley ,  Joshua C. Schabel ,  Tate J. Keegan ,  Sheldon L. Grass

IPC: G06F21/76 ,  G06F30/347

CPC classification number: G06F21/76 ,  G06F30/347

Abstract: A secure system includes a data port, a network on chip (NoC) module, a processor communicatively coupled to the NoC module, a communication interface operatively coupled to the processor and to the data port, an electronic field-programmable gate array (eFPGA) configuration module operatively coupled to the NoC module, and a clock operatively coupled to the NoC module. In a first modality, the communication interface is at least partially disabled. In a second modality, the communication interface is at least partially disabled, boundary scan operations are disabled, a RESET signal is held in a constant state, and/or redacted code is rendered inoperable. In a third modality, the communication interface is at least partially enabled to send and receive commands and data via the data port, the boundary scan operations are enabled, the RESET signal is not held in the constant state, and/or the redacted code is operable.

公开(公告)号：US12253964B2

公开(公告)日：2025-03-18

申请号：US17841724

申请日：2022-06-16

Applicant: BAE Systems Information and Electronic Systems Integration Inc.

Inventor： David D. Moser ,  Daniel L. Stanley ,  Tate J. Keegan ,  Sheldon L. Grass ,  Joshua C. Schabel ,  Christopher N. Peters

IPC: G06F13/40 ,  G06F21/62

Abstract: A system that includes a plurality of encapsulation blocks having a plurality of digital signal processing (DSP) blocks provided with preconfigured logic functions and a plurality of pacing control networks operatively connected with the plurality of DSP blocks. The system also includes a streaming cross bar operatively connected with each encapsulation block of the plurality of encapsulation blocks. Each encapsulation block of the plurality of encapsulation blocks includes a DSP block of the plurality of DSP blocks and a pacing control network of the plurality of the pacing control networks. Each DSP block of the plurality of DSP blocks is independently and separately connected with the streaming cross bar via the plurality of pacing control networks.

公开(公告)号：US20230366931A1

公开(公告)日：2023-11-16

申请号：US17742034

申请日：2022-05-11

Applicant: BAE Systems Information and Electronic Systems Integration Inc.

Inventor： Daniel L. Stanley ,  David D. Moser ,  Joshua C. Schabel ,  Michael J. Bear ,  Sheldon L. Grass ,  Tate J. Keegan

IPC: G01R31/3185

CPC classification number: G01R31/318597

Abstract: A port protection network provided with a joint test action group (JTAG) core and method of use. The port protection network includes an agent device operatively connected with a streaming bus and a test access port (TAP) of the JTAG core. The port protection network also includes a master device operatively connected with the streaming bus and the TAP of the JTAG core. In the port protection network, the agent device is configured to selectively restrict access to the master device through the JTAG core.

公开(公告)号：US20230244824A1

公开(公告)日：2023-08-03

申请号：US17591699

申请日：2022-02-03

Applicant: BAE Systems Information and Electronic Systems Integration Inc.

Inventor： David D. Moser ,  Daniel L. Stanley ,  Tate J. Keegan ,  Joshua C. Schabel ,  Sheldon L. Grass

IPC: G06F21/85 ,  G06F12/14

CPC classification number: G06F21/85 ,  G06F12/1458 ,  G06F2212/1052

Abstract: An on-chip firewall circuit for providing secure on-chip communication is disclosed. The firewall circuit includes a configurable table of port IDs along with a configurable setting for each port ID to either provide the corresponding port ID with open access to the components of a secure enclave (SE) module or restricted access. If access is restricted, then the command is rerouted to a portion of the secure memory within the SE module, where it can be read only via a secure processing device within the SE module. The secure processing device may require additional verification of the port ID before executing the command stored within the secure memory. In this way, unsecure devices from outside of the SE module can be configured to have no direct access to any of the components within the SE module.

公开(公告)号：US20210136572A1

公开(公告)日：2021-05-06

申请号：US16635783

申请日：2018-07-30

Applicant: BAE Systems Information and Electronic Systems Integration Inc.

Inventor： Jonathan P. Ingraham ,  Rudra Chakravorty ,  Tate J. Keegan

IPC: H04W12/03 ,  H04W12/069 ,  H04W12/63 ,  H04W12/65 ,  H04W4/40 ,  H04W12/04

Abstract: A system and method for gathering and communicating at least one related data that is cryptographically verifiable and authenticated to use in at least one reconstruction is described. One example includes V2X device encryption provisioning; operating vehicle V2X communications; and storing all V2X data in memory. If at least one occurs: send a final request for data logs from any other V2X in the vicinity. Ensure logs are sent using signed & encrypted protocol. Record black box data; combine stored V2X data with black box data & storing to a file. Apply cryptographic protections to the file; up/down load the file from each vehicle. Recreate the at least one in 3D w/simulation software. In embodiments, reconstruction comprises fault determination.

公开(公告)号：US11288403B2

公开(公告)日：2022-03-29

申请号：US16609973

申请日：2018-05-08

Applicant: BAE Systems Information and Electronic Systems Integration Inc.

Inventor： Jonathan P. Ingraham ,  Rudra Chakravorty ,  Tate J. Keegan

IPC: G06F21/73 ,  G06F21/44 ,  H04L9/08 ,  H04L9/32

Abstract: A system and method for cryptographic verification of entity/vehicle authenticity, comprising generating a Vehicle Identification Number (VIN)—Key for an individual platform/vehicle; applying the VIN—Key to components of the platform/vehicle; receiving input for the platform/vehicle; validating the authenticity of the input and/or the platform/vehicle; performing the operation of the input if it was validated; terminating the operation if it was not validated; logging the operation; and decommissioning the platform/vehicle at the end of life.

公开(公告)号：US11251978B2

公开(公告)日：2022-02-15

申请号：US16618544

申请日：2018-06-01

Applicant: BAE Systems Information and Electronic Systems Integration Inc.

Inventor： Jonathan P. Ingraham ,  Rudra Chakravorty ,  Tate J. Keegan

IPC: G06F21/00 ,  H04L9/32 ,  G06F21/60 ,  H04L9/08

Abstract: A system for securely customizing a computing environment based on cryptographic protections includes providing a key device; bringing the key device proximate to a computing environment (510); beginning an authentication protocol when the user approaches the environment with the device; validating user to the key device (520); comparing certificates (525); unlocking/regenerating a device split key (530); if authentication of certificates is not valid, log & return (540); if it is valid, a full key is generated on the computing environment in volatile memory, and the full key unlocks personal settings on the computing environment (545). Using the computing environment with the personal settings (550); disconnecting (555); and logging activity (560). The device can be a smart phone. Bringing the key proximate to a computing environment (510) can initiate Bluetooth or other near field communications. Initial steps can include enrolling the key (505). The environment can be a vehicle.

公开(公告)号：US20200057872A1

公开(公告)日：2020-02-20

申请号：US16609973

申请日：2018-05-08

Applicant: BAE Systems Information and Electronic Systems Integration Inc.

Inventor： Jonathan P. Ingraham ,  Rudra Chakravorty ,  Tate J. Keegan

IPC: G06F21/73 ,  G06F21/44 ,  H04L9/32 ,  H04L9/08

Abstract: A system and method for cryptographic verification of entity/vehicle authenticity, comprising generating a Vehicle Identification Number (VIN)—Key for an individual platform/vehicle; applying the VIN—Key to components of the platform/vehicle; receiving input for the platform/vehicle; validating the authenticity of the input and/or the platform/vehicle; performing the operation of the input if it was validated; terminating the operation if it was not validated; logging the operation; and decommissioning the platform/vehicle at the end of life.