公开(公告)号：US11977613B2

公开(公告)日：2024-05-07

申请号：US17720035

申请日：2022-04-13

申请人： Dover Microsystems, Inc. ,  The Charles Stark Draper Laboratory, Inc.

发明人： Eli Boling ,  Steven Milburn ,  Gregory T. Sullivan ,  Andrew Sutherland ,  Christopher J. Casinghino

IPC分类号： G06F21/12 ,  G06F8/41 ,  G06F8/52 ,  G06F8/54 ,  G06F9/445 ,  G06F21/51 ,  G06F21/52 ,  G06F21/54 ,  H04L9/32

CPC分类号： G06F21/125 ,  G06F8/41 ,  G06F8/447 ,  G06F8/52 ,  G06F8/54 ,  G06F9/44505 ,  G06F21/121 ,  G06F21/51 ,  G06F21/52 ,  G06F21/54 ,  H04L9/3247

摘要： A system including at least one processor programmed to translate a policy into policy code, wherein: the policy is provided in a policy language; the policy code is in a programming language that is different from the policy language; and the policy includes a statement that maps an entity name to one or more metadata symbols to be associated with an entity in a target system against which the policy is to be enforced.

公开(公告)号：US20210042100A1

公开(公告)日：2021-02-11

申请号：US16966866

申请日：2019-02-01

申请人： Dover Microsystems, Inc. ,  The Charles Stark Draper Laboratory, Inc.

发明人： Eli Boling ,  Steven Milburn ,  Gregory T. Sullivan ,  Andrew Sutherland ,  Christopher J. Casinghino

IPC分类号： G06F8/41 ,  G06F21/12 ,  G06F21/51 ,  G06F21/52 ,  G06F8/54 ,  G06F9/445

摘要： A system including at least one processor programmed to translate a policy into policy code, wherein: the policy is provided in a policy language; the policy code is in a programming language that is different from the policy language; and the policy includes a statement that maps an entity name to one or more metadata symbols to be associated with an entity in a target system against which the policy is to be enforced.

公开(公告)号：US20220309134A1

公开(公告)日：2022-09-29

申请号：US17720035

申请日：2022-04-13

申请人： Dover Microsystems, Inc. ,  The Charles Stark Draper Laboratory, Inc.

发明人： Eli Boling ,  Steven Milburn ,  Gregory T. Sullivan ,  Andrew Sutherland ,  Christopher J. Casinghino

IPC分类号： G06F21/12 ,  G06F8/52 ,  G06F21/54 ,  H04L9/32 ,  G06F8/41 ,  G06F8/54 ,  G06F9/445 ,  G06F21/51 ,  G06F21/52

摘要： A system including at least one processor programmed to translate a policy into policy code, wherein: the policy is provided in a policy language; the policy code is in a programming language that is different from the policy language; and the policy includes a statement that maps an entity name to one or more metadata symbols to be associated with an entity in a target system against which the policy is to be enforced

公开(公告)号：US20230367603A1

公开(公告)日：2023-11-16

申请号：US18356409

申请日：2023-07-21

申请人： The Charles Stark Draper Laboratory, Inc.

发明人： Steve E. Milburn ,  Eli Boling ,  Andre DeHon ,  Andrew B. Sutherland ,  Gregory T. Sullivan

IPC分类号： G06F9/38 ,  G06F21/52 ,  G06F12/14 ,  G06F21/62 ,  G06F21/71 ,  G06F9/30 ,  G06F12/1009 ,  G06F21/57

CPC分类号： G06F9/3863 ,  G06F21/52 ,  G06F12/1466 ,  G06F21/6218 ,  G06F21/71 ,  G06F9/30145 ,  G06F12/1009 ,  G06F21/575 ,  G06F11/30

摘要： A system and method of processing instructions may comprise an application processing domain (APD) and a metadata processing domain (MTD). The APD may comprise an application processor executing instructions and providing related information to the MTD. The MTD may comprise a tag processing unit (TPU) having a cache of policy-based rules enforced by the MTD. The TPU may determine, based on policies being enforced and metadata tags and operands associated with the instructions, that the instructions are allowed to execute (i.e., are valid). The TPU may write, if the instructions are valid, the metadata tags to a queue. The queue may (i) receive operation output information from the application processing domain, (ii) receive, from the TPU, the metadata tags, (iii) output, responsive to receiving the metadata tags, resulting information indicative of the operation output information and the metadata tags; and (iv) permit the resulting information to be written to memory.

公开(公告)号：US20210406028A1

公开(公告)日：2021-12-30

申请号：US17474830

申请日：2021-09-14

申请人： The Charles Stark Draper Laboratory, Inc.

发明人： Steve E. Milburn ,  Eli Boling ,  Andre' DeHon ,  Andrew B. Sutherland ,  Gregory T. Sullivan

IPC分类号： G06F9/38 ,  G06F21/52 ,  G06F12/14 ,  G06F21/62 ,  G06F21/71 ,  G06F9/30 ,  G06F12/1009 ,  G06F21/57

摘要： A system and method of processing instructions may comprise an application processing domain (APD) and a metadata processing domain (MTD). The APD may comprise an application processor executing instructions and providing related information to the MTD. The MTD may comprise a tag processing unit (TPU) having a cache of policy-based rules enforced by the MTD. The TPU may determine, based on policies being enforced and metadata tags and operands associated with the instructions, that the instructions are allowed to execute (i.e., are valid). The TPU may write, if the instructions are valid, the metadata tags to a queue. The queue may (i) receive operation output information from the application processing domain, (ii) receive, from the TPU, the metadata tags, (iii) output, responsive to receiving the metadata tags, resulting information indicative of the operation output information and the metadata tags; and (iv) permit the resulting information to be written to memory.

公开(公告)号：US11709680B2

公开(公告)日：2023-07-25

申请号：US17474830

申请日：2021-09-14

申请人： The Charles Stark Draper Laboratory, Inc.

发明人： Steve E. Milburn ,  Eli Boling ,  Andre' DeHon ,  Andrew B. Sutherland ,  Gregory T. Sullivan

IPC分类号： G06F9/38 ,  G06F21/52 ,  G06F12/14 ,  G06F21/62 ,  G06F21/71 ,  G06F9/30 ,  G06F12/1009 ,  G06F21/57 ,  G06F11/30 ,  G06F12/0875

CPC分类号： G06F9/3863 ,  G06F9/30145 ,  G06F12/1009 ,  G06F12/1466 ,  G06F21/52 ,  G06F21/575 ,  G06F21/6218 ,  G06F21/71 ,  G06F11/30 ,  G06F12/0875 ,  G06F2212/1052 ,  G06F2212/206 ,  G06F2212/452 ,  Y02D10/00

摘要： A system and method of processing instructions may comprise an application processing domain (APD) and a metadata processing domain (MTD). The APD may comprise an application processor executing instructions and providing related information to the MTD. The MTD may comprise a tag processing unit (TPU) having a cache of policy-based rules enforced by the MTD. The TPU may determine, based on policies being enforced and metadata tags and operands associated with the instructions, that the instructions are allowed to execute (i.e., are valid). The TPU may write, if the instructions are valid, the metadata tags to a queue. The queue may (i) receive operation output information from the application processing domain, (ii) receive, from the TPU, the metadata tags, (iii) output, responsive to receiving the metadata tags, resulting information indicative of the operation output information and the metadata tags; and (iv) permit the resulting information to be written to memory.

公开(公告)号：US11150910B2

公开(公告)日：2021-10-19

申请号：US16264773

申请日：2019-02-01

申请人： The Charles Stark Draper Laboratory, Inc.

发明人： Steve E. Milburn ,  Eli Boling ,  Andre′ DeHon ,  Andrew B. Sutherland ,  Gregory T. Sullivan

IPC分类号： G06F9/38 ,  G06F21/57 ,  G06F8/30 ,  G06F12/1009 ,  G06F21/52 ,  G06F12/14 ,  G06F21/62 ,  G06F21/71 ,  G06F9/30 ,  G06F11/30 ,  G06F12/0875

摘要： A system and method of processing instructions may comprise an application processing domain (APD) and a metadata processing domain (MTD). The APD may comprise an application processor executing instructions and providing related information to the MTD. The MTD may comprise a tag processing unit (TPU) having a cache of policy-based rules enforced by the MTD. The TPU may determine, based on policies being enforced and metadata tags and operands associated with the instructions, that the instructions are allowed to execute (i.e., are valid). The TPU may write, if the instructions are valid, the metadata tags to a queue. The queue may (i) receive operation output information from the application processing domain, (ii) receive, from the TPU, the metadata tags, (iii) output, responsive to receiving the metadata tags, resulting information indicative of the operation output information and the metadata tags; and (iv) permit the resulting information to be written to memory.

公开(公告)号：US20190243655A1

公开(公告)日：2019-08-08

申请号：US16264773

申请日：2019-02-01

申请人： The Charles Stark Draper Laboratory, Inc.

发明人： Steve E. Milburn ,  Eli Boling ,  Andre' DeHon ,  Andrew B. Sutherland ,  Gregory T. Sullivan

IPC分类号： G06F9/38 ,  G06F21/57 ,  G06F9/30 ,  G06F12/1009

CPC分类号： G06F9/3863 ,  G06F9/30145 ,  G06F11/30 ,  G06F12/0875 ,  G06F12/1009 ,  G06F12/14 ,  G06F21/52 ,  G06F21/575 ,  G06F21/6218 ,  G06F21/71 ,  G06F2212/1052 ,  G06F2212/452

摘要： A system and method of processing instructions may comprise an application processing domain (APD) and a metadata processing domain (MTD). The APD may comprise an application processor executing instructions and providing related information to the MTD. The MTD may comprise a tag processing unit (TPU) having a cache of policy-based rules enforced by the MTD. The TPU may determine, based on policies being enforced and metadata tags and operands associated with the instructions, that the instructions are allowed to execute (i.e., are valid). The TPU may write, if the instructions are valid, the metadata tags to a queue. The queue may (i) receive operation output information from the application processing domain, (ii) receive, from the TPU, the metadata tags, (iii) output, responsive to receiving the metadata tags, resulting information indicative of the operation output information and the metadata tags; and (iv) permit the resulting information to be written to memory.

公开(公告)号：US20240272994A1

公开(公告)日：2024-08-15

申请号：US18472857

申请日：2023-09-22

申请人： Dover Microsystems, Inc.

发明人： Andrew Sutherland ,  Jonathan B. Rosenberg ,  Gregory T. Sullivan

IPC分类号： G06F11/14 ,  G06F9/38 ,  G06F9/448 ,  G06F21/51 ,  G06F21/52

CPC分类号： G06F11/1479 ,  G06F9/3885 ,  G06F9/4498 ,  G06F21/51 ,  G06F21/52

摘要： In some embodiments, a system is provided, comprising enforcement hardware configured to execute, at run time, a state machine in parallel with application code. Executing the state machine may include: maintaining metadata that corresponds to one or more state variables of the state machine; matching instructions in the application code to transitions in the state machine; and, in response to determining that an instruction in the application code does not match any transition from a current state of the state machine, causing an error handling routine to be executed. In some embodiments, a description of a state machine may be translated into at least one policy to be enforced at run time based on metadata labels associated with application code and/or data manipulated by the application code.

公开(公告)号：US11797398B2

公开(公告)日：2023-10-24

申请号：US17051741

申请日：2019-04-30

申请人： Dover Microsystems, Inc.

发明人： Andrew Sutherland ,  Jonathan B. Rosenberg ,  Gregory T. Sullivan

IPC分类号： G06F11/14 ,  G06F9/448 ,  G06F9/38 ,  G06F21/51 ,  G06F21/52

CPC分类号： G06F11/1479 ,  G06F9/3885 ,  G06F9/4498 ,  G06F21/51 ,  G06F21/52

摘要： In some embodiments, a system is provided, comprising enforcement hardware configured to execute, at run time, a state machine in parallel with application code. Executing the state machine may include maintaining metadata that corresponds to one or more state variables of the state machine; matching instructions in the application code to transitions in the state machine; and, in response to determining that an instruction in the application code does not match any transition from a current state of the state machine, causing an error handling routine to be executed. In some embodiments, a description of a state machine may be translated into at least one policy to be enforced at run time based on metadata labels associated with application code and/or data manipulated by the application code.