公开(公告)号：US20190303567A1

公开(公告)日：2019-10-03

申请号：US16368589

申请日：2019-03-28

Applicant: Nvidia Corporation

Inventor： Gorkem Batmaz ,  Nicola DiMiscio ,  Mark Overby ,  Ildiko Pete

IPC: G06F21/55 ,  G06F11/30 ,  G06F11/34 ,  G06N3/08 ,  G06N7/00

Abstract: The disclosure provides systems and processes for applying neural networks to detect intrusions and other anomalies in communications exchanged over a data bus between two or more devices in a network. The intrusions may be detected in data being communicated to an embedded system deployed in vehicular or robotic platforms. The disclosed system and process are well suited for incorporation into autonomous control or advanced driver assistance system (ADAS) vehicles including, without limitation, automobiles, motorcycles, boats, planes, and manned and un-manned robotic devices. Data communicated to an embedded system can be detected over any of a variety of data buses. In particular, embodiments disclosed herein are well suited for use in any data communication interface exhibiting the characteristics of a lack of authentication or following a broadcast routing scheme—including, without limitation, a control area network (CAN) bus.

公开(公告)号：US12219057B2

公开(公告)日：2025-02-04

申请号：US17485110

申请日：2021-09-24

Applicant: NVIDIA Corporation

Inventor： Philip John Rogers ,  Mark Overby ,  Michael Asbury Woodmansee ,  Vyas Venkataraman ,  Naveen Cherukuri ,  Gobikrishna Dhanuskodi ,  Dwayne Frank Swoboda ,  Lucien Burton Dunning ,  Mark Hairgrove ,  Sudeshna Guha

IPC: H04L29/00 ,  G06F9/455 ,  H04L9/08 ,  H04L9/30

Abstract: Apparatuses, systems, and techniques to generate a trusted execution environment including multiple accelerators. In at least one embodiment, a parallel processing unit (PPU), such as a graphics processing unit (GPU), operates in a secure execution mode including a protect memory region. Furthermore, in an embodiment, a cryptographic key is utilized to protect data during transmission between the accelerators.

公开(公告)号：US20230094125A1

公开(公告)日：2023-03-30

申请号：US17485110

申请日：2021-09-24

Applicant: NVIDIA Corporation

Inventor： Philip John Rogers ,  Mark Overby ,  Michael Asbury Woodmansee ,  Vyas Venkataraman ,  Naveen Cherukuri ,  Gobikrishna Dhanuskodi ,  Dwayne Frank Swoboda ,  Lucien Burton Dunning ,  Mark Hairgrove ,  Sudeshna Guha

IPC: H04L9/08 ,  G06F9/455 ,  H04L9/30

Abstract: Apparatuses, systems, and techniques to generate a trusted execution environment including multiple accelerators. In at least one embodiment, a parallel processing unit (PPU), such as a graphics processing unit (GPU), operates in a secure execution mode including a protect memory region. Furthermore, in an embodiment, a cryptographic key is utilized to protect data during transmission between the accelerators.

公开(公告)号：US11055253B2

公开(公告)日：2021-07-06

申请号：US16652642

申请日：2018-10-17

Applicant: Nvidia Corporation

Inventor： Luc Bisson ,  Rambod Jacoby ,  Mark Overby

IPC: G06F13/42

Abstract: This disclosure provides a method that allows connector pins of a USB-C connector to be dynamically repurposed between low bandwidth USB2 traffic and high bandwidth USB3 traffic. USB-C devices can negotiate the use of these pins for a dynamic transition to another function or functions. The pins can be the four center connector pins of a USB-C connection, pins A6, A7, B6, B7, that are originally designated as USB 2.0 differential pairs Changing the function of the pins provides flexibility for communicating using USB-C connectors. For example, the disclosed method/device/system can be used to support high-resolution cameras and sensors in high-resolution virtual reality headsets via a single USB-C connection instead of a user having to connect multiple cables.

公开(公告)号：US20200242070A1

公开(公告)日：2020-07-30

申请号：US16652642

申请日：2018-10-17

Applicant: Nvidia Corporation

Inventor： Luc Bisson ,  Rambod Jacoby ,  Mark Overby

IPC: G06F13/42

Abstract: This disclosure provides a method that allows connector pins of a USB-C connector to be dynamically repurposed between low bandwidth USB2 traffic and high bandwidth USB3 traffic. USB-C devices can negotiate the use of these pins for a dynamic transition to another function or functions. The pins can be the four center connector pins of a USB-C connection, pins A6, A7, B6, B7, that are originally designated as USB 2.0 differential pairs Changing the function of the pins provides flexibility for communicating using USB-C connectors. For example, the disclosed method/device/system can be used to support high-resolution cameras and sensors in high-resolution virtual reality headsets via a single USB-C connection instead of a user having to connect multiple cables.

公开(公告)号：US20250158813A1

公开(公告)日：2025-05-15

申请号：US19002440

申请日：2024-12-26

Applicant: NVIDIA Corporation

Inventor： Philip John Rogers ,  Mark Overby ,  Michael Asbury Woodmansee ,  Vyas Venkataraman ,  Naveen Cherukuri ,  Gobikrishna Dhanuskodi ,  Dwayne Frank Swoboda ,  Lucien Burton Dunning ,  Mark Hairgrove ,  Sudeshna Guha

IPC: H04L9/08 ,  G06F9/455 ,  H04L9/30

Abstract: Apparatuses, systems, and techniques to generate a trusted execution environment including multiple accelerators. In at least one embodiment, a parallel processing unit (PPU), such as a graphics processing unit (GPU), operates in a secure execution mode including a protect memory region. Furthermore, in an embodiment, a cryptographic key is utilized to protect data during transmission between the accelerators.

公开(公告)号：US20240406196A1

公开(公告)日：2024-12-05

申请号：US18800623

申请日：2024-08-12

Applicant: NVIDIA Corporation

Inventor： Mark Overby ,  Rick Dingle ,  Nicola Di Miscio ,  Varadharajan Kannan ,  Yong Zhang ,  Francesco Saracino

IPC: H04L9/40 ,  G06F9/455 ,  G06F13/40 ,  G06F21/60 ,  G06N20/00 ,  H04L9/00 ,  H04L9/32 ,  H04L12/40 ,  H04L47/24 ,  H04L61/2585 ,  H04L67/12

Abstract: Various approaches are disclosed for protecting vehicle buses from cyber-attacks. Disclosed approaches provide for an embedded system having a hypervisor that provides a virtualized environment supporting any number of guest OSes. The virtualized environment may include a security engine on an internal communication channel between the guest OS and an external vehicle bus of a vehicle to analyze network traffic to protect the guest OS from other guest OSes or other network components, and to protect those network components from the guest OS. Each guest OS may have its own security engine customized for the guest OS to account for what is typical or expected traffic for the guest OS (e.g., using machine learning, anomaly detection, etc.). Also disclosed are approaches for corrupting a message being transmitted on a vehicle bus to prevent devices from acting on the message

公开(公告)号：US20230297406A1

公开(公告)日：2023-09-21

申请号：US18123222

申请日：2023-03-17

Applicant: NVIDIA Corporation

Inventor： Philip Rogers ,  Mark Overby ,  Vyas Venkataraman ,  Naveen Cherukuri ,  James Leroy Deming ,  Gobikrishna Dhanuskodi ,  Dwayne Swoboda ,  Lucien Dunning ,  Aruna Manjunatha ,  Aaron Jiricek ,  Mark Hairgrove ,  Mike Woodmansee

IPC: G06F9/455

CPC classification number: G06F9/45558 ,  G06F2009/4557 ,  G06F2009/45587

Abstract: In examples, trusted execution environments (TEE) are provided for an instance of a parallel processing unit (PPU) as PPU TEEs. Different instances of a PPU correspond to different PPU TEEs, and provide accelerated confidential computing to a corresponding TEE. The processors of each PPU instance have separate and isolated paths through the memory system of the PPU which are assigned uniquely to an individual PPU instance. Data in device memory of the PPU may be isolated and access controlled amongst the PPU instances using one or more hardware firewalls. A GPU hypervisor assigns hardware resources to runtimes and performs access control and context switching for the runtimes. A PPU instance uses a cryptographic key to protect data for secure communication. Compute engines of the PPU instance are prevented from writing outside of a protected memory region. Access to a write protected region in PPU memory is blocked from other computing devices and/or device instances.

公开(公告)号：US11652827B2

公开(公告)日：2023-05-16

申请号：US16435364

申请日：2019-06-07

Applicant: NVIDIA Corporation

Inventor： Mark Overby ,  Rick Dingle ,  Nicola Di Miscio ,  Varadharajan Kannan ,  Yong Zhang ,  Francesco Saracino

IPC: H04L29/06 ,  H04L9/40 ,  G06F9/455 ,  H04L9/32 ,  G06N20/00 ,  G06F13/40 ,  H04L12/40 ,  H04L47/24 ,  H04L61/2585 ,  G06F21/60 ,  H04L67/12 ,  H04L9/00

CPC classification number: H04L63/1416 ,  G06F9/45558 ,  G06F13/4068 ,  G06N20/00 ,  H04L9/3265 ,  H04L12/40 ,  H04L12/40013 ,  H04L47/24 ,  H04L61/2585 ,  H04L63/1425 ,  H04L63/1441 ,  G06F21/602 ,  G06F2009/45587 ,  G06F2009/45595 ,  H04L9/50 ,  H04L63/1458 ,  H04L63/166 ,  H04L67/12 ,  H04L2012/40215 ,  H04L2012/40273

Abstract: Various approaches are disclosed to virtualizing intrusion detection and prevention. Disclosed approaches provide for an embedded system having a hypervisor that provides a virtualized environment supporting any number of guest OSes. The virtualized environment may include a security engine on an internal communication channel between the guest OS and a virtualized hardware interface (e.g., an Ethernet or CAN interface) to analyze network traffic to protect the guest OS from other guest OSes or other network components, and to protect those network components from the guest OS. The security engine may be on a different partition than the guest OS and the virtualized hardware interface providing the components with isolated execution environments that protect against malicious code execution. Each guest OS may have its own security engine customized for the guest OS to account for what is typical or expected traffic for the guest OS.

公开(公告)号：US12101338B2

公开(公告)日：2024-09-24

申请号：US16435337

申请日：2019-06-07

Applicant: NVIDIA Corporation

Inventor： Mark Overby ,  Rick Dingle ,  Nicola Di Miscio ,  Varadharajan Kannan ,  Yong Zhang ,  Francesco Saracino

IPC: H04L29/06 ,  G06F9/455 ,  G06F13/40 ,  G06N20/00 ,  H04L9/32 ,  H04L9/40 ,  H04L12/40 ,  H04L47/24 ,  H04L61/2585 ,  G06F21/60 ,  H04L9/00 ,  H04L67/12

CPC classification number: H04L63/1416 ,  G06F9/45558 ,  G06F13/4068 ,  G06N20/00 ,  H04L9/3265 ,  H04L12/40 ,  H04L12/40013 ,  H04L47/24 ,  H04L61/2585 ,  H04L63/1425 ,  H04L63/1441 ,  G06F2009/45587 ,  G06F2009/45595 ,  G06F21/602 ,  H04L9/50 ,  H04L2012/40215 ,  H04L2012/40273 ,  H04L63/1458 ,  H04L63/166 ,  H04L67/12

Abstract: Various approaches are disclosed for protecting vehicle buses from cyber-attacks. Disclosed approaches provide for an embedded system having a hypervisor that provides a virtualized environment supporting any number of guest OSes. The virtualized environment may include a security engine on an internal communication channel between the guest OS and an external vehicle bus of a vehicle to analyze network traffic to protect the guest OS from other guest OSes or other network components, and to protect those network components from the guest OS. Each guest OS may have its own security engine customized for the guest OS to account for what is typical or expected traffic for the guest OS (e.g., using machine learning, anomaly detection, etc.). Also disclosed are approaches for corrupting a message being transmitted on a vehicle bus to prevent devices from acting on the message.