-
公开(公告)号:US11921655B2
公开(公告)日:2024-03-05
申请号:US17307893
申请日:2021-05-04
发明人: Massimo Panzica , Maurizio Gentili
CPC分类号: G06F13/28 , G06F13/24 , H04L9/3247 , G06F2213/24 , G06F2213/28
摘要: A microcontroller includes a memory, direct memory access (DMA) controllers and a microprocessor. The microprocessor maintains one or more memory protection (MP) configurations to control access to protected memory areas of the microcontroller. In response to a secure service call of an unsecure user-application, the microprocessor executes a state machine which disables interrupt requests, determining whether DMA controller configurations and MP configurations satisfy secure-service criteria. When the secure-service criteria are satisfied, at least one secure operation associated with the secure service call is performed, and memory areas accessed during the execution of the at least one secure operation are cleaned. The interrupt requests are re-enabled and a response to the secure service call is generated.
-
公开(公告)号:US20190171819A1
公开(公告)日:2019-06-06
申请号:US16175699
申请日:2018-10-30
发明人: Maurizio Gentili , Massimo Panzica
摘要: Electronic computing devices provide a method to update firmware. The method includes receiving a firmware image at an electronic device, the electronic device having a processor and a memory arranged to store instructions executed by the processor. In the electronic device, a unique device identifier is retrieved and a random number is generated. The generated random number is securely stored. The random number and a representation of the unique device identifier are computationally combined to create a device-binding value, and an address-offset is generated from the device-binding value. The firmware image is stored in the memory at the address-offset.
-
公开(公告)号:US11507654B2
公开(公告)日:2022-11-22
申请号:US16994484
申请日:2020-08-14
发明人: Maurizio Gentili , Massimo Panzica
IPC分类号: G06F21/53 , G06F21/56 , G06F13/28 , G06F13/24 , H04L29/06 , G06F21/57 , H04L9/40 , G06F21/74 , G06F21/79
摘要: A secure engine method includes providing an embedded microcontroller in an embedded device, the embedded microcontroller having internal memory. The method also includes providing a secure environment in the internal memory. The secure environment method recognizes a boot sequence and restricts user-level access to the secure environment by taking control over the secure environment memory. Taking such control may include disabling DMA controllers, configuring at least one memory controller for access to the secure environment, preventing the execution of instructions fetched from outside the secure environment, and only permitting execution of instructions fetched from within the secure environment. Secure engine program instructions are then executed to disable interrupts, perform at least one secure operation, and re-enable interrupts after performing the at least one secure operation. Control over the secure environment memory is released, which can include clearing memory, re-enabling DMA controllers, and restoring memory controller parameters.
-
公开(公告)号:US20200380116A1
公开(公告)日:2020-12-03
申请号:US16994484
申请日:2020-08-14
发明人: Maurizio Gentili , Massimo Panzica
摘要: A secure engine method includes providing an embedded microcontroller in an embedded device, the embedded microcontroller having internal memory. The method also includes providing a secure environment in the internal memory. The secure environment method recognizes a boot sequence and restricts user-level access to the secure environment by taking control over the secure environment memory. Taking such control may include disabling DMA controllers, configuring at least one memory controller for access to the secure environment, preventing the execution of instructions fetched from outside the secure environment, and only permitting execution of instructions fetched from within the secure environment. Secure engine program instructions are then executed to disable interrupts, perform at least one secure operation, and re-enable interrupts after performing the at least one secure operation. Control over the secure environment memory is released, which can include clearing memory, re-enabling DMA controllers, and restoring memory controller parameters.
-
公开(公告)号:US12021957B2
公开(公告)日:2024-06-25
申请号:US17542274
申请日:2021-12-03
发明人: Maurizio Gentili
IPC分类号: H04L7/00
CPC分类号: H04L7/0008
摘要: System, method, and circuitry for utilizing a synchronization message to create fixed transmission windows for multiple priority data in half-duplex communication systems. A first computing device includes a first master controller and a first slave radio, and a second computing device includes a second slave controller and a second master radio. The first controller and the second radio may share a transmit mode during a transmission window, and the first radio and the second controller radio may share a receive mode during that same transmission window, which are defined by the synchronization message. The first controller can transmit outbound data to the first radio, the second radio can transmit outbound data to the second controller, and the second radio can transmit inbound data to the first radio during this transmission window.
-
公开(公告)号:US10783240B2
公开(公告)日:2020-09-22
申请号:US15721362
申请日:2017-09-29
发明人: Maurizio Gentili , Massimo Panzica
IPC分类号: G06F21/53 , G06F21/56 , G06F13/28 , G06F13/24 , H04L29/06 , G06F21/57 , G06F21/74 , G06F21/79
摘要: A secure engine method includes providing an embedded microcontroller in an embedded device, the embedded microcontroller having internal memory. The method also includes providing a secure environment in the internal memory. The secure environment method recognizes a boot sequence and restricts user-level access to the secure environment by taking control over the secure environment memory. Taking such control may include disabling DMA controllers, configuring at least one memory controller for access to the secure environment, preventing the execution of instructions fetched from outside the secure environment, and only permitting execution of instructions fetched from within the secure environment. Secure engine program instructions are then executed to disable interrupts, perform at least one secure operation, and re-enable interrupts after performing the at least one secure operation. Control over the secure environment memory is released, which can include clearing memory, re-enabling DMA controllers, and restoring memory controller parameters.
-
公开(公告)号:US20190102538A1
公开(公告)日:2019-04-04
申请号:US15721362
申请日:2017-09-29
发明人: Maurizio Gentili , Massimo Panzica
CPC分类号: G06F21/53 , G06F13/24 , G06F13/28 , G06F21/575 , G06F21/74 , G06F21/79 , G06F2213/24 , G06F2221/2143 , G06F2221/2149 , H04L63/061 , H04L63/0853
摘要: A secure engine method includes providing an embedded microcontroller in an embedded device, the embedded microcontroller having internal memory. The method also includes providing a secure environment in the internal memory. The secure environment method recognizes a boot sequence and restricts user-level access to the secure environment by taking control over the secure environment memory. Taking such control may include disabling DMA controllers, configuring at least one memory controller for access to the secure environment, preventing the execution of instructions fetched from outside the secure environment, and only permitting execution of instructions fetched from within the secure environment. Secure engine program instructions are then executed to disable interrupts, perform at least one secure operation, and re-enable interrupts after performing the at least one secure operation. Control over the secure environment memory is released, which can include clearing memory, re-enabling DMA controllers, and restoring memory controller parameters.
-
公开(公告)号:US10949537B2
公开(公告)日:2021-03-16
申请号:US16175699
申请日:2018-10-30
发明人: Maurizio Gentili , Massimo Panzica
摘要: Electronic computing devices provide a method to update firmware. The method includes receiving a firmware image at an electronic device, the electronic device having a processor and a memory arranged to store instructions executed by the processor. In the electronic device, a unique device identifier is retrieved and a random number is generated. The generated random number is securely stored. The random number and a representation of the unique device identifier are computationally combined to create a device-binding value, and an address-offset is generated from the device-binding value. The firmware image is stored in the memory at the address-offset.
-
-
-
-
-
-
-