公开(公告)号：US20150178143A1

公开(公告)日：2015-06-25

申请号：US14140243

申请日：2013-12-24

申请人： Sanu K. Mathew ,  Sudhir K. Satpathy ,  Patrick Koeberl ,  Jiangtao Li ,  Ram K. Krishnamurthy ,  Anand Rajan

发明人： Sanu K. Mathew ,  Sudhir K. Satpathy ,  Patrick Koeberl ,  Jiangtao Li ,  Ram K. Krishnamurthy ,  Anand Rajan

IPC分类号： G06F11/07

CPC分类号： G06F11/0793 ,  G06F7/00 ,  G06F7/588 ,  G06F11/0745 ,  G11C7/24 ,  H04L9/3278 ,  H04L9/34

摘要： Dark-bit masking technologies for physically unclonable function (PUF) components are described. A computing system includes a processor core and a secure key manager component coupled to the processor core. The secure key manager includes the PUF component, and a dark-bit masking circuit coupled to the PUF component. The dark-bit masking circuit is to measure a PUF value of the PUF component multiple times during a dark-bit window to detect whether the PUF value of the PUF component is a dark bit. The dark bit indicates that the PUF value of the PUF component is unstable during the dark-bit window. The dark-bit masking circuit is to output the PUF value as an output PUF bit of the PUF component when the PUF value is not the dark bit and set the output PUF bit to be a specified value when the PUF value of the PUF component is the dark bit.

摘要翻译： 描述了用于物理不可克隆功能（PUF）组件的暗位掩蔽技术。 计算系统包括处理器核心和耦合到处理器核心的安全密钥管理器组件。 安全密钥管理器包括PUF组件和耦合到PUF组件的暗位屏蔽电路。 暗位掩蔽电路是在暗位窗口期间多次测量PUF分量的PUF值，以检测PUF分量的PUF值是否为暗位。 暗位表示PUF组件的PUF值在暗位窗口期间不稳定。 当PUF值不是暗位时，暗位屏蔽电路将输出PUF值作为PUF分量的输出PUF位，并且当PUF分量的PUF值为 黑暗的一点

公开(公告)号：US09262256B2

公开(公告)日：2016-02-16

申请号：US14140243

申请日：2013-12-24

申请人： Sanu K. Mathew ,  Sudhir K. Satpathy ,  Patrick Koeberl ,  Jiangtao Li ,  Ram K. Krishnamurthy ,  Anand Rajan

发明人： Sanu K. Mathew ,  Sudhir K. Satpathy ,  Patrick Koeberl ,  Jiangtao Li ,  Ram K. Krishnamurthy ,  Anand Rajan

IPC分类号： G06F21/00 ,  H04L29/06 ,  G06F11/07 ,  G11C7/24 ,  G11C7/00 ,  G06F7/58 ,  H04L9/34

CPC分类号： G06F11/0793 ,  G06F7/00 ,  G06F7/588 ,  G06F11/0745 ,  G11C7/24 ,  H04L9/3278 ,  H04L9/34

摘要： Dark-bit masking technologies for physically unclonable function (PUF) components are described. A computing system includes a processor core and a secure key manager component coupled to the processor core. The secure key manager includes the PUF component, and a dark-bit masking circuit coupled to the PUF component. The dark-bit masking circuit is to measure a PUF value of the PUF component multiple times during a dark-bit window to detect whether the PUF value of the PUF component is a dark bit. The dark bit indicates that the PUF value of the PUF component is unstable during the dark-bit window. The dark-bit masking circuit is to output the PUF value as an output PUF bit of the PUF component when the PUF value is not the dark bit and set the output PUF bit to be a specified value when the PUF value of the PUF component is the dark bit.

摘要翻译： 描述了用于物理不可克隆功能（PUF）组件的暗位掩蔽技术。 计算系统包括处理器核心和耦合到处理器核心的安全密钥管理器组件。 安全密钥管理器包括PUF组件和耦合到PUF组件的暗位屏蔽电路。 暗位掩蔽电路是在暗位窗口期间多次测量PUF分量的PUF值，以检测PUF分量的PUF值是否为暗位。 暗位表示PUF组件的PUF值在暗位窗口期间不稳定。 当PUF值不是暗位时，暗位屏蔽电路将输出PUF值作为PUF分量的输出PUF位，并且当PUF分量的PUF值为 黑暗的一点

公开(公告)号：US20130147511A1

公开(公告)日：2013-06-13

申请号：US13313298

申请日：2011-12-07

申请人： Patrick Koeberl ,  Jiangtao Li ,  Anand Rajan ,  Claire Vishik

发明人： Patrick Koeberl ,  Jiangtao Li ,  Anand Rajan ,  Claire Vishik

IPC分类号： H03K19/23

CPC分类号： H03K19/23 ,  G06F21/73 ,  H04L9/3263 ,  H04L9/3278

摘要： The output of a physically unclonable function (PUF) may be processed to reduce its size. The post-processing result is served as a device intrinsic unclonable identifier and is signed by the device manufacturer to create a certificate stored on board the same device that includes the physically unclonable function. This scheme may not require online verification and complex error correction on PUFs in some cases.

摘要翻译： 可以处理物理不可克隆功能（PUF）的输出以减小其大小。 后处理结果作为设备固有的不可克隆标识符，并由设备制造商签署，以创建存储在同一设备上的证书，其中包含物理上不可克隆的功能。 在某些情况下，该方案可能不需要在线验证和PUF复杂的纠错。

公开(公告)号：US20150188717A1

公开(公告)日：2015-07-02

申请号：US14141226

申请日：2013-12-26

申请人： Wei WU ,  Jiangtao Li ,  Patrick Koeberl

发明人： Wei WU ,  Jiangtao Li ,  Patrick Koeberl

IPC分类号： H04L9/32

CPC分类号： H04L9/3278 ,  G09C1/00 ,  H03K19/003 ,  H04L9/0866

摘要： Embodiments of an invention for using physically unclonable function redundant bits are disclosed. In one embodiment, an integrated circuit includes a PUF cell array and redundancy logic. The PUF cell array includes a plurality of redundant cells and is to provide a raw PUF value. The redundancy logic is to generate a redirection list to be used to replace each of one or more bits of the raw PUF value with a redundant bit value from one of the redundant cells.

摘要翻译： 公开了用于使用物理上不可克隆的功能冗余位的发明的实施例。 在一个实施例中，集成电路包括PUF单元阵列和冗余逻辑。 PUF单元阵列包括多个冗余单元并且提供原始PUF值。 冗余逻辑是生成一个重定向列表，用于使用来自冗余单元之一的冗余比特值来替换原始PUF值的一个或多个比特中的每一个。

公开(公告)号：US20140189890A1

公开(公告)日：2014-07-03

申请号：US13730469

申请日：2012-12-28

申请人： Patrick Koeberl ,  Jiangtao Li

发明人： Patrick Koeberl ,  Jiangtao Li

IPC分类号： G06F21/70

CPC分类号： G06F21/70 ,  G06F21/44 ,  G06F21/73 ,  G09C1/00 ,  H04L9/0866 ,  H04L2209/12

摘要： At least one machine accessible medium having instructions stored thereon for authenticating a hardware device is provided. When executed by a processor, the instructions cause the processor to receive two or more device keys from a physically unclonable function (PUF) on the hardware device, generate a device identifier from the two or more device keys, obtain a device certificate from the hardware device, perform a verification of the device identifier, and provide a result of the device identifier verification. In a more specific embodiment, the instructions cause the processor to perform a verification of a digital signature in the device certificate and to provide a result of the digital signature verification. The hardware device may be rejected if at least one of the device identifier verification and the digital signature verification fails.

摘要翻译： 提供了至少一个具有存储在其上用于认证硬件设备的指令的机器可访问介质。 当处理器执行时，指令使处理器从硬件设备上的物理不可克隆功能（PUF）接收两个或多个设备密钥，从两个或多个设备密钥生成设备标识符，从硬件获得设备证书 设备，执行设备标识符的验证，并提供设备标识符验证的结果。 在更具体的实施例中，指令使处理器执行设备证书中的数字签名的验证并提供数字签名验证的结果。 如果设备标识符验证和数字签名验证中的至少一个失败，则硬件设备可能被拒绝。

公开(公告)号：US20150092939A1

公开(公告)日：2015-04-02

申请号：US14040337

申请日：2013-09-27

申请人： Kevin Gotze ,  Gregory Iovino ,  David Johnston ,  Patrick Koeberl ,  Jiangtao Li ,  Wei Wu

发明人： Kevin Gotze ,  Gregory Iovino ,  David Johnston ,  Patrick Koeberl ,  Jiangtao Li ,  Wei Wu

IPC分类号： H04L9/34

CPC分类号： H04L9/34 ,  G09C1/00 ,  H04L9/0866 ,  H04L9/3278 ,  H04L2209/12

摘要： Embodiments of an invention for using dark bits to reduce physically unclonable function (PUF) error rates are disclosed. In one embodiment, an integrated circuit includes a PUF cell array and dark bit logic. The PUF cell array is to provide a raw PUF value. The dark bit logic is to select PUF cells to mark as dark bits and to generate a dark bit mask based on repeated testing of the PUF cell array.

摘要翻译： 公开了使用暗位来减少物理不可克隆功能（PUF）错误率的发明的实施例。 在一个实施例中，集成电路包括PUF单元阵列和暗位逻辑。 PUF单元阵列是提供原始PUF值。 暗位逻辑是基于PUF单元阵列的重复测试来选择PUF单元来标记为暗位并产生暗位掩码。

公开(公告)号：US20220124009A1

公开(公告)日：2022-04-21

申请号：US17561061

申请日：2021-12-23

申请人： Thijs Metsch ,  Susanne M. Balle ,  Patrick Koeberl ,  Bin Li ,  Mark Yarvis ,  Adrian Hoban ,  Kshitij Arun Doshi ,  Francesc Guim Bernat ,  Cesar Martinez-Spessot ,  Mats Gustav Agerstam ,  Dario Nicolas Oliver ,  Marcos E. Carranza ,  John J. Browne ,  Mikko Ylinen ,  David Cremins

发明人： Thijs Metsch ,  Susanne M. Balle ,  Patrick Koeberl ,  Bin Li ,  Mark Yarvis ,  Adrian Hoban ,  Kshitij Arun Doshi ,  Francesc Guim Bernat ,  Cesar Martinez-Spessot ,  Mats Gustav Agerstam ,  Dario Nicolas Oliver ,  Marcos E. Carranza ,  John J. Browne ,  Mikko Ylinen ,  David Cremins

IPC分类号： H04L41/5054 ,  H04L47/72 ,  H04L43/08 ,  H04L41/5025

摘要： Various systems and methods for implementing intent-based orchestration in heterogenous compute platforms are described herein. An orchestration system is configured to: receive, at the orchestration system, a workload request for a workload, the workload request including an intent-based service level objective (SLO); generate rules for resource allocation based on the workload request; generate a deployment plan using the rules for resource allocation and the intent-based SLO; deploy the workload using the deployment plan; monitor performance of the workload using real-time telemetry; and modify the rules for resource allocation and the deployment plan based on the real-time telemetry.

公开(公告)号：US20220116455A1

公开(公告)日：2022-04-14

申请号：US17561334

申请日：2021-12-23

申请人： Arun Raghunath ,  Mohammad Chowdhury ,  Michael Mesnier ,  Ravishankar R. Iyer ,  Ian Adams ,  Thijs Metsch ,  John J. Browne ,  Adrian Hoban ,  Veeraraghavan Ramamurthy ,  Patrick Koeberl ,  Francesc Guim Bernat ,  Kshitij Arun Doshi ,  Susanne M. Balle ,  Bin Li

发明人： Arun Raghunath ,  Mohammad Chowdhury ,  Michael Mesnier ,  Ravishankar R. Iyer ,  Ian Adams ,  Thijs Metsch ,  John J. Browne ,  Adrian Hoban ,  Veeraraghavan Ramamurthy ,  Patrick Koeberl ,  Francesc Guim Bernat ,  Kshitij Arun Doshi ,  Susanne M. Balle ,  Bin Li

IPC分类号： H04L67/1097 ,  H04L67/146 ,  H04L67/52 ,  H04L9/40

摘要： Various systems and methods for implementing computational storage are described herein. An orchestrator system is configured to: receive, at the orchestrator system, a registration package, the registration package including function code, a logical location of input data for the function code, and an event trigger for the function code, the event trigger set to trigger in response to when the input data is modified; interface with a storage service, the storage service to monitor the logical location of the input data and notify a location service when the input data is modified; interface with the location service to obtain a physical location of the input data, the location service to resolve the physical location from the logical location of the input data; and configure the function code to execute near the input data

公开(公告)号：US20180285291A1

公开(公告)日：2018-10-04

申请号：US15476001

申请日：2017-03-31

申请人： Steffen Schulz ,  Patrick Koeberl ,  Vedvyas Shanbhogue ,  Jason W. Brandt ,  Venkateswara R. Madduri ,  Sang W. Kim ,  Julien Carreno

发明人： Steffen Schulz ,  Patrick Koeberl ,  Vedvyas Shanbhogue ,  Jason W. Brandt ,  Venkateswara R. Madduri ,  Sang W. Kim ,  Julien Carreno

IPC分类号： G06F13/24

摘要： Methods, apparatus, and system to create interrupts which are resolved at runtime relative to an active compartment. Active compartments may be, for example, a compartment of an operating system (“OS”) or a trusted execution environment (“TEE”). The context-specific interrupts comprise an interrupt dispatch table (“IDT”) for each compartment.

公开(公告)号：US20150032996A1

公开(公告)日：2015-01-29

申请号：US13952849

申请日：2013-07-29

申请人： Patrick Koeberl ,  Steffen Schulz

发明人： Patrick Koeberl ,  Steffen Schulz

IPC分类号： G06F9/38

CPC分类号： G06F12/1441 ,  G06F9/3005 ,  G06F9/3802 ,  G06F9/3824

摘要： Execution-Aware Memory protection technologies are described. A processor includes an instruction fetch unit to fetch instructions of applications executing in a multitasking environment and an execution unit to execute the instructions. A memory protection unit (MPU) enforces memory access control of the applications by defining an instruction region (I-space) and a data region (D-space and linking the I-space to the D-space. When the MPU determining whether an instruction address is within the I-space and whether a data address of a data access operation is within the D-space. The MPU issues a memory protection fault for the data access operation when either the instruction address is not within the I-space or the data address is not within the D-space.

摘要翻译： 执行意识描述内存保护技术。 处理器包括指令获取单元，用于获取在多任务环境中执行的应用的指令，以及执行单元来执行指令。 存储器保护单元（MPU）通过定义指令区域（I空间）和数据区域（D空间并将I空间链接到D空间）来强制应用程序的存储器访问控制，当MPU确定是否 指令地址在I空间内，数据访问操作的数据地址是否在D空间内，当指令地址不在I空间内时，MPU发出数据存取操作的存储器保护故障， 数据地址不在D空间内。