公开(公告)号：WO2020263217A1

公开(公告)日：2020-12-30

申请号：PCT/US2019/038736

申请日：2019-06-24

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： PLAQUIN, David ,  BELGARRIC, Pierre ,  DALTON, Christopher Ian ,  LAZARD, Titouan

IPC: H04L29/08 ,  G06F21/00

Abstract: In examples, apparatus for detecting malicious or rogue behaviour associated with data packets transmitted between a first device and a second device through a switch is provided, the first device having direct read/write memory access to the second device, in which the apparatus comprises an intercepting device logically intermediate the first device and the switch device to enable the apparatus to analyse the data packets to determine a communication pattern between the first and second devices, compare the communication pattern to a set of expected behaviours for the first device, select, on the basis of the comparison to the set of expected behaviours, a behaviour pattern for the first device, and map the behaviour pattern for the first device to a set of mitigating actions when the behaviour pattern for the first device is symptomatic of a malicious or rogue behaviour.

公开(公告)号：WO2020091922A1

公开(公告)日：2020-05-07

申请号：PCT/US2019/053442

申请日：2019-09-27

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： CHEVALIER, Ronny ,  PLAQUIN, David ,  DALTON, Christopher Ian ,  HIET, Guillaume

IPC: G06F21/56

Abstract: The disclosure relates to a data processing apparatus. The data processing apparatus may comprise a memory storing a candidate service level response to an intrusion to an operating system having a plurality of operating system services. The data processing apparatus may comprise processing circuitry coupled to the memory. The data processing apparatus may comprise an output coupled to the processing circuitry. It may be that the processing circuitry is to, depending on an alert indicative of the intrusion: select from the memory, for an operating system service of the said plurality of operating systems, the said operating system service being related to the alert, the candidate service level response to the intrusion; and provide a signal to the output depending on the candidate service level response selected in respect of the said operating system service.

公开(公告)号：WO2018226927A2

公开(公告)日：2018-12-13

申请号：PCT/US2018/036411

申请日：2018-06-07

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： CHEVALIER, Ronny ,  PLAQUIN, David ,  VILLATEL, Maugan ,  HIET, Guillaume

IPC: G06F21/52

Abstract: An intrusion detection system, comprising a monitor to receive messages from a target over a low-latency communication link comprising a controlled access memory structure logically positioned between the target and the monitor using point-to-point interconnects, the controlled access memory structure to receive a message from the target indicating that the target has entered a controlled mode of operation.

公开(公告)号：WO2016048288A1

公开(公告)日：2016-03-31

申请号：PCT/US2014/057026

申请日：2014-09-23

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： JEANSONNE, Jeffrey Kevin ,  BALACHEFF, Boris ,  ALI, Valiuddin ,  DALTON, Chris I. ,  PLAQUIN, David

IPC: G06F9/24 ,  G06F11/30

CPC classification number: G06F11/302 ,  G06F9/4401 ,  G06F11/3003 ,  G06F11/3419 ,  G06F11/3466 ,  G06F21/572 ,  G06F21/575 ,  G06F2201/81 ,  G06F2201/865 ,  G06F2201/88 ,  G06F2221/034

Abstract: Examples herein disclose monitoring an expected functionality upon execution of a system management mode (SMM) BIOS code. The examples detect whether a change has occurred to the SMM BIOS code based on the monitoring of the expected functionality. The change indicates that the SMM BIOS code is compromised.

Abstract translation: 这里的示例公开了在执行系统管理模式（SMM）BIOS代码时监视期望的功能。 这些示例基于对预期功能的监视来检测SMM BIOS代码是否发生了更改。 更改表示SMM BIOS代码受到损害。

公开(公告)号：WO2008072009A1

公开(公告)日：2008-06-19

申请号：PCT/GB2007/050745

申请日：2007-12-06

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P. ,  PROUDLER, Graeme ,  CHEN, Liqun ,  PLAQUIN, David

Inventor： PROUDLER, Graeme ,  CHEN, Liqun ,  PLAQUIN, David

IPC: G06Q50/00

CPC classification number: G06Q10/06

Abstract: In order to provide evidence concerning at least one stage of a process for manufacturing an item (10), evidence is accumulated during manufacture. After manufacture of the item (10), this evidence is used by a verifying entity (30) to provide check that the item (10) has been manufactured in an acceptable manner. Both a method and an item of manufacture for use in implementing the method, are provided.

Abstract translation: 为了提供关于制造物品（10）的过程的至少一个阶段的证据，在制造​​期间累积证据。 在项目（10）的制造之后，验证实体（30）使用该证据以可接受的方式提供项目（10）的制造。 提供了用于实现该方法的方法和制造项目。

公开(公告)号：WO2022093242A1

公开(公告)日：2022-05-05

申请号：PCT/US2020/058015

申请日：2020-10-29

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： BALDWIN, Adrian John ,  BELGARRIC, Pierre ,  DALTON, Christopher Ian ,  ELLAM, Daniel Cameron ,  PLAQUIN, David

IPC: G06F21/62 ,  G06F30/27 ,  H04L9/08

Abstract: In an example, an apparatus is described. The apparatus comprises processing circuitry comprising a control module. The control module is to protect information regarding a machine learning model owned by a third party. The information is protected in a memory communicatively coupled to the control module. In response to receiving an indication that a computing device under control of the control module complies with a third party policy associated with the machine learning model, the control module is to release the information to the computing device.

公开(公告)号：WO2021080601A1

公开(公告)日：2021-04-29

申请号：PCT/US2019/058071

申请日：2019-10-25

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： VILLATEL, Maugan ,  PLAQUIN, David ,  DALTON, Christopher Ian

IPC: G06F21/53 ,  G06F3/00

Abstract: There is described a method including obtaining memory management configuration data, for example, from a memory management unit. The memory management configuration data is used to identify memory locations having a predetermined property. Content is monitored at the identified memory locations.

公开(公告)号：WO2018075057A1

公开(公告)日：2018-04-26

申请号：PCT/US2016/058047

申请日：2016-10-21

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： VILLATEL, Maugan ,  BALACHEFF, Boris ,  PLAQUIN, David ,  ALI, Vali ,  JEANSONNE, Jeffrey Kevin

IPC: G06F21/57

Abstract: Examp!es associated with basic input/output system (BiOS) security are described. One example includes detecting a mismatch between an active BiOS setting and a saved BIOS setting. An update previously applied to the active BiOS setting is validated. The update Is applied to the saved BIOS setting creating an updated BIOS setting. The saved BIOS setting is updated when the updated BIOS setting and the active BIOS setting match. The saved BIOS setting is updated to the active BIOS setting. A security action is taken when the updated BiOS setting and the active BiOS setting differ.

Abstract translation: 描述了与基本输入/输出系统（BiOS）安全相关的示例。 一个例子包括检测活动的BiOS设置和保存的BIOS设置之间的不匹配。 以前应用于活动BiOS设置的更新将得到验证。 更新应用于保存的BIOS设置，创建更新的BIOS设置。 当更新的BIOS设置和有效的BIOS设置匹配时，更新保存的BIOS设置。 保存的BIOS设置更新为活动的BIOS设置。 当更新的BiOS设置和活动的BiOS设置不同时采取安全措施。

公开(公告)号：WO2017131679A1

公开(公告)日：2017-08-03

申请号：PCT/US2016/015223

申请日：2016-01-27

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： JEANSONNE, Jeffrey K. ,  BARLOW, Dallas M. ,  BRAMLEY, Richard A., Jr. ,  PLAQUIN, David ,  VILLATEL, Maugan

IPC: G06F11/22 ,  G06F11/26

CPC classification number: G06F11/2284

Abstract: Example implementations relate to system management mode (SMM) test operations. For example, a system for SMM test operations may include a test mode initiation engine to reboot a computing device, and load an interface firmware engine into system management random access memory (SMRAM) associated with the computing device in response to the reboot, wherein the interface firmware engine includes a production interface firmware engine to perform the test operation on a known address space of the page of SMRAM. The system may include a test operation engine to cause the computing system to operate in a testing mode, wherein the testing mode includes operating the computing system in system management mode (SMM), in response to a test command, and perform a test operation on a page of system management random access memory (SMRAM) associated with the computing device when the computing device is operating in SMM.

Abstract translation: 示例实现涉及系统管理模式（SMM）测试操作。 例如，用于SMM测试操作的系统可以包括用于重启计算设备的测试模式启动引擎，并且响应于重启，将接口固件引擎加载到与计算设备相关联的系统管理随机存取存储器（SMRAM）中，其中， 接口固件引擎包括生产接口固件引擎，以在SMRAM的页面的已知地址空间上执行测试操作。 该系统可以包括测试操作引擎，以使计算系统在测试模式下操作，其中测试模式包括响应于测试命令在系统管理模式（SMM）中操作计算系统，并且执行测试操作 当计算设备在SMM中操作时，与计算设备相关联的系统管理随机存取存储器（SMRAM）的页面。

公开(公告)号：WO2021154288A1

公开(公告)日：2021-08-05

申请号：PCT/US2020/016169

申请日：2020-01-31

Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.

Inventor： PLAQUIN, David ,  HUSCROFT, Carey

IPC: G06F15/00 ,  G01R29/00 ,  G01R31/00 ,  G01R31/312

Abstract: In an example, a method includes receiving an indication of an electrical parameter associated with at least part of a computing device. The method further includes determining whether or not the indication is indicative of an expected electric field distribution associated with a specified hardware configuration for the computing device.