Patents by Inventor George Thomas Letey
George Thomas Letey has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11444918Abstract: The disclosed technology is generally directed to firewalls. In one example of the technology, a first firewall is used such that communication is blocked from a first subsystem of a device upon boot of the device. The first firewall is enabled to be configured by secure code subsequent to boot such that code that is not secure code is prevented from configuring the first firewall. After configuration of the first firewall, based on the configuration, the first firewall is used to selectively allow the first subsystem access to the first memory based on ranges of addresses of the first memory configured as accessible to the first subsystem.Type: GrantFiled: December 16, 2019Date of Patent: September 13, 2022Assignee: Microsoft Technology Licensing, LLCInventors: George Thomas Letey, Douglas L. Stiles, Edmund B. Nightingale
-
Patent number: 11036654Abstract: The disclosed technology is generally directed to protection against unauthorized code. In one example of the technology, a read request to a restricted region of memory is detected. The read request is associated with a first processor. In response to detecting the read request to the restricted region of memory, a data value that causes an exception in response to execution by the first processor is provided.Type: GrantFiled: June 21, 2018Date of Patent: June 15, 2021Assignee: Microsoft Technology Licensing, LLCInventors: George Thomas Letey, Felix Stefan Domke, Edmund B. Nightingale
-
Patent number: 10942798Abstract: In one example of the technology, via a first independent execution environment of a set of independent execution environments in an integrated circuit, a first watchdog timer is caused to reset on a periodic basis. The set of independent execution environments is configured to have a defense-in-depth hierarchy. The set of independent execution environments includes a first independent execution environment and a second independent execution environment. The first independent execution environment is a most trusted execution environment on the integrated circuit. Via the second independent execution environment: a second watchdog timer is periodically caused to reset on a periodic basis. In response to the second watchdog timer timing out, an interrupt is communicated from the second watchdog timer to the first independent execution environment. In response to the first watchdog timer timing out, at least a portion of the integrated circuit is reset.Type: GrantFiled: May 31, 2018Date of Patent: March 9, 2021Assignee: Microsoft Technology Licensing, LLCInventors: George Thomas Letey, Douglas L. Stiles, Edmund B. Nightingale, Stephen E. Hodges, Philip John Joseph Wright
-
Patent number: 10783075Abstract: The disclosed technology is generally directed to data security. In one example of the technology, data is stored in a memory. The memory includes a plurality of memory banks including a first memory bank and a second memory bank. At least a portion of the data is interleaved amongst at least two of the plurality of memory banks. Access is caused to be prevented to at least one of the plurality of memory banks while a debug mode or recovery mode is occurring. Also, access is caused to be prevented to the at least one of the plurality of memory banks starting with initial boot until a verification by a security complex is successful. The verification by the security complex includes the security complex verifying a signature.Type: GrantFiled: April 7, 2019Date of Patent: September 22, 2020Assignee: Microsoft Technology Licensing, LLCInventors: George Thomas Letey, Douglas L. Stiles, Edmund B. Nightingale
-
Patent number: 10715526Abstract: The disclosed technology is generally directed to integrated circuit technology with defense-in-depth. In one example of the technology, an integrated circuit includes a set of independent execution environments including at least two independent execution environments. At least two of the independent execution environments are general purpose cores with differing capabilities. The independent execution environments in the set of independent execution environments are configured to have a defense-in-depth hierarchy.Type: GrantFiled: February 27, 2017Date of Patent: July 14, 2020Assignee: Microsoft Technology Licensing, LLCInventors: Edmund B. Nightingale, Reuben R. Olinsky, Galen C. Hunt, Douglas Stiles, George Thomas Letey
-
Publication number: 20200120067Abstract: The disclosed technology is generally directed to firewalls. In one example of the technology, a first firewall is used such that communication is blocked from a first subsystem of a device upon boot of the device. The first firewall is enabled to be configured by secure code subsequent to boot such that code that is not secure code is prevented from configuring the first firewall. After configuration of the first firewall, based on the configuration, the first firewall is used to selectively allow the first subsystem access to the first memory based on ranges of addresses of the first memory configured as accessible to the first subsystem.Type: ApplicationFiled: December 16, 2019Publication date: April 16, 2020Inventors: George Thomas LETEY, Douglas L. STILES, Edmund B. NIGHTINGALE
-
Patent number: 10587575Abstract: The disclosed technology is generally directed to firewalls. In one example of the technology, a first firewall is used such that communication is blocked from a first subsystem of a device upon boot of the device. The first firewall is enabled to be configured by secure code subsequent to boot such that code that is not secure code is prevented from configuring the first firewall. After configuration of the first firewall, based on the configuration, the first firewall is used to selectively allow the first subsystem access to the first memory based on ranges of addresses of the first memory configured as accessible to the first subsystem.Type: GrantFiled: May 26, 2017Date of Patent: March 10, 2020Assignee: Microsoft Technology Licensing, LLCInventors: George Thomas Letey, Douglas L. Stiles, Edmund B. Nightingale
-
Publication number: 20200004721Abstract: The disclosed technology is generally directed to peripheral access. In one example of the technology, stored configuration information is read. The stored configuration information is associated with mapping a plurality of independent execution environments to a plurality of peripherals such that the peripherals of the plurality of peripherals have corresponding independent execution environments of the plurality of independent execution environments. A configurable interrupt routing table is programmed based on the configuration information. An interrupt is received from a peripheral. The interrupt is routed to the corresponding independent execution environment based on the configurable interrupt routing table.Type: ApplicationFiled: July 8, 2019Publication date: January 2, 2020Inventors: George Thomas LETEY, Douglas L. STILES, Edmund B. NIGHTINGALE
-
Publication number: 20190370103Abstract: In one example of the technology, via a first independent execution environment of a set of independent execution environments in an integrated circuit, a first watchdog timer is caused to reset on a periodic basis. The set of independent execution environments is configured to have a defense-in-depth hierarchy. The set of independent execution environments includes a first independent execution environment and a second independent execution environment. The first independent execution environment is a most trusted execution environment on the integrated circuit. Via the second independent execution environment: a second watchdog timer is periodically caused to reset on a periodic basis. In response to the second watchdog timer timing out, an interrupt is communicated from the second watchdog timer to the first independent execution environment. In response to the first watchdog timer timing out, at least a portion of the integrated circuit is reset.Type: ApplicationFiled: May 31, 2018Publication date: December 5, 2019Inventors: George Thomas LETEY, Douglas L. STILES, Edmund B. NIGHTINGALE, Stephen E. HODGES, Philip John Joseph WRIGHT
-
Publication number: 20190317904Abstract: The disclosed technology is generally directed to protection against unauthorized code. In one example of the technology, a read request to a restricted region of memory is detected. The read request is associated with a first processor. In response to detecting the read request to the restricted region of memory, a data value that causes an exception in response to execution by the first processor is provided.Type: ApplicationFiled: June 21, 2018Publication date: October 17, 2019Inventors: George Thomas LETEY, Felix Stefan DOMKE, Edmund B. NIGHTINGALE
-
Publication number: 20190236007Abstract: The disclosed technology is generally directed to data security. In one example of the technology, data is stored in a memory. The memory includes a plurality of memory banks including a first memory bank and a second memory bank. At least a portion of the data is interleaved amongst at least two of the plurality of memory banks. Access is caused to be prevented to at least one of the plurality of memory banks while a debug mode or recovery mode is occurring. Also, access is caused to be prevented to the at least one of the plurality of memory banks starting with initial boot until a verification by a security complex is successful. The verification by the security complex includes the security complex verifying a signature.Type: ApplicationFiled: April 7, 2019Publication date: August 1, 2019Inventors: George Thomas LETEY, Douglas L. STILES, Edmund B. NIGHTINGALE
-
Patent number: 10353815Abstract: The disclosed technology is generally directed to data security. In one example of the technology, data is stored in a memory. The memory includes a plurality of memory banks including a first memory bank and a second memory bank. At least a portion of the data is interleaved amongst at least two of the plurality of memory banks. Access is caused to be prevented to at least one of the plurality of memory banks while a debug mode or recovery mode is occurring. Also, access is caused to be prevented to the at least one of the plurality of memory banks starting with initial boot until a verification by a security complex is successful. The verification by the security complex includes the security complex verifying a signature.Type: GrantFiled: May 26, 2017Date of Patent: July 16, 2019Assignee: Microsoft Technology Licensing, LLCInventors: George Thomas Letey, Douglas L. Stiles, Edmund B. Nightingale
-
Patent number: 10346345Abstract: The disclosed technology is generally directed to peripheral access. In one example of the technology, stored configuration information is read. The stored configuration information is associated with mapping a plurality of independent execution environments to a plurality of peripherals such that the peripherals of the plurality of peripherals have corresponding independent execution environments of the plurality of independent execution environments. A configurable interrupt routing table is programmed based on the configuration information. An interrupt is received from a peripheral. The interrupt is routed to the corresponding independent execution environment based on the configurable interrupt routing table.Type: GrantFiled: May 26, 2017Date of Patent: July 9, 2019Assignee: Microsoft Technology Licensing, LLCInventors: George Thomas Letey, Douglas L. Stiles, Edmund B. Nightingale
-
Publication number: 20180343234Abstract: The disclosed technology is generally directed to firewalls. In one example of the technology, a first firewall is used such that communication is blocked from a first subsystem of a device upon boot of the device. The first firewall is enabled to be configured by secure code subsequent to boot such that code that is not secure code is prevented from configuring the first firewall. After configuration of the first firewall, based on the configuration, the first firewall is used to selectively allow the first subsystem access to the first memory based on ranges of addresses of the first memory configured as accessible to the first subsystem.Type: ApplicationFiled: May 26, 2017Publication date: November 29, 2018Inventors: George Thomas LETEY, Douglas L. STILES, Edmund B. NIGHTINGALE
-
Publication number: 20180341584Abstract: The disclosed technology is generally directed to data security. In one example of the technology, data is stored in a memory. The memory includes a plurality of memory banks including a first memory bank and a second memory bank. At least a portion of the data is interleaved amongst at least two of the plurality of memory banks. Access is caused to be prevented to at least one of the plurality of memory banks while a debug mode or recovery mode is occurring. Also, access is caused to be prevented to the at least one of the plurality of memory banks starting with initial boot until a verification by a security complex is successful. The verification by the security complex includes the security complex verifying a signature.Type: ApplicationFiled: May 26, 2017Publication date: November 29, 2018Inventors: George Thomas LETEY, Douglas L. STILES, Edmund B. NIGHTINGALE
-
Publication number: 20180341620Abstract: The disclosed technology is generally directed to peripheral access. In one example of the technology, stored configuration information is read. The stored configuration information is associated with mapping a plurality of independent execution environments to a plurality of peripherals such that the peripherals of the plurality of peripherals have corresponding independent execution environments of the plurality of independent execution environments. A configurable interrupt routing table is programmed based on the configuration information. An interrupt is received from a peripheral. The interrupt is routed to the corresponding independent execution environment based on the configurable interrupt routing table.Type: ApplicationFiled: May 26, 2017Publication date: November 29, 2018Inventors: George Thomas LETEY, Douglas L. STILES, Edmund B. NIGHTINGALE
-
Publication number: 20180165448Abstract: The disclosed technology is generally directed to integrated circuit technology with defense-in-depth. In one example of the technology, an integrated circuit includes a set of independent execution environments including at least two independent execution environments. At least two of the independent execution environments are general purpose cores with differing capabilities. The independent execution environments in the set of independent execution environments are configured to have a defense-in-depth hierarchy.Type: ApplicationFiled: February 27, 2017Publication date: June 14, 2018Inventors: Edmund B. Nightingale, Reuben R. Olinsky, Galen C. Hunt, Douglas Stiles, George Thomas Letey
-
Patent number: 7171534Abstract: A memory controller system for processing memory access requests comprising a first memory controller operable to address a first plurality of memory modules a second memory controller operable to address a second plurality of memory modules, the first and second memory controllers configurable to process a memory transaction in an operational mode of the memory controller system selected from the group consisting of an independent cell mode, a multiplexer-mode (mux-mode), and a lockstep mode, and a bus interface block operable to convey the memory transaction to both of the first and second memory controllers is provided.Type: GrantFiled: December 17, 2004Date of Patent: January 30, 2007Assignee: Hewlett-Packard Development Company, L.P.Inventors: Jeff G. Hargis, George Thomas Letey, Michael Kennard Tayler
-
Patent number: 6901486Abstract: A method of determining whether to issue a pre-fetch transaction in a memory control system comprising generating a pre-fetch threshold dependent on a demand load of a memory controller, calculating a probability measure of pre-fetch accuracy, comparing the threshold with the calculated probability measure, and determining whether to issue a pre-fetch transaction based upon the comparison of the threshold with the calculated probability measure is provided. A pre-fetch apparatus implemented in a memory control system comprising a pre-fetch threshold generator operable to output a pre-fetch threshold in response to a signal indicative of a memory controller demand load, and a comparator circuit operable to compare the pre-fetch threshold and a probability measure of pre-fetch accuracy, wherein the pre-fetch apparatus issues a pre-fetch transaction on the basis of the comparison by the comparator is provided.Type: GrantFiled: July 5, 2002Date of Patent: May 31, 2005Assignee: Hewlett-Packard Development Company, L.P.Inventors: Erin Antony Handgen, George Thomas Letey
-
Patent number: 6854043Abstract: A memory controller system for processing memory access requests comprising a first memory controller operable to address a first plurality of memory modules a second memory controller operable to address a second plurality of memory modules, the first and second memory controllers configurable to process a memory transaction in an operational mode of the memory controller system selected from the group consisting of an independent cell mode, a multiplexer-mode (mux-mode), and a lockstep mode, and a bus interface block operable to convey the memory transaction to both of the first and second memory controllers is provided.Type: GrantFiled: July 5, 2002Date of Patent: February 8, 2005Assignee: Hewlett-Packard Development Company, L.P.Inventors: Jeff G. Hargis, George Thomas Letey, Michael Kennard Tayler