Patents by Inventor Marko Winblad
Marko Winblad has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11960617Abstract: A method for the protection of files is performed on an integrated-circuit device that comprises a hardware memory protection module, which controls access to regions of the memory depending on region-specific settings. A new file is created in the memory by storing metadata and content data for the new file in a common memory region. An access condition is set for the common memory region in the configuration settings of the hardware memory protection module. A file is retrieved from the memory by searching the memory to identify a file meeting a search criterion. The searching involves comparing the metadata of files from the memory against the search criterion in order to identify a file from the memory that meets the search criterion.Type: GrantFiled: June 26, 2019Date of Patent: April 16, 2024Assignee: Nordic Semiconductor ASAInventors: Jouko Holopainen, Marko Winblad
-
Patent number: 11815975Abstract: A method of controlling an electronic device including a memory and a removable smart card. The method involves the device sending a request for context data to the smart card. The smart card sends context data to the device in response to the request and stores this data in the memory and power to the smart card is reduced. Power to the smart card is then increased or restored, and the data is written back to the smart card.Type: GrantFiled: March 22, 2019Date of Patent: November 14, 2023Assignee: Nordic Semiconductor ASAInventors: Hannu Talvitie, Marko Winblad, Veli-Pekka Junttila
-
Patent number: 11675526Abstract: An electronic device comprises a processor, a memory, a memory controller for controlling access to the memory, a hardware security module, and a bus system, to which the processor, the memory controller, and the hardware security module are connected. The hardware security module uses its connection to the bus system to detect requests on the bus system that are sent by the processor. The hardware security module has a secure state and a non-secure state. When in the secure state, the hardware security module adds a secure-state signal to requests sent by the processor over the bus system. The memory controller determines whether memory-access requests include the secure-state signal, and denies access to a secure region of the memory in response to receiving memory-access requests that do not include the secure-state signal.Type: GrantFiled: April 17, 2019Date of Patent: June 13, 2023Assignee: Nordic Semiconductor ASAInventors: Hannu Talvitie, Marko Winblad
-
Publication number: 20230090750Abstract: An integrated-circuit radio transmitter chip comprises a transmitter, a cryptographic engine and control circuitry for the cryptographic engine. The cryptographic engine performs a cryptographic operation by receiving input data, performing a first process to generate first result data and a second process to generate second result data. The first and second result data are used to generate output data. In response to determining that the transmitter is active, the control circuity controls the cryptographic engine to perform the first process and prevents the cryptographic engine from performing the second process while the transmitter is active. The control circuitry controls the cryptographic engine to perform the second process in response to determining that the transmitter is not active.Type: ApplicationFiled: March 9, 2021Publication date: March 23, 2023Applicant: Nordic Semiconductor ASAInventors: Marko WINBLAD, Hannu TALVITIE
-
Patent number: 11456854Abstract: A cryptographic module is switchable between a key-input mode and a data-input mode. In the key-input mode, the cryptographic module receives key data, key length information and first input data, combines an amount of the key data corresponding to the key length information with the first input data to produce combined data, wherein a key-influenced length of the combined data is the shortest length of the combined data that contains every data bit of the combined data whose value depends on the key data. It performs a cryptographic operation on the combined data to generate first output data and does not output any of the first output data until after the cryptographic operation has been applied to all of the key-influenced length of the combined data.Type: GrantFiled: February 14, 2019Date of Patent: September 27, 2022Assignee: Nordic Semiconductor ASAInventors: Kauko Kutti, Jarmo Veikkola, Marko Winblad
-
Patent number: 11403003Abstract: An electronic device comprises a processor operable at a variable processor privilege level and a memory comprising a secure memory area. A hardware module is operable at a variable module privilege level and is arranged to access the memory directly. The secure memory area is accessible by the hardware module only when the module privilege level exceeds a threshold value. The device has a first mode of operation in which said processor privilege level is higher than said threshold value and said module privilege level is lower than said threshold value. A controller is arranged, upon receiving a privilege promotion signal and the device being in the first mode, to move the device to a second mode wherein the module privilege level is higher than said threshold value.Type: GrantFiled: May 10, 2019Date of Patent: August 2, 2022Assignee: Nordic Semiconductor ASAInventors: Hannu Talvitie, Marko Winblad
-
Patent number: 11386029Abstract: An electronic apparatus has a processor; a peripheral having a data interface and a data-attribute interface; a direct memory access (DMA) controller for the peripheral; a memory; a bus system connecting the processor, the DMA controller, and the memory; a data link between the DMA controller and the peripheral; and a data-attribute link between the DMA controller and the peripheral, separate from the data link. The DMA controller has data-transfer circuitry for transferring data between the memory and the data interface of the peripheral over the data link, and for transferring data-attribute information, associated with the data, between the memory and the data-attribute interface of the peripheral over the data-attribute link.Type: GrantFiled: May 28, 2019Date of Patent: July 12, 2022Assignee: Nordic Semiconductor ASAInventors: Marko Winblad, Markku Vähätaini, James Nevala, Matti Tiikkainen, Hannu Talvitie
-
Patent number: 11387980Abstract: A hardware cipher engine encrypts or decrypts a block of input data from a sequence of blocks using a cipher operation where the block of output data depends on the input block's position in the sequence. In a random-access mode of operation, the engine receives a sequence position, receives a block of input data having that position, and outputs a block of output data without outputting data that encrypts, or that decrypts, every block of input data preceding the received position. In some embodiments, the operation is a stream cipher, and the engine generates a sequence of keystream blocks and performs a combining operation between the input block and a keystream block having a corresponding sequence position. In other embodiments, the cipher operation is a block cipher, and the engine generates, but doesn't output, blocks of data that encrypt, or decrypt, one or more blocks preceding the received input block.Type: GrantFiled: December 13, 2018Date of Patent: July 12, 2022Assignee: Nordic Semiconductor ASAInventors: Veli-Pekka Junttila, Harri Matomäki, James Nevala, Matti Tiikkainen, Markku Vähätaini, Marko Winblad
-
Patent number: 11237820Abstract: A processing system is configured to process instructions in a delta file, received at an input of the processing system, to generate a target file from a source file and to regenerate the source file from the target file. The delta file comprises copy instructions and reversing data. The copy instructions instruct the processing system to include one or more copy strings from the source file in the target file. The reversing data is received as part of the delta file and is used to regenerate all of the source file that is outside the one or more copy strings. The processing system is configured to generate the target file from the source file by reading the copy strings from the source file and including them in the target file.Type: GrantFiled: May 28, 2019Date of Patent: February 1, 2022Assignee: Nordic Semiconductor ASAInventor: Marko Winblad
-
Publication number: 20210264048Abstract: A method for the protection of files is performed on an integrated-circuit device that comprises a hardware memory protection module, which controls access to regions of the memory depending on region-specific settings. A new file is created in the memory by storing metadata and content data for the new file in a common memory region. An access condition is set for the common memory region in the configuration settings of the hardware memory protection module. A file is retrieved from the memory by searching the memory to identify a file meeting a search criterion. The searching involves comparing the metadata of files from the memory against the search criterion in order to identify a file from the memory that meets the search criterion.Type: ApplicationFiled: June 26, 2019Publication date: August 26, 2021Applicant: Nordic Semiconductor ASAInventors: Jouko HOLOPAINEN, Marko WINBLAD
-
Publication number: 20210232337Abstract: An electronic device comprises a processor, a memory, a memory controller for controlling access to the memory, a hardware security module, and a bus system, to which the processor, the memory controller, and the hardware security module are connected. The hardware security module uses its connection to the bus system to detect requests on the bus system that are sent by the processor. The hardware security module has a secure state and a non-secure state. When in the secure state, the hardware security module adds a secure-state signal to requests sent by the processor over the bus system. The memory controller determines whether memory-access requests include the secure-state signal, and denies access to a secure region of the memory in response to receiving memory-access requests that do not include the secure-state signal.Type: ApplicationFiled: April 17, 2019Publication date: July 29, 2021Applicant: Nordic Semiconductor ASAInventors: Hannu TALVITIE, Marko WINBLAD
-
Publication number: 20210232381Abstract: A processing system is configured to process instructions in a delta file, received at an input of the processing system, to generate a target file from a source file and to regenerate the source file from the target file. The delta file comprises copy instructions and reversing data. The copy instructions instruct the processing system to include one or more copy strings from the source file in the target file. The reversing data is received as part of the delta file and is used to regenerate all of the source file that is outside the one or more copy strings. The processing system is configured to generate the target file from the source file by reading the copy strings from the source file and including them in the target file.Type: ApplicationFiled: May 28, 2019Publication date: July 29, 2021Applicant: Nordic Semiconductor ASAInventor: Marko WINBLAD
-
Publication number: 20210232327Abstract: An electronic device comprises a processor operable at a variable processor privilege level and a memory comprising a secure memory area. A hardware module is operable at a variable module privilege level and is arranged to access the memory directly. The secure memory area is accessible by the hardware module only when the module privilege level exceeds a threshold value. The device has a first mode of operation in which said processor privilege level is higher than said threshold value and said module privilege level is lower than said threshold value. A controller is arranged, upon receiving a privilege promotion signal and the device being in the first mode, to move the device to a second mode wherein the module privilege level is higher than said threshold value.Type: ApplicationFiled: May 10, 2019Publication date: July 29, 2021Applicant: Nordic Semiconductor ASAInventors: Hannu TALVITIE, Marko WINBLAD
-
Publication number: 20210218545Abstract: A cryptographic module is switchable between a key-input mode and a data-input mode. In the key-input mode, the cryptographic module receives key data, key length information and first input data, combines an amount of the key data corresponding to the key length information with the first input data to produce combined data, wherein a key-influenced length of the combined data is the shortest length of the combined data that contains every data bit of the combined data whose value depends on the key data. It performs a cryptographic operation on the combined data to generate first output data and does not output any of the first output data until after the cryptographic operation has been applied to all of the key-influenced length of the combined data.Type: ApplicationFiled: February 14, 2019Publication date: July 15, 2021Applicant: Nordic Semiconductor ASAInventors: Kauko KUTTI, Jarmo VEIKKOLA, Marko WINBLAD
-
Publication number: 20210216665Abstract: A hardware cryptographic engine comprises a direct-memory-access (DMA) input module for receiving input data over a memory bus, and a cryptographic module. The cryptographic module comprises an input register having an input-register length, and circuitry configured to perform a cryptographic operation on data in the input register. The hardware cryptographic engine further comprises an input-alignment buffer having a length that is less than twice said input-register length, and alignment circuitry performing an alignment operation on input data in the input-alignment buffer. The hardware cryptographic engine is configured to pass input data, received by the DMA input module, from the memory bus to the input register of the cryptographic module after buffering an amount of input data no greater than the length of the input-alignment buffer.Type: ApplicationFiled: May 29, 2019Publication date: July 15, 2021Applicant: Nordic Semiconductor ASAInventors: Marko WINBLAD, Markku VÄHÄTAINI, James NEVALA, Matti TIIKKAINEN, Hannu TALVITIE
-
Publication number: 20210216482Abstract: An electronic apparatus has a processor; a peripheral having a data interface and a data-attribute interface; a direct memory access (DMA) controller for the peripheral; a memory; a bus system connecting the processor, the DMA controller, and the memory; a data link between the DMA controller and the peripheral; and a data-attribute link between the DMA controller and the peripheral, separate from the data link. The DMA controller has data-transfer circuitry for transferring data between the memory and the data interface of the peripheral over the data link, and for transferring data-attribute information, associated with the data, between the memory and the data-attribute interface of the peripheral over the data-attribute link.Type: ApplicationFiled: May 28, 2019Publication date: July 15, 2021Applicant: Nordic Semiconductor ASAInventors: Marko WINBLAD, Markku VÄHÄTAINI, James NEVALA, Matti TIIKKAINEN, Hannu TALVITIE
-
Publication number: 20210055773Abstract: A method of controlling an electronic device including a memory and a removable smart card. The method involves the device sending a request for context data to the smart card. The smart card sends context data to the device in response to the request and stores this data in the memory and power to the smart card is reduced. Power to the smart card is then increased or restored, and the data is written back to the smart card.Type: ApplicationFiled: March 22, 2019Publication date: February 25, 2021Applicant: Nordic Semiconductor ASAInventors: Hannu TALVITIE, Marko WINBLAD, Veli-Pekka JUNTTILA
-
Publication number: 20200313860Abstract: A hardware cipher engine encrypts or decrypts a block of input data from a sequence of blocks using a cipher operation where the block of output data depends on the input block's position in the sequence. In a random-access mode of operation, the engine receives a sequence position, receives a block of input data having that position, and outputs a block of output data without outputting data that encrypts, or that decrypts, every block of input data preceding the received position. In some embodiments, the operation is a stream cipher, and the engine generates a sequence of keystream blocks and performs a combining operation between the input block and a keystream block having a corresponding sequence position. In other embodiments, the cipher operation is a block cipher, and the engine generates, but doesn't output, blocks of data that encrypt, or decrypt, one or more blocks preceding the received input block.Type: ApplicationFiled: December 13, 2018Publication date: October 1, 2020Applicant: Nordic Semiconductor ASAInventors: Veli-Pekka JUNTTILA, Harri MATOMÄKI, James NEVALA, Matti TIIKKAINEN, Markku VÄHÄTAINI, Marko WINBLAD
-
Patent number: 8140900Abstract: This invention relates to automatically establishing a connection between a testing and/or debugging interface to an integrated circuit and a connector of an apparatus, the connector being connectable to a testing and/or debugging apparatus configured to communicate with the testing and/or debugging interface via the connector in a testing and/or debugging mode of the apparatus and connectable to an accessory apparatus to be used in a normal operation mode of the apparatus, if the testing and/or debugging apparatus is connected to the connector, thereby establishing the testing and/or debugging mode of the apparatus.Type: GrantFiled: June 15, 2009Date of Patent: March 20, 2012Assignee: Nokia CorporationInventors: Zhigang Yang, Marko Winblad, Rolf Kühnis
-
Publication number: 20100318848Abstract: This invention relates to automatically establishing a connection between a testing and/or debugging interface to an integrated circuit and a connector of an apparatus, the connector being connectable to a testing and/or debugging apparatus configured to communicate with the testing and/or debugging interface via the connector in a testing and/or debugging mode of the apparatus and connectable to an accessory apparatus to be used in a normal operation mode of the apparatus, if the testing and/or debugging apparatus is connected to the connector, thereby establishing the testing and/or debugging mode of the apparatus.Type: ApplicationFiled: June 15, 2009Publication date: December 16, 2010Inventors: Zhigang Yang, Marko Winblad, Rolf Kühnis