Abstract: A set top box or like device utilizing virtualization techniques to isolate secure device resources from an untrusted software framework incorporated in the device. In one implementation, a first virtual machine container is provided for secure execution of a traditional set top box application, while a second virtual machine container is utilized to host a software framework or untrusted portions of a software framework. A secure access client/server interface is provided to support interactions between the first and second virtual machine containers. The software framework may comprise, for example, an Android framework supported by an underlying Linux operating system environment and isolated in a Linux resource container. Virtual container constructs in various embodiments may employ varying levels of hardware sandboxing, including use of dedicated processing resources in multi-processor environments.

Abstract: A set top box or like device utilizing trusted applications in conjunction with an untrusted software framework. In one implementation, trusted or certified applications are received from a service provider for execution by a software framework of the device. Certification of a trusted application may entail, for example, verifying that the application is executable by the device in a manner consist with the industry standard certification process. The software framework may comprise, for example, an Android framework supported by an underlying. Linux operating system environment and isolated in a Linux resource container. A secure access client/server interface may also be provided to support interactions between the software framework and trusted portions of the device. In further embodiments, both trusted applications and a set top box application utilized by the device to perform traditional set top box operations are implemented in at least one version of an Android or like framework.

Abstract: A set top box or like device incorporating an untrusted software framework as a client of a secure operating system kernel. The software framework may comprise, for example, an Android framework supported by an underlying Linux operating system environment having a secure kernel. The software framework can be executed using a variety of process isolation techniques depending on performance and isolation requirements. A secure access client/server interface may also be provided to support interactions between the untrusted software framework (and applications utilizing the untrusted software framework) and secure or trusted portions of the device. The secure access interface can be configured to perform operations such as handle validation, heap pointer validation, non-pointer parameter validation, heap isolation, and resource release relating to terminated processes.

Abstract: A set top box or like device utilizing virtualization techniques to isolate secure device resources from an untrusted software framework incorporated in the device. In one implementation, a first virtual machine container is provided for secure execution of a traditional set top box application, while a second virtual machine container is utilized to host a software framework or untrusted portions of a software framework. A secure access client/server interface is provided to support interactions between the first and second virtual machine containers. The software framework may comprise, for example, an Android framework supported by an underlying Linux operating system environment and isolated in a Linux resource container. Virtual container constructs in various embodiments may employ varying levels of hardware sandboxing, including use of dedicated processing resources in multi-processor environments.

Abstract: A set top box or like device utilizing trusted applications in conjunction with an untrusted software framework. In one implementation, trusted or certified applications are received from a service provider for execution by a software framework of the device. Certification of a trusted application may entail, for example, verifying that the application is executable by the device in a manner consist with the industry standard certification process. The software framework may comprise, for example, an Android framework supported by an underlying Linux operating system environment and isolated in a Linux resource container. A secure access client/server interface may also be provided to support interactions between the software framework and trusted portions of the device. In further embodiments, both trusted applications and a set top box application utilized by the device to perform traditional set top box operations are implemented in at least one version of an Android or like framework.

Abstract: A set top box or like device incorporating an untrusted software framework as a client of a secure operating system kernel. The software framework may comprise, for example, an Android framework supported by an underlying Linux operating system environment having a secure kernel. The software framework can be executed using a variety of process isolation techniques depending on performance and isolation requirements. A secure access client/server interface may also be provided to support interactions between the untrusted software framework (and applications utilizing the untrusted software framework) and secure or trusted portions of the device. The secure access interface can be configured to perform operations such as handle validation, heap pointer validation, non-pointer parameter validation, heap isolation, and resource release relating to terminated processes.

Abstract: Adaptive power management within media delivery system. Power management is performed for one or more devices within a media or signal delivery system. Depending upon one or more local and/or remote considerations associated with one or more of the devices within the system, various processing operations may undergo appropriate provisioning among the respective devices. Considering devices that are battery-powered, certain processing operations that may be highly power or energy consumptive may be offloaded to other devices having sufficient power or energy to effectuate such operations or that are not so limited or constrained by power energy (e.g., being wall powered or non-battery-powered). Operation of one or more of the devices in compliance with a power or energy constraint may be directed by a power management application resident on one or more of the devices within the system.

Abstract: A system for debugging software uses a portable debug environment-independent client debugger object and at least one non-portable server debugger object with platform-specific debugging logic. The client debugger object has a graphic user interface which allows a user to control and manipulate the server debugger object with debug environment-independent debug requests. The server debugger object performs a platform-specific debug operation on the software to be debugged. The platform-specific results generated by the debugging operation are translated to debug environment-independent results and returned to the client debugger object. This operation allows the same client debugger object to be used with one or more server debugger objects running on different platforms.