Abstract: A peripheral device, for use with a host, comprises one or more compute elements a security module and at least one encryption unit. The security module is configured to form a trusted execution environment on the peripheral device for processing sensitive data using sensitive code. The sensitive data and sensitive code are provided by a trusted computing entity which is in communication with the host computing device. The at least one encryption unit is configured to encrypt and decrypt data transferred between the trusted execution environment and the trusted computing entity via the host computing device. The security module is configured to compute and send an attestation to the trusted computing entity to attest that the sensitive code is in the trusted execution environment.

Abstract: A hub is configured to provide voice control without assistance from a remote system, which allows the hub to provide a user with the ability to control second devices in an environment by issuing voice commands, even when the hub is unable to communicate with the remote system over a wide area network (e.g., the Internet). The hub is also configured to execute rules without assistance from the remote system, which allows the hub to execute rules, even when the hub is unable to communicate with the remote system over a wide area network (e.g., the Internet).

Abstract: A peripheral device, for use with a host, comprises one or more compute elements a security module and at least one encryption unit. The security module is configured to form a trusted execution environment on the peripheral device for processing sensitive data using sensitive code. The sensitive data and sensitive code are provided by a trusted computing entity which is in communication with the host computing device. The at least one encryption unit is configured to encrypt and decrypt data transferred between the trusted execution environment and the trusted computing entity via the host computing device. The security module is configured to compute and send an attestation to the trusted computing entity to attest that the sensitive code is in the trusted execution environment.

Abstract: A processing system comprising one or more chips, each comprising a plurality of tiles is described. Each tile comprises a respective processing unit and memory, the memory storing a codelet. The processing system has at least one encryption unit configured to encrypt and decrypt data transferred between the tiles and a trusted computing entity via an external computing device. The codelets are configured to instruct the tiles to transfer the encrypted data by reading from and writing to a plurality of memory regions at the external memory such that a plurality of streams of encrypted data are formed, each stream using an individual one of the memory regions at the external computing device.

Abstract: In various examples there is a computer-implemented method of database construction. The method comprises storing a knowledge graph comprising nodes connected by edges, each node representing a topic. Accessing a topic type hierarchy comprising a plurality of types of topics, the topic type hierarchy having been computed from a corpus of text documents. One or more text documents are accessed and the method involves labelling a plurality of the nodes with one or more labels, each label denoting a topic type from the topic type hierarchy, by, using a deep language model; or for an individual one of the nodes representing a given topic, searching the accessed text documents for matches to at least one template, the template being a sequence of words and containing the given topic and a placeholder for a topic type; and storing the knowledge graph comprising the plurality of labelled nodes.

Abstract: In various examples there is a computer-implemented method of database construction. The method comprises storing a knowledge graph comprising nodes connected by edges, each node representing a topic. Accessing a topic type hierarchy comprising a plurality of types of topics, the topic type hierarchy having been computed from a corpus of text documents. One or more text documents are accessed and the method involves labelling a plurality of the nodes with one or more labels, each label denoting a topic type from the topic type hierarchy, by, using a deep language model; or for an individual one of the nodes representing a given topic, searching the accessed text documents for matches to at least one template, the template being a sequence of words and containing the given topic and a placeholder for a topic type; and storing the knowledge graph comprising the plurality of labelled nodes.

Abstract: A computer system has a separation mechanism which enforces separation between at least two execution environments such that one execution environment is a gatekeeper which interposes on all communications of the other execution environment. The computer system has an attestation mechanism which enables the gatekeeper to attest to properties of the at least two execution environments. A first one of the execution environments runs application specific code which may contain security vulnerabilities. The gatekeeper is configured to enforce an input output policy on the first execution environment by interposing on all communication to and from the first execution environment by forwarding, modifying or dropping individual ones of the communications according to the policy. The gatekeeper provides evidence of attestation both for the application specific code and the policy.

Abstract: A neural network training apparatus is described which has a network of worker nodes each having a memory storing a subgraph of a neural network to be trained. The apparatus has a control node connected to the network of worker nodes. The control node is configured to send training data instances into the network to trigger parallelized message passing operations which implement a training algorithm which trains the neural network. At least some of the message passing operations asynchronously update parameters of individual subgraphs of the neural network at the individual worker nodes.

Abstract: A neural network training apparatus is described which has a network of worker nodes each having a memory storing a subgraph of a neural network to be trained. The apparatus has a control node connected to the network of worker nodes. The control node is configured to send training data instances into the network to trigger parallelized message passing operations which implement a training algorithm which trains the neural network. At least some of the message passing operations asynchronously update parameters of individual subgraphs of the neural network at the individual worker nodes.

Abstract: A peripheral device, for use with a host, comprises one or more compute elements a security module and at least one encryption unit. The security module is configured to form a trusted execution environment on the peripheral device for processing sensitive data using sensitive code. The sensitive data and sensitive code are provided by a trusted computing entity which is in communication with the host computing device. The at least one encryption unit is configured to encrypt and decrypt data transferred between the trusted execution environment and the trusted computing entity via the host computing device. The security module is configured to compute and send an attestation to the trusted computing entity to attest that the sensitive code is in the trusted execution environment.

Abstract: A peripheral device, for use with a host, comprises one or more compute elements a security module and at least one encryption unit. The security module is configured to form a trusted execution environment on the peripheral device for processing sensitive data using sensitive code. The sensitive data and sensitive code are provided by a trusted computing entity which is in communication with the host computing device. The at least one encryption unit is configured to encrypt and decrypt data transferred between the trusted execution environment and the trusted computing entity via the host computing device. The security module is configured to compute and send an attestation to the trusted computing entity to attest that the sensitive code is in the trusted execution environment.

Abstract: A computer system has a separation mechanism which enforces separation between at least two execution environments such that one execution environment is a gatekeeper which interposes on all communications of the other execution environment. The computer system has an attestation mechanism which enables the gatekeeper to attest to properties of the at least two execution environments. A first one of the execution environments runs application specific code which may contain security vulnerabilities. The gatekeeper is configured to enforce an input output policy on the first execution environment by interposing on all communication to and from the first execution environment by forwarding, modifying or dropping individual ones of the communications according to the policy. The gatekeeper provides evidence of attestation both for the application specific code and the policy.

Abstract: A peripheral device, for use with a host, comprises one or more compute elements a security module and at least one encryption unit. The security module is configured to form a trusted execution environment on the peripheral device for processing sensitive data using sensitive code. The sensitive data and sensitive code are provided by a trusted computing entity which is in communication with the host computing device. The at least one encryption unit is configured to encrypt and decrypt data transferred between the trusted execution environment and the trusted computing entity via the host computing device. The security module is configured to compute and send an attestation to the trusted computing entity to attest that the sensitive code is in the trusted execution environment.

Abstract: In various examples there is a knowledge base construction and/or maintenance system for use with a probabilistic knowledge base. The system has a probabilistic generative model comprising a process for generating text or other formatted data from the knowledge base. The system has an inference component configured to generate inference results, by carrying out inference using inference algorithms, run on the probabilistic generative model, in either a forward direction whereby text or other formatted data is generated, or a reverse direction whereby text or other formatted data is observed and at least one unobserved variable of the probabilistic generative model is inferred. The inference component is configured to update the knowledge base using at least some of the inference results.

Abstract: A neural network training apparatus is described which has a network of worker nodes each having a memory storing a subgraph of a neural network to be trained. The apparatus has a control node connected to the network of worker nodes. The control node is configured to send training data instances into the network to trigger parallelized message passing operations which implement a training algorithm which trains the neural network. At least some of the message passing operations asynchronously update parameters of individual subgraphs of the neural network at the individual worker nodes.

Abstract: A method and system are provided for aspect scoping in a modularity runtime. The method includes declaring a set of aspects of a bundle as public aspects in a first aspect configuration file, and filtering the aspect configuration files imported by a bundle to the files from bundles on which the importing bundle has a dependency. The method includes declaring a set of aspects of a bundle as private aspects in a second aspect configuration file. At weaving of aspects at a bundle, the weaving includes: any aspects defined as private aspects; any aspects defined as public aspects; any imported aspects; and any first configuration files from exporting bundles are declared.

Abstract: The disclosure relates to a monitoring device for monitoring a surface of a roll of a roller crusher. The monitoring device includes a light emitter arranged to project a line on the surface of the roll, an image capturing device arranged to capture an image of a portion of the surface, the portion including at least a part of the projected line, and a processor unit arranged to process the image to determine information about the surface. The disclosure also relates to a high pressure roller crusher, a sizer, a use of a monitoring device, a method for monitoring a surface of a roll of a roller crusher, and a computer program.

Abstract: The invention relates to method and system for using PKCS and especially PKCS#10 registration standard on a mobile environment and in particularly in a WPKI (Wireless PKI) environment comprising a registration server and a client provided with a key pair is provided only with a part of the certificate request info defined on the PKCS registration standard. A PKCS registration structure is formed by the client of said part of the certificate request info and the public key to be registered, after which a verifying code is determined using at least part of said formed PKCS registration structure. Finally said verifying code and the public key are delivered to the registration server advantageously without delivering said part of the certificate request info received at first by the client.

Abstract: Operating an integrated development environment in a data processing system comprising running a source code editor, displaying source code in a graphical interface of the source code editor, displaying at least one cross-reference marker, the at least one cross-reference marker indicating crosscutting in the source code, receiving an input, changing one or more cross-reference markers, and highlighting the one or more changed cross-reference marker.

Abstract: A method of obtaining trace data with respect to a running software program includes accessing a method in a call stack, the call stack including a sequentially ordered list of methods called during the running of the software program. If the accessed method in the call stack falls between a minimum trace offset and a maximum trace offset where the minimum trace offset and the maximum trace offset define a trace window, obtaining trace data for the method and outputting it to an output stream which is then collected into a trace data storage. If the trace data in the trace data storage meets predetermined adaptation rules then changing the position in the call stack of at least one of the minimum trace offset and the maximum trace offset.