Patents by Inventor Andreas Lars SANDBERG
Andreas Lars SANDBERG has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 12073104Abstract: There is provided a memory protection unit configured to maintain region metadata associated with storage regions of off-chip storage and protection metadata associated with each of the storage regions. The protection metadata is stored in the off-chip storage, and the region metadata encodes whether each of the storage regions belongs to a set of protected storage regions or to a set of unprotected storage regions and encodes information indicating corresponding protection metadata associated with each storage region. The memory protection unit is configured to update the region metadata in response to a region update request identifying a given storage region for which the region metadata is to be modified and to dynamically adjust an amount of memory required to store protection metadata associated with the set of protected storage regions in response to the update to the region metadata.Type: GrantFiled: April 13, 2023Date of Patent: August 27, 2024Assignee: Arm LimitedInventors: Roberto Avanzi, Andreas Lars Sandberg, David Helmut Schall
-
Publication number: 20240264924Abstract: A computer implemented method is provided. The computer implemented method includes receiving an intermediate representation of a source code, intentionally injecting a weak code path at a point within the intermediate representation to create a modified intermediate representation, performing a path profiling on the modified intermediate representation to generate a particular path identifier for each path within the modified intermediate representation, and identifying the particular path identifier of the weak code path for use by a monitoring system. A monitoring system is also provided. The monitoring system monitors an executable code during runtime for execution of a path having a particular path identifier corresponding to the injected intentionally weak code path.Type: ApplicationFiled: February 7, 2023Publication date: August 8, 2024Inventors: Michael BARTLING, Brendan James MORAN, Andreas Lars SANDBERG
-
Publication number: 20240264801Abstract: A 1-hot path signature accelerator includes a register, first and second accumulator, and an outer product circuit. The register stores an input frame, where the input frame has, at most, one bit of each element set. The first accumulator calculates a present summation by adding the input frame to a previous sum of previous input frames inputted to the 1-hot path signature accelerator within a timeframe. The outer product circuit receives each element of the present summation from the first accumulator and each element of the input frame stored in the register to output a present outer product. Since the input frame has at most one bit of each element set, the outer product circuit is reduced to a logical operation. The second accumulator outputs a present second-layer summation by adding the present outer product to a previous second-layer sum of outputs from the outer product circuit within the timeframe.Type: ApplicationFiled: February 6, 2023Publication date: August 8, 2024Inventors: Brendan James MORAN, Michael BARTLING, Andreas Lars SANDBERG
-
Patent number: 12038846Abstract: A page table structure for address translation may include a relative type of page table entry, for which an address pointer to a next-level page table entry or a translated address may be specified using a relative offset value indicating an offset of the address pointer relative to a reference-point base address.Type: GrantFiled: January 3, 2020Date of Patent: July 16, 2024Assignee: Arm LimitedInventors: Andreas Lars Sandberg, Stephan Diestelhorst
-
Publication number: 20240220395Abstract: An apparatus and method are described for generating debug information. The apparatus has processing circuitry for executing a sequence of instructions that includes a plurality of debug information triggering instructions, and debug information generating circuitry for coupling to a debug port. On executing a given debug information triggering instruction, the processing circuitry is arranged to trigger the debug information generating circuitry to generate a debug information signal whose form is dependent on a control parameter specified by the given debug information triggering instruction. The generated debug information signal is output from the debug port for reference by a debugger. The control parameter is such that the form of the debug information signal enables the debugger to determine a state of the processing circuitry when the given debug information triggering instruction was executed.Type: ApplicationFiled: February 10, 2022Publication date: July 4, 2024Applicant: Arm LimitedInventors: Parameshwarappa Anand Kumar Savanth, Sahan Sajeewa Hiniduma Udugama Gamage, Wei Wang, Andreas Lars Sandberg
-
Patent number: 12010242Abstract: To protect the integrity of data stored in a protected area of memory, data in the protected area of memory is retrieved in data blocks and an authentication code is associated with a memory granule contiguously comprising a first data block and a second data block. Calculation of the authentication code comprises a cryptographic calculation based on a first hash value determined from the first data block and a second hash value determined from the second data block. A hash value cache is provided to store hash values determined from data blocks retrieved from the protected area of the memory. When the first data block and its associated authentication code are retrieved from memory, a lookup for the second hash value in the hash value cache is performed, and a verification authentication code is calculated for the memory granule to which that data block belongs. The integrity of the first data block is contingent on the verification authentication code matching the retrieved authentication code.Type: GrantFiled: July 10, 2020Date of Patent: June 11, 2024Assignee: Arm LimitedInventors: Roberto Avanzi, Andreas Lars Sandberg, Michael Andrew Campbell, Matthias Lothar Boettcher, Prakash S. Ramrakhyani
-
Patent number: 11960945Abstract: Message passing circuitry comprises lookup circuitry responsive to a producer request indicating message data provided on a target message channel by a producer node of a system-on-chip, to obtain, from a channel consumer information structure, selected channel consumer information associated with a given consumer node subscribing to the target message channel. Control circuitry writes the message data to a location associated with an address in a consumer-defined region of address space determined based on the selected channel consumer information. When an event notification condition is satisfied for the target message channel and the given consumer node, and an event notification channel is to be used, event notification data is written to a location associated with an address in a consumer-defined region of address space determined based on event notification channel consumer information associated with the event notification channel.Type: GrantFiled: April 8, 2021Date of Patent: April 16, 2024Assignee: Arm LimitedInventors: Jonathan Curtis Beard, Curtis Glenn Dunham, Andreas Lars Sandberg, Roxana Rusitoru
-
Publication number: 20240080193Abstract: An apparatus comprises counter integrity tree circuitry to maintain a counter integrity tree having a plurality of nodes. The counter integrity tree circuitry is configured to store, in a first node of the counter integrity tree, an encrypted representation of two or more non-repeating counters and in a second, parent, node, an indication of a function value equal to a non-repeating function of the two or more non-repeating counters of the first node. The apparatus comprises integrity checking circuitry configured to check the integrity of the first node using the function value retrieved from the second node.Type: ApplicationFiled: August 9, 2023Publication date: March 7, 2024Applicant: Arm LimitedInventors: Andreas Lars Sandberg, Roberto Avanzi, Alexander Klimov
-
Publication number: 20240078323Abstract: An apparatus comprises counter tree circuitry configured to store, in a first node of a counter tree, a representation of a parent counter value and in a second node of the counter tree, wherein the second node is a child node of the first node, an encrypted representation of two or more counter values. The encryption operation for forming the encrypted representation of the two or more counter values takes as an input the parent counter value. The apparatus also comprises integrity checking circuitry to check the integrity of an item of data retrieved from memory based on a comparison between a stored authentication code and a generated authentication code generated based on the item of data and a decrypted counter value determined from an encrypted representation of a counter value retrieved from the second node, decrypted using a parent counter value retrieved from the first node.Type: ApplicationFiled: August 9, 2023Publication date: March 7, 2024Applicant: Arm LimitedInventors: Alexander Klimov, Andreas Lars Sandberg, Roberto Avanzi
-
Publication number: 20240078326Abstract: An apparatus and method are described for providing a trusted execution environment. The apparatus comprises processing circuitry to execute program code, and interrupt controller circuitry, responsive to receipt of one or more interrupt requests, to select a given interrupt request from amongst the one or more interrupt requests, and to issue an interrupt signal to the processing circuitry identifying a given interrupt service routine providing program code to be executed by the processing circuitry to service the given interrupt request. The interrupt controller circuitry is responsive to the given interrupt request being a trusted execution environment (TEE) interrupt request, to issue the interrupt signal to identify as the given interrupt service routine a TEE interrupt service routine, and to inhibit issuance of any further interrupt signal until the TEE interrupt service routine has been executed by the processing circuitry.Type: ApplicationFiled: September 6, 2022Publication date: March 7, 2024Inventors: Brendan James MORAN, Adrian Laurence SHAW, Andreas Lars SANDBERG
-
Patent number: 11853228Abstract: Partial-address-translation-invalidation request to cause cache control circuitry to: identify whether a given cache entry of the address translation cache is a target cache entry to be invalidated, wherein the target cache entry comprises a cache entry for which the address translation data comprises partial address translation data indicative of an address of the next level page table specified by a table address of a target page table entry when used as the branch page table entry; and trigger an invalidation of the given cache entry when the given cache entry is identified to be the target cache entry. The given cache entry is permitted to be retained when the given cache entry provides full address translation data indicative of an address of a corresponding region of address space corresponding to an output address specified by the target page table entry when used as the leaf page table entry.Type: GrantFiled: June 10, 2022Date of Patent: December 26, 2023Assignee: Arm LimitedInventor: Andreas Lars Sandberg
-
Publication number: 20230409487Abstract: Partial-address-translation-invalidation request to cause cache control circuitry to: identify whether a given cache entry of the address translation cache is a target cache entry to be invalidated, wherein the target cache entry comprises a cache entry for which the address translation data comprises partial address translation data indicative of an address of the next level page table specified by a table address of a target page table entry when used as the branch page table entry; and trigger an invalidation of the given cache entry when the given cache entry is identified to be the target cache entry. The given cache entry is permitted to be retained when the given cache entry provides full address translation data indicative of an address of a corresponding region of address space corresponding to an output address specified by the target page table entry when used as the leaf page table entry.Type: ApplicationFiled: June 10, 2022Publication date: December 21, 2023Inventor: Andreas Lars SANDBERG
-
Publication number: 20230342150Abstract: Apparatuses and methods for branch prediction are provided. Branch prediction circuitry generates prediction with respect to branch instructions of whether those branches will be taken or not-taken. Hypervector generation circuitry assigns an arbitrary hypervector in deterministic dependence on an address of each branch instruction, wherein the hypervectors comprises at least 500 bits. Upon the resolution of a branch a corresponding hypervector is added to a stored taken hypervector or a stored not-taken hypervector in dependence on the resolution of the branch. The branch prediction circuitry generates a prediction for a branch instructions in dependence on a mathematical distance metric of a hypervector generated for that branch instruction from the stored taken hypervector or the not-taken hypervector.Type: ApplicationFiled: November 26, 2020Publication date: October 26, 2023Inventors: Ilias VOUGIOUKAS, Andreas Lars SANDBERG, Nikos NIKOLERIS
-
Publication number: 20230259660Abstract: A data integrity tree for memory security comprises a plurality of nodes, wherein a linked series of nodes of the data integrity tree protects a data item stored in memory. A parent node in the linked series of nodes comprises a plurality of counters, each associated with a respective child node and providing an input to a protection function associated with the respective child node. A node authentication code protects the plurality of counters in each parent node and is dependent on a counter in a node above the parent node in the data integrity tree. A plurality of hash value child nodes each comprises a plurality of encrypted hash values generated as a function of a respective block of data stored in the memory and as a function of a counter comprised in a node above the hash value child node in the data integrity tree.Type: ApplicationFiled: June 25, 2021Publication date: August 17, 2023Inventors: Andreas Lars SANDBERG, Roberto AVANZI
-
Patent number: 11658808Abstract: Memory control circuitry controls access to data stored in memory, and memory security circuitry generates encrypted data to be stored in the memory. The encrypted data is based on target data and a first one-time-pad (OTP). In response to an OTP update event indicating that the first OTP is to be updated to a second OTP different from the first OTP, the memory security circuitry generates a re-encryption value based on the first OTP and the second OTP, and the memory security circuitry to issues a re-encryption request to cause updated encrypted data to be generated in a downstream component based on the encrypted data and the re-encryption value and to cause the encrypted data to be replaced in the memory by the updated encrypted data.Type: GrantFiled: August 21, 2019Date of Patent: May 23, 2023Assignee: Arm LimitedInventors: Andreas Lars Sandberg, Matthias Lothar Boettcher, Prakash S. Ramrakhyani
-
Patent number: 11657003Abstract: Apparatus comprises two or more processing devices each having an associated translation lookaside buffer to store translation data defining address translations between virtual and physical memory addresses, each address translation being associated with a respective virtual address space; and control circuitry to control the transfer of at least a subset of the translation data from the translation lookaside buffer associated with a first processing device to the translation lookaside buffer associated with a second, different, processing device.Type: GrantFiled: January 31, 2020Date of Patent: May 23, 2023Assignee: Arm LimitedInventors: Ilias Vougioukas, Nikos Nikoleris, Andreas Lars Sandberg, Stephan Diestelhorst
-
Publication number: 20230113906Abstract: An apparatus including memory access circuitry for controlling access to data stored in the non-trusted memory, and memory security circuitry to verify integrity of data stored in the non-trusted memory. The memory security circuitry has authentication code generation circuitry for generating authentication codes to be associated with the data stored in the non-trusted memory, for use when verifying the integrity of the data. The apparatus also has a trusted storage, and the authentication code generation circuitry is arranged to generate different authentication codes, dependent on whether the authentication code is to be stored in the non-trusted memory or the trusted storage.Type: ApplicationFiled: November 12, 2020Publication date: April 13, 2023Inventors: Hector MONTANER MAS, Andreas Lars SANDBERG, Roberto AVANZI
-
Publication number: 20220327009Abstract: Message passing circuitry comprises lookup circuitry responsive to a producer request indicating message data provided on a target message channel by a producer node of a system-on-chip, to obtain, from a channel consumer information structure, selected channel consumer information associated with a given consumer node subscribing to the target message channel. Control circuitry writes the message data to a location associated with an address in a consumer-defined region of address space determined based on the selected channel consumer information. When an event notification condition is satisfied for the target message channel and the given consumer node, and an event notification channel is to be used, event notification data is written to a location associated with an address in a consumer-defined region of address space determined based on event notification channel consumer information associated with the event notification channel.Type: ApplicationFiled: April 8, 2021Publication date: October 13, 2022Inventors: Jonathan Curtis BEARD, Curtis Glenn DUNHAM, Andreas Lars SANDBERG, Roxana RUSITORU
-
Publication number: 20220188245Abstract: A page table structure for address translation may include a relative type of page table entry, for which an address pointer to a next-level page table entry or a translated address may be specified using a relative offset value indicating an offset of the address pointer relative to a reference-point base address.Type: ApplicationFiled: January 3, 2020Publication date: June 16, 2022Inventors: Andreas Lars SANDBERG, Stephan DIESTELHORST
-
Patent number: 11281434Abstract: An apparatus and method are provided for maintaining a counter value. The apparatus has first counter control circuitry for maintaining a first counter value representing a first portion of a hybrid counter value, and second counter control circuitry for maintaining a second counter value representing a second portion of the hybrid counter value, wherein the second portion is a higher order portion of the hybrid counter value than the first portion. The first counter control circuitry is arranged to maintain the first counter value as a binary value that indicates a magnitude of the first counter value, the first counter control circuitry comprising adder circuitry that is responsive to an adjustment value to update the first counter value by performing an addition operation to add the adjustment value to a current binary value of the first counter value, and to generate a carry out signal which is set when a carry out is generated by the addition operation.Type: GrantFiled: January 17, 2020Date of Patent: March 22, 2022Assignee: Arm LimitedInventors: Andreas Lars Sandberg, Matthias Lothar Boettcher