Patents by Inventor Andreas Lars SANDBERG

Andreas Lars SANDBERG has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 12073104
    Abstract: There is provided a memory protection unit configured to maintain region metadata associated with storage regions of off-chip storage and protection metadata associated with each of the storage regions. The protection metadata is stored in the off-chip storage, and the region metadata encodes whether each of the storage regions belongs to a set of protected storage regions or to a set of unprotected storage regions and encodes information indicating corresponding protection metadata associated with each storage region. The memory protection unit is configured to update the region metadata in response to a region update request identifying a given storage region for which the region metadata is to be modified and to dynamically adjust an amount of memory required to store protection metadata associated with the set of protected storage regions in response to the update to the region metadata.
    Type: Grant
    Filed: April 13, 2023
    Date of Patent: August 27, 2024
    Assignee: Arm Limited
    Inventors: Roberto Avanzi, Andreas Lars Sandberg, David Helmut Schall
  • Publication number: 20240264924
    Abstract: A computer implemented method is provided. The computer implemented method includes receiving an intermediate representation of a source code, intentionally injecting a weak code path at a point within the intermediate representation to create a modified intermediate representation, performing a path profiling on the modified intermediate representation to generate a particular path identifier for each path within the modified intermediate representation, and identifying the particular path identifier of the weak code path for use by a monitoring system. A monitoring system is also provided. The monitoring system monitors an executable code during runtime for execution of a path having a particular path identifier corresponding to the injected intentionally weak code path.
    Type: Application
    Filed: February 7, 2023
    Publication date: August 8, 2024
    Inventors: Michael BARTLING, Brendan James MORAN, Andreas Lars SANDBERG
  • Publication number: 20240264801
    Abstract: A 1-hot path signature accelerator includes a register, first and second accumulator, and an outer product circuit. The register stores an input frame, where the input frame has, at most, one bit of each element set. The first accumulator calculates a present summation by adding the input frame to a previous sum of previous input frames inputted to the 1-hot path signature accelerator within a timeframe. The outer product circuit receives each element of the present summation from the first accumulator and each element of the input frame stored in the register to output a present outer product. Since the input frame has at most one bit of each element set, the outer product circuit is reduced to a logical operation. The second accumulator outputs a present second-layer summation by adding the present outer product to a previous second-layer sum of outputs from the outer product circuit within the timeframe.
    Type: Application
    Filed: February 6, 2023
    Publication date: August 8, 2024
    Inventors: Brendan James MORAN, Michael BARTLING, Andreas Lars SANDBERG
  • Patent number: 12038846
    Abstract: A page table structure for address translation may include a relative type of page table entry, for which an address pointer to a next-level page table entry or a translated address may be specified using a relative offset value indicating an offset of the address pointer relative to a reference-point base address.
    Type: Grant
    Filed: January 3, 2020
    Date of Patent: July 16, 2024
    Assignee: Arm Limited
    Inventors: Andreas Lars Sandberg, Stephan Diestelhorst
  • Publication number: 20240220395
    Abstract: An apparatus and method are described for generating debug information. The apparatus has processing circuitry for executing a sequence of instructions that includes a plurality of debug information triggering instructions, and debug information generating circuitry for coupling to a debug port. On executing a given debug information triggering instruction, the processing circuitry is arranged to trigger the debug information generating circuitry to generate a debug information signal whose form is dependent on a control parameter specified by the given debug information triggering instruction. The generated debug information signal is output from the debug port for reference by a debugger. The control parameter is such that the form of the debug information signal enables the debugger to determine a state of the processing circuitry when the given debug information triggering instruction was executed.
    Type: Application
    Filed: February 10, 2022
    Publication date: July 4, 2024
    Applicant: Arm Limited
    Inventors: Parameshwarappa Anand Kumar Savanth, Sahan Sajeewa Hiniduma Udugama Gamage, Wei Wang, Andreas Lars Sandberg
  • Patent number: 12010242
    Abstract: To protect the integrity of data stored in a protected area of memory, data in the protected area of memory is retrieved in data blocks and an authentication code is associated with a memory granule contiguously comprising a first data block and a second data block. Calculation of the authentication code comprises a cryptographic calculation based on a first hash value determined from the first data block and a second hash value determined from the second data block. A hash value cache is provided to store hash values determined from data blocks retrieved from the protected area of the memory. When the first data block and its associated authentication code are retrieved from memory, a lookup for the second hash value in the hash value cache is performed, and a verification authentication code is calculated for the memory granule to which that data block belongs. The integrity of the first data block is contingent on the verification authentication code matching the retrieved authentication code.
    Type: Grant
    Filed: July 10, 2020
    Date of Patent: June 11, 2024
    Assignee: Arm Limited
    Inventors: Roberto Avanzi, Andreas Lars Sandberg, Michael Andrew Campbell, Matthias Lothar Boettcher, Prakash S. Ramrakhyani
  • Patent number: 11960945
    Abstract: Message passing circuitry comprises lookup circuitry responsive to a producer request indicating message data provided on a target message channel by a producer node of a system-on-chip, to obtain, from a channel consumer information structure, selected channel consumer information associated with a given consumer node subscribing to the target message channel. Control circuitry writes the message data to a location associated with an address in a consumer-defined region of address space determined based on the selected channel consumer information. When an event notification condition is satisfied for the target message channel and the given consumer node, and an event notification channel is to be used, event notification data is written to a location associated with an address in a consumer-defined region of address space determined based on event notification channel consumer information associated with the event notification channel.
    Type: Grant
    Filed: April 8, 2021
    Date of Patent: April 16, 2024
    Assignee: Arm Limited
    Inventors: Jonathan Curtis Beard, Curtis Glenn Dunham, Andreas Lars Sandberg, Roxana Rusitoru
  • Publication number: 20240080193
    Abstract: An apparatus comprises counter integrity tree circuitry to maintain a counter integrity tree having a plurality of nodes. The counter integrity tree circuitry is configured to store, in a first node of the counter integrity tree, an encrypted representation of two or more non-repeating counters and in a second, parent, node, an indication of a function value equal to a non-repeating function of the two or more non-repeating counters of the first node. The apparatus comprises integrity checking circuitry configured to check the integrity of the first node using the function value retrieved from the second node.
    Type: Application
    Filed: August 9, 2023
    Publication date: March 7, 2024
    Applicant: Arm Limited
    Inventors: Andreas Lars Sandberg, Roberto Avanzi, Alexander Klimov
  • Publication number: 20240078323
    Abstract: An apparatus comprises counter tree circuitry configured to store, in a first node of a counter tree, a representation of a parent counter value and in a second node of the counter tree, wherein the second node is a child node of the first node, an encrypted representation of two or more counter values. The encryption operation for forming the encrypted representation of the two or more counter values takes as an input the parent counter value. The apparatus also comprises integrity checking circuitry to check the integrity of an item of data retrieved from memory based on a comparison between a stored authentication code and a generated authentication code generated based on the item of data and a decrypted counter value determined from an encrypted representation of a counter value retrieved from the second node, decrypted using a parent counter value retrieved from the first node.
    Type: Application
    Filed: August 9, 2023
    Publication date: March 7, 2024
    Applicant: Arm Limited
    Inventors: Alexander Klimov, Andreas Lars Sandberg, Roberto Avanzi
  • Publication number: 20240078326
    Abstract: An apparatus and method are described for providing a trusted execution environment. The apparatus comprises processing circuitry to execute program code, and interrupt controller circuitry, responsive to receipt of one or more interrupt requests, to select a given interrupt request from amongst the one or more interrupt requests, and to issue an interrupt signal to the processing circuitry identifying a given interrupt service routine providing program code to be executed by the processing circuitry to service the given interrupt request. The interrupt controller circuitry is responsive to the given interrupt request being a trusted execution environment (TEE) interrupt request, to issue the interrupt signal to identify as the given interrupt service routine a TEE interrupt service routine, and to inhibit issuance of any further interrupt signal until the TEE interrupt service routine has been executed by the processing circuitry.
    Type: Application
    Filed: September 6, 2022
    Publication date: March 7, 2024
    Inventors: Brendan James MORAN, Adrian Laurence SHAW, Andreas Lars SANDBERG
  • Patent number: 11853228
    Abstract: Partial-address-translation-invalidation request to cause cache control circuitry to: identify whether a given cache entry of the address translation cache is a target cache entry to be invalidated, wherein the target cache entry comprises a cache entry for which the address translation data comprises partial address translation data indicative of an address of the next level page table specified by a table address of a target page table entry when used as the branch page table entry; and trigger an invalidation of the given cache entry when the given cache entry is identified to be the target cache entry. The given cache entry is permitted to be retained when the given cache entry provides full address translation data indicative of an address of a corresponding region of address space corresponding to an output address specified by the target page table entry when used as the leaf page table entry.
    Type: Grant
    Filed: June 10, 2022
    Date of Patent: December 26, 2023
    Assignee: Arm Limited
    Inventor: Andreas Lars Sandberg
  • Publication number: 20230409487
    Abstract: Partial-address-translation-invalidation request to cause cache control circuitry to: identify whether a given cache entry of the address translation cache is a target cache entry to be invalidated, wherein the target cache entry comprises a cache entry for which the address translation data comprises partial address translation data indicative of an address of the next level page table specified by a table address of a target page table entry when used as the branch page table entry; and trigger an invalidation of the given cache entry when the given cache entry is identified to be the target cache entry. The given cache entry is permitted to be retained when the given cache entry provides full address translation data indicative of an address of a corresponding region of address space corresponding to an output address specified by the target page table entry when used as the leaf page table entry.
    Type: Application
    Filed: June 10, 2022
    Publication date: December 21, 2023
    Inventor: Andreas Lars SANDBERG
  • Publication number: 20230342150
    Abstract: Apparatuses and methods for branch prediction are provided. Branch prediction circuitry generates prediction with respect to branch instructions of whether those branches will be taken or not-taken. Hypervector generation circuitry assigns an arbitrary hypervector in deterministic dependence on an address of each branch instruction, wherein the hypervectors comprises at least 500 bits. Upon the resolution of a branch a corresponding hypervector is added to a stored taken hypervector or a stored not-taken hypervector in dependence on the resolution of the branch. The branch prediction circuitry generates a prediction for a branch instructions in dependence on a mathematical distance metric of a hypervector generated for that branch instruction from the stored taken hypervector or the not-taken hypervector.
    Type: Application
    Filed: November 26, 2020
    Publication date: October 26, 2023
    Inventors: Ilias VOUGIOUKAS, Andreas Lars SANDBERG, Nikos NIKOLERIS
  • Publication number: 20230259660
    Abstract: A data integrity tree for memory security comprises a plurality of nodes, wherein a linked series of nodes of the data integrity tree protects a data item stored in memory. A parent node in the linked series of nodes comprises a plurality of counters, each associated with a respective child node and providing an input to a protection function associated with the respective child node. A node authentication code protects the plurality of counters in each parent node and is dependent on a counter in a node above the parent node in the data integrity tree. A plurality of hash value child nodes each comprises a plurality of encrypted hash values generated as a function of a respective block of data stored in the memory and as a function of a counter comprised in a node above the hash value child node in the data integrity tree.
    Type: Application
    Filed: June 25, 2021
    Publication date: August 17, 2023
    Inventors: Andreas Lars SANDBERG, Roberto AVANZI
  • Patent number: 11658808
    Abstract: Memory control circuitry controls access to data stored in memory, and memory security circuitry generates encrypted data to be stored in the memory. The encrypted data is based on target data and a first one-time-pad (OTP). In response to an OTP update event indicating that the first OTP is to be updated to a second OTP different from the first OTP, the memory security circuitry generates a re-encryption value based on the first OTP and the second OTP, and the memory security circuitry to issues a re-encryption request to cause updated encrypted data to be generated in a downstream component based on the encrypted data and the re-encryption value and to cause the encrypted data to be replaced in the memory by the updated encrypted data.
    Type: Grant
    Filed: August 21, 2019
    Date of Patent: May 23, 2023
    Assignee: Arm Limited
    Inventors: Andreas Lars Sandberg, Matthias Lothar Boettcher, Prakash S. Ramrakhyani
  • Patent number: 11657003
    Abstract: Apparatus comprises two or more processing devices each having an associated translation lookaside buffer to store translation data defining address translations between virtual and physical memory addresses, each address translation being associated with a respective virtual address space; and control circuitry to control the transfer of at least a subset of the translation data from the translation lookaside buffer associated with a first processing device to the translation lookaside buffer associated with a second, different, processing device.
    Type: Grant
    Filed: January 31, 2020
    Date of Patent: May 23, 2023
    Assignee: Arm Limited
    Inventors: Ilias Vougioukas, Nikos Nikoleris, Andreas Lars Sandberg, Stephan Diestelhorst
  • Publication number: 20230113906
    Abstract: An apparatus including memory access circuitry for controlling access to data stored in the non-trusted memory, and memory security circuitry to verify integrity of data stored in the non-trusted memory. The memory security circuitry has authentication code generation circuitry for generating authentication codes to be associated with the data stored in the non-trusted memory, for use when verifying the integrity of the data. The apparatus also has a trusted storage, and the authentication code generation circuitry is arranged to generate different authentication codes, dependent on whether the authentication code is to be stored in the non-trusted memory or the trusted storage.
    Type: Application
    Filed: November 12, 2020
    Publication date: April 13, 2023
    Inventors: Hector MONTANER MAS, Andreas Lars SANDBERG, Roberto AVANZI
  • Publication number: 20220327009
    Abstract: Message passing circuitry comprises lookup circuitry responsive to a producer request indicating message data provided on a target message channel by a producer node of a system-on-chip, to obtain, from a channel consumer information structure, selected channel consumer information associated with a given consumer node subscribing to the target message channel. Control circuitry writes the message data to a location associated with an address in a consumer-defined region of address space determined based on the selected channel consumer information. When an event notification condition is satisfied for the target message channel and the given consumer node, and an event notification channel is to be used, event notification data is written to a location associated with an address in a consumer-defined region of address space determined based on event notification channel consumer information associated with the event notification channel.
    Type: Application
    Filed: April 8, 2021
    Publication date: October 13, 2022
    Inventors: Jonathan Curtis BEARD, Curtis Glenn DUNHAM, Andreas Lars SANDBERG, Roxana RUSITORU
  • Publication number: 20220188245
    Abstract: A page table structure for address translation may include a relative type of page table entry, for which an address pointer to a next-level page table entry or a translated address may be specified using a relative offset value indicating an offset of the address pointer relative to a reference-point base address.
    Type: Application
    Filed: January 3, 2020
    Publication date: June 16, 2022
    Inventors: Andreas Lars SANDBERG, Stephan DIESTELHORST
  • Patent number: 11281434
    Abstract: An apparatus and method are provided for maintaining a counter value. The apparatus has first counter control circuitry for maintaining a first counter value representing a first portion of a hybrid counter value, and second counter control circuitry for maintaining a second counter value representing a second portion of the hybrid counter value, wherein the second portion is a higher order portion of the hybrid counter value than the first portion. The first counter control circuitry is arranged to maintain the first counter value as a binary value that indicates a magnitude of the first counter value, the first counter control circuitry comprising adder circuitry that is responsive to an adjustment value to update the first counter value by performing an addition operation to add the adjustment value to a current binary value of the first counter value, and to generate a carry out signal which is set when a carry out is generated by the addition operation.
    Type: Grant
    Filed: January 17, 2020
    Date of Patent: March 22, 2022
    Assignee: Arm Limited
    Inventors: Andreas Lars Sandberg, Matthias Lothar Boettcher