Patents by Inventor Frank Hellwig

Frank Hellwig has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11288404
    Abstract: A System on Chip (SoC), including a plurality of processor cores including a secure master, which is configured to run security software, and a non-secure master, which is configured to run non-security software; a resource configured to be shared by the secure master and the non-secure master; and a state machine configured to protect the resource by allowing only the secure master to transition the resource to a particular state of the state machine, and allowing only the non-secure master to transition the resource to another particular state of the state machine.
    Type: Grant
    Filed: June 14, 2019
    Date of Patent: March 29, 2022
    Assignee: Infineon Technologies AG
    Inventors: Albrecht Mayer, Glenn Ashley Farrall, Frank Hellwig
  • Patent number: 11227072
    Abstract: The present disclosure relates to a security device, a system, and a method for securing a control apparatus. The security device includes a data security unit which is configured to secure data, data communication and information, and includes a first security component inside the data security unit to operate in a first operating mode, and at least one first monitoring unit to operate in a high-availability mode which, said first monitoring unit being configured to detect a fault present in the first security component. The high-availability mode is different from the first operating mode. The security device further includes a second security component which is configured to operate in the high-availability mode and to output a first response signal if a fault is detected by the first monitoring, where the high-availability mode is available independently from the first operating mode.
    Type: Grant
    Filed: August 22, 2018
    Date of Patent: January 18, 2022
    Inventors: Avni Bildhaiya, Viola Rieger, Frank Hellwig, Alexander Zeh
  • Publication number: 20210374290
    Abstract: A security hardware device is configured to secure a control apparatus. The security hardware device includes a data security domain; a functional safety domain; a data security processor provided in the data security domain and is configured to secure data from unauthorized access or manipulation; a functional safety processor provided in the functional safety domain and is configured to detect functional errors and generate respective safety alerts in response to detecting the functional errors; and a monitoring processor configured to analyze the respective safety alerts provided by the functional safety processor for at least one pattern of safety alerts indicative of a security attack and generate a response signal in response to the respective safety alerts having at least one of the at least one pattern of safety alerts.
    Type: Application
    Filed: August 16, 2021
    Publication date: December 2, 2021
    Applicant: Infineon Technologies AG
    Inventors: Avni BILDHAIYA, Viola RIEGER, Frank HELLWIG, Alexander ZEH
  • Publication number: 20210279192
    Abstract: A method and apparatus for distributing interconnect bandwidth among master agents. The method includes allocating to each of the master agents a respective portion of the interconnect bandwidth within a time interval; monitoring the master agents to determine if any of the master agents has consumed its allocated portion of interconnect bandwidth within a current time interval; and if a master agent has consumed its allocated portion of interconnect bandwidth within the current time interval, delaying any new access requests from this master agent for a predetermined request delay time within the current time interval.
    Type: Application
    Filed: March 6, 2020
    Publication date: September 9, 2021
    Inventor: Frank Hellwig
  • Publication number: 20210243257
    Abstract: A service request interrupt router having an interrupt controller mapped to an Interrupt Service Provider (ISP) having virtual ISPs; Service Request Nodes (SRNs) configured to convert respective interrupt signals to corresponding service requests, wherein each of the SRNs is configured to direct its service request to one of the virtual ISPs; and an arbitrator configured to arbitrate among the virtual ISPs in a time-multiplexed sequence or round-robin manner, and for each of the virtual ISPs, to arbitrate which of the service requests directed thereto has a highest priority.
    Type: Application
    Filed: April 19, 2021
    Publication date: August 5, 2021
    Inventors: Frank Hellwig, Glenn Ashley Farrall, Gerhard Wirrer
  • Patent number: 10992750
    Abstract: A service request interrupt router having an interrupt controller mapped to an Interrupt Service Provider (ISP) having virtual ISPs; Service Request Nodes (SRNs) configured to convert respective interrupt signals to corresponding service requests, wherein each of the SRNs is configured to direct its service request to one of the virtual ISPs; and an arbitrator configured to arbitrate among the virtual ISPs in a time-sliced manner, and for each of the virtual ISPs, to arbitrate which of the service requests directed thereto has a highest priority.
    Type: Grant
    Filed: January 16, 2018
    Date of Patent: April 27, 2021
    Assignee: Infineon Technologies AG
    Inventors: Frank Hellwig, Glenn Ashley Farrall, Gerhard Wirrer
  • Publication number: 20210103464
    Abstract: A data processing device is described including one or more processors implementing a plurality of data processing entities, one or more software interrupt nodes and an access register for each software interrupt node. The access register specifies which one or more data processing entities of the plurality of data processing entities is/are each allowed to, as interrupt source data processing entity, trigger an interrupt service request on the software interrupt node for another one of the plurality of data processing entities as an interrupt target processing entity. Each software interrupt node is configured to forward an interrupt service request triggered by an interrupt source data processing entity which is allowed to trigger an interrupt service request on the software interrupt node to an interrupt target processing entity.
    Type: Application
    Filed: September 30, 2020
    Publication date: April 8, 2021
    Inventors: Gerhard Wirrer, Frank Hellwig, Varun Kumar
  • Publication number: 20200394339
    Abstract: A System on Chip (SoC), including a plurality of processor cores including a secure master, which is configured to run security software, and a non-secure master, which is configured to run non-security software; a resource configured to be shared by the secure master and the non-secure master; and a state machine configured to protect the resource by allowing only the secure master to transition the resource to a particular state of the state machine, and allowing only the non-secure master to transition the resource to another particular state of the state machine.
    Type: Application
    Filed: June 14, 2019
    Publication date: December 17, 2020
    Inventors: Albrecht Mayer, Glenn Ashley Farrall, Frank Hellwig
  • Publication number: 20200244443
    Abstract: According to various embodiments, a control device is described including an application core including a processor, a memory and a direct memory access controller and a security module coupled to the application core via a computer bus. The direct memory access controller is configured to read data from the memory, generate a hash value for the data and provide the hash value to the security module via the computer bus. The security module is configured to process the hash value.
    Type: Application
    Filed: April 14, 2020
    Publication date: July 30, 2020
    Inventors: Christopher TEMPLE, Simon COTTAM, Frank HELLWIG, Antonio VILELA
  • Patent number: 10637647
    Abstract: According to various embodiments, a control device is described including an application core including a processor, a memory and a direct memory access controller and a security module coupled to the application core via a computer bus. The direct memory access controller is configured to read data from the memory, generate a hash value for the data and provide the hash value to the security module via the computer bus. The security module is configured to process the hash value.
    Type: Grant
    Filed: April 13, 2017
    Date of Patent: April 28, 2020
    Assignee: INFINEON TECHNOLOGIES AG
    Inventors: Christopher Temple, Simon Cottam, Frank Hellwig, Antonio Vilela
  • Patent number: 10592270
    Abstract: The disclosure relates to systems and methods for defining a processor safety privilege level for controlling a distributed memory access protection system. More specifically, a safety hypervisor function for accessing a bus in a computer processing system includes a module, such as a Computer Processing Unit (CPU) or a Direct Memory Access (DMA) for accessing a system memory and a memory unit for storing a safety code, such as a Processor Status Word (PSW) or a configuration register (DMA (REG)). The module allocates the safety code to a processing transaction and the safety code is visible upon access of the bus by the module.
    Type: Grant
    Filed: October 16, 2017
    Date of Patent: March 17, 2020
    Assignee: Infineon Technologies AG
    Inventors: Simon Brewerton, Glenn Farrall, Neil Hastie, Frank Hellwig, Richard Knight, Antonio Vilela
  • Patent number: 10372630
    Abstract: A memory protector is configured to evaluate access requests referring to a memory address space. The access requests comprise address parameters referring to addresses of the memory address space. The memory protector comprises an address evaluator, an address results combiner, and a data register. The address evaluator is configured to evaluate whether the address parameters refer to address ranges of a set of address ranges and is configured to provide results regarding the address ranges. The address results combiner is configured to combine results provided by the address evaluator depending on access protection groups to which the address ranges are mapped to. The memory protector is configured to provide access grant results based on combinations provided by the address results combiner. The data register is configured to store data concerning the set of address ranges and concerning a mapping of the address ranges to the access protection groups.
    Type: Grant
    Filed: October 16, 2017
    Date of Patent: August 6, 2019
    Assignee: Infineon Technologies AG
    Inventors: Frank Hellwig, Glenn Ashley Farrall, Gerhard Wirrer
  • Publication number: 20190222645
    Abstract: A service request interrupt router having an interrupt controller mapped to an Interrupt Service Provider (ISP) having virtual ISPs; Service Request Nodes (SRNs) configured to convert respective interrupt signals to corresponding service requests, wherein each of the SRNs is configured to direct its service request to one of the virtual ISPs; and an arbitrator configured to arbitrate among the virtual ISPs in a time-sliced manner, and for each of the virtual ISPs, to arbitrate which of the service requests directed thereto has a highest priority.
    Type: Application
    Filed: January 16, 2018
    Publication date: July 18, 2019
    Inventors: Frank Hellwig, Glenn Ashley Farrall, Gerhard Wirrer
  • Patent number: 10248595
    Abstract: An interrupt interface of a central processing unit (CPU) comprises a bus with a plurality of interfaces to various components of the CPU. These components can include a memory that includes instructions to execute operations of a processor component, a plurality of virtual machines (VMs) and a virtual machine monitor (VMM)/hypervisor configured to execute the plurality of VMs. The processor can receive interrupt requests (interrupt) as service requests in parallel, which can be executed by the VMM or any one or more of the plurality of VMs to execute VM applications on a dedicated instance of a guest operating system for a task. The processor can further determine whether to grant an interrupt request to the VMM and the VMs based on predetermined criteria, including a current task priority, a pending interrupt priority, or an interrupt enable, associated with the current status of each of the component.
    Type: Grant
    Filed: August 10, 2017
    Date of Patent: April 2, 2019
    Assignee: Infineon Technologies AG
    Inventors: Frank Hellwig, Gerhard Wirrer, Glenn Farrall, Neil Hastie
  • Publication number: 20190065787
    Abstract: The present disclosure relates to a security device, a system, and a method for securing a control apparatus. The security device includes a data security unit which is configured to secure data, data communication and information, and includes a first security component inside the data security unit to operate in a first operating mode, and at least one first monitoring unit to operate in a high-availability mode which, said first monitoring unit being configured to detect a fault present in the first security component. The high-availability mode is different from the first operating mode. The security device further includes a second security component which is configured to operate in the high-availability mode and to output a first response signal if a fault is detected by the first monitoring, where the high-availability mode is available independently from the first operating mode.
    Type: Application
    Filed: August 22, 2018
    Publication date: February 28, 2019
    Applicant: Infineon Technologies AG
    Inventors: Avni BILDHAIYA, Viola RIEGER, Frank HELLWIG, Alexander ZEH
  • Publication number: 20190050356
    Abstract: An interrupt interface of a central processing unit (CPU) comprises a bus with a plurality of interfaces to various components of the CPU. These components can include a memory that includes instructions to execute operations of a processor component, a plurality of virtual machines (VMs) and a virtual machine monitor (VMM)/hypervisor configured to execute the plurality of VMs. The processor can receive interrupt requests (interrupt) as service requests in parallel, which can be executed by the VMM or any one or more of the plurality of VMs to execute VM applications on a dedicated instance of a guest operating system for a task. The processor can further determine whether to grant an interrupt request to the VMM and the VMs based on predetermined criteria, including a current task priority, a pending interrupt priority, or an interrupt enable, associated with the current status of each of the component.
    Type: Application
    Filed: August 10, 2017
    Publication date: February 14, 2019
    Inventors: Frank Hellwig, Gerhard Wirrer, Glenn Farrall, Neil Hastie
  • Patent number: 10061729
    Abstract: A system for a multiple chip architecture that enables different system on-chip (SoC) systems with varying compatibilities to interact as one SoC via a transparent interface. The system address maps of the single SoCs are configured so that each provide a system address map of the two SoCs without overlap or address re-mapping when connected to one another via the transparent interface. The transparent interface enables components related to safety/security and interrupt communication of a first and second SoC within the multiple chip system to transparently communicate and interact. The transparent interface can enable sources of both SoCs to be flexibly mapped to interrupt services providers on the first/second SoC within the multiple chip system.
    Type: Grant
    Filed: March 19, 2018
    Date of Patent: August 28, 2018
    Assignee: Ifineon Technologies AG
    Inventors: Albrecht Mayer, Joerg Schepers, Frank Hellwig
  • Publication number: 20180210852
    Abstract: A system for a multiple chip architecture that enables different system on-chip (SoC) systems with varying compatibilities to interact as one SoC via a transparent interface. The system address maps of the single SoCs are configured so that each provide a system address map of the two SoCs without overlap or address re-mapping when connected to one another via the transparent interface. The transparent interface enables components related to safety/security and interrupt communication of a first and second SoC within the multiple chip system to transparently communicate and interact. The transparent interface can enable sources of both SoCs to be flexibly mapped to interrupt services providers on the first/second SoC within the multiple chip system.
    Type: Application
    Filed: March 19, 2018
    Publication date: July 26, 2018
    Inventors: Albrecht Mayer, Joerg Schepers, Frank Hellwig
  • Publication number: 20180113816
    Abstract: A memory protector is configured to evaluate access requests referring to a memory address space. The access requests comprise address parameters referring to addresses of the memory address space. The memory protector comprises an address evaluator, an address results combiner, and a data register. The address evaluator is configured to evaluate whether the address parameters refer to address ranges of a set of address ranges and is configured to provide results regarding the address ranges. The address results combiner is configured to combine results provided by the address evaluator depending on access protection groups to which the address ranges are mapped to. The memory protector is configured to provide access grant results based on combinations provided by the address results combiner. The data register is configured to store data concerning the set of address ranges and concerning a mapping of the address ranges to the access protection groups.
    Type: Application
    Filed: October 16, 2017
    Publication date: April 26, 2018
    Inventors: Frank Hellwig, Glenn Ashley Farrall, Gerhard Wirrer
  • Patent number: 9946674
    Abstract: A system for a multiple chip architecture that enables different system on-chip (SoC) systems with varying compatibilities to interact as one SoC via a transparent interface. The system address maps of the single SoCs are configured so that each provide a system address map of the two SoCs without overlap or address re-mapping when connected to one another via the transparent interface. The transparent interface enables components related to safety/security and interrupt communication of a first and second SoC within the multiple chip system to transparently communicate and interact. The transparent interface can enable sources of both SoCs to be flexibly mapped to interrupt services providers on the first/second SoC within the multiple chip system.
    Type: Grant
    Filed: April 28, 2016
    Date of Patent: April 17, 2018
    Assignee: Infineon Technologies AG
    Inventors: Albrecht Mayer, Joerg Schepers, Frank Hellwig