Abstract: A processor comprising: an instruction processing pipeline, configured to receive a sequence of instructions for execution, said sequence comprising at least one instruction including a flow control instruction which terminates the sequence; a hash generator, configured to generate a hash associated with execution of the sequence of instructions; a memory configured to securely receive a reference signature corresponding to a hash of a verified corresponding sequence of instructions; verification logic configured to determine a correspondence between the hash and the reference signature; and authorization logic configured to selectively produce a signal, in dependence on a degree of correspondence of the hash with the reference signature.

Abstract: A pipelined processor comprising a cache memory system, fetching instructions for execution from a portion of said cache memory system, an instruction commencing processing before a digital signature of the cache line that contained the instruction is verified against a reference signature of the cache line, the verification being done at the point of decoding, dispatching, or committing execution of the instruction, the reference signature being stored in an encrypted form in the processor's memory, and the key for decrypting the said reference signature being stored in a secure storage location. The instruction processing proceeds when the two signatures exactly match and, where further instruction processing is suspended or processing modified on a mismatch of the two said signatures.

Abstract: A processor comprising: an instruction processing pipeline, configured to receive a sequence of instructions for execution, said sequence comprising at least one instruction including a flow control instruction which terminates the sequence; a hash generator, configured to generate a hash associated with execution of the sequence of instructions; a memory configured to securely receive a reference signature corresponding to a hash of a verified corresponding sequence of instructions; verification logic configured to determine a correspondence between the hash and the reference signature; and authorization logic configured to selectively produce a signal, in dependence on a degree of correspondence of the hash with the reference signature.

Abstract: A pipelined processor comprising a cache memory system, fetching instructions for execution from a portion of said cache memory system, an instruction commencing processing before a digital signature of the cache line that contained the instruction is verified against a reference signature of the cache line, the verification being done at the point of decoding, dispatching, or committing execution of the instruction, the reference signature being stored in an encrypted form in the processor's memory, and the key for decrypting the said reference signature being stored in a secure storage location. The instruction processing proceeds when the two signatures exactly match and, where further instruction processing is suspended or processing modified on a mismatch of the two said signatures.

Abstract: There is provided a system and methods for segmenting datapath resources such as reorder buffers, physical registers, instruction queues and load-store queues, etc. in a microprocessor so that their size may be dynamically expanded and contracted. This is accomplished by allocating and deallocating individual resource units to each resource based on sampled estimates of the instantaneous resource needs of the program running on the microprocessor. By keeping unused datapath resources to a minimum, power and energy savings are achieved by shutting off resource units that are not needed for sustaining the performance requirements of the running program. Leakage energy and switching energy and power are reduced using the described methods.

Abstract: Trustworthy systems require that code be validated as genuine. Most systems implement this requirement prior to execution by matching a cryptographic hash of the binary file against a reference hash value, leaving the code vulnerable to run time compromises, such as code injection, return and jump-oriented programming, and illegal linking of the code to compromised library functions. The Run-time Execution Validator (REV) validates, as the program executes, the control flow path and instructions executed along the control flow path. REV uses a signature cache integrated into the processor pipeline to perform live validation of executions, at basic block boundaries, and ensures that changes to the program state are not made by the instructions within a basic block until the control flow path into the basic block and the instructions within the basic block are both validated.

Abstract: Trustworthy systems require that code be validated as genuine. Most systems implement this requirement prior to execution by matching a cryptographic hash of the binary file against a reference hash value, leaving the code vulnerable to run time compromises, such as code injection, return and jump-oriented programming, and illegal linking of the code to compromised library functions. The Run-time Execution Validator (REV) validates, as the program executes, the control flow path and instructions executed along the control flow path. REV uses a signature cache integrated into the processor pipeline to perform live validation of executions, at basic block boundaries, and ensures that changes to the program state are not made by the instructions within a basic block until the control flow path into the basic block and the instructions within the basic block are both validated.

Abstract: A method for controlling a data center, comprising a plurality of server systems, each associated with a cooling system and a thermal constraint, comprising: a concurrent physical condition of a first server system; predicting a future physical condition based on a set of future states of the first server system; dynamically controlling the cooling system in response to at least the input and the predicted future physical condition, to selectively cool the first server system sufficient to meet the predetermined thermal constraint; and controlling an allocation of tasks between the plurality of server systems to selectively load the first server system within the predetermined thermal constraint and selectively idle a second server system, wherein the idle second server system can be recruited to accept tasks when allocated to it, and wherein the cooling system associated with the idle second server system is selectively operated in a low power consumption state.

Abstract: A system and method of scheduling tasks, comprising receiving activity and performance data from registers or storage locations maintained by hardware and an operating system; storing calibration coefficients associated with the activity and performance data; computing an energy dissipation rate based on at least the activity and performance data; and scheduling tasks under the operating system based on the computed energy dissipation rate.

Abstract: There is provided a system and methods for segmenting datapath resources such as reorder buffers, physical registers, instruction queues and load-store queues, etc. in a microprocessor so that their size may be dynamically expanded and contracted. This is accomplished by allocating and deallocating individual resource units to each resource based on sampled estimates of the instantaneous resource needs of the program running on the microprocessor. By keeping unused datapath resources to a minimum, power and energy savings are achieved by shutting off resource units that are not needed for sustaining the performance requirements of the running program. Leakage energy and switching energy and power are reduced using the described methods.

Abstract: With the widespread use of the distributed systems comes the need to secure such systems against a wide variety of threats. Recent security mechanisms are grossly inadequate in authenticating the program executions at the clients or servers, as the clients, servers and the executing programs themselves can be compromised after the clients and servers pass the authentication phase. A generic framework is provided for authenticating remote executions on a potentially untrusted remote server—essentially validating that what is executed at the server on behalf of the client is actually the intended program. Details of a prototype Linux implementation are also described, along with some optimization techniques for reducing the run-time overhead of the present scheme. The performance overhead of this technique varies generally from 7% to 24% for most benchmarks, as seen from the actual remote execution of SPEC benchmarks.

Abstract: A file system that permits predictable accesses to file data stored on devices that may have a variable access latency dependent on the physical location of the file on the physical storage device. A variety of features that guarantee timely, real-time response to I/O file system requests that specify deadlines or other alternative required quality-of-service parameters. The file system addresses needs to accommodate the file systems of storage devices such as disks that have an access time dependant on the physical location of the data within the storage device. A two-phase, deadline-driven scheduler considers the impact of disk seek time on overall response times. Non real-time file operations may be preempted. Files may be preallocated to help avoid access delay caused by non-contiguity. Disk buffers may also be preallocated to improve real-time file system performance.

Abstract: Reliable byte stream transfer protocols play an important role in modern networks. The present invention implements such a protocol using credits for flow control and negative acknowledgements for reliable delivery. The credit mechanism uses credit transfer in installments and is immune to the losses or corruptions of intermediate credit installments. Negative acknowledgements are used to solicit the retransmission of data stream component. The present invention provides full compatibility at the programming interface with reliable byte transfer protocols, such as TCP, and also allows full interoperability among hosts running the aforesaid standard protocol or the protocol of the present invention.

Abstract: Reliable byte stream transfer protocols play an important role in modern networks. The present invention implements such a protocol using credits for flow control and negative acknowledgements for reliable delivery. The credit mechanism uses credit transfer in installments and is immune to the losses or corruptions of intermediate credit installments. Negative acknowledgements are used to solicit the retransmission of data stream component. The present invention provides full compatibility at the programming interface with reliable byte transfer protocols, such as TCP, and also allows full interoperability among hosts running the aforesaid standard protocol or the protocol of the present invention.

Abstract: There is provided a system and methods for segmenting datapath resources such as reorder buffers, physical registers, instruction queues and load-store queues, etc. in a microprocessor so that their size may be dynamically expanded and contracted. This is accomplished by allocating and deallocating individual resource units to each resource based on sampled estimates of the instantaneous resource needs of the program running on the microprocessor. By keeping unused datapath resources to a minimum, power and energy savings are achieved by shutting off resource units that are not needed for sustaining the performance requirements of the running program. Leakage energy and switching energy and power are reduced using the described methods.

Abstract: There is provided a system and methods for segmenting datapath resources such as reorder buffers, physical registers, instruction queues and load-store queues, etc. in a microprocessor so that their size may be dynamically expanded and contracted. This is accomplished by allocating and deallocating individual resource units to each resource based on sampled estimates of the instantaneous resource needs of the program running on the microprocessor. By keeping unused datapath resources to a minimum, power and energy savings are achieved by shutting off resource units that are not needed for sustaining the performance requirements of the running program. Leakage energy and switching energy and power are reduced using the described methods.

Abstract: Method and hardware apparatus are disclosed for reducing the rollback penalty on exceptions in a microprocessor executing traces of scheduled instructions. Speculative state is committed to the architectural state of the microprocessor at a series of commit points within a trace, rather than committing the state as a single atomic operation at the end of the trace.

Abstract: Reliable byte stream transfer protocols play an important role in modern networks. The present invention implements such a protocol using credits for flow control and negative acknowledgements for reliable delivery. The credit mechanism uses credit transfer in installments and is immune to the losses or corruptions of intermediate credit installments. Negative acknowledgements are used to solicit the retransmission of data stream component. The present invention provides full compatibility at the programming interface with reliable byte transfer protocols, such as TCP, and also allows full interoperability among hosts running the aforesaid standard protocol or the protocol of the present invention.

Abstract: There is provided a system and methods for segmenting datapath resources such as reorder buffers, physical registers, instruction queues and load-store queues, etc. in a microprocessor so that their size may be dynamically expanded and contracted. This is accomplished by allocating and deallocating individual resource units to each resource based on sampled estimates of the instantaneous resource needs of the program running on the microprocessor. By keeping unused datapath resources to a minimum, power and energy savings are achieved by shutting off resource units that are not needed for sustaining the performance requirements of the running program. Leakage energy and switching energy and power are reduced using the described methods.

Abstract: A file system that permits predictable accesses to file data stored on devices that may have a variable access latency dependent on the physical location of the file on the physical storage device. A variety of features that guarantee timely, real-time response to I/O file system requests that specify deadlines or other alternative required quality-of-service parameters. The file system addresses needs to accommodate the file systems of storage devices such as disks that have an access time dependant on the physical location of the data within the storage device. A two-phase, deadline-driven scheduler considers the impact of disk seek time on overall response times. Non real-time file operations may be preempted. Files may be preallocated to help avoid access delay caused by non-contiguity. Disk buffers may also be preallocated to improve real-time file system performance.