Patents by Inventor Matthew C. Areno
Matthew C. Areno has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11423150Abstract: The concepts, systems and methods described herein are directed towards a method for secure booting. The method is provided to including: loading and executing a firmware in a Management Engine (ME) of a system; establishing, by the ME, a communication channel to a security device; receiving, by the ME, an encrypted boot image from the security device; decrypting, by the ME, the encrypted boot image; storing, by the ME, the decrypted boot image in a secured storage medium; and resetting the system using the decrypted boot image in the secured storage medium.Type: GrantFiled: April 1, 2019Date of Patent: August 23, 2022Assignee: Raytheon CompanyInventors: Matthew C. Areno, Jody R. Coleman, Daniel Adams
-
Patent number: 11347861Abstract: The concepts, systems and methods described herein are directed towards a method for secure booting running on a security device. The method is provided to include: receiving a public key from a security device; validating the security device by comparing the received public key with a hash code; in response that the security device is validated, receiving custom codes from the security device and storing the custom codes in a microprocessor, wherein the microprocessor is located in a programmable memory of a primary processor; programming the programmable memory by executing the custom codes; and executing a boot sequence of the primary processor by the programmable memory.Type: GrantFiled: January 24, 2019Date of Patent: May 31, 2022Assignee: Raytheon CompanyInventors: Matthew C. Areno, John C. Hoffman
-
Patent number: 11178159Abstract: The concepts, systems and methods described herein are directed towards a security system. The system is provided to include a Hardware Root of Trust (HRoT) device comprising a processor and memory that is configured for connection and authentication to first and second host devices which are configured to communicate via a first communication channel having a first security level and a second communication channel having a second security level which is more secure than the first security level. The HRoT device is configured to: connect the first and second host devices via the second communication channel; and monitor the security of the first and second host devices over the second communication channel.Type: GrantFiled: April 30, 2019Date of Patent: November 16, 2021Assignee: Raytheon CompanyInventors: Matthew C. Areno, Rex A. Nelson
-
Patent number: 10878101Abstract: The concepts, systems and methods described herein are directed towards a method running on a security device. The method is provided to including: executing a first secure boot code from a first memory by one of a plurality of cores of a processor, wherein the plurality of cores runs in a secure world; executing a first-stage boot loader (FSBL) from a second memory; executing a security monitoring application to validate the security device; in response to the security device being validated, switching some of the plurality of cores from the secure world to a normal world, wherein at least one of the plurality of cores remains in the secure world to communicate with the security monitoring application; executing a second-stage boot loader (SSBL); and monitoring, via the security monitoring application, status of the security device and communications between the security device and at least one external system.Type: GrantFiled: December 10, 2018Date of Patent: December 29, 2020Assignee: Raytheon CompanyInventors: Matthew C. Areno, John C. Hoffman, Trevor B. Hird, Eric P. Egalite, Nathan T. Palmer
-
Publication number: 20200084229Abstract: The concepts, systems and methods described herein are directed towards a security system. The system is provided to include a Hardware Root of Trust (HRoT) device comprising a processor and memory that is configured for connection and authentication to first and second host devices which are configured to communicate via a first communication channel having a first security level and a second communication channel having a second security level which is more secure than the first security level. The HRoT device is configured to: connect the first and second host devices via the second communication channel; and monitor the security of the first and second host devices over the second communication channel.Type: ApplicationFiled: April 30, 2019Publication date: March 12, 2020Applicant: Raytheon CompanyInventors: Matthew C. Areno, Rex A. Nelson
-
Publication number: 20200082091Abstract: The concepts, systems and methods described herein are directed towards a method running on a security device. The method is provided to including: executing a first secure boot code from a first memory by one of a plurality of cores of a processor, wherein the plurality of cores runs in a secure world; executing a first-stage boot loader (FSBL) from a second memory; executing a security monitoring application to validate the security device; in response to the security device being validated, switching some of the plurality of cores from the secure world to a normal world, wherein at least one of the plurality of cores remains in the secure world to communicate with the security monitoring application; executing a second-stage boot loader (SSBL); and monitoring, via the security monitoring application, status of the security device and communications between the security device and at least one external system.Type: ApplicationFiled: December 10, 2018Publication date: March 12, 2020Applicant: Raytheon CompanyInventors: Matthew C. Areno, John C. Hoffman, Trevor B. Hird, Eric P. Egalite, Nathan T. Palmer
-
Publication number: 20200082092Abstract: The concepts, systems and methods described herein are directed towards a method for secure booting. The method is provided to including: loading and executing a firmware in a Management Engine (ME) of a system; establishing, by the ME, a communication channel to a security device; receiving, by the ME, an encrypted boot image from the security device; decrypting, by the ME, the encrypted boot image; storing, by the ME, the decrypted boot image in a secured storage medium; and resetting the system using the decrypted boot image in the secured storage medium.Type: ApplicationFiled: April 1, 2019Publication date: March 12, 2020Applicant: Raytheon CompanyInventors: Matthew C. Areno, Jody R. Coleman, Daniel Adams
-
Publication number: 20190311126Abstract: The concepts, systems and methods described herein are directed towards a method for secure booting running on a security device. The method is provided to include: receiving a public key from a security device; validating the security device by comparing the received public key with a hash code; in response that the security device is validated, receiving custom codes from the security device and storing the custom codes in a microprocessor, wherein the microprocessor is located in a programmable memory of a primary processor; programming the programmable memory by executing the custom codes; and executing a boot sequence of the primary processor by the programmable memory.Type: ApplicationFiled: January 24, 2019Publication date: October 10, 2019Applicant: Raytheon CompanyInventors: Matthew C. Areno, John C. Hoffman
-
Patent number: 9940483Abstract: This disclosure provides for implementing a firmware security interface within a field-programmable gate array (FPGA) for communicating between secure and non-secure environments executable within the FPGA. A security monitor is implemented within the programmable logic of the FPGA as a soft core processor and the firmware security interface modifies one or more functions of the security monitor. The modifications to the security monitor include establishing a timer “heartbeat” within the FPGA to ensure that the FPGA invokes a secure environment and raising an alarm should the FPGA fail to invoke such environment.Type: GrantFiled: January 25, 2016Date of Patent: April 10, 2018Assignee: Raytheon CompanyInventors: Matthew C. Areno, John Hoffman, William T. Jennings
-
Publication number: 20170213053Abstract: This disclosure provides for implementing a firmware security interface within a field-programmable gate array (FPGA) for communicating between secure and non-secure environments executable within the FPGA. A security monitor is implemented within the programmable logic of the FPGA as a soft core processor and the firmware security interface modifies one or more functions of the security monitor. The modifications to the security monitor include establishing a timer “heartbeat” within the FPGA to ensure that the FPGA invokes a secure environment and raising an alarm should the FPGA fail to invoke such environment.Type: ApplicationFiled: January 25, 2016Publication date: July 27, 2017Inventors: Matthew C. Areno, John Hoffman, William T. Jennings