Patents by Inventor Paul Chou
Paul Chou has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240105769Abstract: A semiconductor device includes a substrate having a first region and a second region separated from the first region by distance to define a space therebetween. A first semiconductor device including a gate dielectric is on the first region. The first semiconductor device can implement a FinFet-based input/output (I/O) device in the first region. A second semiconductor device excluding a gate dielectric is on the second region. The second semiconductor device can implement a nanosheet-based logic device in the second region.Type: ApplicationFiled: September 28, 2022Publication date: March 28, 2024Inventors: Shahab Siddiqui, Ruqiang Bao, Charlotte DeWan Adams, Curtis S. Durfee, Anthony I. Chou, Barry Paul Linder, Ravikumar Ramachandran, Dechao Guo
-
Patent number: 10387653Abstract: One embodiment of the present invention includes a boot read only memory (ROM) with an embedded, private key provision key (KPK) set that enables secure provisioning of chips. As part of taping-out a chip, the chip provider establishes the KPK set and provides the boot ROM exclusive access to the KPK. For each Original Equipment Manufacturer (OEM), the chip provider assigns and discloses an OEM-specific KPK that is included in the KPK set at a particular KPK index. Upon receiving a secured provisioning image and the associated KPK index, the boot ROM accesses the KPK set to reconstruct the KPK and then decrypts and executes the secured provisioning image. Advantageously, this enables the manufacturing factory to provision the chip without the security risks attributable to conventional provisioning approaches that require disclosing security keys to the manufacturing factory.Type: GrantFiled: March 7, 2017Date of Patent: August 20, 2019Assignee: NVIDIA CORPORATIONInventors: Jay Huang, Paul Chou, Anthony Woo
-
Publication number: 20170243006Abstract: One embodiment of the present invention includes a boot read only memory (ROM) with an embedded, private key provision key (KPK) set that enables secure provisioning of chips. As part of taping-out a chip, the chip provider establishes the KPK set and provides the boot ROM exclusive access to the KPK. For each Original Equipment Manufacturer (OEM), the chip provider assigns and discloses an OEM-specific KPK that is included in the KPK set at a particular KPK index. Upon receiving a secured provisioning image and the associated KPK index, the boot ROM accesses the KPK set to reconstruct the KPK and then decrypts and executes the secured provisioning image. Advantageously, this enables the manufacturing factory to provision the chip without the security risks attributable to conventional provisioning approaches that require disclosing security keys to the manufacturing factory.Type: ApplicationFiled: March 7, 2017Publication date: August 24, 2017Inventors: Jay HUANG, Paul CHOU, Anthony WOO
-
Publication number: 20170066359Abstract: Dump truck bodies are mounted to truck frames by a hinge so the truck body can pivot about the hinge to eject a load from the truck body. Loads carried by these vehicles can be extreme and the cyclical stress can generate cracks in the hinges. An upper pivoting connection of a dump truck hinge has side members each with a mounting portion that join to the sides of rails of the body and a lower pivot portion. The upper hinge structure is pinned to a lower hinge portion on the truck chassis at the pivot portion. Bracing between the sides add strength to the pivoting connection.Type: ApplicationFiled: February 27, 2015Publication date: March 9, 2017Inventors: Ian Rissman, Matthew J. Dunford, Paul L. Heaphy, Gordon Simpson, Po-Shen Paul Chou, Carolyn Shapiro (Deceased), Darrin Harding, Thomas J. McCall, Ryan J. Kreitzberg
-
Patent number: 9590806Abstract: One embodiment of the present invention includes a boot read only memory (ROM) with an embedded, private key provision key (KPK) set that enables secure provisioning of chips. As part of taping-out a chip, the chip provider establishes the KPK set and provides the boot ROM exclusive access to the KPK. For each Original Equipment Manufacturer (OEM), the chip provider assigns and discloses an OEM-specific KPK that is included in the KPK set at a particular KPK index. Upon receiving a secured provisioning image and the associated KPK index, the boot ROM accesses the KPK set to reconstruct the KPK and then decrypts and executes the secured provisioning image. Advantageously, this enables the manufacturing factory to provision the chip without the security risks attributable to conventional provisioning approaches that require disclosing security keys to the manufacturing factory.Type: GrantFiled: May 27, 2015Date of Patent: March 7, 2017Assignee: NVIDIA CorporationInventors: Jay Huang, Paul Chou, Anthony Woo
-
Publication number: 20160352514Abstract: One embodiment of the present invention includes a boot read only memory (ROM) with an embedded, private key provision key (KPK) set that enables secure provisioning of chips. As part of taping-out a chip, the chip provider establishes the KPK set and provides the boot ROM exclusive access to the KPK. For each Original Equipment Manufacturer (OEM), the chip provider assigns and discloses an OEM-specific KPK that is included in the KPK set at a particular KPK index. Upon receiving a secured provisioning image and the associated KPK index, the boot ROM accesses the KPK set to reconstruct the KPK and then decrypts and executes the secured provisioning image. Advantageously, this enables the manufacturing factory to provision the chip without the security risks attributable to conventional provisioning approaches that require disclosing security keys to the manufacturing factory.Type: ApplicationFiled: May 27, 2015Publication date: December 1, 2016Inventors: Jay HUANG, Paul CHOU, Anthony WOO
-
Patent number: 9355280Abstract: A technique to provide a hardware security module that provides a secure boundary for retention of a secure key within the secure boundary and prevention of unauthorized accesses from external sources outside of the secure boundary to obtain the secure key. The hardware security module includes a security processor to unwrap and authenticate a secure key within the secure boundary to decrypt or encrypt data and to provide data through a single interface that communicates with external sources, so that all data transfers between the secure boundary, formed by the hardware security module, and external sources are transferred only through the interface. The hardware security module ensures no unwrapped key leaves the secure boundary established by the hardware security module.Type: GrantFiled: August 29, 2014Date of Patent: May 31, 2016Assignee: Broadcom CorporationInventors: Paul Chou, Love Kothari, Lawrence J. Madar, III
-
Publication number: 20150052367Abstract: A technique to provide a hardware security module that provides a secure boundary for retention of a secure key within the secure boundary and prevention of unauthorized accesses from external sources outside of the secure boundary to obtain the secure key. The hardware security module includes a security processor to unwrap and authenticate a secure key within the secure boundary to decrypt or encrypt data and to provide data through a single interface that communicates with external sources, so that all data transfers between the secure boundary, formed by the hardware security module, and external sources are transferred only through the interface. The hardware security module ensures no unwrapped key leaves the secure boundary established by the hardware security module.Type: ApplicationFiled: August 29, 2014Publication date: February 19, 2015Applicant: BROADCOM CORPORATIONInventors: Paul Chou, Love Kothari, Lawrence J. Madar, III
-
Publication number: 20150008832Abstract: A LED lighting apparatus for growing plants includes a remote controlling device for sending wireless signals; and at least one lighting device each including a receiver and transmitter for receiving the wireless signals sent from the remote controlling device, a first power source electrically connected to the receiver and transmitter and being capable of supplying electricity to four downstream first LED groups connected in series, and a second power source electrically connected to the first power source via the first LED groups and being capable of supplying electricity to four downstream second LED groups connected in series.Type: ApplicationFiled: July 2, 2013Publication date: January 8, 2015Inventor: Paul Chou
-
Patent number: 8918575Abstract: A semiconductor chip may be operable to receive and copy an OTP programming vector presented by the semiconductor chip programming device into its memory after it boots up from the boot read-only memory (ROM). The OTP programming vector which is a computer program may comprise an encrypted data to be programmed into the one-time programmable (OTP) memory in the semiconductor chip and may be signed with an electronic signature. The semiconductor chip may be operable to authenticate the OTP programming vector in the memory. The authenticated OTP programming vector in the memory may be executed to decrypt the data and program the data in a random data format into the OTP memory and then report the status via one or more general purpose input/output (GPIO) pins on the semiconductor chip.Type: GrantFiled: September 14, 2009Date of Patent: December 23, 2014Assignee: Broadcom CorporationInventors: John Markey, Love Kothari, Paul Chou
-
Patent number: 8826039Abstract: A technique to provide a hardware security module that provides a secure boundary for retention of a secure key within the secure boundary and prevention of unauthorized accesses from external sources outside of the secure boundary to obtain the secure key. The hardware security module includes a security processor to unwrap and authenticate a secure key within the secure boundary to decrypt or encrypt data and to provide data through a single interface that communicates with external sources, so that all data transfers between the secure boundary, formed by the hardware security module, and external sources are transferred only through the interface. The hardware security module ensures no unwrapped key leaves the secure boundary established by the hardware security module.Type: GrantFiled: February 26, 2010Date of Patent: September 2, 2014Assignee: Broadcom CorporationInventors: Paul Chou, Love Kothari, Lawrence J. Madar, III
-
Patent number: 8732806Abstract: Aspects of a method and system for hardware enforced virtualization in an integrated circuit are provided. In this regard, a mode of operation of an integrated circuit may be controlled such that the integrated circuit alternates between a secure mode of operation and an open mode of operation. Various resources of the integrated circuit may be designated as open or secure, and secure resources may be made inaccessible while the integrated circuit operates in the open mode. Access to the secure resources may be controlled based on a configuration of one or more registers and/or switching elements. Resources designated as secure may comprise, for example, a one-time-programmable memory. The integrated circuit may comprise ROM and/or one-time-programmable memory that stores one or more instructions, wherein execution of the one or more instructions may control transitions between the secure mode and the open mode.Type: GrantFiled: September 14, 2009Date of Patent: May 20, 2014Assignee: Broadcom CorporationInventors: John Markey, Love Kothari, Paul Chou
-
Patent number: 8650633Abstract: An integrated circuit is disclosed that can be included in a host electronic device that can be commonly manufactured, where the integrated circuit can be designated (“locked”) for a specific manufacturer, thereby substantially reducing the likelihood that a third party will be able to successfully clone a host electronic device manufactured by the specific manufacturer and/or swap the chip containing the integrated circuit for one having more enabled features. The integrated circuit includes an ID module that can be programmed after fabrication. Components within the integrated circuit designate manufacturer-specific configurations (e.g., address mapping, pin routing and/or vital function releasing) based on the programmed manufacturer ID. As a result, once the integrated circuit has been programmed with the manufacturer ID, the integrated circuit will function correctly only within a host device manufactured by the manufacturer associated with the programmed manufacturer ID.Type: GrantFiled: September 30, 2011Date of Patent: February 11, 2014Assignee: Broadcom CorporationInventors: Love Kothari, Paul Chou
-
Patent number: 8644499Abstract: A semiconductor chip may be operable to block the debug interfaces when the semiconductor chip boots up from the boot read-only memory (ROM). The semiconductor chip may be operable to authenticate a debug certificate received by the semiconductor chip and enable one or more debug interfaces in the semiconductor chip based on the information resulting from the authentication of the debug certificate. The debug certificate may be in a form of a cryptographic public key certificate. A unique device ID which may be generated at boot and stored in the memory may be used by the semiconductor chip to authenticate the debug certificate. The device ID may be generated using the cryptographic public key that is stored in the one-time programmable (OTP) memory in the semiconductor chip and a cryptographic hash algorithm.Type: GrantFiled: September 14, 2009Date of Patent: February 4, 2014Assignee: Broadcom CorporationInventors: Love Kothari, Paul Chou, John Markey
-
Publication number: 20130047272Abstract: An integrated circuit is disclosed that can be included in a host electronic device that can be commonly manufactured, where the integrated circuit can be designated (“locked”) for a specific manufacturer, thereby substantially reducing the likelihood that a third party will be able to successfully clone a host electronic device manufactured by the specific manufacturer and/or swap the chip containing the integrated circuit for one having more enabled features. The integrated circuit includes an ID module that can be programmed after fabrication. Components within the integrated circuit designate manufacturer-specific configurations (e.g., address mapping, pin routing and/or vital function releasing) based on the programmed manufacturer ID. As a result, once the integrated circuit has been programmed with the manufacturer ID, the integrated circuit will function correctly only within a host device manufactured by the manufacturer associated with the programmed manufacturer ID.Type: ApplicationFiled: September 30, 2011Publication date: February 21, 2013Applicant: Broadcom CorporationInventors: Love Kothari, Paul Chou
-
Patent number: 8108508Abstract: A network device includes a web server chip that is connectable to a computer network. The web server chip includes an embedded processor that is programmable to function as a manageability web server, obtain manageability information about the network device and send the manageability to a network manager. The web server chip further includes an interface for communicating with an I2C bus in the network device. The embedded processor is programmable to obtain manageability information about devices connected to the I2C bus. The embedded processor is also programmable to control fan controllers, power supply controllers and other controllers connected to the I2C bus. This, in turn, allows a network manager to command the web server chip to remotely power up and power down the network device. Thus, the web server chip can perform network management functions without burdening the host processor of the network device.Type: GrantFiled: June 22, 1998Date of Patent: January 31, 2012Assignee: Hewlett-Packard Development Company, L.P.Inventors: Dave Goh, Leena Sansguiri, Paul Chou, Nandakumar Natarajan, John A. Dilley, Marcos Frid, Robert H. Hyerle, Arne Luhrs, Chandrasekar Venkatraman
-
Publication number: 20110191599Abstract: A technique to provide a hardware security module that provides a secure boundary for retention of a secure key within the secure boundary and prevention of unauthorized accesses from external sources outside of the secure boundary to obtain the secure key. The hardware security module includes a security processor to unwrap and authenticate a secure key within the secure boundary to decrypt or encrypt data and to provide data through a single interface that communicates with external sources, so that all data transfers between the secure boundary, formed by the hardware security module, and external sources are transferred only through the interface. The hardware security module ensures no unwrapped key leaves the secure boundary established by the hardware security module.Type: ApplicationFiled: February 26, 2010Publication date: August 4, 2011Applicant: BROADCOM CORPORATIONInventors: Paul Chou, Love Kothari, Lawrence J. Madar, III
-
Publication number: 20110191562Abstract: A technique to provide an integrated circuit that performs memory partitioning to partition a memory into a plurality of regions, in which the memory is accessed by a plurality of heterogeneous processing devices that operate to access the memory. The integrated circuit also assigns a security level for each region of the memory and permits a memory access by a transaction to a particular region of the memory, only when a level of security assigned to the transaction meets or exceeds the assigned security level for the particular region. The integrated circuit also performs sandboxing by assigning which of the plurality of processing devices are permitted access to each of the plurality of regions. The integrated circuit may implement only the security level function or only the sandboxing function, or the integrated circuit may implement them both. In some instances, a scrambling/descrambling function is included to scramble/descramble data.Type: ApplicationFiled: February 26, 2010Publication date: August 4, 2011Applicant: BROADCOM CORPORATIONInventors: Paul Chou, Love Kothari, Lawrence J. Madar, III, Ravi Sreenivasa Setty, Dharmvir Singh
-
Publication number: 20110066835Abstract: A semiconductor chip may be operable to block the debug interfaces when the semiconductor chip boots up from the boot read-only memory (ROM). The semiconductor chip may be operable to authenticate a debug certificate received by the semiconductor chip and enable one or more debug interfaces in the semiconductor chip based on the information resulting from the authentication of the debug certificate. The debug certificate may be in a form of a cryptographic public key certificate. A unique device ID which may be generated at boot and stored in the memory may be used by the semiconductor chip to authenticate the debug certificate. The device ID may be generated using the cryptographic public key that is stored in the one-time programmable (OTP) memory in the semiconductor chip and a cryptographic hash algorithm.Type: ApplicationFiled: September 14, 2009Publication date: March 17, 2011Inventors: Love Kothari, Paul Chou, John Markey
-
Publication number: 20110067110Abstract: Aspects of a method and system for hardware enforced virtualization in an integrated circuit are provided. In this regard, a mode of operation of an integrated circuit may be controlled such that the integrated circuit alternates between a secure mode of operation and an open mode of operation. Various resources of the integrated circuit may be designated as open or secure, and secure resources may be made inaccessible while the integrated circuit operates in the open mode. Access to the secure resources may be controlled based on a configuration of one or more registers and/or switching elements. Resources designated as secure may comprise, for example, a one-time-programmable memory. The integrated circuit may comprise ROM and/or one-time-programmable memory that stores one or more instructions, wherein execution of the one or more instructions may control transitions between the secure mode and the open mode.Type: ApplicationFiled: September 14, 2009Publication date: March 17, 2011Inventors: John Markey, Love Kothari, Paul Chou