Patents by Inventor Ralf Findeisen
Ralf Findeisen has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9058163Abstract: In one embodiment, a processor comprises a programmable map and a circuit. The programmable map is configured to store data that identifies at least one instruction for which an architectural modification of an instruction set architecture implemented by the processor has been defined, wherein the processor does not implement the modification. The circuitry is configured to detect the instruction or its memory operands and cause a transition to Known Good Code (KGC), wherein the KGC is protected from unauthorized modification and is provided from an authenticated entity. The KGC comprises code that, when executed, emulates the modification. In another embodiment, an integrated circuit comprises at least one processor core; at least one other circuit; and a KGC source configured to supply KGC to the processor core for execution. The KGC comprises interface code for the other circuit whereby an application executing on the processor core interfaces to the other circuit through the KGC.Type: GrantFiled: November 13, 2013Date of Patent: June 16, 2015Assignee: Advanced Micro Devices, Inc.Inventors: Garth D. Hillman, Geoffrey S. Strongin, Andrew R. Rawson, Gary H. Simpson, Ralf Findeisen
-
Publication number: 20140129810Abstract: In one embodiment, a processor comprises a programmable map and a circuit. The programmable map is configured to store data that identifies at least one instruction for which an architectural modification of an instruction set architecture implemented by the processor has been defined, wherein the processor does not implement the modification. The circuitry is configured to detect the instruction or its memory operands and cause a transition to Known Good Code (KGC), wherein the KGC is protected from unauthorized modification and is provided from an authenticated entity. The KGC comprises code that, when executed, emulates the modification. In another embodiment, an integrated circuit comprises at least one processor core; at least one other circuit; and a KGC source configured to supply KGC to the processor core for execution. The KGC comprises interface code for the other circuit whereby an application executing on the processor core interfaces to the other circuit through the KGC.Type: ApplicationFiled: November 13, 2013Publication date: May 8, 2014Applicant: Advanced Micro Devices, Inc.Inventors: Garth D. Hillman, Geoffrey S. Strongin, Andrew R. Rawson, Gary H. Simpson, Ralf Findeisen
-
Patent number: 8656146Abstract: A secure boot processing may be accomplished on the basis of a non-volatile memory that is an integral part of the CPU and which may not be modified once a pre-boot information may be programmed into the non-volatile memory. During a reset event or a power-on event, execution may be started from the internal non-volatile memory, which may also include public decryption keys for verifying a signature of a portion of a boot routine. The verification of the respective portion of the boot routine may be accomplished by using internal random access memories, thereby avoiding external access during verification of the boot routine. Hence, a high degree of tamper resistance may be obtained, for instance, with respect to BIOS modification by exchanging BIOS chips.Type: GrantFiled: August 6, 2008Date of Patent: February 18, 2014Assignee: GLOBALFOUNDRIES Inc.Inventors: Ralf Findeisen, Michael Grell, Tim Edward Perley, Marc Edwin Jones, Frank Schuecke
-
Patent number: 8612729Abstract: In one embodiment, a processor comprises a programmable map and a circuit. The programmable map is configured to store data that identifies at least one instruction for which an architectural modification of an instruction set architecture implemented by the processor has been defined, wherein the processor does not implement the modification. The circuitry is configured to detect the instruction or its memory operands and cause a transition to Known Good Code (KGC), wherein the KGC is protected from unauthorized modification and is provided from an authenticated entity. The KGC comprises code that, when executed, emulates the modification. In another embodiment, an integrated circuit comprises at least one processor core; at least one other circuit; and a KGC source configured to supply KGC to the processor core for execution. The KGC comprises interface code for the other circuit whereby an application executing on the processor core interfaces to the other circuit through the KGC.Type: GrantFiled: December 17, 2007Date of Patent: December 17, 2013Assignee: Advanced Micro Devices, Inc.Inventors: Garth D. Hillman, Geoffrey Strongin, Andrew R. Rawson, Gary H. Simpson, Ralf Findeisen
-
Patent number: 8464037Abstract: A CPU, a computer system and a secure boot mechanism are provided in which a symmetric encryption key may be incorporated into a non-volatile memory area of the CPU core, thereby substantially avoiding any tampering of the encryption key by external sources. Moreover, pre-boot information may be internally stored in the CPU and may be retrieved upon a reset or power-on event in order to verify a signed boot information on the basis of the internal symmetric encryption key. Furthermore, the BIOS information may be efficiently updated by generating a signature using the internal encryption key.Type: GrantFiled: January 19, 2009Date of Patent: June 11, 2013Assignee: GLOBALFOUNDRIES Inc.Inventors: Michael Grell, Ralf Findeisen, Frank Schuecke
-
Patent number: 8000735Abstract: A wireless communications device includes a host processing unit, a modem processing unit, and a memory transport interface. The wireless communications device typically runs a variety of software tasks, some of which require considerably more memory than others. By processing the memory intensive tasks with the host processing unit and assigning tasks requiring high computing power but relatively smaller memory to the modem processor unit, a smaller on-chip memory can be used for the modem processor unit tasks. In addition, by using a messaging transport interface to transfer data between tasks running on different processing units, smaller local memories can be used in place of a shared memory. For example, by allocating and storing L1 tasks at the modem processing unit and allocating/storing L2 and L3 tasks at the host processing unit, duplicate memory components may be reduced or removed, thereby lowering system costs and improving system efficiency.Type: GrantFiled: December 1, 2004Date of Patent: August 16, 2011Assignee: GlobalFoundries Inc.Inventors: Michael Barclay, Terry Lynn Cole, Richard Powell, William M. Johnson, David W. Smith, Ralf Findeisen, Derek Golightly
-
Patent number: 7831813Abstract: In one embodiment, a processor comprises a programmable map and a circuit. The programmable map is configured to store data that identifies at least one instruction for which an architectural modification of an instruction set architecture implemented by the processor has been defined, wherein the processor does not implement the modification. The circuitry is configured to detect the instruction or its memory operands and cause a transition to Known Good Code (KGC), wherein the KGC is protected from unauthorized modification and is provided from an authenticated entity. The KGC comprises code that, when executed, emulates the modification. In another embodiment, an integrated circuit comprises at least one processor core; at least one other circuit; and a KGC source configured to supply KGC to the processor core for execution. The KGC comprises interface code for the other circuit whereby an application executing on the processor core interfaces to the other circuit through the KGC.Type: GrantFiled: December 17, 2007Date of Patent: November 9, 2010Assignee: GLOBALFOUNDRIES Inc.Inventors: Garth D. Hillman, Geoffrey Strongin, Andrew R. Rawson, Gary H. Simpson, Ralf Findeisen
-
Publication number: 20100174890Abstract: In one embodiment, a processor comprises a programmable map and a circuit. The programmable map is configured to store data that identifies at least one instruction for which an architectural modification of an instruction set architecture implemented by the processor has been defined, wherein the processor does not implement the modification. The circuitry is configured to detect the instruction or its memory operands and cause a transition to Known Good Code (KGC), wherein the KGC is protected from unauthorized modification and is provided from an authenticated entity. The KGC comprises code that, when executed, emulates the modification. In another embodiment, an integrated circuit comprises at least one processor core; at least one other circuit; and a KGC source configured to supply KGC to the processor core for execution. The KGC comprises interface code for the other circuit whereby an application executing on the processor core interfaces to the other circuit through the KGC.Type: ApplicationFiled: December 17, 2007Publication date: July 8, 2010Inventors: Garth D. Hillman, Geoffrey Strongin, Andrew R. Rawson, Gary H. Simpson, Ralf Findeisen
-
Patent number: 7672828Abstract: A software development technique is provided using target system virtualization software simulating behaviour of a target system. A target device driver running on a host system issues memory access commands to the target system virtualization software rather than to a memory interface unit of the host system. The memory interface unit may be an SRAM (Static Random Access Memory) interface. The target system may be an EGPRS (Enhanced General Packet Radio Service) modem.Type: GrantFiled: December 21, 2005Date of Patent: March 2, 2010Assignee: Advanced Micro Devices, Inc.Inventors: Michael Fiedler, Ralf Findeisen, Michael Grell, Matthias Lenk
-
Publication number: 20090276617Abstract: A CPU, a computer system and a secure boot mechanism are provided in which a symmetric encryption key may be incorporated into a non-volatile memory area of the CPU core, thereby substantially avoiding any tampering of the encryption key by external sources. Moreover, pre-boot information may be internally stored in the CPU and may be retrieved upon a reset or power-on event in order to verify a signed boot information on the basis of the internal symmetric encryption key. Furthermore, the BIOS information may be efficiently updated by generating a signature using the internal encryption key.Type: ApplicationFiled: January 19, 2009Publication date: November 5, 2009Inventors: Michael Grell, Ralf Findeisen, Frank Schuecke
-
Publication number: 20090222653Abstract: A secure boot processing may be accomplished on the basis of a non-volatile memory that is an integral part of the CPU and which may not be modified once a pre-boot information may be programmed into the non-volatile memory. During a reset event or a power-on event, execution may be started from the internal non-volatile memory, which may also include public decryption keys for verifying a signature of a portion of a boot routine. The verification of the respective portion of the boot routine may be accomplished by using internal random access memories, thereby avoiding external access during verification of the boot routine. Hence, a high degree of tamper resistance may be obtained, for instance, with respect to BIOS modification by exchanging BIOS chips.Type: ApplicationFiled: August 6, 2008Publication date: September 3, 2009Inventors: Ralf Findeisen, Michael Grell, Tim Edward Perley, Marc Edwin Jones, Frank Schuecke
-
Publication number: 20090193230Abstract: A computer system includes a main processor and a security control processor that is coupled to the main processor and configured to control and monitor an operational state of the main processor. To ensure the computer system may be trusted, the security control processor may be configured to hold the main processor in a slave mode during initialization of the security control processor such that the main processor is not operable to fetch and execute instructions from an instruction source external to the main processor, for example. In addition, the security control processor may be configured to initialize the operational state of the main processor to a predetermined state by transferring to the main processor via a control interface one or more instructions and to cause the main processor to execute the one or more instructions while the main processor is held in the slave mode.Type: ApplicationFiled: January 30, 2008Publication date: July 30, 2009Inventors: Ralf Findeisen, Geoffrey S. Strongin, Andrew R. Rawson, Garth D. Hillman, Gary H. Simpson
-
Publication number: 20090183245Abstract: In one embodiment, a computer system comprises one or more components and a secure computing environment coupled to the components. The secure computing environment is configured to program at least one of the components to enter a limited functionality mode responsive to expiration of a use right to the computer system, wherein operation of the computer system in the limited functionality mode is reduced compared to operation when the use right has not expired. The secure computing environment is configured to monitor the components in the limited functionality mode to detect that a limited functionality mode configuration has been modified by an unauthorized entity and to cause the computer system to enter a second mode in which operation of the computer system is reduced compared to operation in the limited functionality mode in response.Type: ApplicationFiled: January 10, 2008Publication date: July 16, 2009Inventors: Gary H. Simpson, Geoffrey Strongin, Andrew R. Rawson, Garth D. Hillman, Ralf Findeisen
-
Publication number: 20090158015Abstract: In one embodiment, a processor comprises a programmable map and a circuit. The programmable map is configured to store data that identifies at least one instruction for which an architectural modification of an instruction set architecture implemented by the processor has been defined, wherein the processor does not implement the modification. The circuitry is configured to detect the instruction or its memory operands and cause a transition to Known Good Code (KGC), wherein the KGC is protected from unauthorized modification and is provided from an authenticated entity. The KGC comprises code that, when executed, emulates the modification. In another embodiment, an integrated circuit comprises at least one processor core; at least one other circuit; and a KGC source configured to supply KGC to the processor core for execution. The KGC comprises interface code for the other circuit whereby an application executing on the processor core interfaces to the other circuit through the KGC.Type: ApplicationFiled: December 17, 2007Publication date: June 18, 2009Inventors: Garth D. Hillman, Geoffrey Strongin, Andrew R. Rawson, Gary H. Simpson, Ralf Findeisen
-
Patent number: 7492747Abstract: The present invention relates methods for patching WWAN (Wireless Wide Area Network) communication devices and corresponding WWAN communication devices, integrated circuit chips and computer-readable media. The WWAN communication device includes a first processor, a second processor and a memory. The first processor is arranged to process patches updating software running on the WWAN communication device. The second processor is arranged to provide a first set of the patches to the first processor. The memory stores a second set of the patches to be processed by the first processor. The second processor is further arranged to send a patch end signal to the first processor, the patch end signal causing the first processor to stop processing of patches provided by the second processor. The first processor is further arranged to process the patches stored in the memory independently of the patch end signal.Type: GrantFiled: December 21, 2005Date of Patent: February 17, 2009Assignee: Advanced Micro Devices, Inc.Inventors: Axel Wachtler, Richard Powell, Michael Grell, Ralf Findeisen
-
Publication number: 20070067151Abstract: A software development technique is provided using target system virtualization software simulating behaviour of a target system. A target device driver running on a host system issues memory access commands to the target system virtualization software rather than to a memory interface unit of the host system. The memory interface unit may be an SRAM (Static Random Access Memory) interface. The target system may be an EGPRS (Enhanced General Packet Radio Service) modem.Type: ApplicationFiled: December 21, 2005Publication date: March 22, 2007Inventors: Michael Fiedler, Ralf Findeisen, Michael Grell, Matthias Lenk
-
Publication number: 20070028296Abstract: The present invention relates methods for patching WWAN (Wireless Wide Area Network) communication devices and corresponding WWAN communication devices, integrated circuit chips and computer-readable media. The WWAN communication device includes a first processor, a second processor and a memory. The first processor is arranged to process patches updating software running on the WWAN communication device. The second processor is arranged to provide a first set of the patches to the first processor. The memory stores a second set of the patches to be processed by the first processor. The second processor is further arranged to send a patch end signal to the first processor, the patch end signal causing the first processor to stop processing of patches provided by the second processor. The first processor is further arranged to process the patches stored in the memory independently of the patch end signal.Type: ApplicationFiled: December 21, 2005Publication date: February 1, 2007Applicant: Advanced Micro Devices, Inc.Inventors: Axel Wachtler, Richard Powell, Michael Grell, Ralf Findeisen
-
Patent number: 7127067Abstract: Patch servers, patch clients and corresponding methods are provided that may increase secret protection and key loss tolerance. A patch server includes a first key generation platform and a second key generation platform different from the first one. A first and second private key group containing a plurality of first or second private keys, respectively, is generated using the first or second key generation platform, respectively. One of the first private keys is selected from the first private key group, and one of the second private keys is selected from the second private key group. A first digital signature is generated based on the patch and the first selected private key. A second digital signature is generated based on the patch and the second selected private key. The patch is transmitted to the patch client together with the first and second digital signatures.Type: GrantFiled: September 2, 2005Date of Patent: October 24, 2006Assignee: Advanced Micro Devices, Inc.Inventors: Axel Wachtler, Ralf Findeisen, Frank Schuecke