Abstract: Systems, methods and computer readable media enable secure patch downloading from a host to a target with improved security computation operations based on transport conditions. The method may include receiving a packet of the patch from the host; verifying that the packet is not a retransmission of a previously received packet; if the verification succeeds, performing a first type of security computation based on the packet; if the verification fails and the content of the packet differs from the content of the previously received packet, stopping further performance of the first type of security computation until a final packet of the patch is received; performing a second type of security computation based on one or more of the received packets; and determining a security status of the patch based on a comparison of the first type of security computation and the second type of security computation.

Abstract: Generally, this disclosure provides systems, devices, methods and computer readable media for patch downloading, from a host to a target, with improved acknowledge (ACK) mechanisms including combinations of out-of-sequence, single and aggregate acknowledge mechanisms. The method may include determining a packet size based on buffer capacity of the host; calculating the total number of packets (P) for transmission based on a size of the patch divided by the packet size; and calculating a packet storage capacity (N) of the target, based on buffer capacity of the target divided by the packet size. The method may also include transmitting the P packets to the target, including a sequence number and a portion of the patch, the transmission segmented into one or more cycles of up to N packets. The method may further include receiving ACKs from the target (asynchronously relative to the packet transmissions), the ACKS associated with the sequence numbers.

Abstract: Generally, this disclosure provides systems, devices, methods and computer readable media for patch downloading, from a host to a target, with improved acknowledge (ACK) mechanisms including combinations of out-of-sequence, single and aggregate acknowledge mechanisms. The method may include determining a packet size based on buffer capacity of the host; calculating the total number of packets (P) for transmission based on a size of the patch divided by the packet size; and calculating a packet storage capacity (N) of the target, based on buffer capacity of the target divided by the packet size. The method may also include transmitting the P packets to the target, including a sequence number and a portion of the patch, the transmission segmented into one or more cycles of up to N packets. The method may further include receiving ACKs from the target (asynchronously relative to the packet transmissions), the ACKS associated with the sequence numbers.

Abstract: Generally, this disclosure provides systems, methods and computer readable media for secure patch downloading from a host to a target, with improved security computation operations based on transport conditions. The method may include receiving a packet of the patch from the host; verifying that the packet is not a retransmission of a previously received packet; if the verification succeeds, performing a first type of security computation based on the packet; if the verification fails and the content of the packet differs from the content of the previously received packet, stopping further performance of the first type of security computation until a final packet of the patch is received; performing a second type of security computation based on one or more of the received packets; and determining a security status of the patch based on a comparison of the first type of security computation and the second type of security computation.

Abstract: Generally, this disclosure provides systems, devices, methods and computer readable media for patch downloading, from a host to a target, with improved acknowledge (ACK) mechanisms including combinations of out-of-sequence, single and aggregate acknowledge mechanisms. The method may include determining a packet size based on buffer capacity of the host; calculating the total number of packets (P) for transmission based on a size of the patch divided by the packet size; and calculating a packet storage capacity (N) of the target, based on buffer capacity of the target divided by the packet size. The method may also include transmitting the P packets to the target, including a sequence number and a portion of the patch, the transmission segmented into one or more cycles of up to N packets. The method may further include receiving ACKs from the target (asynchronously relative to the packet transmissions), the ACKS associated with the sequence numbers.

Abstract: Systems, methods and computer readable media for secure patch downloading from a host to a target, with improved security computation operations based on transport conditions. The method may include receiving a packet of the patch from the host; verifying that the packet is not a retransmission of a previously received packet; if the verification succeeds, performing a first type of security computation based on the packet; if the verification fails and the content of the packet differs from the content of the previously received packet, stopping further performance of the first type of security computation until a final packet of the patch is received; performing a second type of security computation based on one or more of the received packets; and determining a security status of the patch based on a comparison of the first type of security computation and the second type of security computation.

Abstract: Generally, this disclosure provides systems, devices, methods and computer readable media for patch downloading, from a host to a target, with improved acknowledge (ACK) mechanisms including combinations of out-of-sequence, single and aggregate acknowledge mechanisms. The method may include determining a packet size based on buffer capacity of the host; calculating the total number of packets (P) for transmission based on a size of the patch divided by the packet size; and calculating a packet storage capacity (N) of the target, based on buffer capacity of the target divided by the packet size. The method may also include transmitting the P packets to the target, including a sequence number and a portion of the patch, the transmission segmented into one or more cycles of up to N packets. The method may further include receiving ACKs from the target (asynchronously relative to the packet transmissions), the ACKS associated with the sequence numbers.

Abstract: Generally, this disclosure provides systems, methods and computer readable media for secure patch downloading from a host to a target, with improved security computation operations based on transport conditions. The method may include receiving a packet of the patch from the host; verifying that the packet is not a retransmission of a previously received packet; if the verification succeeds, performing a first type of security computation based on the packet; if the verification fails and the content of the packet differs from the content of the previously received packet, stopping further performance of the first type of security computation until a final packet of the patch is received; performing a second type of security computation based on one or more of the received packets; and determining a security status of the patch based on a comparison of the first type of security computation and the second type of security computation.