Abstract: A processor cache is logically partitioned into a main partition, located in the cache itself, and an enclave partition, located within an enclave, that is, a hardware-enforced protected region of an address space of a memory. This extends the secure address space usable by and for an application such as a software cryptoprocessor that is to execute only in secure regions of cache or memory.

Abstract: A processor cache is logically partitioned into a main partition, located in the cache itself, and an enclave partition, located within an enclave, that is, a hardware-enforced protected region of an address space of a memory. This extends the secure address space usable by and for an application such as a software cryptoprocessor that is to execute only in secure regions of cache or memory.

Abstract: A system and method of operation exploit the limited associativity of a single cache set to force observable cache evictions and discover conflicts. Loads are issued to input memory addresses, one at a time, until a cache eviction is detected. After observing a cache eviction on a load from an address, that address is added to a data structure representing the current conflict set. The cache is then flushed, and loads are issued to all addresses in the current conflict set, so that all known conflicting addresses are accessed first, ensuring that the next cache miss will occur on a different conflicting address. The process is repeated, issuing loads from all input memory addresses, incrementally finding conflicting addresses, one by one. Memory addresses that conflict in the cache belong to the same partition, whereas memory addresses belonging to different partitions do not conflict.

Abstract: An application such as a virtual machine are executed securely using a software-based, full-system emulator within a hardware-protected enclave, such as an SGX enclave. The emulator may thereby be secure even against a malicious underlying host operating system. In some cases, paging is used to allow even a large application may run within a small enclave using paging. Where the application itself uses enclaves, these guest enclaves may themselves be emulated within an emulator enclave such that the guest enclave(s) are nested as sibling enclaves by the emulator.

Abstract: An attestation system for asserting and verifying assertions of a known-good state of a computer system is provided. The attestation system allows a challenger and a prover to conduct an attestation so that the challenger can verify an assertion of the prover. To conduct the attestation, the prover sends, as an assertion of its state, a combined measurement of resources along with a constituent measurement of each resource to the challenger. The challenger verifies the assertion by verifying that the asserted constituent measurements represent known-good measurements and verifying that the asserted combined measurement can be generated from the asserted constituent measurements. To verify the asserted constituent measurements, the challenger determines whether each asserted constituent measurement for a resource is a known-good measurement for that resource.

Abstract: Methods and systems for securing sensitive data from security risks associated with direct memory access (“DMA”) by input/output (“I/O”) devices are provided. An enhanced software cryptoprocessor system secures sensitive data using various techniques, including (1) protecting sensitive data by preventing DMA by an I/O device to the portion of the cache that stores the sensitive data, (2) protecting device data by preventing cross-device access to device data using DMA isolation, and (3) protecting the cache by preventing the pessimistic eviction of cache lines on DMA writes to main memory.

Abstract: A system and method of operation exploit the limited associativity of a single cache set to force observable cache evictions and discover conflicts. Loads are issued to input memory addresses, one at a time, until a cache eviction is detected. After observing a cache eviction on a load from an address, that address is added to a data structure representing the current conflict set. The cache is then flushed, and loads are issued to all addresses in the current conflict set, so that all known conflicting addresses are accessed first, ensuring that the next cache miss will occur on a different conflicting address. The process is repeated, issuing loads from all input memory addresses, incrementally finding conflicting addresses, one by one. Memory addresses that conflict in the cache belong to the same partition, whereas memory addresses belonging to different partitions do not conflict.

Abstract: Security of information—both code and data—stored in a computer's system memory is provided by an agent loaded into and at run time resident in a CPU cache. Memory writes from the CPU are encrypted by the agent before writing and reads into the CPU are decrypted by the agent before they reach the CPU. The cache-resident agent also optionally validates the encrypted information stored in the system memory. Support for I/O devices and cache protection from unsafe DMA of the cache by devices is also provided.

Abstract: A system and method of operation exploit the limited associativity of a single cache set to force observable cache evictions and discover conflicts. Loads are issued to input memory addresses, one at a time, until a cache eviction is detected. After observing a cache eviction on a load from an address, that address is added to a data structure representing the current conflict set. The cache is then flushed, and loads are issued to all addresses in the current conflict set, so that all known conflicting addresses are accessed first, ensuring that the next cache miss will occur on a different conflicting address. The process is repeated, issuing loads from all input memory addresses, incrementally finding conflicting addresses, one by one. Memory addresses that conflict in the cache belong to the same partition, whereas memory addresses belonging to different partitions do not conflict.

Abstract: Security of information—both code and data—stored in a computer's system memory is provided by an agent loaded into and at run time resident in a CPU cache. Memory writes from the CPU are encrypted by the agent before writing and reads into the CPU are decrypted by the agent before they reach the CPU. The cache-resident agent also optionally validates the encrypted information stored in the system memory. Support for I/O devices and cache protection from unsafe DMA of the cache by devices is also provided.

Abstract: Security of information—both code and data—stored in a computer's system memory is provided by an agent loaded into and at run time resident in a CPU cache. Memory writes from the CPU are encrypted by the agent before writing and reads into the CPU are decrypted by the agent before they reach the CPU. The cache-resident agent also optionally validates the encrypted information stored in the system memory. Support for I/O devices and cache protection from unsafe DMA of the cache by devices is also provided.

Abstract: Methods and systems for securing sensitive data from security risks associated with direct memory access (“DMA”) by input/output (“I/O”) devices are provided. An enhanced software cryptoprocessor system secures sensitive data using various techniques, including (1) protecting sensitive data by preventing DMA by an I/O device to the portion of the cache that stores the sensitive data, (2) protecting device data by preventing cross-device access to device data using DMA isolation, and (3) protecting the cache by preventing the pessimistic eviction of cache lines on DMA writes to main memory.

Abstract: An attestation system for asserting and verifying assertions of a known-good state of a computer system is provided. The attestation system allows a challenger and a prover to conduct an attestation so that the challenger can verify an assertion of the prover. To conduct the attestation, the prover sends, as an assertion of its state, a combined measurement of resources along with a constituent measurement of each resource to the challenger. The challenger verifies the assertion by verifying that the asserted constituent measurements represent known-good measurements and verifying that the asserted combined measurement can be generated from the asserted constituent measurements. To verify the asserted constituent measurements, the challenger determines whether each asserted constituent measurement for a resource is a known-good measurement for that resource.

Abstract: An application such as a virtual machine are executed securely using a software-based, full-system emulator within a hardware-protected enclave, such as an SGX enclave. The emulator may thereby be secure even against a malicious underlying host operating system. In some cases, paging is used to allow even a large application may run within a small enclave using paging. Where the application itself uses enclaves, these guest enclaves may themselves be emulated within an emulator enclave such that the guest enclave(s) are nested as sibling enclaves by the emulator.

Abstract: A system and method of operation exploit the limited associativity of a single cache set to force observable cache evictions and discover conflicts. Loads are issued to input memory addresses, one at a time, until a cache eviction is detected. After observing a cache eviction on a load from an address, that address is added to a data structure representing the current conflict set. The cache is then flushed, and loads are issued to all addresses in the current conflict set, so that all known conflicting addresses are accessed first, ensuring that the next cache miss will occur on a different conflicting address. The process is repeated, issuing loads from all input memory addresses, incrementally finding conflicting addresses, one by one. Memory addresses that conflict in the cache belong to the same partition, whereas memory addresses belonging to different partitions do not conflict.

Abstract: A method of model identification for a process with unknown initial conditions in an industrial plant, the method comprising collecting a set of manipulated variables and corresponding set of process variables from the process; obtaining a plurality of manipulated variables from the collected set of manipulated variables; for each of the plurality of manipulated variables, obtaining optimal model parameters of a model transfer function and computing a model fitting index for optimized simulated process variables generated by the model transfer function using the optimal model parameters; identifying a best model fitting index among the model fitting indices computed; selecting a manipulated variable associated with the best model fitting index as an initial steady state condition for the model transfer function; and selecting the optimal model parameters corresponding with the best model fitting index as the best model parameters of the model transfer function to tune the controller.

Abstract: This disclosure is directed for improved techniques for configuring a device to generate a secondary password based at least in part on a secure authentication key. The techniques of this disclosure may, in some examples, provide for capturing, by a computing device, an image of a display of another computing device. The captured image includes at least one encoded graphical image, such as a barcode, that includes an indication of the content of a secure authentication key. The computing device may use the secure authentication key to generate a secondary password to be used in conjunction with a primary password to gain access to a password-protected web service.

Abstract: This disclosure is directed for improved techniques for configuring a device to generate a secondary password based at least in part on a secure authentication key. The techniques of this disclosure may, in some examples, provide for capturing, by a computing device, an image of a display of another computing device. The captured image includes at least one encoded graphical image, such as a barcode, that includes an indication of the content of a secure authentication key. The computing device may use the secure authentication key to generate a secondary password to be used in conjunction with a primary password to gain access to a password-protected web service.

Abstract: An automated system-on-chip (SOC) hardware and software cogeneration design flow allows an SOC designer, using a single source description for any platform-independent combination of reused or new IP blocks, to produce a configured hardware description language (HDL) description of the circuitry necessary to implement the SOC, while at the same time producing the development tools (e.g., compilers, assemblers, debuggers, simulator, software support libraries, reset sequences, etc.) used to generate the SOC software and the diagnostics environment used to verify the SOC.

Abstract: A method of model identification for a process with unknown initial conditions in an industrial plant, the method comprising collecting a set of manipulated variables and corresponding set of process variables from the process; obtaining a plurality of manipulated variables from the collected set of manipulated variables; for each of the plurality of manipulated variables, obtaining optimal model parameters of a model transfer function and computing a model fitting index for optimized simulated process variables generated by the model transfer function using the optimal model parameters; identifying a best model fitting index among the model fitting indices computed; selecting a manipulated variable associated with the best model fitting index as an initial steady state condition for the model transfer function; and selecting the optimal model parameters corresponding with the best model fitting index as the best model parameters of the model transfer function to tune the controller.