Patents by Inventor William David Smith
William David Smith has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11716626Abstract: A network access control system includes a communication device and an authorization system. The communication device is configured to communicate time-critical messages through a time-sensitive network during scheduled time windows. The communication device is further configured to be communicatively connected to a candidate device and to receive a network access request from the candidate device while blocking the candidate device from communicating through the time-sensitive network. The authorization system is communicatively connected to the communication device and configured to authorize the candidate device via a multi-factor authentication protocol that requires a user of the candidate device to successfully provide multiple identification factors. In response to the authorization system authorizing the candidate device, the communication device is configured to grant the candidate device restricted access to one or more of send or receive approved messages through the time-sensitive network.Type: GrantFiled: October 22, 2019Date of Patent: August 1, 2023Assignee: GENERAL ELECTRIC COMPANYInventors: Abdul Jabbar, William David Smith, II
-
Patent number: 11477083Abstract: An apparatus is provided. The apparatus including a plurality of network interfaces, including a first network interface and a second network interface. The apparatus also includes a processor with two or more independent processing units, including a first independent processing unit and a second independent processing unit. The apparatus further includes a memory having first instructions and second instructions stored thereon. Execution of the first instructions, cause the first independent processing unit to execute operations associated with a first operating system and communicate, via the first network interface, over a bi-direction communication, with one or more platform computing devices. Execution of the second instructions, cause the second independent processing unit to execute real-time operations associated with a second operating system and communicate, via the second network interface, with one or more computing devices each having one or more sensors thereon.Type: GrantFiled: December 15, 2017Date of Patent: October 18, 2022Assignee: INTELLIGENT PLATFORMS, LLCInventors: Daniel Halvard Miller, Keith George McNab, Wesley Michael Skeffington, Michael Joseph Yoensky, Steven J. Sullivan, William David Smith, II, John Ronald Burr
-
Patent number: 11349872Abstract: A secure communication path device includes a first secure communication validator providing a one-way communication path from a security domain by implementing a secure protocol parser, a second secure communication validator providing a one-way communication path from a second security domain by implementing a secure second protocol parser. Each validator including respective serial/de-serializer units providing a unidirectional communication path from their respective security domain. The device hardware segregating respective communications of the security domains within the secure communication path device.Type: GrantFiled: November 26, 2019Date of Patent: May 31, 2022Assignee: General Electric CompanyInventors: William David Smith, II, Krzysztof Kepa, David Safford
-
Publication number: 20210160285Abstract: A secure communication path device includes a first secure communication validator providing a one-way communication path from a security domain by implementing a secure protocol parser, a second secure communication validator providing a one-way communication path from a second security domain by implementing a secure second protocol parser. Each validator including respective serial/de-serializer units providing a unidirectional communication path from their respective security domain. The device hardware segregating respective communications of the security domains within the secure communication path device.Type: ApplicationFiled: November 26, 2019Publication date: May 27, 2021Inventors: William David SMITH, II, Krzysztof KEPA, David SAFFORD
-
Publication number: 20210126937Abstract: A cyber-security improvement platform database may store electronic records including information, received from remote submitting devices, associated with vulnerability data for computing elements. Information associated with first vulnerability data for a first computing element may be retrieved from the database and verified. Information about the first vulnerability data may then be recorded in a secure, distributed transaction ledger, and a crypto-currency payment may be transferred in connection with the recorded information. Similarly, the electronic records may further include fix data for computing elements. In this case, first fix data associated with the first vulnerability data may be retrieved, verified, and applied in connection with the first computing element. Additional information, about the first fix data, may then be recorded in the transaction ledger and an additional crypto-currency payment may be transferred in connection with the recorded additional information.Type: ApplicationFiled: October 28, 2019Publication date: April 29, 2021Inventors: Austars Raymond Schnore, JR., Safayet Nizam Uddin AHMED, David Safford, Krzysztof KEPA, Willard Monten WISEMAN, Kevin B. KENNY, William David SMITH, III, Masako YAMADA
-
Publication number: 20210120418Abstract: A network access control system includes a communication device and an authorization system. The communication device is configured to communicate time-critical messages through a time-sensitive network during scheduled time windows. The communication device is further configured to be communicatively connected to a candidate device and to receive a network access request from the candidate device while blocking the candidate device from communicating through the time-sensitive network. The authorization system is communicatively connected to the communication device and configured to authorize the candidate device via a multi-factor authentication protocol that requires a user of the candidate device to successfully provide multiple identification factors. In response to the authorization system authorizing the candidate device, the communication device is configured to grant the candidate device restricted access to one or more of send or receive approved messages through the time-sensitive network.Type: ApplicationFiled: October 22, 2019Publication date: April 22, 2021Inventors: Abdul Jabbar, William David Smith, II
-
Patent number: 10747579Abstract: Provided are a device and method for allocating system resources. In one example, the method includes identifying resources that are available from a plurality of devices included in a system, allocating available resources of the plurality of devices to a plurality of components operating in the system, the allocating comprising reserving a set of resources from the plurality of devices in the system for each respective component, from among the plurality of components, based on operating requirements included in the metadata of the respective component, and managing the system based on the allocated resources. By allocating resources to components executing in the system, in advance, and preventing other components from consuming those resources, the system can operate with improved stability.Type: GrantFiled: February 21, 2019Date of Patent: August 18, 2020Assignee: General Electric CompanyInventors: Daniel White Sexton, Austars Raymond Schnore, Jr., William David Smith, II, Wesley Michael Skeffington, Joel Frederick Markham
-
Patent number: 10706179Abstract: The example embodiments are directed to a system and method for secure provisioning of secrets into MPSoC devices using untrusted third-party systems. In one example, the method includes generating a random number sequence from a true random number generator to produce secret information, storing the secret information in an on-chip secure storage, encrypting, in a device and using public key encryption, the secret information to generate an encrypted message, and transmitting the encrypted message to a third-party system.Type: GrantFiled: January 10, 2018Date of Patent: July 7, 2020Assignee: General Electric CompanyInventors: Krzysztof Michal Kepa, Willard Monten Wiseman, David Safford, Wesley Michael Skeffington, William David Smith, II
-
Patent number: 10489597Abstract: According to some embodiments, a system may include a communication port to exchange information with a client device associated with an industrial control system. A network security server coupled to the communication port may include a computer processor adapted to provide a network security service for the client device. The computer processor may further be adapted to record security information about the client device via a blockchain verification process (e.g., by registering a validation result within a distributed ledger). The network security service might comprise, for example, an integrity attestation service providing software verification for the client device.Type: GrantFiled: March 28, 2017Date of Patent: November 26, 2019Assignee: General Electric CompanyInventors: David Safford, Atul Kshirsagar, William David Smith, II, Richard Paul Messmer
-
Publication number: 20190213359Abstract: The example embodiments are directed to a system and method for secure provisioning of secrets into MPSoC devices using untrusted third-party systems. In one example, the method includes generating a random number sequence from a true random number generator to produce secret information, storing the secret information in an on-chip secure storage, encrypting, in a device and using public key encryption, the secret information to generate an encrypted message, and transmitting the encrypted message to a third-party system.Type: ApplicationFiled: January 10, 2018Publication date: July 11, 2019Inventors: Krzysztof Michal KEPA, Willard Monten WISEMAN, David SAFFORD, Wesley Michael SKEFFINGTON, William David SMITH II
-
Publication number: 20190188044Abstract: Provided are a device and method for allocating system resources. In one example, the method includes identifying resources that are available from a plurality of devices included in a system, allocating available resources of the plurality of devices to a plurality of components operating in the system, the allocating comprising reserving a set of resources from the plurality of devices in the system for each respective component, from among the plurality of components, based on operating requirements included in the metadata of the respective component, and managing the system based on the allocated resources. By allocating resources to components executing in the system, in advance, and preventing other components from consuming those resources, the system can operate with improved stability.Type: ApplicationFiled: February 21, 2019Publication date: June 20, 2019Inventors: Daniel White SEXTON, Austars Raymond SCHNORE, JR., William David SMITH, II, Wesley Michael SKEFFINGTON, Joel Frederick MARKHAM
-
Patent number: 10261838Abstract: Provided are a device and method for allocating system resources. In one example, the method includes identifying resources that are available from a plurality of devices included in a system, allocating available resources of the plurality of devices to a plurality of components operating in the system, the allocating comprising reserving a set of resources from the plurality of devices in the system for each respective component, from among the plurality of components, based on operating requirements included in the metadata of the respective component, and managing the system based on the allocated resources. By allocating resources to components executing in the system, in advance, and preventing other components from consuming those resources, the system can operate with improved stability.Type: GrantFiled: August 11, 2016Date of Patent: April 16, 2019Assignee: GENERAL ELECTRIC COMPANYInventors: Daniel White Sexton, Austars Raymond Schnore, Jr., William David Smith, II, Wesley Michael Skeffington, Joel Frederick Markham
-
Patent number: 10210333Abstract: According to some embodiments, an overall chain-of-trust may be established for an industrial control system. Secure hardware may be provided, including a hardware security module coupled to or integrated with a processor of the industrial control system to provide a hardware root-of-trust. Similarly, secure firmware associated with a secure boot mechanism such that the processor executes a trusted operating system, wherein the secure boot mechanism includes one or more of a measured boot, a trusted boot, and a protected boot. Objects may be accessed via secure data storage, and data may be exchanged via secure communications in accordance with information stored in the hardware security model.Type: GrantFiled: June 30, 2016Date of Patent: February 19, 2019Assignee: GENERAL ELECTRIC COMPANYInventors: William David Smith, II, Safayet Nizam Uddin Ahmed, Joseph Czechowski, III, David Safford
-
Patent number: 10120983Abstract: A digital rights management (DRM) scheme enables a user having a valid license to digital content to create one or more copies of the content. The number of copies is limited by the DRM scheme. However, if the user is not connected or connectable to the content provider or licensing party when additional copies are desired, the user is permitted to create one or more additional copies without deleting or disabling other copies even though the additional copies exceed the number otherwise permitted by the DRM scheme. The number of such “float” copies may be limited. Rights to such additional copies may be withdrawn during a subsequent connection session between the user and the content provider.Type: GrantFiled: December 15, 2006Date of Patent: November 6, 2018Assignee: NBCUNIVERSAL MEDIA, LLCInventors: William David Smith, II, Mark Richard Gilder, Virginia Ann Zingelewicz, William Mandel
-
Publication number: 20180287780Abstract: According to some embodiments, a system may include a communication port to exchange information with a client device associated with an industrial control system. A network security server coupled to the communication port may include a computer processor adapted to provide a network security service for the client device. The computer processor may further be adapted to record security information about the client device via a blockchain verification process (e.g., by registering a validation result within a distributed ledger). The network security service might comprise, for example, an integrity attestation service providing software verification for the client device.Type: ApplicationFiled: March 28, 2017Publication date: October 4, 2018Inventors: David SAFFORD, Atul KSHIRSAGAR, William David SMITH, II, Richard Paul MESSMER
-
Publication number: 20180173205Abstract: An apparatus is provided. The apparatus including a plurality of network interfaces, including a first network interface and a second network interface. The apparatus also includes a processor with two or more independent processing units, including a first independent processing unit and a second independent processing unit. The apparatus further includes a memory having first instructions and second instructions stored thereon. Execution of the first instructions, cause the first independent processing unit to execute operations associated with a first operating system and communicate, via the first network interface, over a bi-direction communication, with one or more platform computing devices. Execution of the second instructions, cause the second independent processing unit to execute real-time operations associated with a second operating system and communicate, via the second network interface, with one or more computing devices each having one or more sensors thereon.Type: ApplicationFiled: December 15, 2017Publication date: June 21, 2018Inventors: Daniel Halvard Miller, Keith George McNab, Wesley Michael Skeffington, Michael Joseph Yoensky, Steven J. Sullivan, William David Smith, John Ronald Burr
-
Publication number: 20180046515Abstract: Provided are a device and method for allocating system resources. In one example, the method includes identifying resources that are available from a plurality of devices included in a system, allocating available resources of the plurality of devices to a plurality of components operating in the system, the allocating comprising reserving a set of resources from the plurality of devices in the system for each respective component, from among the plurality of components, based on operating requirements included in the metadata of the respective component, and managing the system based on the allocated resources. By allocating resources to components executing in the system, in advance, and preventing other components from consuming those resources, the system can operate with improved stability.Type: ApplicationFiled: August 11, 2016Publication date: February 15, 2018Inventors: Daniel White SEXTON, Austars Raymond SCHNORE, JR., William David SMITH, II, Wesley Michael SKEFFINGTON, Joel Frederick MARKHAM
-
Publication number: 20180004953Abstract: According to some embodiments, an overall chain-of-trust may be established for an industrial control system. Secure hardware may be provided, including a hardware security module coupled to or integrated with a processor of the industrial control system to provide a hardware root-of-trust. Similarly, secure firmware associated with a secure boot mechanism such that the processor executes a trusted operating system, wherein the secure boot mechanism includes one or more of a measured boot, a trusted boot, and a protected boot. Objects may be accessed via secure data storage, and data may be exchanged via secure communications in accordance with information stored in the hardware security model.Type: ApplicationFiled: June 30, 2016Publication date: January 4, 2018Inventors: William David Smith, II, Safayet Nizam Uddin Ahmed, Joseph Czechowski, III, David Safford
-
Patent number: 9342358Abstract: A system and method for controlling processor instruction execution. In one example, a method for synchronizing a number of instructions performed by processors includes instructing a first processor to iteratively execute instructions via a first set of iterations until a predetermined time period has elapsed. A number of instructions executed in each iteration of the first set of iterations is less than a number of instructions executed in a prior iteration of the first set of iterations. The method also includes instructing a second processor to iteratively execute instructions via a second set of iterations until the predetermined time period has elapsed. A number of instructions executed in each iteration of the second set of iterations is less than a number of instructions executed in a prior iteration of the second set of iterations. The method includes determining whether additional instructions are to be executed.Type: GrantFiled: September 14, 2012Date of Patent: May 17, 2016Assignee: General Electric CompanyInventors: William David Smith, II, Safayet Nizam Uddin Ahmed, Jon Marc Diekema
-
Patent number: D1065220Type: GrantFiled: November 16, 2022Date of Patent: March 4, 2025Assignee: Apple Inc.Inventors: James Halsey Brasure, William D. Carpenter, Anton Davydov, Fernando Garcia, Mark David Majdanski, Emmet Ray Smith