Detecting and preventing exploits of software vulnerability using instruction tags

Information

  • Patent Grant
  • 11741196
  • Patent Number
    11,741,196
  • Date Filed
    Thursday, November 14, 2019
    5 years ago
  • Date Issued
    Tuesday, August 29, 2023
    a year ago
Abstract
A secure processor, comprising a logic execution unit configured to process data based on instructions; a communication interface unit, configured to transfer of the instructions and the data, and metadata tags accompanying respective instructions and data; a metadata processing unit, configured to enforce specific restrictions with respect to at least execution of instructions, access to resources, and manipulation of data, selectively dependent on the received metadata tags; and a control transfer processing unit, configured to validate a branch instruction execution and an entry point instruction of each control transfer, selectively dependent on the respective metadata tags.
Description
FIELD OF THE INVENTION

The present invention relates to the field of secure processors, and more particularly to processors which tag code and data with metadata which controls or restricts access and/or execution privileges.


BACKGROUND OF THE INVENTION

Since 2005, Mitre Corporation has developed a list of common types of software vulnerabilities or weaknesses that lead to security violations in a computing system. See, cwe.mitre.org/index.html, and cve.mitre.org/data/downloads/allitems.html. See also, the National Vulnerability Database (NIST), nvd.nist.gov/.


Security-tagged architectures have been around for over five decades in research projects as well as commercially available processors like the Burrough's families of stack machines [37], the Intel iAPX 432 [30], the IBM System 38 [26] and others [19, 33, 35]. MINOS [12] adds a single bit tag to a data word, in the worst case, to protect the integrity of control flow data. In [42], instruction and data tags are used to track data from suspect inputs to prevent their malicious use as instructions of targets of jumps. Efforts such as LIFT [39], RAKSHA [13] and RIFLE [45] have used tagging to primarily track information flow. More elaborate tagging and metadata tags have been used in a number of other projects [2, 15] to implement a richer variety of security functions, designate proper usage of sensitive data structures and provide programmable security policies [15, 44]. The T-core processor uses two hardware-controlled tag bits per byte in memory to track taints and control flow integrity marks [3].


In all of this existing, the focus has been to use tags largely to enforce data usage and, barring the exception noted below, tags have not been used pervasively to enforce context-specific usage of existing instructions. Existing work have also used function tagging [2] to enforce security policies.


The concept of protection domains as security compartments have been around for a while [7, 10, 11, 17, 22, 33, 34, 48, 50].


The use of secure pointers and bounds register together implement functionality very similar to those realized in some designs with capability-based addressing [33,37]. However, capabilities in their purest form have no concept of a traditional address for the associated object. Instead, a unique object ID is used to refer to an object, which is then translated to a memory address.


The Security Tagged Architecture Co-Design (STACD) initiative discussed in [2] focused on eliminating inherent software vulnerabilities by redesigning the underlying hardware and the operating system to enforce software security policies and semantics. The proposed approach uses a metadata processing unit known as the Tagged Management Unit (TMU) that operates concurrently with the Central Processing Unit (CPU) to process the metadata. The introduction of tag-capable hardware requires software that uses tagged information.


Processors, such as Intel's x86 architecture, provide 2-bit tagging, to provide what is known as the ring architecture, which separates information into three domains; 0—The Kernel Domain, 1 & 2—Middle Domains (largely ignored), 3—User Domain. All kernel code and data must operate in the Kernel Domain (ring 0) while user code and data must remain in User Domain (ring 3). This technique increases the security of the system by providing isolation and separation of information, adhering to the security policy. However, Intel did not take into consideration the systems software. In order to use certain system functions, the user must perform a costly context switch into the Kernel Domain, which forced widespread violations of security policy by the hardware, allowing users to inject a portion of their code into the Kernel Domain.


The ST-ZKOS implements a 32-bit tag that is paired with each 32-bit word in memory. This effectively cuts the amount of memory. There are three primary fields:


1. Owner Field—this field indicates the entity that owns the resource managed by the code module. All code and data on the system have been separated into code modules that perform specific functions based on the concept of least privilege. An example of a code module would be the garbage collector, or a device driver.


2. Code-space Field—this field indicates the code modules that are currently executing and/or the code modules that are authorized to access specific operating system resources.


3. Control-bits Field—this field is used to even further support least privilege by providing some typing and access control information to system resources.


Each component on the bus would be associated with a single owner at any given time. Any master component owned by one entity would not be able to read/write from/to any slave component owned by another entity. Additionally, since the provenance of all components and the intent of their designers cannot be guaranteed, permission from the controller is required for component to accessing the bus (read or write), except for access requests. The bus width was widened to permit the 32-bit tag to accompany the associated code and data.


In order to associate each component on the bus with a specific owner, the components needed a way to identify who their owner is. The owner field of the tagging scheme allows each component to identify an owner. The other fields of the tag are used by the tag management unit to indicate what rules the data/code must follow in the processor and are not relevant for the interconnect.


Software needs a means to set the tag value for each component, thus identifying the owner. To accomplish this, the plug and play information for each component is stored in a record array in the arbiter of the controller. The arbiter needs to be modified such that this array is now memory mapped so that software can address it to assign tags for each component. When a master component, after having been granted sole access to the bus, writes data to a specific address, the arbiter will interpret the address to identify which slave component should receive the data, and will also compare the tag of the master with the tag of the slave from the memory mapped array to determine if they are owned by the same entity. If they are not, then the arbiter reports an error and cancels the transaction. Most memory components are shared among various owners.


Software needs to ensure that one owner does not attempt to overwrite the memory locations of another owner. The arbiter will not perform tag checks on writes to memory, such as Direct Memory Access (DMA) writes. For DMA writes, the arbiter will assign the master's tag to all data from the master on the tag bus to memory. This approach allegedly does not sacrifice security as the new data is tagged appropriately according to the owner of the master. Therefore, it is important that software assign the tag appropriately. The arbiter performs tag checks on reads from memory when the requesting master is not a processor. If the requesting master is not a processor, then the tag of the data is compared to the tag of the requesting master. If the tags do not match, then the arbiter initiates an error response and terminates the transaction.


See, U.S. Pat. Nos. 3,956,615; 5,204,840; 7,171,689; 7,194,769; 7,219,239; 7,254,586; 7,346,922; 7,376,969; 7,451,488; 7,464,407; 7,607,169; 7,650,638; 7,673,345; 7,743,421; 7,752,255; 7,752,459; 7,761,917; 7,761,918; 7,788,722; 7,861,299; 7,926,113; 7,958,549; 7,962,961; 8,028,341; 8,055,732; 8,055,797; 8,056,130; 8,065,725; 8,095,984; 8,127,359; 8,141,155; 8,161,540; 8,176,001; 8,176,527; 8,201,257; 8,209,753; 8,224,930; 8,230,507; 8,234,711; 8,281,036; 8,296,848; 8,306,228; 8,316,448; 8,332,367; 8,365,278; 8,365,289; 8,381,192; 8,392,997; 8,422,379; 8,438,532; 8,438,643; 8,458,798; 8,468,606; 8,474,004; 8,484,741; 8,516,594; 8,522,348; 8,533,843; 8,544,098; 8,566,928; 8,572,550; 8,572,750; 8,595,845; 8,601,104; 8,601,530; 8,602,089; 8,607,336; 8,611,232; 8,612,936; 8,613,083; 8,615,656; 8,627,402; 8,631,248; 8,631,489; 8,640,240; 8,644,516; 8,650,637; 8,730,946; 8,762,188; 8,776,180; 8,789,192; 8,789,193; 8,813,235; 8,819,420; 8,826,438; 8,844,043; 8,844,045; 8,850,588; 8,856,936; 8,869,110; 8,874,685; 8,893,283; 8,903,705; 8,918,884; 8,918,887; 8,925,082; 8,949,169; 8,966,619; 8,966,639; 8,984,579; 8,984,643; 8,990,948; 9,003,537; 9,027,125; 9,032,533; 9,043,753; 9,043,920; 9,047,293; 9,069,930; 9,092,616; 9,094,448; 9,118,706; 9,128,801; 9,141,378; 9,141,805; 9,158,871; 9,160,761; 9,165,133; 9,166,994; 9,178,911; 9,224,117; 9,256,746; 9,268,945; 9,270,695; 9,276,951; 9,292,695; 9,298,923; 9,305,165; 9,306,969; 9,306,975; 9,317,692; 9,317,708; 9,319,425; 9,323,921; 9,325,729; 9,369,482; 9,372,995; 9,389,933; 9,392,007; 9,407,645; 9,411,965; 9,413,538; 9,425,965; 9,456,004; 9,467,464; 9,467,465; 9,473,529; 9,479,535; 9,495,183; 9,503,467; 9,516,058; 9,537,876; 9,537,884; 9,544,326; 9,588,803; 9,602,529; 9,614,864; 9,619,655; 9,628,501; 9,633,213; 9,635,033; 9,648,036; 9,665,721; 9,680,699; 9,680,861; 9,686,291; 9,690,583; 9,692,778; 9,692,779; 9,716,721; 9,722,803; 9,726,460; 9,727,736; 9,729,568; 9,762,617; 9,779,191; 9,792,438; 9,817,978; 9,825,981; 9,825,982; 9,846,780; 9,860,265; 9,866,426; 9,871,815; 9,881,271; 9,886,303; 9,886,581; 9,886,582; 9,887,886; 9,894,088; 9,898,739; 9,900,339; 9,912,683; 9,923,916; 9,923,917; 9,928,369; 9,930,065; 20030167406; 20030182572; 20040003278; 20040143730; 20040172557; 20040218762; 20050005169; 20050010821; 20050138413; 20050187963; 20050229255; 20060069912; 20060225135; 20060259726; 20060259828; 20060265324; 20060265751; 20070061874; 20070061885; 20070067846; 20070067847; 20070067848; 20070162890; 20070169199; 20070177615; 20070192866; 20070192867; 20080005784; 20080060077; 20080068381; 20080071793; 20080071826; 20080071871; 20080071888; 20080071889; 20080071891; 20080071896; 20080071898; 20080072032; 20080072241; 20080072277; 20080072278; 20080089521; 20080092237; 20080127293; 20080127349; 20080172739; 20080222724; 20080256638; 20080270104; 20080271018; 20080271019; 20080271025; 20080282339; 20080313739; 20080314570; 20090007269; 20090028135; 20090077666; 20090099885; 20090100077; 20090103524; 20090106318; 20090113550; 20090204591; 20090254993; 20090281864; 20090293100; 20100042824; 20100050266; 20100095235; 20100095381; 20100154066; 20100192228; 20100275263; 20100306851; 20110030057; 20110047369; 20110060809; 20110093954; 20110125548; 20110138469; 20110138471; 20110141877; 20110191854; 20110231936; 20120185945; 20120203590; 20120204261; 20120222123; 20120232679; 20120246103; 20120260306; 20120272205; 20120284221; 20120304299; 20120304300; 20120311534; 20120311715; 20130055394; 20130074038; 20130074188; 20130086688; 20130125204; 20130167240; 20130179685; 20130182561; 20130191808; 20130191919; 20130198846; 20130227698; 20130247206; 20130268253; 20130297375; 20130298192; 20130298230; 20130298242; 20130298243; 20130298244; 20130326469; 20140007241; 20140032505; 20140047545; 20140059683; 20140068267; 20140075414; 20140082733; 20140137257; 20140165204; 20140172495; 20140173731; 20140173737; 20140181975; 20140181976; 20140189787; 20140189873; 20140196154; 20140201843; 20140215614; 20140215629; 20140218389; 20140237545; 20140245376; 20140283083; 20140317677; 20140337971; 20140337974; 20140366145; 20140373160; 20150033340; 20150040220; 20150040228; 20150058993; 20150067323; 20150067762; 20150088733; 20150106873; 20150172307; 20150213358; 20150222655; 20150235164; 20150237062; 20150237065; 20150241139; 20150242637; 20150244734; 20150244735; 20150288712; 20150295948; 20150301515; 20150304337; 20150310217; 20160006735; 20160012236; 20160020959; 20160034682; 20160057164; 20160063248; 20160063249; 20160063250; 20160063251; 20160063252; 20160065598; 20160072835; 20160078377; 20160105455; 20160119373; 20160180080; 20160188882; 20160205122; 20160212153; 20160232358; 20160234065; 20160248794; 20160248796; 20160253590; 20160259944; 20160261640; 20160269435; 20160337484; 20160366174; 20160378994; 20170026401; 20170034023; 20170034089; 20170034200; 20170046519; 20170053115; 20170061133; 20170078322; 20170091465; 20170093910; 20170142138; 20170149786; 20170149816; 20170169217; 20170171236; 20170177367; 20170177368; 20170180411; 20170193239; 20170206381; 20170208084; 20170208085; 20170208093; 20170213002; 20170214708; 20170214710; 20170243009; 20170250998; 20170262655; 20170286690; 20170289187; 20170293563; 20170295181; 20170295197; 20170300911; 20170316213; 20170318048; 20170324763; 20170324766; 20170329975; 20170331682; 20170346847; 20170353313; 20170353482; 20180011708; 20180032733; 20180032736; 20180034840; 20180041539; 20180048668; 20180060867; 20180063171; 20180063172; 20180063177; 20180077156; 20180077188; 20180077193; 20180077195; 20180091539; 20180096609; and 20180103054, each of which is expressly incorporated herein by reference.


SUMMARY OF THE INVENTION

The present technology provides a microprocessor having specific hardware support for detection of common types of software vulnerabilities or weaknesses that lead to security violations in a computing system.


This technology may be implemented as a hardware improvement that can be incorporated into an existing processor type, called a “Secure Processor” (SP) to detect exploitations of software vulnerabilities in the software, either accidentally or maliciously by compromised programs. The mechanisms employed are largely portable across different instruction sets, and are therefore not limited to any particular type of microprocessor architecture.


The security mechanism adds tags to each instruction and data word, leading to a tagged processor design for the SP. The added tag bits are used to enforce specific usage of instructions and data in the SP. The tags may be uniform in size (8-bits), or variable in size. The SP associates relatively narrow word-tags with every memory word that contains data or an instruction, to detect the exploitation of a number of software vulnerabilities.


The SP improves on existing security-tagged architectures is its pervasive use of these tags, to not only enforce the data type compliance rules of the application, but to also enforce context-specific legal uses of both data and instructions associated with control transfer, secured/bounded pointers, potentially-tainted data from an input device, and in other critical scenarios.


The SP may include additional secure features, such as word-sized, in-line metadata tags that specify access control information, which complement the word tags, which help form a basis of protection domains. Protection domains are hardware-implemented security compartments that encapsulate externally-callable and private functions, private data and can be set up to a security compartment that encompasses a single address space or set up multiple protection domains within a single address space. This permits a single application or a system component (like the OS) to be compartmentalized. The callable functions within a domain are invoked through word-tag enforced legal call gates, and every invocation uses existing control transfer primitives tagged appropriately for context-specific use. Such calls perform an access control check which can further enforce the principle of least privileges and/or other access control policies.


To secure a fenced, contiguous region of data, word tags also ensure that accesses are possible with secured pointers, with automatic bounds checking on each access. The SP's security mechanisms also include CPU-internal per-thread key registers and memory encryption engines, which together with protection domains provide information containment and isolation. In many instances, the SP uses multiple layers of protection to provide a robust solution against the software vulnerabilities.


In SP, the enforcement of proper context-specific use of many existing instructions (that are related to control flow or to accesses performed to a secured memory region with bounds enforcement) is specifically targeted with word tags for instructions to avoid the addition of new instructions that lead to an ISA bloat.


The SP implements two types of protection domains, fully-isolated and lightweight domains relying on instruction tagging to implement secure call gates and using sealed pointers to implement cross-domain calls with access checks on entry. Word tags are also used labels to enforce context-specific usage of exiting instructions for cross-domain calls. The approach taken has some similarity with earlier work on capability extensions for a RISC pipeline [21, 46].


The SP's protection domains can be used within the applications or the systems software components, specifically within the OS, libraries and utilities and are thus more homogeneous compared to Intel's SGX [11] or ISoX [17] that provide safe execution harbor to the applications from a compromised kernel and also from ARM's Trustzone, which effectively provides a safe harbor for only the trusted components in a system.


The SP's use of low-overhead local handlers is similar to RAKSHA's [13], but the SP, for added security, implements the scope of such functions only to the individual functions identified by the compiler.


The SP's fencing mechanism for limiting accesses with bounds checking to a fenced memory region uses a capability-like secure region pointer that specifies the region's address and size and the privilege level with which the region is accessed using instructions at all privilege levels as long as they have the secured pointers. This is similar to Intel's MPX extensions [28] that rely on the use of privileged instructions.


It is therefore an object to provide a secure processor, comprising: a logic execution unit configured to process data based on instructions; a communication interface unit, configured to transfer the instructions and the data, and tags accompanying respective instructions and data; a tag processing unit, configured to enforce specific restrictions with respect to at least execution of instructions, access to resources, and manipulation of data, selectively dependent on the accompanying tags; and a control transfer processing unit, configured to validate a branch instruction execution and an entry point instruction of each control transfer, selectively dependent on the respective accompanying tags.


It is also an object to provide a secure processing method, comprising: transferring instructions and data, in conjunction with tags accompanying respective instructions and data; enforcing, by a tag processing unit, specific restrictions with respect to at least execution of instructions, access to resources, and manipulation of data by an instruction execution unit, selectively dependent on the accompanying tags; and validating a branch instruction execution and an entry point instruction of each control transfer, selectively dependent on the respective accompanying tags, with a control transfer processing unit.


The tag processing unit may be implemented in hardware.


The tag processing unit may be further configured to ensure compliance with data type rules; memory access rules; context-specific data usage rules; source-dependent data usage rules; data modification rules; source-dependent instruction execution rules; context-dependent instruction execution rules; instruction sequence modification rules; control transfer instruction rules; and/or metadata tag modification rules.


The tag processing unit may be configured to enforce a restriction on use of data as an address within a memory space; data as a return address for a subroutine call; data as a target address of an indirect branch; data as a pointer; an instruction to control flow to a legal path; an instruction to call a function; an instruction to return from a function call; an instruction to access a protected domain or module; an instruction to perform a legal operation based on the source data type; and/or an instruction to bound access to a fenced memory region.


The communication interface unit may be configured to concurrently or sequentially transfer a respective instruction or data, and a respective accompanying tag.


The logic execution unit may be a RISC or CISC processor or portion thereof, with word length 8, 16, 32, or 64 bits, for example.


The tags may be 4-bits, 8-bits, or 16-bits for example.


The tag may comprise a privilege level which restricts access by the logic execution unit under control of instructions having the privilege level to the tags. The may tag comprises a second privilege level which permits access by the logic execution unit under control of instructions having the second privilege level to the tags.


At least one tag may indicate tainted instructions or data, wherein the tag processing unit requires validation of the tainted instructions or data prior to use.


The secure processor may further comprise a cryptographic unit, configured to perform cryptographic operations on information communicated through the communication interface unit. The cryptographic unit may employ distinct cryptographic keys selectively dependent on the tags. The cryptographic unit may employ distinct cryptographic keys selectively dependent on a respective thread of instruction execution.


The secure processor may further comprise an address translation unit, configured to map logical memory spaces to physical memory pages. The address translation unit may be further configured to maintain separate memory pages of instructions, data, and tags. The address translation unit may be further configured to retrieve memory pages of tags together with associated memory pages of instructions or data for storage in a common cache. The address translation unit may be further configured to maintain a privilege restriction on memory pages of instructions and tags which restricts reading, writing, and execution, unless accessed by trusted hardware or according to instructions having associated tags which indicate higher privileges. The memory pages of tags may be subject to an integrity check by the secure processor prior to execution of instructions from the memory pages of instructions.


A set of instructions comprising a code segment may be accompanied by a metadata tag, comprising at least one of a security level or a privilege level of the code segment, wherein the tag processing unit may be further configured to compare the security level or the privilege level of the code segment with a security level or a privilege level indicated by the respective tag of a calling instruction of the code segment.


The logic execution unit may have a logic execution pipeline with a first number of stages, and the tag processing unit has a tag processing pipeline with a second number of stages, the first number and the second number being the same, and wherein instruction processing advances through the logic execution pipeline at the same rate as tags advance through the tag processing pipeline processing.


The tag processing pipeline may have a tag processing stage which relies on information provided by at least one stage of the logic execution pipeline.


The logic execution pipeline may selectively process instructions in dependence on signal generated by stages of the tag processing pipeline.


The tag processing unit may comprise a tag processing pipeline, and the logic execution units comprises a logic execution pipeline, the tag processing pipeline and logic execution pipeline having synchronized operation, wherein the tag processing pipeline relies on information received the logic execution pipeline pertaining to the instructions it processes, sent from a stage in the logic execution pipeline to a corresponding stage in the tag processing pipeline, and the tag processing pipeline having at least one stage configured to generate signals that affect the behavior of the logic execution pipeline.


The secure processor may further comprise an instruction cache having cache lines, each cache line comprising memory locations for storing instructions and memory locations for storing tags, wherein the secure processor is configured to retrieve instructions based on instruction addresses, and to retrieve tags for storing in the instruction cache based on an address of a corresponding instruction.


The communication interface unit may be configured to retrieve an instruction based on an instruction address, and to retrieve a tag corresponding to the instruction based on the instruction address.


The secure processor may further comprise a data cache having cache lines, each cache line comprising memory locations for storing data and memory locations for storing tags, wherein the secure processor is configured to retrieve data based on data addresses, and to retrieve tags for storing in the data cache based on an address of corresponding data.


The communication interface unit may be configured to retrieve data based on a data address, and to retrieve a tag corresponding to the data based on the data address.


The communication interface unit may be configured to: retrieve information from a memory according to an address, store the retrieved information in a cache, and to perform a confinement check to determine whether the address is within a predefined memory region, and selectively access a tag in dependence on whether the address is within the predefined memory region.


The predefined memory region may comprise a fenced memory region demarcating by a set of guard memory words defining a starting address of a string of memory locations containing the information to be retrieved.


The fenced memory region may contain information that does not need to be protected and tagged as unmodifiable.


Each tag may have a number of bits of information dependent on a number of bits of information in a corresponding instruction.





BRIEF DESCRIPTION OF THE DRAWINGS


FIG. 1 depicts a protected domain and its typical contents.



FIG. 2 depicts protection domains.



FIG. 3 shows a block diagram of a RISC-V rocket pipeline with security extensions for realizing the SP in Gray.



FIG. 4 shows a flowchart of a method according to one embodiment of the invention.





DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

In a particular embodiment of the Secure Processor (SP), each of the aforementioned security paradigms is employed. It is noted that these may be employed individually, or in subcombination, or with other solutions to address the same potential vulnerabilities.


In this embodiment, we assume a 32-bit memory word for the following discussions, as in the 32-bit version of RISC-V. Each of the 32-bit memory words has an associated 8-bit tag. Of course, the technology is not limited to 32-bit architectures, 8-bit tags, or RISC-V architectures, and the technology may explicitly include CISC architectures, such as x86, IA-32, IA-64, as well as ARM64, ARMv7s. ARMv7, nVidia GPU, ATI GPU, SPARC, MIPS, etc. Likewise, the technology may encompass 4, 6, 8, 12, 16, 32, and 64-bit architectures, and other less standard word-lengths. The tags may be 2, 4, 8, 12, 16, 24, 32, 48, or 64-bits, for example.


For data words, the tag indicates the data type and allowed access mode. For 32-bit memory words containing instructions, the 8-bit tag indicates how the instruction is to be used and if the instruction has any special significance that was intended by the programmer. The tags are interpreted during execution by tag processing units provided within the instruction decoder and/or processing units. The tag processing units (as well as optional tag storage, transfer, security, etc. hardware) distinguish the SP from the parent processor architecture. Note, however, that is may be possible in some architectures to implement the SP system without hardware modification, though microcode enhancements. However, in order to achieve minimal impact on processor throughput, and freedom from reliance on trusted software, hardware support and acceleration is preferred.


The tags can get updated as the result of executing an instruction. Preferably, programs, i.e., sequences of tagged instructions, have no ability to overwrite the tags directly—tag usage and tag updates are intrinsic to the instruction semantics. Tags on critical data and instructions can also be marked as immutable and unreadable to prevent the misuse of instruction and data. Tags are preferably only manipulable under software control by a single trusted module.


The SP separates instruction and data pages for security and to simplify addressing. Tags are stored in pages separate from the data, and code pages and the tag pages are marked as non-readable, non-writeable and non-executable. Only trusted tag manipulation logic and the SP hardware can access/update these pages. As in any normal processor, page protection bits are associated with each page (and stored within TLB entries) that indicate the permitted access modes (read, write, execute). The SP relies upon a trusted compiler, linker and loader, which take care of tag generation, tag loading and linking modules. An integrity check is performed immediately after booting to ensure that tag pages were not altered during forced disruptions in the booting phase.


Tags in SP are encoded and interpreted in context, depending on whether the page is an instruction page or data page. Tables 1 and 2 describe the possible tag values for data and instruction words. Data tags indicate the type of data in the associated word and/or, in some cases, how the data is to be legally used (e.g., as a return address or as the target of an indirect branch or as a pointer). Instruction tags are used to enforce control flow to legal paths, to enforce legal ways to call and return from functions and protected domains or modules and enforce legal data operations based on the source data type as well as bounded accesses to fenced memory regions. Note that, in effect, the instruction tags extend the ISA by designating specific context-dependent variant of some existing instructions. This, in effect, permits the extensions to be retrofitted into an existing datapath relatively easily. Additional combinations of the word tags shown in Tables 1 and 2 are also possible.


The storage overhead of tags, with 32-bit data words and 32-bit instructions (as in a RISC-V variant) is thus 25%. For the 64-bit RISC-V implementations, the storage overhead for tags is 12.5%.









TABLE 1







Examples of Data Word Tag Values, Their Meaning and Usage.








Data Word



Tag Value
Meaning/Use





[INV]
Invalid, uninitialized


[PW]
Writeable by writer with appropriate privilege


[PRW]
Readable and writeable by writers with the appropriate privilege.


[REA]
Return address, cannot be overwritten. Call instruction sets this tag, cleared



to INV on return


[MCM],
Mapped control register, writeable (MCM) or immutable - this is, not


[MCI]
writeable (MCI)


[JTI]
Jump table entry and immutable (=non-writeable)


[SP0], [SP1]
Secured pointer types used for accessing a fenced region in permitted modes



with automatic bounds checking (Technique 4). Between two adjacent



memory words tagged as [SP0] and [SP1], specify the base address and size



of a fenced memory region and the permitted access mode. Both types of



pointers are marked as immutable and usable only by specially-tagged



memory instructions.


[DPR], [DPU]
Protected domain function pointers. These come in two flavors - resolved



(DPR) and unresolved (DPU). These are used to transfer control to protection



domains (Technique 5). Both types of pointers are marked as immutable and



non-copyable at compile time.


Data type tags
Several types, with other variations (immutable, readable/writeable etc.) -



unsigned, integers, floats, doubles etc. Used for type enforcements based on



permitted language semantics.


[TAI]
Potentially tainted data. Data coming in from external sources (such as via



the network) or DMA are tagged like this unless certified by a trusted



program to be of specific type.


[TBS]
Words in potentially tainted byte string passed as argument, for example, as



network packet payload, Technique 7.


Reserved
Reserved for use by system
















TABLE 2







Examples of Instruction Word Tag Values, Their Meaning and Usage.








Instruction



Word Tag


Value
Meaning/Use





[INV]
Invalid, uninitialized


[IMI]
Immutable instruction (not modifiable). For safety, unless intended



otherwise by the system, all generated instructions are immutable and data



cannot be executed as instruction.


[TRT], [TCA]
Target of a return from a function call, immutable (TRT) and target of a



function call (TCA) - Technique 4.


[TIN]
Target of an indirect branch


[RFN]
Instruction implementing a return from a function call (which could be an



ordinary JUMP instruction instead of a return instruction).


[EPD], [EXD]
Instruction at legal entry point of a module/protection domain (EPD) and



exit point (EXD). Modules or domains can have multiple entry and exit



points.


[DIN]
Instruction within a protection domain, immutable by default


[LBR]
LOAD instruction capable of loading a bounds register with pointers tagged



as [SP0], [SP1], Technique 4


[FMA]
Memory instructions (LOADs or STOREs) capable of accessing a fenced



memory region with bounds register and automatic bounds checking,



Technique 4.


[ENC]
Used for STOREs - result has to be encrypted before the memory update. A



series of these stores deposit data into an internal encryption buffer before



encryption and writing to memory by the memory encryption/decryption



logic.


[CDT]
Cross-domain JUMP (unconditional) or system call (using unresolved



pointer, Technique 5)


[EMD]
In-lined metadata embedded within code containing information for access



checking at entry point to a protected domain, enabling local exception



handler of specific type, labeling source of indirect jump at target. These are



immutable by default. Note that words tagged as [EMD] are not



instructions, but they appear within code, so their tag is interpreted in the



context of a code page.


Reserved
Reserved for use by system









Metadata Tags


Metadata tags (MDTs) in SP are in line with the code as a 32-bit tagged entity, and such tags carry information used for access control, control flow integrity markers for indirect branches, information about local validated exception handlers that can be quickly invoked within a function. When a single MDT is not enough to convey the information needed, a sequence of metadata tags with appropriate indicators for the contents and flags to indicate the start and end of the sequence can be used. MDTs are generated by the compiler and are marked as immutable by all software, excepting the trusted software module that updates tags. MDTs can be implemented as 32-bit words tagged [EMD] that are embedded within the code. The 32-bit metadata word contains other indicators that specify its remaining contents. Embedding metadata within code makes it possible to exploit the temporal and spatial locality in accessing instructions.


The MDT containing access information within a code segment can include the security or privilege level of the code segment and can be compared against the caller's privilege level to implement class-based access control (e.g., MLS). Alternatively, or in addition, MDTs used for access control can include pointers to access control lists (whitelist and/or blacklist), permitted access mode to data private to the called segment. MDT s are also used for specifying local exception handlers, invoked essentially as a function call. Note that from the standpoint of the baseline processor, the MDTs are effectively NOPs (No-operation instructions) and are interpreted only by the tag processing logic.


Fenced Protected Regions with Automatic Bounds Checking


The SP permits memory regions to be fenced with automatic bounds checking. Virtual pages containing these regions are marked as not-readable, not-writeable, so that normal memory instructions are incapable of accessing such protected regions. Only memory instructions (such as LOADs and STOREs in a RISC ISA), specifically tagged by the compiler can access these fenced regions using a specified bounds register which demarcates the memory region. Memory accesses using such tagged instructions automatically force a SP hardware check of the effective memory address to ensure that the memory accessed falls within the region specified in the bounds register. Each bounds register has the following fields:

    • (a) a start address S indicating the starting address of the fenced region in virtual memory;
    • (b) an offset limit L that indicates the size of the data structure. The highest accessible address in this region is S+L−1; and
    • (c) the access mode in which this data structure can be accessed—one of: read-only, write-only, read and write.


Four such bounds registers are provided in SP, BR0 through BR3.


The information to be loaded into each bounds register is stored in two adjacent memory words tagged as “Secure Pointer 0” and “Secure Pointer 1”. The first of these two words contains the starting address of a secured data region containing sensitive data while the second word contains the segment register id of the segment containing the data, the offset limit and the access mode. The tags and contents of these words are generated at compile time and both words are immutable and unreadable by normal software. The compiler uses bounded pointers and specifically-tagged instructions, tagged [FMA] to perform secure accesses in the least privileged mode to a fenced contiguous memory region, going through an automatic bounds checking in hardware. Another special instruction tag ([LBR]) is used with a LOAD to permit secure pointers to be loaded into the specified bounds register.


Specifically, [LBR] LOAD <BRid><reg><offset>, tagged to indicate that this is a LOAD capable of loading a bounds register with secure pointers (tagged as [SP0] and [SP1]) is used to load the bounds register specified in <Brid> with the bounds of a fenced memory region. The effective memory address targeted by this LOAD is computed by adding the contents of an existing architected register specified in <reg> to the literal value specified in offset. The address so computed should point to a memory word tagged as “SP0”. The contents of this memory location, if the tag check passes, are loaded into the appropriate field of the specified bounds register. Next, the effective word address is incremented and should point to a memory word tagged as “SP1”. If the tag check passes, the contents are loaded into the respective fields within the specified bounds register. If either or both tag checks fail, an exception is generated. An alternative mechanism for loading, respectively, the two secure pointers (“Secure Pointer 0” and “Secure Pointer 1”) into a bounds register can use two separate LOAD instructions to load these pointers into a bounds register as follows:


[LBR0] LOAD <BRid><reg><offset1>


[LBR1] LOAD <BRid><reg><offset2>


Where the value of <offset2> is obtained by adding the value specified in <offset1> with the size of “Secure Pointer 1”. Note also that two separate tags are used for the two LOAD instructions, LBR0 and LBR1. The hardware implementing the LOAD tagged with LBR0 checks, in addition to all other checks as described above, if the pointer type being loaded matches the tag associated with Secure Pointer 0. A similar tag check is done for the LOAD tagged with LBR1 to check compatibility with “Secure pointer 1”. The two secure pointers can have distinct associated tag values to enable this check.


To access a fenced memory region, LOAD and STORE instructions, tagged as [FMA] can access a fenced memory region. Specifically, [FMA] LOAD <reg>, <Brid><offset> performs a load into the architectural register specified in <reg> by adding the contents of the “base” field of the bounds register specified in <BRid> and the offset. Note that in a normal LOAD instruction, the field used by <BRid> specifies an architectural register, whereas for a [FMA] LOAD, the same field specifies a bounds register. Before the memory access is actually performed, the following three checks are performed to ensure that:

    • (a) the resulting word address is confined within the memory region specified in the bounds register;
    • (b) if a read access is permitted as specified in the bounds register; and
    • (c) the targeted memory word is tagged as readable.


An exception is generated if any of these conditions are not valid. The instruction [FMA] STORE <reg>, <BRid><offset> is the variant of a normal STORE and is used to write to a fenced memory region after checks similar to that of a [FMA] LOAD.


Protected Domains for Isolating Sensitive Data or Resources


Protected domains in SP encapsulate functions and sensitive data, including private data, and safeguard against unintended information leakage. Some of these functions within a protected domain are callable from external entities, including other protected domains, provided they have the appropriate privileges. These calls are cross-domain and take place through secure entry points, passing parameters through special registers. Cross-domain calls in SP use accesses to parameters passed to the called function and data inside the domain accessed by the function called in the least necessary access mode, as determined by the SP compiler or by using default policies. To complete the controlled, validated cross-domain call mechanisms, a separate call stack is used inside the protected domain as the called function executes. When the cross-domain call returns, this stack is cleared automatically to prevent any information leakage to the subsequent cross-domain calls.


The implementation of protected domains in SP relies on the tagging mechanism. A single segment encapsulates the code for a protected domain. Domain-local data and the local stack can also be implemented within this segment. Alternatively, these structures can be implemented as fenced regions with bounded pointers, with the secure pointers stored inside the domain's code segment. The cross domain call transfers control to the callee using a protected, unresolved pointer. Data private or exclusive to the called domain are protected using fenced, bounds checking. Input parameters may be similarly protected. Legal entry points are tagged as such and all other instructions in the domain are marked as non-enterable to prevent illicit calls. In-line metadata tags are used to verify the caller's privileges on entry through these legal entry points as described below. FIG. 1 depicts the essential ingredients of a protected domain.


Fully Isolated Protected Domains


The broad mechanism described above implements a fully-isolated domain. A fully-isolated domain provides full-fledged isolation guarantees and protection, and is implemented as a segment not known and not directly accessible to the caller. Cross-domain calls use a modified system call (or a new instruction, depending on the ISA targeted), specifying an appropriately tagged domain ID and a function offset in a sealed cross-domain pointer that essentially behaves as a capability, both specified in a single word tagged as “unresolved” domain function pointer. The domain ID is translated to a segment address by an underlying trusted system call handler.


Control transfer to an isolated domain, after appropriate tag validation of the tagged and modified system calls and unresolved pointer takes place as follows.


First, the call parameters are saved in special registers and the trusted system call handler translates the domain ID to an internal address.


Next, control is transferred to the specified entry point, where access checks are performed. Subsequently, a new context (that is, call stack) is allocated to serve the call. Such context stacks can be statically or dynamically allocated [20,46] and on exit, the context pages are cleared by marking the associated tags as invalid. This clearing is necessary to prevent information in the call stack from leaking to the next caller indirectly.


To complete the protected call, after validating the legitimacy of the caller from the access control information, the input parameters are copied from the parameter register into the newly-allocated context stack and the incoming parameter registers are cleared.


The above steps indicate that the overhead of a call to a fully-isolated protection domain is relatively expensive compared to a normal function call, as domain ID translation, context allocation are needed on an entry and context clearing is needed on an exit. Parameters in a cross-domain call to a fully isolated domain are passed through special registers as scalars or as pointers to pointer secured bounded segments, whose pointers are kept in the special parameter register set. The qualifier “fully-isolated” alludes to the higher level of isolation achieved between the caller and the callee using unresolved domain pointers, separate call stacks and automatic stack clearing on exits.


From an implementation perspective, cross-domain calls to fully-isolated domains can benefit from a number of optimizations that will be explored in this effort. Examples of these optimizations include the in-lining of domain IDs of frequent callers or storing them in a local hashed data structure, use of the encryption engine within the memory controller to keep private data encrypted in memory, and decrypt them when they are fetched into the registers, or encrypt register data when they are stored into memory. Finally, the access control functions using the information in metadata can be implemented in microcode or in software, that can use an approach similar to the one for fast local exception handling described later.


Lightweight Protected Domains


Somewhat moderate isolation can be implemented as a lightweight cross domain call where the protected domain is a segment co-mapped to the address space of the application that uses functions within the domain. A call to a function in a co-mapped domain is implemented by a JUMP instruction tagged by the compiler as a cross-domain transfer primitive. These JUMP instructions are immutable. The offset used in the JUMP is set by the compiler to the offset of a legal entry point. The address to be used is also tagged as a “resolved” domain pointer which can be only used by JUMPs tagged as a cross domain transfer instruction. The resolved domain pointers cannot be overwritten or copied, like words tagged as return addresses. They are only usable without restriction by trusted code within the system. An exception is generated if the target of the JUMP used for cross-domain call does not target a legal entry point, which has to have an instruction tagged as an entry point. Instructions within a protection domain that are not at legal entry points are tagged as “domain-sealed”. With co-mapped domains, a traditional activation stack (that is, call stack) can be used, making calls to functions within a co-mapped domain have an overhead identical to a normal function call.


Protected Domains


Critical systems functions and critical databases are examples of entities that demand the use of a fully-isolated domain for protection. FIG. 2 depicts a setup where multiple domains exist within the user and system space.


Protection domains represent a way of implementing security compartments that contain executable code. Access to the code within a compartment is enabled through predefined entry points and only if the caller has the right access privileges. From the usage perspective, the choice between a lightweight domain and a fully-isolated domain is determined largely by the level of isolation needed.


The SP permits one or more protection domains to be set up within the user space or within the systems space as shown in FIG. 2. Domains in SP are functionally identical whether they are in the user space or system space. A single application may be written to incorporate multiple protection domains in the user space. Similarly, the OS itself can be decomposed into multiple domains.


A simple decomposition breaks down the system into domains corresponding to core kernel functions, other kernel function, trusted tag manipulation module, system calls, Virtual Machine Monitor (VMM), individual libraries, individual utilities such as trusted linkers, trusted loaders, trusted compilers, etc. The hardware support is required to implement and enforce the address limits of the domain, confining address calculations performed with a segment base register in the virtual address to addresses within the domain.


Fast Local Exception Handling


In some cases, security checks can be quite elaborate and need to be performed in software. Such checks can be done using a function local to a protection domain that can be invoked with low overhead on a tag-generated exception. The existence of a local trap is indicated by inserting a metadata tag, preceding the code that uses the data, to indicate that a local handler exists for specific exception types. The in-lined metadata words at the beginning of this function where the exception is generated, passes on the address of the handling function and the type of exception it handles, to the underlying SP control logic. When the function generating the exception returns, the local exception function is disabled by another metadata tag (tagged [EMD]) inserted by the compiler to precede the return instruction, reverting exception handling responsibilities to the system-provided handler.


RAKSHA [13] also provides local handlers, but in the SP according to the present technology, their scope is additionally limited only to the function where they are specified for added security. Local exception handling for security checks can be used for dealing with SQL injection.


Keeping Track of Lowest Privileges in a Protected Call Chain


A call to a protected domain performs the necessary access checks, but it may be useful in some situations to keep track of the lowest privileged domain in the call chain. This information is passed on to the callee through an extension of the cross-domain parameter transfer register and saved in the context stack allocated for the call. With a dynamic, privilege-based security policy, where policies need to be changed on-the-fly, the privilege level of the protected domain with the lowest privilege in the call chain can be used in software to identify and deal with any unintended violation.


More generally, the tag in each case may be arbitrarily extensible through reference to an optional additional tag, register, stack entry, or memory location. Thus, the tag may be limited to 8 bits, but include “extensions” as required.


Crypto Engine and Per-Thread Key Registers


To permit fast encryption and decryption in the memory access path for data going out to memory or fetched from encrypted memory regions, the SP may incorporate a memory encryption and decryption engine within the memory controller. Memory access instructions (such as LOADs and STOREs) tagged as [ENC] may invoke memory encryption or decryption when a line is fetched from memory or written to memory.


This cryptographic processing capability may be used for other features, and thus need not be dedicated to the SP functionality only, though preferably the cryptographic key(s) used for SP is distinct from key(s) used for other purposes. Likewise, key management for the SP functionality key(s) is restricted to hardware and/or specially privileged software.


For example, memory writes to cache lines that need to be encrypted before being written to memory are marked within the cache using a bit flag and encryption takes place when such lines are evicted from the cache. This flag accompanies the line to the memory write buffer and is examined by the memory controller to decide if the line needs to be encrypted prior to the write.


The SP also incorporates a per-thread key register that is used to hold the key for the encryption. The key registers are loaded by a trusted kernel module when the thread is scheduled.


The present approach provides cryptographic protection in two areas: software requested cryptographic operations and cryptography embedded in the hardware to support the SP architecture tag and data security. A cryptographic block is provided for software use. The software cryptographic engine block enforces protocol compliance to eliminate common misuse of cryptographic operations. Cryptographic keys are isolated from software access and provide the capability to generate unique power-on keys to protect data at rest.


The embedded cryptographic processing utilizes high speed encryption/decryption engines and hash capabilities for protecting the various tags and vulnerable memory areas defined in the SP architecture from modification and inadvertent data exposure. In addition, the solution provides flexibility for future enhancements by enabling integration of commercial Physically Unclonable Functions (PUFs) to provide unique per part protection, verification and authentication of data. This combination of enhancements is utilized to eliminate attacks on the cryptographic operations.


Memory Mapped IO Devices and Taint Tagging


The SP maps all IO device registers to the memory space and protects accesses to them using special tags [MCM, MCI]. For added protection, these can be private to drivers that are implemented as a protected domain.


The SP also implements taint propagation. Any 10 device that can import potentially suspect data performs the DMAs into area word-tagged as [INV], or invalid. Any use of such data triggers exceptions that validates the data type in software, and once validated, copies it into the appropriate memory locations with proper tags. Byte sequences coming in from potentially compromised sources, such as a network interface, will be stored as a sequence of words tagged with [TBS] or, as a potentially tainted byte string components, with null byte pads to round up to a word size. Any operation using an input tagged as [INV] or [TBS] propagates the same tag to the result (both value and flags such as carry, zero, etc.). Overflows, underflows and results produced using inappropriate types of input operands will also taint the result produced by tagging it as [INV].


Specific SP Example



FIG. 3 shows an embodiment of a simple pipelined processor (the RISC-V Rocket implementation) with hardware extensions for realizing the SP pipeline design, including the branch, call, return and jump target validation, instruction tags, data tags, TPL, context control, key registers and optional encryption/decryption, as well as the latches associated with them (unlabeled boxes) in between adjacent pipeline stages Extended registers may also include bounds registers, parameter registers for cross-domain calls and the local handler address register. TPL is the tag processing logic for operations. The cryptographic engine can encrypt/decrypt data or pass data through without encryption/decryption. The tag storage and the tag processing components and latches can be implemented in a separate parallel pipeline.


Tags and data or code are all stored in their respective pages. Accesses to a data or instruction word requires the corresponding tag to be fetched, thus doubling the number of memory accesses needed. The performance penalty that results is mitigated by using extensions (Itag$ and Dtag$) to the instruction (1$) and data cache (D$) to hold the tags corresponding to a cache line, noting that accesses to tags exhibit the same localities seen in the course of accessing instructions and data. The impact of using tag caching was simulated on the Simplescalar simulator for an Alphas ISA (which is representative) with 32 Kbyte instruction and data caches, extended to hold tags and with a 256K unified L2 cache holding data, instruction and tag lines. Across the benchmarks in the SPEC benchmark suite, the extra memory accesses needed for word tags impose a performance penalty of less than 2% to a maximum of 19%, with an average penalty of about 10.5%. This can be reduced with other optimizations such as word tag prefetching and page-level tag consolidation into the TLB entries of pages with immutable and homogeneous contents. The additional energy overhead of word tag accesses can be reduced by using line buffering [21], which keeps recently-accessed cache rows in a few buffers external to the cache tag and data arrays, preventing unnecessary discharges of the pre-charged bit lines in the cache tag and data arrays on a hit in the line buffers in a direct silicon implementation or avoiding a read of the RAM-implemented data ways in a FPGA implementation, saving energy. This technique imposes no penalty on the cache access time and can also be used on the normal caches to stay within a reasonable power budget.



FIG. 4 shows a flowchart of a method of operating the secure processor in accordance with an embodiment of the invention.


Instructions and data are transferred, in conjunction with tags accompanying respective instructions and data 101. Tag may optionally comprise a privilege level which restricts access by the logic execution unit under control of instructions having the privilege level to the tags, and/or a second privilege level which permits access by the logic execution unit under control of instructions having the second privilege level to the tags 101A.


A tag processing unit enforces specific restrictions with respect to at least execution of instructions, access to resources, and manipulation of data by an instruction execution unit, selectively dependent on the received tags 102. The tag processing unit may ensure compliance with data type rules; memory access rules; context-specific data usage rules; source-dependent data usage rules; data modification rules; source-dependent instruction execution rules; context-dependent instruction execution rules; instruction sequence modification rules; control transfer instruction rules; and/or metadata tag modification rules. The tag processing unit may enforce a restriction on use of data as an address within a memory space; data as a return address for a subroutine call; data as a target address of an indirect branch; data as a pointer; an instruction to control flow to a legal path; an instruction to call a function; an instruction to return from a function call; an instruction to access a protected domain or module; an instruction to perform a legal operation based on the source data type; and/or an instruction to bound access to a fenced memory region 102A.


A branch instruction execution and an entry point instruction of each control transfer are validated, selectively dependent on the respective tags, with a control transfer processing unit 103.


Security Provided by SP


The SP relies fundamentally on the integrity of the word-tagging mechanism and in-line metatags (which are also word-tagged). This is realized by making tags inaccessible to software. The only exception to this is a high-privilege trusted software module that can manipulate the tags. SP also assumes that the compiler, linker and loader are trusted, as the compiler is responsible for the tag generation and the linker and loader are responsible for loading the word tags in a secure memory area inaccessible to all but the trusted software module that can manipulate tags. The hardware, of course, is also assumed to be secure as it interprets the tags. Attacks during booting or tag loading by induced interrupts that can potentially corrupt the tags are addressed by validating the hash signature of the tag pages prior to execution.


Instruction tagging in the SP, to enforce their context-dependent legal use, a distinctive feature of the SP, provides the basis for enforcing control flow for functions calls and returns and for directing indirect jumps to legal targets. The SP also disallows data to be interpreted as instruction—this is the basis for preventing several attacks. At the same time, to permit legal code modifications in interpreters and during the boot loading of some OS s, the functions performing such modifications are vetted out and validated at run-time using tags.


Data areas secured with bounds checking and accessed in the least-necessary access modes use secure pointers and specially-tagged memory instructions, making it impossible for normal memory instructions to access such fenced areas, which are implemented in pages marked as non-readable and non-writeable (and non-executable).


Protection Domains (PDs) in the SP for encapsulating data, associated private and public functions, are invoked only through compiler-directed control instructions (tagged as such) and invoke domain functions through legal entry points by ensuring that the control transfer to such domains from the caller take place at instructions tagged as entry points. PDs are entered only after validating the eligibility of the caller at the entry point using in-line metadata tags that point to access control information or has embedded access control information. This guarantees that only legitimate callers can invoke the PD's public functions. PDs allocate a call-specific context (call stack) on each call and can also use optional encryption for any private data in the RAM, facilitated by a master key maintained in the per-thread key register and memory encryption/de-encryption engine. All of these features permit PDs to implement security compartments and guard against unintended data leakage.


Examples of Security Provided by SP Against Software Vulnerabilities


The protection provided by the SP may be provided against instances of weaknesses from various CWE (Common Weakness Enumeration) classes as listed by Mitre Corporation.


The following table lists how exemplary instances of the seven classes of CWEs are handled in SP. Tags are shown, where used in square brackets. Additionally, the SP compiler avoids vulnerabilities by using proper libraries, vetted functions and trusted system functions.









TABLE 3







Common Weakness Evaluation









CWE Class
Examples
SP Mechanism Addressing CWE





Buffer errors
Stack attacks including ROP
Instruction and return address tagging



CWE119: improper restriction of
Bounds registers implementing fenced



operation within memory area
memory area



CWE120: buffer copying without



checking buffer size


Permissions,
CWE-250: execution with
Access-controlled protection domains,


privileges,
unnecessary privilege
access to data in least-necessary mode


access
CWE-306: missing authentication


control
of critical functions


Resource
CWE-732: incorrect permission
PD encapsulating resource + memory


management
for critical resources
encryption, memory-mapped, tagged




device control registers in fenced area +




BR



CWE-22: Improper Limitation of
Word tagging to taint input arguments and



a Pathname to a Restricted
software handlers on using tainted



Directory,
arguments



CWE-494: Download of Code



Without Integrity Check


Code injection
JOP
Tagging of jumps, jump table entries,




targets + CFI markers in in-lined MD



Executing data as instructions
Data word tags disabling execution +




separate data and instruction pages



CWE-89: SQL injection, CWE-
Word tagging to taint input arguments



79: cross-domain scripting
[TBS] and software handlers on using




tainted argument words of byte sequence


Information
Information exposure through
Access controlled PDs, tag marking data


leakage
error message (CWE-209), debug
as sensitive, memory encryption



(CWE-215), caching (CWE-524),



log files (CWE-532)


Crypto error
CWE-306: missing authentication
Access controlled PDs, encryption-needed



of critical functions
tag [ENC]



CWE-327: use of broken crypto
Force use of hardware crypto engine,




master key in per-tread key register


Numeric errors
Operations on incompatible
Data type enforcement through tagging,



operands
tagging result produced as [TAI]



CWE-682: Incorrect Calculation
Tagging result produced with




overflow/underflow as tainted [TAI]



CWE-198: Use of Incorrect Byte
Words in byte sequence from external



Ordering
sources marked as tainted [TBS], invokes




handlers on use. Other situations handled




by compiler.









Example details on how SP handles some vulnerability classes is discussed below.


Buffer Errors


In SP, buffer errors are avoided by using protected fenced memory regions in general. In buffer overflow attacks that center on a stack and compromise function call and return control flow, word and instruction tags detect control flow compromises as follows. The key idea here is to enforce that the return from a function uses a legitimate return address from the call stack and that control returns to the instruction immediately following the call instruction (implemented using a JALR or JAL on the RISC-V). The SP accomplishes this as follows:


1. The control logic implementing a Call instruction is augmented to tag the return address pushed onto the call stack as a “return” address. The return address tag is generated only by the Call instruction. The return address tag also marks the word as immutable (that is not overwriteable) and permits only a return instruction (tagged appropriately) to use this return address. Word tagged as a return address cannot also be copied (for instance by using a LOAD).


2. The instruction following a call, which is the point of return, is tagged by the compiler as the target of a return.


3. The Return instruction or the JUMP instruction implementing a function call return is tagged as a “return” instruction by the compiler.


Control flow returns only when the target address on the call stack is marked as a return address and the next instruction executed is marked as the target of a return. A successfully executed return also resets the stack location associated with the return address used to permit overwrites during subsequent usage.


For relocation of stacks and context switches, tag checking is turned off momentarily by a trusted code and stack words, including words tagged as a return address can be copied and written elsewhere.


This simple data word-tagging and instruction-tagging mechanism prevents the simple “stack smashing” attacks as well as libc attacks [40], and more sophisticated return-oriented programming attacks [27] that all use buffer overruns to overwrite return addresses on the attack. Overwrites to stack locations that hold the return address are prevented, and raise an exception because of the “return” address tag, which prevents overwrites and copying. Further, for libc and ROP attacks, arbitrary gadgets cannot be constructed, as the instruction at the point of the misdirected return is not tagged as a legitimate instruction following a call by the compiler in general.


The tag-based implementation of proper function call and return control flow has significant advantages compared to shadow stacks that provide similar functionality (for example, as recently introduced by Intel [29]). The shadow stack mechanism essentially saves the return address at the time of a call on a separate shadow stack. At the time of a return, the return address used for the normal call stack is compared against the return address saved on the shadow stack and an exception is triggered on a mismatch. The shadow stack needs to be implemented in a protected area and also needs to be saved and restored on context switches. SP eliminates the need to implement and manage a shadow stack across context switches. The mechanism also imposes zero performance overhead (i.e., the protection mechanism does not add any execution overhead when the security checks pass, other than the performance degradation caused by additional accesses to tags, which are mitigated using the encoded tag cache hierarchy and tag perfecting), and is far less complicated than exotic architectural support that has been proposed for detecting ROP attacks [4, 5, 31].


Enforcing Control Flow for Indirect/Computed Branches


The legal targets of an indirect jump are all tagged as such at compile time. When an indirect jump executes, the tag of the target is verified to be marked as a target for the indirect branch; an exception is generated if the indirect branch attempts to transfer control to any instruction that is not marked as a target. Jump-oriented programming attacks that construct attack gadgets by stringing together existing instruction chunks through the modification of targets of indirect jumps [6] are thus not possible. Again, the SP is far simpler compared to proposed solutions like [4, 5], or the use of special instructions at the target of indirect branches, as in a recent Intel solution [29], and has a zero performance overhead.


Note that with the SP tagging scheme, it is still possible for an indirect jump to legally transfer control to the marked target of another indirect jump. Although this would be a relatively difficult exploit, the SP can protect against this by storing an in-line metadata tag at the target that holds a unique-compiler-generated label derived from the indirect branch's virtual address. This metadata-bearing word is followed by the original instruction at the target. Control transfer is allowed only after validating this label and ensuring that the jump target is labeled as a legitimate target. This approach is similar to what has been used for enforcing control flow integrity in software [1].


Protecting Transfer Vectors and Function Pointer Tables


A class of attacks redirect control flow from the intended path by altering the address of virtual functions used by many programming languages (for example, Vtable attacks for C++ programs) or jump vectors stored in jump tables by the linker for dynamically linked code modules. Tagging these table entries as immutable jump table entry prevents them from being overwritten by malicious code and also ensures their proper use by jump instructions.


Preserving Code Integrity


At the page level, data segments have an associated NX (no-execute flag) for each page within the segment. In addition, instructions are tagged as immutable by the compiler, so they cannot be altered. Together, these mechanisms ensure code integrity is preserved. However, there are legitimate reasons for using run-time code modification in current systems. Many OSs use self-modifying code at boot time for booting off a small image. Similarly, bytecode interpreters in languages such as Java rely on code modification for performance optimization. A solution to permitting these undesirable legacy practices is to validate the code that performs this on-the-fly modification, and rely on the trusted software module that can directly access and update the tags before and after modification. To do this, the permitted functions that modify the binaries at run-time are implemented within their own protection domain and they are permitted to call functions within the domain runs the functions that perform the code modifications. This permission is granted through explicit entries in an access control list for the protection domain that implements the tag updates.


SQL Injection and Cross-Domain Scripting


Both SQL injection and cross-domain scripting vulnerabilities stem from the use of potentially tainted inputs. The SP marks such inputs as tainted with the word tag [TAT]. Byte sequences are put into words, and the constituent words bear this tag. The SP does not rely on hardware to perform the validation of arguments, as the process is very complex. Instead, any attempt to use such tainted arguments trigger a context-specific check by a handler. In some cases, the handler may be encapsulated in the domain where the argument is processed or used, and is invoked through a locally-handled trap as a function call with low overhead. As an example in the case of SQL injection, the SQL database and its associated functions can be encapsulated in a protection domain with a handler to check the byte string passed on as argument. On exit from the validation function (which will typically call trusted functions for validating the argument as legal, for example using SQL whitelists and/or blacklists and other mechanisms), normal exception handling is automatically restored.


General Implementation of the Security Extensions


The SP technologies are implementation-agnostic across many RISC ISAs. The narrow tags and in-line metadata tags facilitate this. Extending tag storage to instruction and data caches facilitate the performance scaling, along with use of known techniques for mitigating the overhead of tag accesses. It is worth noting that the SP system, as described herein, does not use all of the 256 tag values that are possible with 8-bit word tags. This permits other tag values to be used in ways that can evolve as the SP design matures during or beyond the project, and other extensions consistent with the SP architecture or independent of it.


The access control policies used for protection domains in SP are also very flexible, as the access control code can be implemented in software within trusted handlers that can be invoked quickly as a local handler. Thus, SP's security architecture provides flexibility in the design and use of tags, as well as in crafting a variety of security policies.


In the SP, the code associated with protection domains is designed to support multithreading and SMP (multicore) implementations. Utilities for SP are also designed to be thread-safe. Cross-domain parameter passing registers, bounds, special registers containing a local handler address(es), and tags associated with general-purpose registers in the ISA, have to be all part of the context of a process/thread and need to be saved on context switches. Extending the tags to the instruction and data caches permit exiting cache coherence mechanisms to be easily used for SP for multicore implementations with cache coherence logic.


For CISC ISAs like the x86, variable-length instructions do impose an addressing challenge for the instruction tags in separate pages from the code. The solution to be used for incorporating the SP security mechanism for detecting software vulnerability exploits relies on instructions being non-writable, and stores instructions adjacent to their tags, and the instruction decoder is modified to take the (uniform-sized) instruction tags into account. The compiler also takes into account the tag size for generating the offsets used in PC-relative addressing.


It is also possible to use 4-bit encoded tags for SP, which makes it easy to pad memory lines containing instruction tags and simplify instruction tag addressing. There are many specific optimizations that can reduce the performance overhead of a x86 CPU including the SP security mechanisms, compared to the baseline traditional implementation.


For example, micro-op (uop) trace caches used in many x86 implementations, which contain validated traces and security checks (and associated performance delays and power dissipations), can be avoided when the trace is re-executed and other performance boosting artifacts built around trace caches (such as group commitment) can be used.


REFERENCES

Each of the following is expressly incorporated herein by reference in its entirety.

  • 1. Abadi, M., M. Budiu, Ú. Erlingsson, and J. Ligatti, “Control-flow Integrity”, in Proceedings of the 12th ACM Conference on Computer and Communications Security, pp. 340-353. ACM, 2005.
  • 2. Air Force Research Laboratory Report No. AFRL-RI-RS-TR-2015-210, Security-Tagged Architecture Co-Design (STACD), September 2015.
  • 3. Air Force Research Laboratory, Publicly-released information on the T-Core project, provided by J. Rooks, in email to J. Kiernan at Lockheed-Martin, May 19, 2017.
  • 4. Aktas, E., F. Afram, K. Ghose, “Continuous, Low Overhead, Run-Time Validation of Program Executions”, in IEEE Proceedings of the 47th Annual Symposium on Microarchitecture (MICRO), (2014), pp. 229-241.
  • 5. Arora, D., Ravi, S., Raghunathan, A., and Jha, N. K. “Hardware-assisted run-time monitoring for secure program execution on embedded processors.” IEEE Transactions on Very Large Scale Integration (VLSI) Systems 14, no. 12 (2006): 1295-1308.
  • 6. Bletsch T., X. Jiang, V. W. Freeh, Z. Liang, “Jump oriented programming: a new class of code-reuse attack”, In Proc. of the 6th ACM Symposium on Information, Computer and Communications Security. ASIACCS, pp. 30-40, 2011.
  • 7. Chen, Y.-Y., P. A. Jamkhedkar, and R. B. Lee, “A Software Hardware Architecture for Self-Protecting Data”, in Proceedings of the ACM Conference on Computer and Communications Security, pp. 14-27. ACM, 2012.
  • 8. Cheng, B.-C., and W.-M. Hwu, “Modular Interprocedural Pointer Analysis using Access Paths: Design, Implementation, and Evaluation”, in ACM SIGPLAN Notices 35, no. 5 (2000), pp. 57-69.
  • 9. Choi, J.-D., M. Burke, and P. Carini. “Efficient Flow-sensitive Interprocedural Computation of Pointer-induced Aliases and Side effects”, in Proceedings of the 20th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, pp. 232-245, 1993.
  • 10. Costan, V, Ilia Lebedev, and Srinivas Devadas, “Sanctum: Minimal Hardware Extensions for Strong Software Isolation”, in Proceedings of the 25th Usenix Security Symposium, 2016, pp. 857-874.
  • 11. Costan, V. and Srinivas Devadas, “Intel SGX Explained”, Cryptology ePrint Archive, Report 2016/086, February 2016.
  • 12. Crandall, J. R. and F. T. Chong, “MINOS: Control Data Attack Prevention Orthogonal to Memory Model”, in Proceedings of the 37th Intl. Symposium on Microarchitecture, Portland, Oreg., December 2004.
  • 13. Dalton, M., H. Kannan, and C. Kozyrakis, “Raksha: A Flexible Information Flow Architecture for Software Security”, in Proceedings of the International Symposium on Computer Architecture (ISCA), pp. 482-493, 2007.
  • 14. De Moura, L., and N. Bjørner, “Z3: An efficient SMT solver”, in Proceedings of International conference on Tools and Algorithms for the Construction and Analysis of Systems, pp. 337-340, 2008.
  • 15. Dhawan, U., C. Hritcu, R. Rubin, N. Vasilakis, S. Chiricescu, J. M. Smith, T. F. Knight, Jr., B. C. Pierce and A. DeHon, “Architectural Support for Software-Defined Metadata Processing”, in Proceedings of the 20-th International Conference on Architectural Support for Programming Languages and Operating Systems, pp. 487-502, 2015.
  • 16. Emami, M., R. Ghiya, and L. J. Hendren. “Context-Sensitive Interprocedural Points-to Analysis in the Presence of Function Pointers, in ACM SIGPLAN Notices, vol. 29, no. 6, pp. 242-256, 1994.
  • 17. Evtyushkin, D. E., J. Elwell, M. Ozsoy, D. Ponomarev, N. Abu-Ghazaleh and R. Riley, “Iso-X: A Flexible Architecture for Hardware-Managed Isolated Execution”, in Proceedings of the 47-th Annual Symposium on Microarchitecture (MICRO), (2014), pp. 190-202. IEEE.
  • 18. Fahndrich, M., J. S. Foster, Z. Su, and A. Aiken, “Partial Online Cycle Elimination in Inclusion Constraint Graphs”, in Proceedings Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI '98), pp. 85-96, 1998.
  • 19. Feustel, Edward A, “On the Advantages of Tagged Architectures”, in IEEE Transactions on Computers, Vol. 22 (7), pp. 644-652, July 1973.
  • 20. Ghose K. and P. Vasek, “A Fast Capability Extension to a RISC Architecture”, in Proceedings of the EUROMICRO Conference, September 1996, pp. 606-614.
  • 21. Ghose, K. and M. B. Kamble, “Reducing Power in Superscalar Processor Caches using Subbanking, Multiple Line Buffers and Bit-line segmentation”, in Proceedings of the 1999 international symposium on Low Power Electronics and Design (ISLPED '99), pp. 70-75, 1999.
  • 22. Graham, B, Protection in an Information Processing Utility, in Communications of the ACM, Volume 11, pp. 306-312, May 1968.
  • 23. Halfond, W. G. J., and A. Orso, “AMNESIA: Analysis and Monitoring for NEutralizing SQL-Injection Attacks”, in Proceedings of the 20th IEEE/ACM international Conference on Automated Software Engineering (ASE '05), pp. 174-183, 2005.
  • 24. Hardekopf, B., and C. Lin, “The Ant and the Grasshopper: Fast and Accurate Pointer Analysis for Millions of Lines of Code”, in ACM SIGPLAN Notices, vol. 42, no. 6, pp. 290-299, 2007.
  • 25. Heintze, N., and O. Tardieu, “Ultra-fast Aliasing Analysis using CLA: A Million Lines of C Code in a Second”, in ACM SIGPLAN Notices, vol. 36, no. 5, pp. 254-263, 2001.
  • 26. Houdek, M. E., F. G. Soltis, and R. L. Hoffman, “IBM System/38 Support for Capability-based Addressing”, in Proceedings of the Eighth Annual Symposium on Computer Architecture, pp. 341-348, 1981.
  • 27. Hund R., T. Holz and F. Freiling, “Return oriented rootkits: Bypassing kernel code integrity protection mechanisms”, in Proc. of Usenix Security Symposium, pp. 383-398, 2009.
  • 28. Intel Corporation., Intel Memory Protection Extensions Enabling Guide, software.intel.com/sites/default/files/managed/9d/f6/Intel_MPX_EnablingGuide.pdf Accessed: 2017-05-30.
  • 29. Intel Corporation, Control-flow Enforcement Technology Preview, Document Number: 334525-001, June 2016.
  • 30. Intel Corporation, Introduction to the iAPX 432 Architecture, Manual No. 171821-001, 1981.
  • 31. Kayaalp M., Ozsoy M., Abu-Ghazaleh N., Ponomarev D., “Branch Regulation: Low Overhead Protection Fron Code Reuse Attacks”, 39th Int'l. Symp. on Computer Architecture (ISCA), pp. 94-105, 2012.
  • 32. Landi, W., and B. G. Ryder. “A Safe Approximate Algorithm for Interprocedural Pointer Aliasing”, ACM SIGPLAN Notices 39, no. 4 (2004), pp. 473-489.
  • 33. Levy, H. M., Capability-Based Computer Systems, Digital Press, 1984.
  • 34. McKeen, F., I. Alexandrovich, A. Berenzon, C. Rozas, H. Shafi, V. Shanbhogue, and U. R. Savagaonkar, “Innovative Instructions and Software Model for Isolated Execution”, in Proceedings of the Workshop on Hardware and Architectural Support for Security and Privacy (HASP), pp. 10:1-10:8, 2013.
  • 35. Moon, D. A., “Architecture of the Symbolics 3600”, in Proceedings of the 12th. Annual International Symposium on Computer Architecture, ISCA, pp. 76-83, 1985. IEEE Computer Society.
  • 36. Nystrom, Erik, Hong-Seok Kim, and Wen-Mei Hwu. “Bottom-up and Top-down Context-sensitive Summary-based Pointer Analysis.” Static Analysis, pp. 165-180, 2004.
  • 37. Organick, E. I, Computer System Organization: The B5700/B6700 Series, Academic Press, 1973.
  • 38. Pietraszek, T. and C. V. Berghe, “Defending Against Injection Attacks through Context-Sensitive String Evaluation”, in Proceedings of the Recent Advances in Intrusion Detection Symposium, Seattle, Wash., September 2005.
  • 39. Qin, F., C. Wang, Z. Li, H. Seop Kim, Y. Zhou, and Y. Wu, “LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting Security Attacks”, in Proceedings of the 39th the Intl. Symposium on Microarchitecture, Orlando, Fla., December 2006.
  • 40. Shacham H. “The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86)”, In14th The ACM Conference on Computer and Communications Security (CCS), pp. 552-561, 2007.
  • 41. Shioya, R., D. Kim, K. Horio, M. Goshima, and S. Sakai, Low-overhead Architecture for Security Tag, in Proceedings of the 2009 15th IEEE Pacific Rim International Symposium on Dependable DComputing, PRDC '09, pages 135-142, Washington, D.C., USA, 2009. IEEE Computer Society.
  • 42. Suh, G. E., J. W. Lee, D. Zhang, and S. Devadas., “Secure Program Execution via Dynamic Information Flow Tracking”, in Proceedings of the 11th Intl. Conference on Architectural Support for Programming Languages and Operating Systems, Boston, Mass., October 2004, In ACM Sigplan Notices, vol. 39, no. 11, pp. 85-96. ACM, 2004.
  • 43. Sui, Y., and J. Xue. “SVF: Interprocedural Static Value-flow Analysis in LLVM”, in Proceedings of the 25th ACM International Conference on Compiler Construction, pp. 265-266, 2016.
  • 44. Sullivan, G., “The Dover Architecture”, presentation at New England Security Day, Nov. 28, 2016
  • 45. Vachharajani, N., M. J. Bridges, J. Chang, R. Rangan, G. Ottoni, J. A. Blome, G. A. Reis, M. Vachharajani, and D. I. August, “RIFLE: An Architectural Framework for User-Centric Information-Flow Security”, in Proceedings of the 37th Intl. Symposium on Microarchitecture, Portland, Oreg., December 2004.
  • 46. Vasek, P. and K. Ghose, “A Comparison of Two Context Allocation Approaches for Fast Protected Calls”, in Proceedings of the IEEE Conference on High-Performance Computing (HiPC), December 1997, pp. 16-21.
  • 47. Whaley, J., and M. S. Lam. “Cloning-based Context-Sensitive Pointer Alias Analysis Using Binary Decision Diagrams”, in ACM SIGPLAN Notices, vol. 39, no. 6, pp. 131-144, 2004.
  • 48. Witchel, E., J. Cates, and K. Asanovic, “Mondrian Memory Protection”, in Proceedings of the 10th International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS X, Vol. 37, no. 10. pp. 304-316, New York, N.Y., USA, 2002. ACM.
  • 49. Woodruff, J., R. N. Watson, D. Chisnall, S. W. Moore, J. Anderson, B. Davis, B. Laurie, P. G. Neumann, R. Norton and M. Roe, “The CHERI Capability Model: Revisiting RISC in an Age of Risk”, in Proceedings of the International Symposium on Computer Architecture (ISCA), pages 457-468, June 2014.
  • 50. Wulf, W. A., S. P. Levin and S. P. Harbison, Hydra/Cmmp: An Experimental Computer System, McGraw-Hill, 1981.
  • 51. Xu, W., S. Bhatkar, and R. Sekar, “Taint-enhanced Policy Enforcement: A Practical Approach to Defeat a Wide Range of Attacks”, in Proceedings of the 15th USENIX Security Conference, Vancouver, Canada, August 2006.
  • 52. Zhu, J., “Towards Scalable Flow and Context Sensitive Pointer Analysis”, in Proceedings of the 42nd annual Design Automation Conference, pp. 831-836, 2005.
  • 53. Achermann, Reto, Chris Dalton, Paolo Faraboschi, Moritz Hoffmann, Dejan Milojicic, Geoffrey Ndu, Alexander Richardson, Timothy Roscoe, Adrian L. Shaw, and Robert N M Watson. “Separating Translation from Protection in Address Spaces with Dynamic Remapping.” In Proceedings of the 16th Workshop on Hot Topics in Operating Systems, pp. 118-124. ACM, 2017.
  • 54. Aga, Shaizeen, and Satish Narayanasamy. “InvisiMem: Smart memory defenses for memory bus side channel.” In ACM SIGARCH Computer Architecture News, vol. 45, no. 2, pp. 94-106. ACM, 2017.
  • 55. Arora, Divya, Srivaths Ravi, Anand Raghunathan, and Niraj K. Jha. “Secure embedded processing through hardware-assisted run-time monitoring.” In Design, Automation and Test in Europe, 2005. Proceedings, pp. 178-183. IEEE, 2005.
  • 56. Belay, Adam, Andrea Bittau, Ali José Mashtizadeh, David Terei, David Maziéres, and Christos Kozyrakis. “Dune: Safe User-level Access to Privileged CPU Features.” In Osdi, vol. 12, pp. 335-348. 2012.
  • 57. Chen, Chun-Chung, Shih-Hao Hung, and Chen-Pang Lee. “Protection against Buffer Overflow Attacks via Dynamic Binary Translation.” In Reliable and Autonomous Computational Science, pp. 305-324. Springer, Basel, 2011.
  • 58. Chien, Andrew A., and Jay H. Byun. “Safe and protected execution for the morph/AMRM reconfigurable processor.” In Field-Programmable Custom Computing Machines, 1999. FCCM'99. Proceedings. Seventh Annual IEEE Symposium on, pp. 209-221. IEEE, 1999.
  • 59. Corliss, Marc L., E. Christopher Lewis, and Amir Roth. “DISE: A programmable macro engine for customizing applications.” In Computer Architecture, 2003. Proceedings. 30th Annual International Symposium on, pp. 362-373. IEEE, 2003.
  • 60. Cox, Benjamin, David Evans, Adrian Filipi, Jonathan Rowanhill, Wei Hu, Jack Davidson, John Knight, Anh Nguyen-Tuong, and Jason Hiser. “15th USENIX Security Symposium.”
  • 61. Dagit, Jason, Simon Winwood, Jem Berkes, and Adam Wick. “Code re-use attacks and their mitigation.” (2017).
  • 62. Ferraiuolo, Andrew, Mark Zhao, Andrew C. Myers, and G. Edward Suh. “HyperFlow: A processor architecture for nonmalleable, timing-safe information flow security.” In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 1583-1600. ACM, 2018.
  • 63. Ferraiuolo, Andrew, Yuqi Zhao, G. Edward Suh, and Andrew C. Myers. HyperFlow: A Processor Architecture for Timing-Safe Information-Flow Security. 2018.
  • 64. Fu, Jianming, Rui Jin, and Yan Lin. “FRProtector: Defeating Control Flow Hijacking Through Function-Level Randomization and Transfer Protection.” In International Conference on Security and Privacy in Communication Systems, pp. 659-672. Springer, Cham, 2017.
  • 65. González, Julián A. “Hardware Modifications to Prevent Code Reuse Attacks.” (2014).
  • 66. Havet, Aurélien, Rafael Pires, Pascal Felber, Marcelo Pasin, Romain Rouvoy, and Valerio Schiavoni. “SecureStreams: A Reactive Middleware Framework for Secure Data Stream Processing.” In Proceedings of the 11th ACM International Conference on Distributed and Event-based Systems, pp. 124-133. ACM, 2017.
  • 67. Hoefler, Torsten, Salvatore Di Girolamo, Konstantin Taranov, Ryan E. Grant, and Ron Brightwell. “sPIN: High-performance streaming Processing in the Network.” In Proceedings of the International Conference for High Performance Computing, Networking, Storage and Analysis, p. 59. ACM, 2017.
  • 68. Joannou, Alexandre, Jonathan Woodruff, Robert Kovacsics, Simon W. Moore, Alex Bradbury, Hongyan Xia, Robert N M Watson et al. “Efficient Tagged Memory.” In Computer Design (ICCD), 2017 IEEE International Conference on, pp. 641-648. IEEE, 2017.
  • 69. Jungwirth, Patrick, Phil Chan, Eric Imsand, and Hameed Badawy. “Security tag computation and propagation in OSFA.” In Cyber Sensing 2018, vol. 10630, p. 1063004. International Society for Optics and Photonics, 2018.
  • 70. Jungwirth, Patrick, Philip Chan, Thomas Barnett, and Abdel-Hameed Badawy. “Cyber defense through hardware security.” In Disruptive Technologies in Information Sciences, vol. 10652, p. 106520P. International Society for Optics and Photonics, 2018.
  • 71. Kannan, Hari, Michael Dalton, and Christos Kozyrakis. “Decoupling dynamic information flow tracking with a dedicated coprocessor.” In Dependable Systems & Networks, 2009. DSN′09. IEEE/IFIP International Conference on, pp. 105-114. IEEE, 2009.
  • 72. Kim, Channoh, Jaehyeok Kim, Sungmin Kim, Dooyoung Kim, Namho Kim, Gitae Na, Young H. Oh, Hyeon Gyu Cho, and Jae W. Lee. “Typed Architectures: Architectural Support for Lightweight Scripting.” ACM SIGOPS Operating Systems Review 51, no. 2 (2017): 77-90.
  • 73. Lentz, Matthew, Rijurekha Sen, Peter Druschel, and Bobby Bhattacharjee. “SeCloak: ARM Trustzone-based Mobile Peripheral Control.” (2018).
  • 74. Lie, David, Chandramohan Thekkath, Mark Mitchell, Patrick Lincoln, Dan Boneh, John Mitchell, and Mark Horowitz. “Architectural support for copy and tamper resistant software.” ACM SIGPLAN Notices 35, no. 11 (2000): 168-177.
  • 75. Liu, Tao, Hui Guo, Sri Parameswaran, and Sharon X. Hu. “iCETD: An improved tag generation design for memory data authentication in embedded processor systems.” Integration, the VLSI Journal 56 (2017): 96-104.
  • 76. Liu, Tong, Gang Shi, Liwei Chen, Fei Zhang, Yaxuan Yang, and Jihu Zhang. “TMDFI: Tagged Memory Assisted for Fine-Grained Data-Flow Integrity Towards Embedded Systems Against Software Exploitation.” In 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), pp. 545-550. IEEE, 2018.
  • 77. Reddy, A L Narasimha, and Prithviraj Banerjee. “A fault secure dictionary machine.” In Data Engineering, 1987 IEEE Third International Conference on, pp. 104-110. IEEE, 1987.
  • 78. Roessler, Nick, and André DeHon. “Protecting the stack with metadata policies and tagged hardware.” In 2018 IEEE Symposium on Security and Privacy (SP), pp. 478-495. IEEE, 2018.
  • 79. Shioya, Ryota, Daewung Kim, Kazuo Horio, Masahiro Goshima, and Shuichi Sakai. “Low-overhead architecture for security tag.” IEICE TRANSACTIONS on Information and Systems 94, no. 1 (2011): 69-78.
  • 80. Skorstengaard, Lau, Dominique Devriese, and Lars Birkedal. “Enforcing well-bracketed control flow and stack encapsulation using linear capabilities.” In PriSC 2018 Principles of Secure Compilation. 2018.
  • 81. Sullivan, Gregory T., André DeHon, Steven Milburn, Eli Boling, Marco Ciaffi, Jothy Rosenberg, and Andrew Sutherland. “The Dover inherently secure processor.” In Technologies for Homeland Security (HST), 2017 IEEE International Symposium on, pp. 1-5. IEEE, 2017.
  • 82. Tiwari, Mohit, Banit Agrawal, Shashidhar Mysore, Jonathan Valamehr, and Timothy Sherwood. “A small cache of large ranges: Hardware methods for efficiently searching, storing, and updating big dataflow tags.” In Proceedings of the 41st annual IEEE/ACM International Symposium on Microarchitecture, pp. 94-105. IEEE Computer Society, 2008.
  • 83. Watson, Robert Nicholas, Peter G. Neumann, and Simon W. Moore. “Balancing Disruption and Deployability in the CHERI Instruction-Set Architecture (ISA).” MIT Press, 2017.
  • 84. Watson, Robert N M, Jonathan Woodruff, Michael Roe, Simon W. Moore, and Peter G. Neumann. Capability Hardware Enhanced RISC Instructions (CHERI): Notes on the Meltdown and Spectre Attacks. No. UCAM-CL-TR-916. University of Cambridge, Computer Laboratory, 2018.
  • 85. Wilkerson, Christopher B. “System and method to bypass execution of instructions involving unreliable data during speculative execution.” U.S. Pat. No. 7,114,059, issued Sep. 26, 2006.
  • 86. Wong, Ming Ming, Jawad Haj-Yahya, and Anupam Chattopadhyay. “SMARTS: secure memory assurance of RISC-V trusted SoC.” In Proceedings of the 7th International Workshop on Hardware and Architectural Support for Security and Privacy, p. 6. ACM, 2018.
  • 87. Woodruff, Jonathan David, A. Joannou, Robert Kovacsics, Simon William Moore, A. Bradbury, H. Xia, R. N. M. Robert et al. “Efficient Tagged Memory.” (2018).
  • 88. Xia, Yubin, Yutao Liu, Haibo Chen, and Binyu Zang. “CFIMon: Detecting violation of control flow integrity using performance counters.” In Dependable Systems and Networks (DSN), 2012 42nd Annual IEEE/IFIP International Conference on, pp. 1-12. IEEE, 2012.
  • 89. Yang, L. I., and Jun-wei L I. “A Technique Preventing Code Reuse Attacks Based on RISC Processor.” DEStech Transactions on Computer Science and Engineering CCNT (2018).
  • 90. Yao, Zhihao, Saeed Mirzamohammadi, Ardalan Amiri Sani, and Mathias Payer. “Milkomeda: Safeguarding the Mobile GPU Interface Using WebGL Security Checks.” In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 1455-1469. ACM, 2018.
  • 91. Zeldovich, Nickolai, Hari Kannan, Michael Dalton, and Christos Kozyrakis. “Hardware Enforcement of Application Security Policies Using Tagged Memory.” In OSDI, vol. 8, pp. 225-240. 2008.
  • 92. Zeldovich, Nickolai, Silas Boyd-Wickizer, Eddie Kohler, and David Mazières. “Making information flow explicit in HiStar.” In Proceedings of the 7th symposium on Operating systems design and implementation, pp. 263-278. USENIX Association, 2006.

Claims
  • 1. A secure microprocessor, comprising: a logic execution unit configured to process data based on instructions, subject to interaction with a tag processing unit to enforce instruction execution restrictions and a control transfer processing unit to enforce control transfer restrictions;a cache comprising a cache line having memory locations for storing instructions, and memory locations for storing instruction tags accompanying each respective instruction, the cache being configured to receive the instructions and instruction tags from a memory external to the secure microprocessor, wherein the cache line is configured to store a plurality of instructions and a plurality of accompanying instruction tags;the tag processing unit, configured to enforce the execution restrictions with respect to execution of instructions from the cache line, access to resources, and manipulation of data, selectively dependent on the accompanying instruction tag from the cache line for each respective instruction, and concurrently interacting with the logic execution unit dependent on the execution restrictions; andthe control transfer processing unit, configured to enforce the control transfer restrictions based on a validity of instructions comprising a control flow instruction defining at least an entry point of each control transfer, selectively dependent on a respective accompanying instruction tags for the respective instruction from the cache line, and interacting with the logic execution unit dependent on the control transfer restrictions.
  • 2. The secure microprocessor according to claim 1, wherein each of the tag processing unit, the cache, the logic execution unit, and the control transfer processing unit comprises a distinct dedicated hardware component.
  • 3. The secure microprocessor according to claim 1, wherein the tag processing unit is further configured to ensure compliance with at least one rule, selected from the group consisting of data type rules, memory access rules, context-specific data usage rules, source-dependent data usage rules, data modification rules, source-dependent instruction execution rules, context-dependent instruction execution rules, instruction sequence modification rules, and control transfer instruction rules.
  • 4. The secure microprocessor according to claim 1, wherein the accompanying instruction tag is used in conjunction with a data tag associated with the data to restrict use of a memory address calculated using the data, by the respective instruction for an operation, selected from the group consisting of a control transfer via indirect jump, a function call, a function return and memory access.
  • 5. The secure microprocessor according to claim 1, wherein the tag processing unit is further configured to enforce a restriction on use of an instruction, selected from the group consisting of use of an instruction to control flow to a legal path, to call a function, to return from a function call, to access a protected domain or module, to perform a legal operation based on the source data type, and to bound access to a fenced memory region.
  • 6. The secure microprocessor according to claim 1, wherein the cache is configured to concurrently store a respective instruction, data associated with the instruction, and a respective accompanying instruction tag for each respective instruction.
  • 7. The secure microprocessor according to claim 1, wherein the tag processing unit is further configured to respond to an accompanying instruction tag having a plurality of privilege levels, to respectively restrict access by the logic execution unit dependent on a respective privilege level corresponding to the accompanying instruction tag.
  • 8. The secure microprocessor according to claim 1, wherein the tag processing unit is further configured to: determine that at least one accompanying instruction tag in conjunction with at least one data tag indicates tainted data, andrestrict use of the tainted data by the logic execution unit.
  • 9. The secure microprocessor according to claim 1, further comprising a cryptographic processing unit, configured to perform cryptographic operations on information communicated through a communication interface unit, wherein the cryptographic unit employs a distinct cryptographic key selectively dependent on at least one of a respective accompanying instruction tag and a respective thread of instruction execution.
  • 10. The secure microprocessor according to claim 1, further comprising an address translation unit configured to map logical memory spaces to physical memory pages of the memory external to the secure microprocessor, and retrieve the physical memory pages for storage in the cache.
  • 11. The secure microprocessor according to claim 10, wherein the address translation unit is further configured to maintain a privilege restriction on memory pages of instructions and tags which restricts reading, writing, and execution, unless accessed by trusted hardware or according to an instruction having an accompanying instruction which indicates sufficient access privileges.
  • 12. The secure microprocessor according to claim 1, wherein each instruction of a set of instructions comprising a code segment is accompanied by an accompanying instruction tag comprising metadata indicating at least one of a security level or a privilege level, wherein the tag processing unit is further configured to compare the security level or the privilege level of the respective instruction with a security level or a privilege level indicated by the respective accompanying instruction tag of a calling instruction of the code segment.
  • 13. The secure microprocessor according to claim 1, wherein the logic execution unit and the tag processing unit are synchronized in processing of the instructions and enforcement of the dependent on the accompanying instruction tags.
  • 14. The secure microprocessor according to claim 1, wherein the logic execution unit further comprises a logic execution pipeline, and the tag processing unit further comprises a tag processing pipeline, the logic execution pipeline and the tag processing pipeline providing coordinated processing of respective instructions and accompanying instruction tags from the cache line, wherein at least one of: the tag processing pipeline has a tag processing stage which relies on information provided by at least one stage of the logic execution pipeline;the logic execution pipeline selectively processes instructions in dependence on signal generated by stages of the tag processing pipeline; andthe tag processing pipeline is dependent on information received from the logic execution pipeline dependent on the instructions, and the logic execution pipeline is dependent on information received from the tag processing pipeline dependent on the accompanying instruction tags.
  • 15. The secure microprocessor according to claim 1, is further configured to receive a respective instruction based on a respective instruction address of the memory external to the secure microprocessor, and to receive the accompanying instruction tag based on the respective instruction address.
  • 16. The secure microprocessor according to claim 1, further comprising a communication interface unit configured to: determine an address of instructions to be retrieved;perform a check to determine whether the address is within a predefined memory region demarcated by a set of guard memory words, the predefined memory region having a starting address of a string of memory locations containing the instructions to be retrieved;retrieve an instruction and the accompanying instruction tag from the memory external to the secure microprocessor according to the address, andstore the retrieved instruction and the accompanying instruction tag in the cache.
  • 17. A secure microprocessor, comprising: a cache comprising a cache line, each cache line comprising memory locations configured to store an instruction, and a memory location for storing a tag accompanying each instruction, wherein the cache line is configured to store a plurality of instructions and a plurality of accompanying tags;a tag processing unit, configured to receive the accompanying tag from the cache line, concurrently enforce a specific restriction with respect to at least execution of the instruction, access to at least one resource, and manipulation of data, selectively dependent on the accompanying tag from the cache line;a control transfer processing unit, configured to validate each instruction comprising a control transfer instruction for control flow execution and entry point, selectively dependent on at least the accompanying tag from the cache line; anda logic execution unit comprising an instruction processing pipeline, configured to receive the instruction from the cache line, decode the instruction, and process the data based on the instruction in the instruction processing pipeline, subject to enforcement of the specific restrictions by the tag processing unit, and validation of the control transfer instruction by the control transfer processing unit.
  • 18. A secure processing method, comprising: transferring a plurality of instructions in conjunction with tags accompanying each respective instructions, from a memory external to a secure microprocessor to a cache comprising a cache line, each cache line comprising first memory locations for storing the plurality of instructions and second memory locations for storing the tags accompanying each respective instruction, wherein the cache line is configured to store a plurality of the instructions and a plurality of the tags;enforcing, by a tag processing unit, specific restrictions with respect to at least concurrent execution of instructions, concurrent access to resources, and concurrent manipulation of data by an instruction execution unit, selectively dependent on the accompanying tags from the second memory locations; andvalidating, by a control transfer processing unit, a control flow instruction execution and an entry point address of each control transfer, selectively dependent on at least the respective accompanying tags from the second memory locations.
  • 19. The secure processing method according to claim 18, wherein the accompanying tags are used in conjunction with data tags associated with the data to restrict use of a memory address calculated using the data, by the respective instruction for an operation selected from the group consisting of selected from the group consisting of a control transfer via indirect jump, a function call, a function return and memory access.
  • 20. The secure microprocessor according to claim 17, wherein the accompanying tag is used in conjunction with a data tag associated with the data to restrict use of a memory address calculated using the data, by the respective instruction for an operation selected from the group consisting of selected from the group consisting of a control transfer via indirect jump, a function call, a function return and memory access.
CROSS REFERENCE TO RELATED APPLICATIONS

The present application is a non-provisional of, and claims benefit of priority under, U.S. Provisional Patent Application No. 62/767,908, filed Nov. 15, 2019, the entirety of which is expressly incorporated herein by reference.

US Referenced Citations (1977)
Number Name Date Kind
3956615 Anderson et al. May 1976 A
4599647 George et al. Jul 1986 A
4872157 Hemmady et al. Oct 1989 A
4872158 Richards Oct 1989 A
4872159 Hemmady et al. Oct 1989 A
4872160 Hemmady et al. Oct 1989 A
4875206 Nichols et al. Oct 1989 A
4893302 Hemmady et al. Jan 1990 A
4894824 Hemmady et al. Jan 1990 A
4896319 Lidinsky et al. Jan 1990 A
4897874 Lidinsky et al. Jan 1990 A
4899333 Roediger Feb 1990 A
4922486 Lidinsky et al. May 1990 A
4942574 Zelle Jul 1990 A
4958341 Hemmady et al. Sep 1990 A
4977582 Nichols et al. Dec 1990 A
5204840 Mazur Apr 1993 A
5603031 White et al. Feb 1997 A
5729710 Magee et al. Mar 1998 A
5742840 Hansen et al. Apr 1998 A
5794060 Hansen et al. Aug 1998 A
5794061 Hansen et al. Aug 1998 A
5809321 Hansen et al. Sep 1998 A
5812639 Bartholomew et al. Sep 1998 A
5822603 Hansen et al. Oct 1998 A
5862325 Reed et al. Jan 1999 A
5864683 Boebert et al. Jan 1999 A
5867494 Krishnaswamy et al. Feb 1999 A
5867495 Elliott et al. Feb 1999 A
5875296 Shi et al. Feb 1999 A
5892900 Ginter et al. Apr 1999 A
5909694 Gregor Jun 1999 A
5910987 Ginter et al. Jun 1999 A
5915019 Ginter et al. Jun 1999 A
5917912 Ginter et al. Jun 1999 A
5918228 Rich et al. Jun 1999 A
5933816 Zeanah et al. Aug 1999 A
5949876 Ginter et al. Sep 1999 A
5974566 Ault et al. Oct 1999 A
5982891 Ginter et al. Nov 1999 A
5987506 Carter et al. Nov 1999 A
5999525 Krishnaswamy et al. Dec 1999 A
6006318 Hansen et al. Dec 1999 A
6016393 White et al. Jan 2000 A
6044205 Reed et al. Mar 2000 A
6088659 Kelley et al. Jul 2000 A
6088717 Reed et al. Jul 2000 A
6199068 Carpenter Mar 2001 B1
6237786 Ginter et al. May 2001 B1
6253193 Ginter et al. Jun 2001 B1
6289382 Bowman-Amuah Sep 2001 B1
6332163 Bowman-Amuah Dec 2001 B1
6335927 Elliott et al. Jan 2002 B1
6339832 Bowman-Amuah Jan 2002 B1
6341352 Child et al. Jan 2002 B1
6345288 Reed et al. Feb 2002 B1
6357010 Viets et al. Mar 2002 B1
6363488 Ginter et al. Mar 2002 B1
6385552 Snyder May 2002 B1
6389402 Ginter et al. May 2002 B1
6411309 Ly Jun 2002 B1
6415246 Snyder Jul 2002 B1
6427063 Cook et al. Jul 2002 B1
6427140 Ginter et al. Jul 2002 B1
6434568 Bowman-Amuah Aug 2002 B1
6434628 Bowman-Amuah Aug 2002 B1
6438594 Bowman-Amuah Aug 2002 B1
6442748 Bowman-Amuah Aug 2002 B1
6477580 Bowman-Amuah Nov 2002 B1
6477665 Bowman-Amuah Nov 2002 B1
6496850 Bowman-Amuah Dec 2002 B1
6501832 Saylor et al. Dec 2002 B1
6502102 Haswell et al. Dec 2002 B1
6502213 Bowman-Amuah Dec 2002 B1
6523027 Underwood Feb 2003 B1
6529909 Bowman-Amuah Mar 2003 B1
6529948 Bowman-Amuah Mar 2003 B1
6539396 Bowman-Amuah Mar 2003 B1
6542841 Snyder Apr 2003 B1
6546546 Van Doorn Apr 2003 B1
6549949 Bowman-Amuah Apr 2003 B1
6550057 Bowman-Amuah Apr 2003 B1
6571282 Bowman-Amuah May 2003 B1
6578068 Bowman-Amuah Jun 2003 B1
6594671 Aman et al. Jul 2003 B1
6601192 Bowman-Amuah Jul 2003 B1
6601233 Underwood Jul 2003 B1
6601234 Bowman-Amuah Jul 2003 B1
6606479 Cook et al. Aug 2003 B2
6606660 Bowman-Amuah Aug 2003 B1
6606744 Mikurak Aug 2003 B1
6609128 Underwood Aug 2003 B1
6615199 Bowman-Amuah Sep 2003 B1
6615253 Bowman-Amuah Sep 2003 B1
6633835 Moran et al. Oct 2003 B1
6633878 Underwood Oct 2003 B1
6636242 Bowman-Amuah Oct 2003 B2
6640238 Bowman-Amuah Oct 2003 B1
6640244 Bowman-Amuah Oct 2003 B1
6640249 Bowman-Amuah Oct 2003 B1
6640304 Ginter et al. Oct 2003 B2
6640307 Viets et al. Oct 2003 B2
6647400 Moran Nov 2003 B1
6662231 Drosset et al. Dec 2003 B1
6671818 Mikurak Dec 2003 B1
6701514 Haswell et al. Mar 2004 B1
6704873 Underwood Mar 2004 B1
6707889 Saylor et al. Mar 2004 B1
6715145 Bowman-Amuah Mar 2004 B1
6718535 Underwood Apr 2004 B1
6731625 Eastep et al. May 2004 B1
6742015 Bowman-Amuah May 2004 B1
6745286 Staub et al. Jun 2004 B2
6754181 Elliott et al. Jun 2004 B1
6754773 Ulrich et al. Jun 2004 B2
6757710 Reed Jun 2004 B2
6772332 Boebert et al. Aug 2004 B1
6775792 Ulrich et al. Aug 2004 B2
6779120 Valente et al. Aug 2004 B1
6792086 Saylor et al. Sep 2004 B1
6801940 Moran et al. Oct 2004 B1
6826697 Moran Nov 2004 B1
6842906 Bowman-Amuah Jan 2005 B1
6857061 Liao Feb 2005 B1
6862692 Ulrich et al. Mar 2005 B2
6871295 Ulrich et al. Mar 2005 B2
6888929 Saylor et al. May 2005 B1
6895084 Saylor et al. May 2005 B1
6907546 Haswell et al. Jun 2005 B1
6909708 Krishnaswamy et al. Jun 2005 B1
6948070 Ginter et al. Sep 2005 B1
6976090 Ben-Shaul et al. Dec 2005 B2
6986052 Mittal Jan 2006 B1
6990547 Ulrich et al. Jan 2006 B2
6990667 Ulrich et al. Jan 2006 B2
6996843 Moran Feb 2006 B1
7020697 Goodman et al. Mar 2006 B1
7024692 Schanze et al. Apr 2006 B1
7032114 Moran Apr 2006 B1
7051212 Ginter et al. May 2006 B2
7054927 Ulrich et al. May 2006 B2
7062567 Benitez et al. Jun 2006 B2
7065579 Traversat et al. Jun 2006 B2
7065657 Moran Jun 2006 B1
7069451 Ginter et al. Jun 2006 B1
7076652 Ginter et al. Jul 2006 B2
7085936 Moran Aug 2006 B1
7095854 Ginter et al. Aug 2006 B1
7100195 Underwood Aug 2006 B1
7100199 Ginter et al. Aug 2006 B2
7114059 Wilkerson Sep 2006 B2
7120771 Dahan et al. Oct 2006 B2
7120800 Ginter et al. Oct 2006 B2
7124101 Mikurak Oct 2006 B1
7124302 Ginter et al. Oct 2006 B2
7124305 Margolus et al. Oct 2006 B2
7130807 Mikurak Oct 2006 B1
7130885 Chandra et al. Oct 2006 B2
7133845 Ginter et al. Nov 2006 B1
7136927 Traversat et al. Nov 2006 B2
7145898 Elliott Dec 2006 B1
7165107 Pouyoul et al. Jan 2007 B2
7167920 Traversat et al. Jan 2007 B2
7171689 Beavers Jan 2007 B2
7181613 Boebert et al. Feb 2007 B2
7188003 Ransom et al. Mar 2007 B2
7194769 Lippmann et al. Mar 2007 B2
7197565 Abdelaziz et al. Mar 2007 B2
7203962 Moran Apr 2007 B1
7206841 Traversat et al. Apr 2007 B2
7206934 Pabla et al. Apr 2007 B2
7213047 Yeager et al. May 2007 B2
7219239 Njemanze et al. May 2007 B1
7237081 Dahan et al. Jun 2007 B2
7237123 LeVine et al. Jun 2007 B2
7246370 Valente et al. Jul 2007 B2
7249344 Zeanah et al. Jul 2007 B1
7254586 Chen et al. Aug 2007 B2
7254608 Yeager et al. Aug 2007 B2
7263560 Abdelaziz et al. Aug 2007 B2
7275102 Yeager et al. Sep 2007 B2
7287030 Margolus et al. Oct 2007 B2
7289964 Bowman-Amuah Oct 2007 B1
7289994 Nixon et al. Oct 2007 B2
7299277 Moran et al. Nov 2007 B1
7305697 Alao et al. Dec 2007 B2
7328243 Yeager et al. Feb 2008 B2
7334123 Gulick et al. Feb 2008 B2
7337441 Felt et al. Feb 2008 B2
7340469 Alghathbar et al. Mar 2008 B1
7340500 Traversat et al. Mar 2008 B2
7346922 Miliefsky Mar 2008 B2
7350085 Johnson et al. Mar 2008 B2
7356701 Margolus et al. Apr 2008 B2
7356730 Ulrich et al. Apr 2008 B2
7376969 Njemanze et al. May 2008 B1
7395536 Verbeke et al. Jul 2008 B2
7398283 Margolus et al. Jul 2008 B2
7401152 Traversat et al. Jul 2008 B2
7401153 Traversat et al. Jul 2008 B2
7412462 Margolus et al. Aug 2008 B2
7430670 Horning et al. Sep 2008 B1
7431650 Kessman et al. Oct 2008 B2
7437614 Haswell et al. Oct 2008 B2
7451488 Cooper et al. Nov 2008 B2
7457397 Saylor et al. Nov 2008 B1
7457959 Margolus et al. Nov 2008 B2
7464407 Nakae et al. Dec 2008 B2
7467198 Goodman et al. Dec 2008 B2
7478422 Valente et al. Jan 2009 B2
7484008 Gelvin et al. Jan 2009 B1
7484225 Hugly et al. Jan 2009 B2
7484236 Alao et al. Jan 2009 B2
7487509 Hugly et al. Feb 2009 B2
7492873 Giroti et al. Feb 2009 B2
7496750 Kumar et al. Feb 2009 B2
7502752 Lemons et al. Mar 2009 B1
7502807 Muthukrishnan et al. Mar 2009 B2
7506173 Margolus et al. Mar 2009 B2
7509431 Singhal et al. Mar 2009 B2
7509639 Worley, Jr. Mar 2009 B2
7523054 Tyson-Quah Apr 2009 B2
7533141 Nadgir et al. May 2009 B2
7533161 Hugly et al. May 2009 B2
7533172 Traversat et al. May 2009 B2
7543329 Viets et al. Jun 2009 B2
7546334 Redlich et al. Jun 2009 B2
7551567 Anthias et al. Jun 2009 B2
7555706 Chapman et al. Jun 2009 B2
7574523 Traversat et al. Aug 2009 B2
7586871 Hamilton et al. Sep 2009 B2
7587617 Margolus et al. Sep 2009 B2
7603550 McGrath et al. Oct 2009 B2
7606267 Ho et al. Oct 2009 B2
7607169 Njemanze et al. Oct 2009 B1
7630986 Herz et al. Dec 2009 B1
7650638 Njemanze et al. Jan 2010 B1
7657597 Arora et al. Feb 2010 B2
7657931 Margolus et al. Feb 2010 B2
7664879 Chan et al. Feb 2010 B2
7669051 Redlich et al. Feb 2010 B2
7669212 Alao et al. Feb 2010 B2
7673345 Cheng et al. Mar 2010 B2
7676539 Jhoney et al. Mar 2010 B2
7683940 Fleming Mar 2010 B2
7685096 Margolus et al. Mar 2010 B2
7693185 Brown et al. Apr 2010 B1
7693814 Margolus et al. Apr 2010 B2
7698416 Potti et al. Apr 2010 B2
7716077 Mikurak May 2010 B1
7725934 Kumar et al. May 2010 B2
7730299 Boebert et al. Jun 2010 B2
7743421 Cosquer et al. Jun 2010 B2
7747523 Cohen Jun 2010 B2
7747797 Abraham et al. Jun 2010 B2
7752255 Cohen et al. Jul 2010 B2
7752459 Cowan et al. Jul 2010 B2
7752466 Ginter et al. Jul 2010 B2
7761910 Ransom et al. Jul 2010 B2
7761917 Kumar Jul 2010 B1
7761918 Gula et al. Jul 2010 B2
7762470 Finn et al. Jul 2010 B2
7774495 Pabla et al. Aug 2010 B2
7779270 Horning et al. Aug 2010 B2
7779394 Homing et al. Aug 2010 B2
7783777 Pabla et al. Aug 2010 B1
7788433 Henry et al. Aug 2010 B2
7788722 Njemanze et al. Aug 2010 B1
7797406 Patel et al. Sep 2010 B2
7814554 Ragner Oct 2010 B1
7822979 Mittal Oct 2010 B2
7823135 Horning et al. Oct 2010 B2
7827256 Phillips et al. Nov 2010 B2
7827606 Rits et al. Nov 2010 B2
7831823 Ginter et al. Nov 2010 B2
7844835 Ginter et al. Nov 2010 B2
7861299 Tidwell et al. Dec 2010 B1
7869425 Elliott et al. Jan 2011 B2
7878909 Kessman et al. Feb 2011 B2
7890753 Dahan et al. Feb 2011 B2
7891004 Gelvin et al. Feb 2011 B1
7904187 Hoffberg et al. Mar 2011 B2
7904569 Gelvin et al. Mar 2011 B1
7917695 Ulrich et al. Mar 2011 B2
7917749 Ginter et al. Mar 2011 B2
7926113 Gula et al. Apr 2011 B1
7933925 Sreedhar Apr 2011 B2
7941396 Power et al. May 2011 B2
7945958 Amarasinghe et al. May 2011 B2
7949728 Rivette et al. May 2011 B2
7957991 Mikurak Jun 2011 B2
7958549 Nakae et al. Jun 2011 B2
7961743 Alao et al. Jun 2011 B2
7962582 Potti et al. Jun 2011 B2
7962961 Griffin et al. Jun 2011 B1
7966078 Hoffberg et al. Jun 2011 B2
7966369 Briere et al. Jun 2011 B1
7971018 Schwemmlein Jun 2011 B2
7975051 Saint Clair et al. Jul 2011 B2
7980948 Rowe et al. Jul 2011 B2
7984509 Ginter et al. Jul 2011 B2
7987003 Hoffberg et al. Jul 2011 B2
7987272 Kumar et al. Jul 2011 B2
7996556 Raghavan et al. Aug 2011 B2
8001546 Felt et al. Aug 2011 B2
8006087 Ginter et al. Aug 2011 B2
8015570 Venkatraman et al. Sep 2011 B2
8028341 Cheng et al. Sep 2011 B2
8032409 Mikurak Oct 2011 B1
8037202 Yeager et al. Oct 2011 B2
8055732 Cohen et al. Nov 2011 B2
8055797 Cohen et al. Nov 2011 B2
8055913 Ginter et al. Nov 2011 B2
8056130 Njemanze et al. Nov 2011 B1
8065725 Zheng et al. Nov 2011 B2
8074256 Valente et al. Dec 2011 B2
8078788 Chang et al. Dec 2011 B2
8079118 Gelvin et al. Dec 2011 B2
8082304 Ho et al. Dec 2011 B2
8086585 Brashers et al. Dec 2011 B1
8086744 Abdullah et al. Dec 2011 B2
8090839 Kumar et al. Jan 2012 B2
8094647 Elliott et al. Jan 2012 B2
8095984 McFarlane et al. Jan 2012 B2
8108455 Yeager et al. Jan 2012 B2
8112330 Grandcolas et al. Feb 2012 B1
8112625 Ginter et al. Feb 2012 B2
8117261 Briere et al. Feb 2012 B2
8127359 Kelekar Feb 2012 B2
8140786 Bunte et al. Mar 2012 B2
8141155 Jeschke et al. Mar 2012 B2
8141165 Ginter et al. Mar 2012 B2
8160077 Traversat et al. Apr 2012 B2
8161540 Mantripragada et al. Apr 2012 B2
8176001 Mantripragada et al. May 2012 B2
8176527 Njemanze et al. May 2012 B1
8176563 Redlich et al. May 2012 B2
8181021 Ginter et al. May 2012 B2
8185651 Moran et al. May 2012 B2
8191157 Ginter et al. May 2012 B2
8191158 Ginter et al. May 2012 B2
8194646 Elliott et al. Jun 2012 B2
8196131 von Behren et al. Jun 2012 B1
8201216 Cha et al. Jun 2012 B2
8201257 Andres et al. Jun 2012 B1
8204992 Arora et al. Jun 2012 B2
8209753 Wen et al. Jun 2012 B2
8209763 Henry et al. Jun 2012 B2
8214590 Ulrich et al. Jul 2012 B2
8224930 Cohen et al. Jul 2012 B2
8230507 Njemanze et al. Jul 2012 B1
8234711 Kang et al. Jul 2012 B2
8250552 Kandasamy et al. Aug 2012 B2
8261359 Levine et al. Sep 2012 B2
8266327 Kumar et al. Sep 2012 B2
8271336 Mikurak Sep 2012 B2
8281036 Cohen et al. Oct 2012 B2
8286255 Grant et al. Oct 2012 B2
8291238 Ginter et al. Oct 2012 B2
8296848 Griffin et al. Oct 2012 B1
8306228 Le Saint et al. Nov 2012 B2
8312148 Anthias et al. Nov 2012 B2
8316091 Hirvela et al. Nov 2012 B2
8316448 Peinado et al. Nov 2012 B2
8316449 Ginter et al. Nov 2012 B2
8327328 Colton et al. Dec 2012 B2
8332367 Bhattacherjee et al. Dec 2012 B2
8346532 Chakra et al. Jan 2013 B2
8347072 Mittal Jan 2013 B2
8359397 Traversat et al. Jan 2013 B2
8365021 Inoue et al. Jan 2013 B2
8365278 Njemanze et al. Jan 2013 B1
8365289 Russ et al. Jan 2013 B2
8370641 Henry et al. Feb 2013 B2
8375082 Mukherjee Feb 2013 B2
8381192 Drewry et al. Feb 2013 B1
8387022 Horning et al. Feb 2013 B2
8392677 Bunte et al. Mar 2013 B2
8392997 Chen et al. Mar 2013 B2
8393969 Kessman et al. Mar 2013 B2
8402557 Ginter et al. Mar 2013 B2
8417866 Chang et al. Apr 2013 B2
8422379 Xu et al. Apr 2013 B2
8423953 Colton et al. Apr 2013 B2
8434128 Kennedy Apr 2013 B2
8438532 Fox et al. May 2013 B2
8438643 Wiemer et al. May 2013 B2
8458798 Williams et al. Jun 2013 B2
8464077 Ginter et al. Jun 2013 B2
8468244 Redlich et al. Jun 2013 B2
8468606 Van De Weyer et al. Jun 2013 B2
8474004 Leone Jun 2013 B2
8484741 Chapman Jul 2013 B1
8516118 Saint Clair et al. Aug 2013 B2
8516594 Bennett et al. Aug 2013 B2
8522348 Chen et al. Aug 2013 B2
8522354 Henry et al. Aug 2013 B2
8527406 Cohen Sep 2013 B2
8527549 Cidon Sep 2013 B2
8533843 Levi Sep 2013 B2
8533851 Ginter et al. Sep 2013 B2
8533854 Ginter et al. Sep 2013 B2
8543506 Grandcolas et al. Sep 2013 B2
8543607 Sreedhar Sep 2013 B2
8543842 Ginter et al. Sep 2013 B2
8543982 Zeanah et al. Sep 2013 B2
8544098 Gustave et al. Sep 2013 B2
8549171 Ramarao et al. Oct 2013 B2
8549275 Mittal Oct 2013 B2
8560366 Mikurak Oct 2013 B2
8566839 Johnson et al. Oct 2013 B2
8566928 Dagon et al. Oct 2013 B2
8572173 Briere et al. Oct 2013 B2
8572411 Ginter et al. Oct 2013 B2
8572550 Fox et al. Oct 2013 B2
8572750 Patel et al. Oct 2013 B2
8578490 Moran Nov 2013 B2
8583263 Hoffberg et al. Nov 2013 B2
8595306 Hirvela et al. Nov 2013 B2
8595845 Basavapatna et al. Nov 2013 B2
8599277 Fleming Dec 2013 B2
8601104 Cohen et al. Dec 2013 B2
8601498 Laurich et al. Dec 2013 B2
8601530 Cohen et al. Dec 2013 B2
8601595 Gelvin et al. Dec 2013 B2
8602089 Singh et al. Dec 2013 B2
8607034 Henry et al. Dec 2013 B2
8607067 Janse van Rensburg et al. Dec 2013 B1
8607325 Kennedy Dec 2013 B2
8607336 Cohen et al. Dec 2013 B2
8611232 Xu et al. Dec 2013 B2
8612936 Fox et al. Dec 2013 B2
8613080 Wysopal et al. Dec 2013 B2
8613083 Njemanze et al. Dec 2013 B1
8615656 Weinstein et al. Dec 2013 B2
8615799 Henry et al. Dec 2013 B2
8627053 Mittal Jan 2014 B2
8627402 Cohen et al. Jan 2014 B2
8631248 Cowan et al. Jan 2014 B2
8631387 Henderson Jan 2014 B2
8631489 Antonakakis et al. Jan 2014 B2
8639625 Ginter et al. Jan 2014 B1
8640194 Inoue et al. Jan 2014 B2
8640240 Sagoo et al. Jan 2014 B2
8644516 Le Saint et al. Feb 2014 B1
8645572 Alao et al. Feb 2014 B2
8646059 von Behren et al. Feb 2014 B1
8650637 Beresnevichiene et al. Feb 2014 B2
8655939 Redlich et al. Feb 2014 B2
8656497 Amarasinghe et al. Feb 2014 B2
8660849 Gruber et al. Feb 2014 B2
8660880 Chehade et al. Feb 2014 B2
8670979 Gruber et al. Mar 2014 B2
8677505 Redlich et al. Mar 2014 B2
8677507 Ginter et al. Mar 2014 B2
8683560 Brooker et al. Mar 2014 B1
8688461 Richards et al. Apr 2014 B1
8700772 Saint Clair Apr 2014 B2
8706503 Cheyer et al. Apr 2014 B2
8706914 Duchesneau Apr 2014 B2
8706915 Duchesneau Apr 2014 B2
8730946 Mantripragada et al. May 2014 B2
8731942 Cheyer et al. May 2014 B2
8732023 Mikurak May 2014 B2
8738860 Griffin et al. May 2014 B1
8738932 Lee et al. May 2014 B2
8750841 Johnson et al. Jun 2014 B2
8755392 Traversat et al. Jun 2014 B2
8762188 Abercrombie et al. Jun 2014 B2
8762687 Henry et al. Jun 2014 B2
8769127 Selimis et al. Jul 2014 B2
8769304 Kirsch Jul 2014 B2
8776180 Kumar et al. Jul 2014 B2
8782661 Ulrich et al. Jul 2014 B2
8789192 LaBumbard Jul 2014 B2
8789193 Kelekar Jul 2014 B2
8793803 Henry et al. Jul 2014 B2
8799000 Guzzoni et al. Aug 2014 B2
8799403 Chan et al. Aug 2014 B2
8807440 von Behren et al. Aug 2014 B1
8813235 Sidagni Aug 2014 B2
8819225 Wang et al. Aug 2014 B2
8819420 McKeeman et al. Aug 2014 B1
8819839 Henry et al. Aug 2014 B2
8825830 Newton et al. Sep 2014 B2
8826438 Perdisci et al. Sep 2014 B2
8838924 Henry et al. Sep 2014 B2
8844043 Williams et al. Sep 2014 B2
8844045 Benefield Sep 2014 B2
8850588 Kumar et al. Sep 2014 B2
8856936 Datta Ray et al. Oct 2014 B2
8868914 Teppler Oct 2014 B2
8869110 Kaksonen Oct 2014 B2
8874685 Hollis et al. Oct 2014 B1
8887177 Johnson et al. Nov 2014 B2
8892446 Cheyer et al. Nov 2014 B2
8893283 Raz et al. Nov 2014 B2
8900054 Patel Dec 2014 B2
8903705 Douceur et al. Dec 2014 B2
8903716 Chen et al. Dec 2014 B2
8909779 Clair et al. Dec 2014 B2
8909881 Bunte et al. Dec 2014 B2
8910276 Henry et al. Dec 2014 B2
8917159 McAllister et al. Dec 2014 B2
8918884 Jajodia et al. Dec 2014 B2
8918887 Taniguchi et al. Dec 2014 B2
8925082 Ashley Dec 2014 B2
8930191 Gruber et al. Jan 2015 B2
8942986 Cheyer et al. Jan 2015 B2
8943313 Glew et al. Jan 2015 B2
8943513 Ulrich et al. Jan 2015 B2
8949169 Shelton et al. Feb 2015 B2
8966619 Ormazabal et al. Feb 2015 B2
8966639 Roytman et al. Feb 2015 B1
8978132 Henry et al. Mar 2015 B2
8984579 Cohen et al. Mar 2015 B2
8984643 Krisher et al. Mar 2015 B1
8990948 Kumar et al. Mar 2015 B2
8996449 Power et al. Mar 2015 B2
9002014 Henry et al. Apr 2015 B2
9003537 Raz et al. Apr 2015 B2
9005031 Kessman et al. Apr 2015 B2
9015301 Redlich et al. Apr 2015 B2
9020885 Beartusk et al. Apr 2015 B2
9027125 Kumar et al. May 2015 B2
9032533 Bennett et al. May 2015 B2
9043753 Fox et al. May 2015 B2
9043919 Wyatt et al. May 2015 B2
9043920 Gula et al. May 2015 B2
9047293 Grafi et al. Jun 2015 B2
9047483 Briere et al. Jun 2015 B2
9047484 Briere et al. Jun 2015 B2
9064099 Horning et al. Jun 2015 B2
9064111 Aciicmez et al. Jun 2015 B2
9069930 Hart Jun 2015 B1
9069967 Wysopal et al. Jun 2015 B2
9072965 Kessman et al. Jul 2015 B2
9092616 Kumar et al. Jul 2015 B2
9094448 Benefield Jul 2015 B2
9111088 Ghai et al. Aug 2015 B2
9113051 Scalisi Aug 2015 B1
9117447 Gruber et al. Aug 2015 B2
9118706 Bianco Aug 2015 B2
9118713 Bisht et al. Aug 2015 B2
9128728 Siman Sep 2015 B2
9128801 Fox et al. Sep 2015 B2
9129279 Zeanah et al. Sep 2015 B1
9135778 Patel Sep 2015 B2
9141378 Fox et al. Sep 2015 B2
9141805 Giakouminakis et al. Sep 2015 B2
9141806 Siman Sep 2015 B2
9143392 Duchesneau Sep 2015 B2
9158871 Neergaard Oct 2015 B2
9158922 Liu Oct 2015 B2
9160761 Lee et al. Oct 2015 B2
9165133 La Fever et al. Oct 2015 B2
9166994 Ward et al. Oct 2015 B2
9177175 Margolus et al. Nov 2015 B2
9178911 Cohen et al. Nov 2015 B2
9185125 Varsanyi et al. Nov 2015 B2
9215236 Kennedy Dec 2015 B2
9224117 Chapman Dec 2015 B2
9237062 Ermis et al. Jan 2016 B2
9240943 Lu et al. Jan 2016 B2
9241044 Shribman et al. Jan 2016 B2
9251265 Briere et al. Feb 2016 B2
9256746 Toback et al. Feb 2016 B2
9268945 Williams et al. Feb 2016 B2
9270695 Roytman et al. Feb 2016 B2
9270697 Ghosh et al. Feb 2016 B2
9276951 Choi et al. Mar 2016 B2
9292695 Bassett Mar 2016 B1
9298923 Salowey et al. Mar 2016 B2
9305165 Snow et al. Apr 2016 B2
9305183 Mittal Apr 2016 B2
9306969 Dagon et al. Apr 2016 B2
9306975 Cohen et al. Apr 2016 B2
9311140 Raghu et al. Apr 2016 B2
9311499 Redlich et al. Apr 2016 B2
9311670 Hoffberg Apr 2016 B2
9317692 Elder et al. Apr 2016 B2
9317708 Lee et al. Apr 2016 B2
9318108 Gruber et al. Apr 2016 B2
9319425 Giokas Apr 2016 B2
9323921 Hunt et al. Apr 2016 B2
9323954 Mittal Apr 2016 B2
9325729 Jajodia et al. Apr 2016 B2
9329894 Raghu May 2016 B2
9348652 Raghu May 2016 B2
9356962 Ilieva et al. May 2016 B2
9369330 Alao et al. Jun 2016 B1
9369482 Borohovski et al. Jun 2016 B2
9372995 Shigemoto et al. Jun 2016 B2
9378044 Gaurav et al. Jun 2016 B1
9380008 Ramarao et al. Jun 2016 B2
9386124 Briere et al. Jul 2016 B2
9389893 Raghu Jul 2016 B2
9389933 Baumann et al. Jul 2016 B2
9390151 Briere et al. Jul 2016 B2
9390590 Kessman et al. Jul 2016 B2
9391801 Raghu Jul 2016 B2
9392007 Giokas Jul 2016 B2
9396479 Briere et al. Jul 2016 B2
9407645 Modi et al. Aug 2016 B2
9411524 O'Hare et al. Aug 2016 B2
9411965 Giakouminakis et al. Aug 2016 B2
9413538 Baumann et al. Aug 2016 B2
9418263 Butler et al. Aug 2016 B2
9425965 Baumann et al. Aug 2016 B2
9430256 Raghu Aug 2016 B2
9443074 Janse Van Rensburg et al. Sep 2016 B1
9449443 Libin et al. Sep 2016 B2
9455975 Brooker et al. Sep 2016 B2
9456004 Agrawal et al. Sep 2016 B2
9467464 Gula et al. Oct 2016 B2
9467465 Hibbert et al. Oct 2016 B2
9473529 Ormazabal et al. Oct 2016 B2
9479535 Cohen et al. Oct 2016 B2
9495183 Bond et al. Nov 2016 B2
9495468 Coyote et al. Nov 2016 B2
9495714 Bush et al. Nov 2016 B2
9503467 Lefebvre et al. Nov 2016 B2
9507962 Mittal Nov 2016 B2
9507963 Mittal Nov 2016 B2
9514305 Acar et al. Dec 2016 B2
9516058 Antonakakis et al. Dec 2016 B2
9519911 Briere et al. Dec 2016 B2
9529514 Saint Clair Dec 2016 B2
9537841 Schutz et al. Jan 2017 B2
9537876 Kelekar Jan 2017 B2
9537884 Raugas et al. Jan 2017 B1
9542577 Butler et al. Jan 2017 B2
9544326 Hershey et al. Jan 2017 B2
9547779 Mittal Jan 2017 B2
9548050 Gruber et al. Jan 2017 B2
9560147 Shaheen et al. Jan 2017 B2
9563749 Wyatt et al. Feb 2017 B2
9569612 Wilkerson et al. Feb 2017 B2
9569729 Oehrle et al. Feb 2017 B1
9575903 Glew et al. Feb 2017 B2
9588803 Howell et al. Mar 2017 B2
9591968 Gross et al. Mar 2017 B2
9602529 Jones et al. Mar 2017 B2
9613117 Meritt et al. Apr 2017 B1
9614864 Nair et al. Apr 2017 B2
9619261 Gaurav et al. Apr 2017 B2
9619270 Ramasubramanian et al. Apr 2017 B2
9619655 Bach et al. Apr 2017 B2
9619672 Mittal Apr 2017 B2
9628342 Newton et al. Apr 2017 B2
9628343 Newton et al. Apr 2017 B2
9628344 Newton et al. Apr 2017 B2
9628345 Newton et al. Apr 2017 B2
9628346 Crowder et al. Apr 2017 B2
9628347 Varney et al. Apr 2017 B2
9628501 Datta Ray et al. Apr 2017 B2
9629545 Gross et al. Apr 2017 B2
9629546 Gross et al. Apr 2017 B2
9629547 Gross et al. Apr 2017 B2
9633213 Swoboda Apr 2017 B2
9634904 Varney et al. Apr 2017 B2
9634905 Newton et al. Apr 2017 B2
9634906 Varney et al. Apr 2017 B2
9634907 Varney et al. Apr 2017 B2
9634918 Lipstone et al. Apr 2017 B2
9635033 Nguyen-Tuong et al. Apr 2017 B2
9636018 Gross et al. May 2017 B2
9639703 Liu May 2017 B2
9641401 Varney et al. May 2017 B2
9641402 Newton et al. May 2017 B2
9642527 Gross et al. May 2017 B2
9642528 Gross et al. May 2017 B2
9647899 Varney et al. May 2017 B2
9647900 Crowder et al. May 2017 B2
9647901 Newton et al. May 2017 B2
9648036 Ver et al. May 2017 B2
9654353 Newton et al. May 2017 B2
9654354 Newton et al. May 2017 B2
9654355 Varney et al. May 2017 B2
9654356 Varney et al. May 2017 B2
9660874 Lipstone et al. May 2017 B2
9660875 Crowder et al. May 2017 B2
9660876 Lipstone et al. May 2017 B2
9661046 Varney et al. May 2017 B2
9665721 Artes et al. May 2017 B2
9667506 Varney et al. May 2017 B2
9672071 Gerganov Jun 2017 B2
9672074 Gaurav et al. Jun 2017 B2
9680699 Cohen et al. Jun 2017 B2
9680861 Ward et al. Jun 2017 B2
9686148 Varney et al. Jun 2017 B2
9686291 Antonakakis et al. Jun 2017 B2
9690583 Gschwind et al. Jun 2017 B2
9692778 Mohanty Jun 2017 B1
9692779 Maeng et al. Jun 2017 B2
9703890 Kakaraddi et al. Jul 2017 B2
9705754 Crowder et al. Jul 2017 B2
9710682 Butler et al. Jul 2017 B2
9713425 Gross et al. Jul 2017 B2
9716721 Hovor et al. Jul 2017 B2
9720403 Power et al. Aug 2017 B2
9722803 Ellingson et al. Aug 2017 B1
9722882 Varney et al. Aug 2017 B2
9722883 Varney et al. Aug 2017 B2
9722884 Newton et al. Aug 2017 B2
9726460 Hershey et al. Aug 2017 B2
9727736 McClintock et al. Aug 2017 B1
9729568 Lefebvre et al. Aug 2017 B2
9734169 Redlich et al. Aug 2017 B2
9742435 Poghosyan et al. Aug 2017 B1
9742866 Shribman et al. Aug 2017 B2
9743834 Gross et al. Aug 2017 B2
9749190 Newton et al. Aug 2017 B2
9749191 Varney et al. Aug 2017 B2
9749192 Varney et al. Aug 2017 B2
9750409 Gross et al. Sep 2017 B2
9750410 Gross et al. Sep 2017 B2
9750411 Gross et al. Sep 2017 B2
9750412 Gross et al. Sep 2017 B2
9754446 Kessman et al. Sep 2017 B2
9755914 Newton et al. Sep 2017 B2
9756118 Taheri et al. Sep 2017 B2
9756549 Perdomo Sep 2017 B2
9757032 Gross et al. Sep 2017 B2
9762617 Modi et al. Sep 2017 B2
9762659 Ska et al. Sep 2017 B2
9772971 Smith Sep 2017 B2
9775517 Gross et al. Oct 2017 B2
9775518 Gross et al. Oct 2017 B2
9779191 Hershey et al. Oct 2017 B1
9779253 Mahaffey et al. Oct 2017 B2
9781148 Mahaffey et al. Oct 2017 B2
9781212 Briere et al. Oct 2017 B2
9782073 Gross et al. Oct 2017 B2
9782074 Gross et al. Oct 2017 B2
9784260 Lee et al. Oct 2017 B2
9785440 DeHon Oct 2017 B2
9785799 Sreedhar Oct 2017 B2
9787551 Newton et al. Oct 2017 B2
9788049 Lockett et al. Oct 2017 B2
9788723 Gross et al. Oct 2017 B2
9792438 Heldt-Sheller et al. Oct 2017 B2
9795297 Gross et al. Oct 2017 B2
9801543 Gross et al. Oct 2017 B2
9817978 Marsh et al. Nov 2017 B2
9819554 Varney et al. Nov 2017 B2
9825981 Roytman et al. Nov 2017 B2
9825982 Htay Nov 2017 B1
9826045 Straub et al. Nov 2017 B2
9836546 Briere et al. Dec 2017 B2
9838479 Briere et al. Dec 2017 B2
9842065 Banginwar et al. Dec 2017 B2
9846780 Tonn et al. Dec 2017 B2
9847917 Varney et al. Dec 2017 B2
9851953 Straub et al. Dec 2017 B2
9851968 Straub Dec 2017 B2
9854973 Crawley et al. Jan 2018 B2
9858174 Straub et al. Jan 2018 B2
9858452 Butler et al. Jan 2018 B2
9860265 Gula et al. Jan 2018 B2
9866426 Shelton et al. Jan 2018 B2
9871815 Ouchn Jan 2018 B2
9872620 Gross et al. Jan 2018 B2
9881271 Chapman Jan 2018 B2
9882798 Padala et al. Jan 2018 B2
9886303 Koller Jemio et al. Feb 2018 B2
9886581 Olson et al. Feb 2018 B2
9886582 Hovor et al. Feb 2018 B2
9887885 Varney et al. Feb 2018 B2
9887886 Rahaman Feb 2018 B2
9888091 Saint Clair Feb 2018 B2
9888849 Gross et al. Feb 2018 B2
9888850 Gross et al. Feb 2018 B2
9888851 Gross et al. Feb 2018 B2
9888852 Gross et al. Feb 2018 B2
9894088 Ward et al. Feb 2018 B2
9895061 Gross et al. Feb 2018 B2
9895062 Gross et al. Feb 2018 B2
9898739 Monastyrsky et al. Feb 2018 B2
9900339 Bach et al. Feb 2018 B2
9912683 Cam Mar 2018 B2
9916092 Saha et al. Mar 2018 B2
9916601 Mahadevan et al. Mar 2018 B2
9922345 Mikurak Mar 2018 B2
9923916 McClintock et al. Mar 2018 B1
9923917 Fausto et al. Mar 2018 B2
9928369 Grieco et al. Mar 2018 B2
9928379 Hoffer Mar 2018 B1
9930065 Nelms et al. Mar 2018 B2
9931035 Gross et al. Apr 2018 B2
9934380 Dalcher et al. Apr 2018 B2
9935975 Wilkerson et al. Apr 2018 B2
9946565 Strandzhev et al. Apr 2018 B2
9953193 Butler et al. Apr 2018 B2
9959100 Straub May 2018 B2
9965619 Brandt et al. May 2018 B2
9965627 Ray et al. May 2018 B2
9967264 Harris et al. May 2018 B2
9967282 Thomas et al. May 2018 B2
9967283 Ray et al. May 2018 B2
9971574 Mathew et al. May 2018 B2
9971909 Mittal May 2018 B2
9974438 Gross et al. May 2018 B2
9984248 Ray et al. May 2018 B2
9989043 Lee et al. Jun 2018 B2
9992228 Ray et al. Jun 2018 B2
9996697 Mahaffey et al. Jun 2018 B2
9997036 Scalisi Jun 2018 B2
10013668 Straub Jul 2018 B2
10013705 Mikurak Jul 2018 B2
10015169 Kennedy Jul 2018 B2
10015720 Perdomo Jul 2018 B2
10021446 Barton et al. Jul 2018 B2
10025638 Raghu Jul 2018 B2
10031505 Martindale et al. Jul 2018 B2
10031768 Strandzhev et al. Jul 2018 B2
10042628 OlmstedThompson Aug 2018 B2
10044747 Liu Aug 2018 B2
10050868 Porras et al. Aug 2018 B2
10061566 Brown et al. Aug 2018 B2
10063373 Schutz et al. Aug 2018 B2
RE47053 Drosset et al. Sep 2018 E
10073679 Straub et al. Sep 2018 B2
10079878 Ulrich et al. Sep 2018 B2
10089651 Mahadevan et al. Oct 2018 B2
10095543 Griffin et al. Oct 2018 B1
10097531 Brooker et al. Oct 2018 B2
10114950 Nalluri et al. Oct 2018 B2
10120668 Palavalli et al. Nov 2018 B2
10120928 Kushmerick et al. Nov 2018 B2
10122687 Thomas et al. Nov 2018 B2
10135697 Varney et al. Nov 2018 B2
10142191 Varney et al. Nov 2018 B2
10142353 Yadav et al. Nov 2018 B2
10147110 Shapsa et al. Dec 2018 B2
10154021 Lerner Dec 2018 B1
10157044 Khazanchi et al. Dec 2018 B2
10182073 Redlich et al. Jan 2019 B2
10185584 Lee et al. Jan 2019 B2
10185670 Litichever et al. Jan 2019 B2
10204244 Butler et al. Feb 2019 B2
10205627 Kushmerick et al. Feb 2019 B2
10205637 Porras et al. Feb 2019 B2
10212023 Brown Feb 2019 B2
10212045 Strandzhev et al. Feb 2019 B2
10216615 Klemenz Feb 2019 B2
10216921 Janse Van Rensburg et al. Feb 2019 B1
10225142 Strandzhev et al. Mar 2019 B2
10225286 Ray et al. Mar 2019 B2
10230532 Chan et al. Mar 2019 B2
10235176 DeHon et al. Mar 2019 B2
10235439 Sullivan et al. Mar 2019 B2
10235810 Morrison Mar 2019 B2
10237059 Sethumadhavan et al. Mar 2019 B2
10243815 Shapsa et al. Mar 2019 B2
10243990 Chen et al. Mar 2019 B1
10248119 Kentley-Klay et al. Apr 2019 B2
10250639 Redlich et al. Apr 2019 B2
10250640 Redlich et al. Apr 2019 B2
10250641 Porras et al. Apr 2019 B2
10255292 Hinterbichler et al. Apr 2019 B2
10255414 Horning et al. Apr 2019 B2
10257261 Raghu Apr 2019 B2
10261794 DeHon Apr 2019 B2
10261809 Meritt et al. Apr 2019 B1
10261815 Gaurav et al. Apr 2019 B2
10263966 Humphries et al. Apr 2019 B2
10268534 Brown et al. Apr 2019 B2
10275600 Wysopal et al. Apr 2019 B2
10276170 Gruber et al. Apr 2019 B2
10277477 Nortman Apr 2019 B2
10277711 Shribman et al. Apr 2019 B2
10282223 Uliel et al. May 2019 B2
10284598 Stutz May 2019 B2
10290133 Straub May 2019 B2
10296327 Govindaraju et al. May 2019 B2
10296338 Boswell et al. May 2019 B2
10303899 Durham et al. May 2019 B2
10305758 Bhide et al. May 2019 B1
10320891 Agarwal et al. Jun 2019 B2
10326769 Ilieva et al. Jun 2019 B2
10332132 Briere et al. Jun 2019 B2
10334050 Kentley-Klay et al. Jun 2019 B2
10338913 Franchitti Jul 2019 B2
10360168 Griffin et al. Jul 2019 B1
10367912 Saint Clair Jul 2019 B2
10372945 Costa Aug 2019 B2
10382459 Harris et al. Aug 2019 B2
10387332 Metcalf et al. Aug 2019 B1
10402253 Harutyunyan et al. Sep 2019 B2
10417108 Tankersley et al. Sep 2019 B2
10417432 Mahaffey et al. Sep 2019 B2
10417626 Locke et al. Sep 2019 B1
10419514 Straub et al. Sep 2019 B2
10430263 Polar Seminario Oct 2019 B2
10440146 Shribman et al. Oct 2019 B2
10445536 Butler et al. Oct 2019 B2
10445668 Oehrle et al. Oct 2019 B2
10446037 Kentley-Klay et al. Oct 2019 B2
10447809 Shribman et al. Oct 2019 B2
10452426 Nandagopal et al. Oct 2019 B2
10452497 Straub et al. Oct 2019 B2
10452665 Poghosyan et al. Oct 2019 B2
10454801 Lui Oct 2019 B2
10454903 Neal Oct 2019 B2
10469614 Shribman et al. Nov 2019 B2
10469615 Shribman et al. Nov 2019 B2
10485431 Khachaturian et al. Nov 2019 B1
10492684 Khachaturian et al. Dec 2019 B2
10498707 Kurian Dec 2019 B2
10503630 Kasi et al. Dec 2019 B2
10503822 Spencer et al. Dec 2019 B1
10503933 Auh Dec 2019 B2
10505825 Bettaiah et al. Dec 2019 B1
10506926 Khachaturian et al. Dec 2019 B2
10509910 Mahaffey et al. Dec 2019 B2
10509911 Mahaffey et al. Dec 2019 B2
10513531 Toutov et al. Dec 2019 B2
10515096 Choudhary et al. Dec 2019 B1
10516533 Mannan et al. Dec 2019 B2
20020010798 Ben-Shaul et al. Jan 2002 A1
20020038296 Margolus et al. Mar 2002 A1
20020048369 Ginter et al. Apr 2002 A1
20020064149 Elliott et al. May 2002 A1
20020095454 Reed et al. Jul 2002 A1
20020108121 Alao et al. Aug 2002 A1
20020111948 Nixon et al. Aug 2002 A1
20020112171 Ginter et al. Aug 2002 A1
20020138582 Chandra et al. Sep 2002 A1
20020138848 Alao et al. Sep 2002 A1
20020143855 Traversat et al. Oct 2002 A1
20020143944 Traversat et al. Oct 2002 A1
20020144153 LeVine et al. Oct 2002 A1
20020147645 Alao et al. Oct 2002 A1
20020147771 Traversat et al. Oct 2002 A1
20020147810 Traversat et al. Oct 2002 A1
20020152156 Tyson-Quah Oct 2002 A1
20020152299 Traversat et al. Oct 2002 A1
20020156893 Pouyoul et al. Oct 2002 A1
20020161908 Benitez et al. Oct 2002 A1
20020168621 Cook et al. Nov 2002 A1
20020184310 Traversat et al. Dec 2002 A1
20020184357 Traversat et al. Dec 2002 A1
20020184358 Traversat et al. Dec 2002 A1
20020188657 Traversat et al. Dec 2002 A1
20020194389 Worley, Jr. Dec 2002 A1
20030002521 Traversal et al. Jan 2003 A1
20030041141 Abdelaziz et al. Feb 2003 A1
20030051026 Carter et al. Mar 2003 A1
20030058277 Bowman-Amuah Mar 2003 A1
20030088784 Ginter et al. May 2003 A1
20030097331 Cohen May 2003 A1
20030105721 Ginter et al. Jun 2003 A1
20030140205 Dahan et al. Jul 2003 A1
20030140244 Dahan et al. Jul 2003 A1
20030140245 Dahan et al. Jul 2003 A1
20030163431 Ginter et al. Aug 2003 A1
20030163718 Johnson et al. Aug 2003 A1
20030167406 Beavers Sep 2003 A1
20030177187 Levine et al. Sep 2003 A1
20030182572 Cowan et al. Sep 2003 A1
20030191719 Ginter et al. Oct 2003 A1
20040003278 Chen et al. Jan 2004 A1
20040021679 Chapman et al. Feb 2004 A1
20040030743 Hugly et al. Feb 2004 A1
20040030794 Hugly et al. Feb 2004 A1
20040031038 Hugly et al. Feb 2004 A1
20040044727 Abdelaziz et al. Mar 2004 A1
20040054630 Ginter et al. Mar 2004 A1
20040064351 Mikurak Apr 2004 A1
20040064512 Arora et al. Apr 2004 A1
20040064568 Arora et al. Apr 2004 A1
20040064693 Pabla et al. Apr 2004 A1
20040088347 Yeager et al. May 2004 A1
20040088348 Yeager et al. May 2004 A1
20040088369 Yeager et al. May 2004 A1
20040088646 Yeager et al. May 2004 A1
20040098306 Fitzpatrick et al. May 2004 A1
20040098447 Verbeke et al. May 2004 A1
20040103305 Ginter et al. May 2004 A1
20040133640 Yeager et al. Jul 2004 A1
20040133793 Ginter et al. Jul 2004 A1
20040139098 Margolus et al. Jul 2004 A1
20040139303 Margolus et al. Jul 2004 A1
20040143578 Margolus et al. Jul 2004 A1
20040143730 Wen et al. Jul 2004 A1
20040143743 Margolus et al. Jul 2004 A1
20040143744 Margolus et al. Jul 2004 A1
20040143745 Margolus et al. Jul 2004 A1
20040148326 Nadgir et al. Jul 2004 A1
20040162808 Margolus et al. Aug 2004 A1
20040162871 Pabla et al. Aug 2004 A1
20040172557 Nakae et al. Sep 2004 A1
20040177243 Worley Sep 2004 A1
20040193329 Ransom et al. Sep 2004 A1
20040218762 Le Saint et al. Nov 2004 A1
20040230791 Boebert et al. Nov 2004 A1
20040236660 Thomas et al. Nov 2004 A1
20040250112 Valente et al. Dec 2004 A1
20040255140 Margolus et al. Dec 2004 A1
20050004978 Reed et al. Jan 2005 A1
20050005169 Kelekar Jan 2005 A1
20050010821 Cooper et al. Jan 2005 A1
20050038565 Power et al. Feb 2005 A1
20050086300 Yeager et al. Apr 2005 A1
20050108057 Cohen et al. May 2005 A1
20050108091 Sotak et al. May 2005 A1
20050108153 Thomas et al. May 2005 A1
20050131903 Margolus et al. Jun 2005 A1
20050131904 Margolus et al. Jun 2005 A1
20050131905 Margolus et al. Jun 2005 A1
20050131961 Margolus et al. Jun 2005 A1
20050132070 Redlich et al. Jun 2005 A1
20050138109 Redlich et al. Jun 2005 A1
20050138110 Redlich et al. Jun 2005 A1
20050138413 Lippmann et al. Jun 2005 A1
20050144437 Ransom et al. Jun 2005 A1
20050177716 Ginter et al. Aug 2005 A1
20050183072 Horning et al. Aug 2005 A1
20050187963 Markin Aug 2005 A1
20050193269 Haswell et al. Sep 2005 A1
20050204348 Horning et al. Sep 2005 A1
20050210275 Homing et al. Sep 2005 A1
20050229255 Gula et al. Oct 2005 A1
20050262006 Beartusk et al. Nov 2005 A1
20050262007 Beartusk et al. Nov 2005 A1
20050262075 Beartusk et al. Nov 2005 A1
20050262092 Beartusk et al. Nov 2005 A1
20050262093 Beartusk et al. Nov 2005 A1
20050262094 Beartusk et al. Nov 2005 A1
20050262095 Beartusk et al. Nov 2005 A1
20050262185 Beartusk et al. Nov 2005 A1
20050273382 Beartusk et al. Dec 2005 A1
20050273714 Beartusk et al. Dec 2005 A1
20050278294 Beartusk et al. Dec 2005 A1
20060004690 Beartusk et al. Jan 2006 A1
20060010125 Beartusk et al. Jan 2006 A1
20060010205 Beartusk et al. Jan 2006 A1
20060015749 Mittal Jan 2006 A1
20060031234 Beartusk et al. Feb 2006 A1
20060031497 Beartusk et al. Feb 2006 A1
20060036755 Abdullah et al. Feb 2006 A1
20060059253 Goodman et al. Mar 2006 A1
20060069912 Zheng et al. Mar 2006 A1
20060069926 Ginter et al. Mar 2006 A1
20060106941 Singhal et al. May 2006 A1
20060114832 Hamilton et al. Jun 2006 A1
20060123010 Landry et al. Jun 2006 A1
20060123226 Kumar et al. Jun 2006 A1
20060123425 Ramarao et al. Jun 2006 A1
20060123467 Kumar et al. Jun 2006 A1
20060123477 Raghavan et al. Jun 2006 A1
20060123479 Kumar et al. Jun 2006 A1
20060129650 Ho et al. Jun 2006 A1
20060129689 Ho et al. Jun 2006 A1
20060146879 Anthias et al. Jul 2006 A1
20060155398 Hoffberg et al. Jul 2006 A1
20060155862 Kathi et al. Jul 2006 A1
20060167975 Chan et al. Jul 2006 A1
20060168334 Potti et al. Jul 2006 A1
20060174326 Ginter et al. Aug 2006 A1
20060178918 Mikurak Aug 2006 A1
20060200253 Hoffberg et al. Sep 2006 A1
20060200259 Hoffberg et al. Sep 2006 A1
20060208066 Finn et al. Sep 2006 A1
20060212722 Ginter et al. Sep 2006 A1
20060224903 Ginter et al. Oct 2006 A1
20060225135 Cheng et al. Oct 2006 A1
20060259726 Nardini et al. Nov 2006 A1
20060259828 Swoboda Nov 2006 A1
20060265324 Leclerc et al. Nov 2006 A1
20060265751 Cosquer et al. Nov 2006 A1
20070005786 Kumar et al. Jan 2007 A1
20070005801 Kumar et al. Jan 2007 A1
20070006294 Hunter Jan 2007 A1
20070011281 Jhoney et al. Jan 2007 A1
20070028001 Phillips et al. Feb 2007 A1
20070061594 Ginter et al. Mar 2007 A1
20070061874 Coppola et al. Mar 2007 A1
20070061885 Hammes et al. Mar 2007 A1
20070064943 Ginter et al. Mar 2007 A1
20070067846 McFarlane et al. Mar 2007 A1
20070067847 Wiemer et al. Mar 2007 A1
20070067848 Gustave et al. Mar 2007 A1
20070097885 Traversat et al. May 2007 A1
20070100834 Landry et al. May 2007 A1
20070132733 Ram Jun 2007 A1
20070156919 Potti et al. Jul 2007 A1
20070162890 Meier et al. Jul 2007 A1
20070169199 Quinnell et al. Jul 2007 A1
20070177615 Miliefsky Aug 2007 A1
20070192866 Sagoo et al. Aug 2007 A1
20070192867 Miliefsky Aug 2007 A1
20070199074 LeVine et al. Aug 2007 A1
20070226789 Boebert et al. Sep 2007 A1
20070226807 Ginter et al. Sep 2007 A1
20070234069 Ginter et al. Oct 2007 A1
20070234070 Horning et al. Oct 2007 A1
20070245403 Ginter et al. Oct 2007 A1
20070250808 Zeanah et al. Oct 2007 A1
20070250937 Ginter et al. Oct 2007 A1
20070260838 Schwemmlein Nov 2007 A1
20070261125 Ginter et al. Nov 2007 A1
20070265064 Kessman et al. Nov 2007 A1
20070266429 Ginter et al. Nov 2007 A1
20070277031 Ginter et al. Nov 2007 A1
20070282951 Selimis et al. Dec 2007 A1
20070288610 Saint Clair et al. Dec 2007 A1
20080005062 Gupta et al. Jan 2008 A1
20080005135 Muthukrishnan et al. Jan 2008 A1
20080005784 Miliefsky Jan 2008 A1
20080005794 Inoue et al. Jan 2008 A1
20080022137 Ginter et al. Jan 2008 A1
20080025230 Patel et al. Jan 2008 A1
20080034227 Ginter et al. Feb 2008 A1
20080034230 Ginter et al. Feb 2008 A1
20080034231 Ginter et al. Feb 2008 A1
20080034406 Ginter et al. Feb 2008 A1
20080052541 Ginter et al. Feb 2008 A1
20080060077 Cowan et al. Mar 2008 A1
20080064501 Patel Mar 2008 A1
20080068381 Cohen et al. Mar 2008 A1
20080071793 Cohen et al. Mar 2008 A1
20080071826 Cohen et al. Mar 2008 A1
20080071871 Cohen et al. Mar 2008 A1
20080071888 Cohen et al. Mar 2008 A1
20080071889 Cohen et al. Mar 2008 A1
20080071891 Cohen et al. Mar 2008 A1
20080071896 Cohen et al. Mar 2008 A1
20080071898 Cohen et al. Mar 2008 A1
20080072032 Cohen et al. Mar 2008 A1
20080072241 Cohen et al. Mar 2008 A1
20080072277 Cohen et al. Mar 2008 A1
20080072278 Cohen et al. Mar 2008 A1
20080075099 Alao et al. Mar 2008 A1
20080082568 Miller et al. Apr 2008 A1
20080089521 Le Saint et al. Apr 2008 A1
20080092237 Yoon et al. Apr 2008 A1
20080095339 Elliott et al. Apr 2008 A1
20080109289 Vivadelli et al. May 2008 A1
20080126349 Venkatraman et al. May 2008 A1
20080126798 Ginter et al. May 2008 A1
20080126803 Ginter et al. May 2008 A1
20080127293 Cohen et al. May 2008 A1
20080127304 Ginter et al. May 2008 A1
20080127349 Ormazabal et al. May 2008 A1
20080146344 Rowe et al. Jun 2008 A1
20080148056 Ginter et al. Jun 2008 A1
20080168135 Redlich et al. Jul 2008 A1
20080172739 Nakae et al. Jul 2008 A1
20080189250 Cha et al. Aug 2008 A1
20080209505 Ghai et al. Aug 2008 A1
20080222724 Ormazabal et al. Sep 2008 A1
20080222734 Redlich et al. Sep 2008 A1
20080229037 Bunte et al. Sep 2008 A1
20080256638 Russ et al. Oct 2008 A1
20080270104 Stratton et al. Oct 2008 A1
20080271018 Gross et al. Oct 2008 A1
20080271019 Stratton et al. Oct 2008 A1
20080271025 Gross et al. Oct 2008 A1
20080281666 Kessman et al. Nov 2008 A1
20080282339 Nakae et al. Nov 2008 A1
20080313739 Martin Dec 2008 A1
20080314570 Singh et al. Dec 2008 A1
20090007269 Bianco Jan 2009 A1
20090028135 Mantripragada et al. Jan 2009 A1
20090043652 Ginter et al. Feb 2009 A1
20090048978 Ginter et al. Feb 2009 A1
20090077666 Chen et al. Mar 2009 A1
20090083372 Teppler Mar 2009 A1
20090083374 Saint Clair Mar 2009 A1
20090099885 Sung et al. Apr 2009 A1
20090100077 Jung et al. Apr 2009 A1
20090103524 Mantripragada et al. Apr 2009 A1
20090106318 Mantripragada et al. Apr 2009 A1
20090109959 Elliott et al. Apr 2009 A1
20090113550 Costa et al. Apr 2009 A1
20090119541 Inoue et al. May 2009 A1
20090124374 Patel May 2009 A1
20090124375 Patel May 2009 A1
20090125387 Mak et al. May 2009 A1
20090132805 Ginter et al. May 2009 A1
20090132815 Ginter et al. May 2009 A1
20090138393 Lemons et al. May 2009 A1
20090178102 Alghathbar et al. Jul 2009 A1
20090178144 Redlich et al. Jul 2009 A1
20090182919 Chang et al. Jul 2009 A1
20090199259 Alao et al. Aug 2009 A1
20090204591 Kaksonen Aug 2009 A1
20090216910 Duchesneau Aug 2009 A1
20090254572 Redlich et al. Oct 2009 A1
20090254971 Herz et al. Oct 2009 A1
20090254993 Leone Oct 2009 A1
20090280906 Larsen et al. Nov 2009 A1
20090280907 Larsen et al. Nov 2009 A1
20090281864 Abercrombie et al. Nov 2009 A1
20090290712 Henry et al. Nov 2009 A1
20090292847 Henry et al. Nov 2009 A1
20090292853 Henry et al. Nov 2009 A1
20090292893 Henry et al. Nov 2009 A1
20090292894 Henry et al. Nov 2009 A1
20090292901 Henry et al. Nov 2009 A1
20090292902 Henry et al. Nov 2009 A1
20090292903 Henry et al. Nov 2009 A1
20090292904 Henry et al. Nov 2009 A1
20090292929 Henry et al. Nov 2009 A1
20090292931 Henry et al. Nov 2009 A1
20090293100 Kang et al. Nov 2009 A1
20090293129 Henry et al. Nov 2009 A1
20090293130 Henry et al. Nov 2009 A1
20090293132 Henry et al. Nov 2009 A1
20100010968 Redlich et al. Jan 2010 A1
20100011000 Chakra et al. Jan 2010 A1
20100037324 Grant et al. Feb 2010 A1
20100042824 Lee et al. Feb 2010 A1
20100050266 Cheng et al. Feb 2010 A1
20100063892 Keronen et al. Mar 2010 A1
20100091676 Moran et al. Apr 2010 A1
20100094945 Chan et al. Apr 2010 A1
20100095235 Bennett et al. Apr 2010 A1
20100095381 Levi Apr 2010 A1
20100131357 Steelberg et al. May 2010 A1
20100136943 Hirvela et al. Jun 2010 A1
20100154066 Hammes et al. Jun 2010 A1
20100185855 Margolus et al. Jul 2010 A1
20100192228 Levi Jul 2010 A1
20100228996 Ginter et al. Sep 2010 A1
20100235285 Hoffberg Sep 2010 A1
20100250497 Redlich et al. Sep 2010 A1
20100250935 Ginter et al. Sep 2010 A1
20100257614 Ginter et al. Oct 2010 A1
20100262952 Colton et al. Oct 2010 A1
20100265179 Ram Oct 2010 A1
20100275040 Ginter et al. Oct 2010 A1
20100275263 Bennett et al. Oct 2010 A1
20100280948 Cohen Nov 2010 A1
20100281273 Lee et al. Nov 2010 A1
20100289627 McAllister et al. Nov 2010 A1
20100306552 LeVine et al. Dec 2010 A1
20100306851 Zhou Dec 2010 A1
20100313013 Ginter et al. Dec 2010 A1
20100332672 Abdullah et al. Dec 2010 A1
20110022520 Ginter et al. Jan 2011 A1
20110022846 Ginter et al. Jan 2011 A1
20110029644 Gelvin et al. Feb 2011 A1
20110030057 Chen et al. Feb 2011 A1
20110035733 Horning et al. Feb 2011 A1
20110047369 Cohen et al. Feb 2011 A1
20110047376 Mittal Feb 2011 A1
20110060809 Cohen et al. Mar 2011 A1
20110093700 Mittal Apr 2011 A1
20110093954 Lee et al. Apr 2011 A1
20110105223 Kessman et al. May 2011 A1
20110125548 Aharon et al. May 2011 A1
20110131402 Mittal Jun 2011 A1
20110131548 Colton et al. Jun 2011 A1
20110138469 Ye et al. Jun 2011 A1
20110138471 Van De Weyer et al. Jun 2011 A1
20110141877 Xu et al. Jun 2011 A1
20110145602 Ginter et al. Jun 2011 A1
20110167110 Hoffberg et al. Jul 2011 A1
20110173693 Wysopal et al. Jul 2011 A1
20110173695 Ginter et al. Jul 2011 A1
20110191854 Giakouminakis et al. Aug 2011 A1
20110197285 Ginter et al. Aug 2011 A1
20110208867 Anthias et al. Aug 2011 A1
20110209193 Kennedy Aug 2011 A1
20110209194 Kennedy Aug 2011 A1
20110209195 Kennedy Aug 2011 A1
20110209196 Kennedy Aug 2011 A1
20110213485 Power et al. Sep 2011 A1
20110216701 Patel et al. Sep 2011 A1
20110219066 Saint Clair et al. Sep 2011 A1
20110231936 Williams et al. Sep 2011 A1
20110251868 Mikurak Oct 2011 A1
20110258258 Briere et al. Oct 2011 A1
20110296164 Boebert et al. Dec 2011 A1
20110296440 Laurich et al. Dec 2011 A1
20120066412 Chang et al. Mar 2012 A1
20120072968 Wysopal et al. Mar 2012 A1
20120078794 Grandcolas et al. Mar 2012 A1
20120079149 Gelvin et al. Mar 2012 A1
20120089410 Mikurak Apr 2012 A1
20120166642 Saint Clair et al. Jun 2012 A1
20120173628 Briere et al. Jul 2012 A1
20120179656 Bunte et al. Jul 2012 A1
20120185945 Andres et al. Jul 2012 A1
20120191860 Traversat et al. Jul 2012 A1
20120203590 Deb et al. Aug 2012 A1
20120204261 Mantripragada et al. Aug 2012 A1
20120222123 Williams et al. Aug 2012 A1
20120232679 Abercrombie et al. Sep 2012 A1
20120233237 Roa et al. Sep 2012 A1
20120239753 Beartusk et al. Sep 2012 A1
20120240236 Wyatt et al. Sep 2012 A1
20120246103 Mantripragada et al. Sep 2012 A1
20120254842 Henderson Oct 2012 A1
20120259722 Mikurak Oct 2012 A1
20120260306 Njemanze et al. Oct 2012 A1
20120272205 Fox et al. Oct 2012 A1
20120284221 Shelton et al. Nov 2012 A1
20120304299 Kelekar Nov 2012 A1
20120304300 LaBumbard Nov 2012 A1
20120311534 Fox et al. Dec 2012 A1
20120311715 Tal et al. Dec 2012 A1
20120323717 Kirsch Dec 2012 A1
20120323786 Kirsch Dec 2012 A1
20120324242 Kirsch Dec 2012 A1
20130031364 Glew et al. Jan 2013 A1
20130035058 Hirvela et al. Feb 2013 A1
20130036314 Glew et al. Feb 2013 A1
20130036448 Aciicmez et al. Feb 2013 A1
20130055394 Beresnevichiene et al. Feb 2013 A1
20130074038 Fox et al. Mar 2013 A1
20130074188 Giakouminakis et al. Mar 2013 A1
20130086688 Patel et al. Apr 2013 A1
20130091578 Bisht et al. Apr 2013 A1
20130097664 Herz et al. Apr 2013 A1
20130125204 La Fever et al. May 2013 A1
20130167240 Kelekar Jun 2013 A1
20130179405 Bunte et al. Jul 2013 A1
20130179685 Weinstein et al. Jul 2013 A1
20130182561 Xu et al. Jul 2013 A1
20130188646 Lu et al. Jul 2013 A1
20130191808 Fox et al. Jul 2013 A1
20130191919 Basavapatna et al. Jul 2013 A1
20130198846 Chapman Aug 2013 A1
20130212118 King et al. Aug 2013 A1
20130215116 Siddique et al. Aug 2013 A1
20130227698 Taniguchi et al. Aug 2013 A1
20130232343 Horning et al. Sep 2013 A1
20130247206 Hugard et al. Sep 2013 A1
20130268253 Neergaard Oct 2013 A1
20130297375 Chapman Nov 2013 A1
20130298192 Kumar et al. Nov 2013 A1
20130298230 Kumar et al. Nov 2013 A1
20130298242 Kumar et al. Nov 2013 A1
20130298243 Kumar et al. Nov 2013 A1
20130298244 Kumar et al. Nov 2013 A1
20130298251 Mittal Nov 2013 A1
20130304742 Roman et al. Nov 2013 A1
20130304761 Redlich et al. Nov 2013 A1
20130304820 Vasquez et al. Nov 2013 A1
20130305158 Vasquez et al. Nov 2013 A1
20130306276 Duchesneau Nov 2013 A1
20130326469 Fox et al. Dec 2013 A1
20140006482 Raghu et al. Jan 2014 A1
20140006580 Raghu Jan 2014 A1
20140006581 Raghu Jan 2014 A1
20140007241 Gula et al. Jan 2014 A1
20140019204 Briere et al. Jan 2014 A1
20140025573 Keronen et al. Jan 2014 A1
20140032505 Grafi et al. Jan 2014 A1
20140032690 Ramarao et al. Jan 2014 A1
20140047545 Sidagni Feb 2014 A1
20140059683 Ashley Feb 2014 A1
20140068267 Le Saint et al. Mar 2014 A1
20140075414 Fox et al. Mar 2014 A1
20140082733 Benefield Mar 2014 A1
20140108726 Laurich et al. Apr 2014 A1
20140109167 Alao et al. Apr 2014 A1
20140129457 Peeler May 2014 A1
20140137257 Martinez et al. May 2014 A1
20140143754 Henderson May 2014 A1
20140143889 Ginter et al. May 2014 A1
20140157145 Bush et al. Jun 2014 A1
20140165204 Williams et al. Jun 2014 A1
20140172495 Schneck et al. Jun 2014 A1
20140172944 Newton et al. Jun 2014 A1
20140172951 Varney et al. Jun 2014 A1
20140172952 Varney et al. Jun 2014 A1
20140172956 Varney et al. Jun 2014 A1
20140172970 Newton et al. Jun 2014 A1
20140173023 Varney et al. Jun 2014 A1
20140173029 Varney et al. Jun 2014 A1
20140173030 Varney et al. Jun 2014 A1
20140173038 Newton et al. Jun 2014 A1
20140173039 Newton et al. Jun 2014 A1
20140173040 Newton et al. Jun 2014 A1
20140173041 Newton et al. Jun 2014 A1
20140173042 Newton et al. Jun 2014 A1
20140173043 Varney et al. Jun 2014 A1
20140173044 Varney et al. Jun 2014 A1
20140173045 Crowder et al. Jun 2014 A1
20140173046 Crowder et al. Jun 2014 A1
20140173047 Crowder et al. Jun 2014 A1
20140173048 Crowder et al. Jun 2014 A1
20140173052 Newton et al. Jun 2014 A1
20140173053 Varney et al. Jun 2014 A1
20140173054 Varney et al. Jun 2014 A1
20140173061 Lipstone et al. Jun 2014 A1
20140173062 Lipstone et al. Jun 2014 A1
20140173064 Newton et al. Jun 2014 A1
20140173066 Newton et al. Jun 2014 A1
20140173067 Newton et al. Jun 2014 A1
20140173077 Newton et al. Jun 2014 A1
20140173079 Newton et al. Jun 2014 A1
20140173087 Varney et al. Jun 2014 A1
20140173088 Varney et al. Jun 2014 A1
20140173091 Lipstone et al. Jun 2014 A1
20140173097 Newton et al. Jun 2014 A1
20140173115 Varney et al. Jun 2014 A1
20140173131 Newton et al. Jun 2014 A1
20140173132 Varney et al. Jun 2014 A1
20140173135 Varney et al. Jun 2014 A1
20140173731 Mantripragada et al. Jun 2014 A1
20140173737 Toback et al. Jun 2014 A1
20140181975 Spernow et al. Jun 2014 A1
20140181976 Snow et al. Jun 2014 A1
20140189787 Cohen et al. Jul 2014 A1
20140189873 Elder et al. Jul 2014 A1
20140196130 Brooker et al. Jul 2014 A1
20140196154 Swoboda Jul 2014 A1
20140201838 Varsanyi et al. Jul 2014 A1
20140201843 Hibbert et al. Jul 2014 A1
20140215614 Beskrovny et al. Jul 2014 A1
20140215629 Raz et al. Jul 2014 A1
20140218389 Bennett et al. Aug 2014 A1
20140221069 Kessman et al. Aug 2014 A1
20140222610 Mikurak Aug 2014 A1
20140222946 Lipstone et al. Aug 2014 A1
20140222977 Varney et al. Aug 2014 A1
20140222984 Varney et al. Aug 2014 A1
20140223002 Varney et al. Aug 2014 A1
20140223003 Varney et al. Aug 2014 A1
20140223015 Varney et al. Aug 2014 A1
20140223016 Varney et al. Aug 2014 A1
20140223017 Lipstone et al. Aug 2014 A1
20140223018 Varney et al. Aug 2014 A1
20140237545 Mylavarapu et al. Aug 2014 A1
20140245376 Hibbert et al. Aug 2014 A1
20140278594 Vivadelli et al. Sep 2014 A1
20140283083 Gula et al. Sep 2014 A1
20140317315 Duchesneau Oct 2014 A1
20140317507 Saint Clair Oct 2014 A1
20140317677 Vaidya et al. Oct 2014 A1
20140337321 Coyote et al. Nov 2014 A1
20140337461 Lipstone et al. Nov 2014 A1
20140337472 Newton et al. Nov 2014 A1
20140337971 Casassa Mont et al. Nov 2014 A1
20140337974 Joshi et al. Nov 2014 A1
20140344391 Varney et al. Nov 2014 A1
20140344399 Lipstone et al. Nov 2014 A1
20140344400 Varney et al. Nov 2014 A1
20140344401 Varney et al. Nov 2014 A1
20140344413 Lipstone et al. Nov 2014 A1
20140344425 Varney et al. Nov 2014 A1
20140344452 Lipstone et al. Nov 2014 A1
20140344453 Varney et al. Nov 2014 A1
20140359776 Liu Dec 2014 A1
20140366145 Benefield Dec 2014 A1
20140373160 Shigemoto et al. Dec 2014 A1
20150006408 Mak et al. Jan 2015 A1
20150006582 Briere et al. Jan 2015 A1
20150033340 Giokas Jan 2015 A1
20150040220 Mantripragada et al. Feb 2015 A1
20150040228 Lee et al. Feb 2015 A1
20150052517 Raghu et al. Feb 2015 A1
20150052521 Raghu Feb 2015 A1
20150052523 Raghu Feb 2015 A1
20150052524 Raghu Feb 2015 A1
20150052525 Raghu Feb 2015 A1
20150058214 Cohen Feb 2015 A1
20150058993 Choi et al. Feb 2015 A1
20150058997 Lee et al. Feb 2015 A1
20150067323 Salowey et al. Mar 2015 A1
20150067762 Belenky et al. Mar 2015 A1
20150067819 Shribman et al. Mar 2015 A1
20150074670 Gerganov Mar 2015 A1
20150074743 Ilieva et al. Mar 2015 A1
20150080081 Kessman et al. Mar 2015 A1
20150088733 Monastyrsky et al. Mar 2015 A1
20150088754 Kirsch Mar 2015 A1
20150106873 Marsh et al. Apr 2015 A1
20150113288 Mittal Apr 2015 A1
20150113289 Mittal Apr 2015 A1
20150121087 Mittal Apr 2015 A1
20150121090 Mittal Apr 2015 A1
20150128274 Giokas May 2015 A1
20150149491 Redlich et al. May 2015 A1
20150154423 Mittal Jun 2015 A1
20150154424 Mittal Jun 2015 A1
20150156206 Redlich et al. Jun 2015 A1
20150163097 Lipstone et al. Jun 2015 A1
20150172307 Borohovski et al. Jun 2015 A1
20150180724 Varney et al. Jun 2015 A1
20150180725 Varney et al. Jun 2015 A1
20150180971 Varney et al. Jun 2015 A1
20150199405 Redlich et al. Jul 2015 A1
20150199410 Redlich et al. Jul 2015 A1
20150200967 Redlich et al. Jul 2015 A1
20150207695 Varney et al. Jul 2015 A1
20150213358 Shelton et al. Jul 2015 A1
20150220734 Nalluri et al. Aug 2015 A1
20150222655 Gula et al. Aug 2015 A1
20150235164 Key Aug 2015 A1
20150237062 Roytman et al. Aug 2015 A1
20150237065 Roytman et al. Aug 2015 A1
20150241139 Mcginnis Aug 2015 A1
20150242637 Tonn et al. Aug 2015 A1
20150244734 Olson et al. Aug 2015 A1
20150244735 Kumar et al. Aug 2015 A1
20150256629 Shaheen et al. Sep 2015 A1
20150264626 Perdomo Sep 2015 A1
20150264627 Perdomo Sep 2015 A1
20150269617 Mikurak Sep 2015 A1
20150278363 Briere et al. Oct 2015 A1
20150278491 Horning et al. Oct 2015 A1
20150287284 Kessman et al. Oct 2015 A1
20150288712 Jones et al. Oct 2015 A1
20150295948 Hassell et al. Oct 2015 A1
20150301515 Houmb Oct 2015 A1
20150302182 Wyatt et al. Oct 2015 A1
20150304337 Nguyen-Tuong et al. Oct 2015 A1
20150310217 Artes et al. Oct 2015 A1
20150312116 Taheri et al. Oct 2015 A1
20150347542 Sullivan et al. Dec 2015 A1
20150358359 Ghai et al. Dec 2015 A1
20150370799 Kushmerick et al. Dec 2015 A1
20150370885 Kushmerick et al. Dec 2015 A1
20150372855 Kushmerick et al. Dec 2015 A1
20150378354 Power et al. Dec 2015 A1
20150378762 Saladi et al. Dec 2015 A1
20150379272 Liu Dec 2015 A1
20150381402 Alao et al. Dec 2015 A1
20160006735 La Fever et al. Jan 2016 A1
20160012236 Giakouminakis et al. Jan 2016 A1
20160020959 Rahaman Jan 2016 A1
20160034682 Fiske Feb 2016 A1
20160048709 Butler et al. Feb 2016 A1
20160048712 Butler et al. Feb 2016 A1
20160057164 Maeng et al. Feb 2016 A1
20160063248 Spernow et al. Mar 2016 A1
20160063249 Spernow et al. Mar 2016 A1
20160063250 Spernow et al. Mar 2016 A1
20160063251 Spernow et al. Mar 2016 A1
20160063252 Spernow et al. Mar 2016 A1
20160065598 Modi et al. Mar 2016 A1
20160072835 Roytman et al. Mar 2016 A1
20160078225 Ray et al. Mar 2016 A1
20160078377 Chapman Mar 2016 A1
20160080399 Harris et al. Mar 2016 A1
20160080417 Thomas et al. Mar 2016 A1
20160080418 Ray et al. Mar 2016 A1
20160080419 Schiappa et al. Mar 2016 A1
20160080420 Ray et al. Mar 2016 A1
20160092176 Straub et al. Mar 2016 A1
20160092179 Straub Mar 2016 A1
20160092180 Straub Mar 2016 A1
20160092339 Straub et al. Mar 2016 A1
20160092348 Straub et al. Mar 2016 A1
20160098564 Wysopal et al. Apr 2016 A1
20160099963 Mahaffey et al. Apr 2016 A1
20160103896 Briere et al. Apr 2016 A1
20160105455 Nair et al. Apr 2016 A1
20160105530 Shribman et al. Apr 2016 A1
20160105533 Briere et al. Apr 2016 A1
20160110434 Kakaraddi et al. Apr 2016 A1
20160110467 Hern Apr 2016 A1
20160110545 Acar et al. Apr 2016 A1
20160113490 Gross et al. Apr 2016 A1
20160113491 Gross et al. Apr 2016 A1
20160113492 Gross et al. Apr 2016 A1
20160113493 Gross et al. Apr 2016 A1
20160113494 Gross et al. Apr 2016 A1
20160113496 Gross et al. Apr 2016 A1
20160113497 Gross et al. Apr 2016 A1
20160113498 Gross et al. Apr 2016 A1
20160113499 Gross et al. Apr 2016 A1
20160113500 Gross et al. Apr 2016 A1
20160113508 Gross et al. Apr 2016 A1
20160113509 Gross et al. Apr 2016 A1
20160113510 Gross et al. Apr 2016 A1
20160113511 Gross et al. Apr 2016 A1
20160113512 Gross et al. Apr 2016 A1
20160113513 Gross et al. Apr 2016 A1
20160113514 Gross et al. Apr 2016 A1
20160113515 Gross et al. Apr 2016 A1
20160113521 Gross et al. Apr 2016 A1
20160113522 Gross et al. Apr 2016 A1
20160113523 Gross et al. Apr 2016 A1
20160113524 Gross et al. Apr 2016 A1
20160113525 Gross et al. Apr 2016 A1
20160113590 Gross et al. Apr 2016 A1
20160116339 Crawley et al. Apr 2016 A1
20160116340 Gross et al. Apr 2016 A1
20160116341 Gross et al. Apr 2016 A1
20160116342 Gross et al. Apr 2016 A1
20160116349 Gross et al. Apr 2016 A1
20160116350 Gross et al. Apr 2016 A1
20160116351 Gross et al. Apr 2016 A1
20160117462 Gross et al. Apr 2016 A1
20160117697 Briere et al. Apr 2016 A1
20160117813 Gross et al. Apr 2016 A1
20160119373 Fausto et al. Apr 2016 A1
20160124722 Mathew et al. May 2016 A1
20160125488 Saha et al. May 2016 A1
20160156941 Alao et al. Jun 2016 A9
20160180080 Heldt-Sheller et al. Jun 2016 A1
20160180090 Dalcher et al. Jun 2016 A1
20160188882 Mahrous et al. Jun 2016 A1
20160189118 Cohen Jun 2016 A2
20160191465 Thomas et al. Jun 2016 A1
20160191476 Schutz et al. Jun 2016 A1
20160205122 Bassett Jul 2016 A1
20160210427 Mynhier et al. Jul 2016 A1
20160210602 Siddique et al. Jul 2016 A1
20160212153 Livshits et al. Jul 2016 A1
20160218933 Porras et al. Jul 2016 A1
20160219048 Porras et al. Jul 2016 A1
20160219078 Porras et al. Jul 2016 A1
20160224367 Raghu et al. Aug 2016 A1
20160224951 Hoffberg Aug 2016 A1
20160232358 Grieco et al. Aug 2016 A1
20160234065 Cohen et al. Aug 2016 A1
20160246736 Lee et al. Aug 2016 A1
20160248631 Duchesneau Aug 2016 A1
20160248794 Cam Aug 2016 A1
20160248796 Choi et al. Aug 2016 A1
20160253590 Hershey et al. Sep 2016 A1
20160259944 Okihara Sep 2016 A1
20160261640 Modi et al. Sep 2016 A1
20160266897 Henderson Sep 2016 A1
20160269435 Hershey et al. Sep 2016 A1
20160269475 Raghu Sep 2016 A1
20160275101 Hinterbichler et al. Sep 2016 A1
20160277268 Brown et al. Sep 2016 A1
20160307217 Briere et al. Oct 2016 A1
20160314327 Butler et al. Oct 2016 A1
20160314651 Kessman et al. Oct 2016 A1
20160315779 Chan et al. Oct 2016 A1
20160321480 Hamlin et al. Nov 2016 A1
20160337226 Padala et al. Nov 2016 A1
20160337426 Shribman et al. Nov 2016 A1
20160337484 Tola Nov 2016 A1
20160350143 Uliel et al. Dec 2016 A1
20160352745 Ilieva et al. Dec 2016 A1
20160359872 Yadav et al. Dec 2016 A1
20160363921 Martindale et al. Dec 2016 A1
20160364341 Banginwar et al. Dec 2016 A1
20160366174 Chernin et al. Dec 2016 A1
20160371109 Palavalli et al. Dec 2016 A1
20160373293 Kushmerick et al. Dec 2016 A1
20160378439 Straub et al. Dec 2016 A1
20160378519 Gaurav et al. Dec 2016 A1
20160378530 Ramasubramanian et al. Dec 2016 A1
20160378994 Hibbert et al. Dec 2016 A1
20160379237 Shapsa et al. Dec 2016 A1
20160380862 Shapsa et al. Dec 2016 A1
20170003991 Strandzhev et al. Jan 2017 A1
20170005861 Strandzhev et al. Jan 2017 A1
20170005873 Strandzhev et al. Jan 2017 A1
20170005878 Strandzhev et al. Jan 2017 A1
20170012958 Brooker et al. Jan 2017 A1
20170019402 Kulkarni Jan 2017 A1
20170026401 Polyakov Jan 2017 A1
20170034023 Nickolov et al. Feb 2017 A1
20170034089 Ludwig et al. Feb 2017 A1
20170034200 Costin et al. Feb 2017 A1
20170039372 Koval et al. Feb 2017 A1
20170046134 Straub Feb 2017 A1
20170046235 Straub et al. Feb 2017 A1
20170046519 Cam Feb 2017 A1
20170048215 Straub Feb 2017 A1
20170048252 Straub et al. Feb 2017 A1
20170048319 Straub Feb 2017 A1
20170048339 Straub Feb 2017 A1
20170048495 Scalisi Feb 2017 A1
20170053115 Healy et al. Feb 2017 A1
20170061133 Trabelsi Mar 2017 A1
20170061174 Butler et al. Mar 2017 A1
20170078093 Schutz et al. Mar 2017 A1
20170078322 Seiver et al. Mar 2017 A1
20170078393 Briere et al. Mar 2017 A1
20170091465 Swoboda Mar 2017 A9
20170093669 Nortman Mar 2017 A1
20170093910 Gukal et al. Mar 2017 A1
20170103215 Mahaffey et al. Apr 2017 A1
20170109212 Gaurav et al. Apr 2017 A1
20170126838 Saint Clair May 2017 A1
20170142138 Williams et al. May 2017 A1
20170147681 Tankersley et al. May 2017 A1
20170149786 Alon et al. May 2017 A1
20170149816 Kelekar May 2017 A1
20170161023 Khazanchi et al. Jun 2017 A1
20170161043 Khazanchi et al. Jun 2017 A1
20170161044 Singh et al. Jun 2017 A1
20170161057 Khazanchi et al. Jun 2017 A1
20170161101 Khazanchi et al. Jun 2017 A1
20170163492 Khazanchi et al. Jun 2017 A1
20170163518 Dube et al. Jun 2017 A1
20170163732 Saraf et al. Jun 2017 A1
20170168714 Saha et al. Jun 2017 A1
20170169217 Rahaman et al. Jun 2017 A1
20170171236 Ouchn Jun 2017 A1
20170177367 DeHon Jun 2017 A1
20170177368 DeHon Jun 2017 A1
20170178193 Jagannath et al. Jun 2017 A1
20170180411 Nair et al. Jun 2017 A1
20170193239 Chari et al. Jul 2017 A1
20170195361 Liu Jul 2017 A1
20170206381 Swoboda Jul 2017 A1
20170208084 Steelman et al. Jul 2017 A1
20170208085 Steelman et al. Jul 2017 A1
20170208093 Williams et al. Jul 2017 A1
20170213002 Jha et al. Jul 2017 A1
20170214708 Gukal et al. Jul 2017 A1
20170214710 Seiver et al. Jul 2017 A1
20170214737 Agarwal et al. Jul 2017 A1
20170214738 Agarwal et al. Jul 2017 A1
20170220404 Polar Seminario Aug 2017 A1
20170223052 Stutz Aug 2017 A1
20170228466 Briere et al. Aug 2017 A1
20170230179 Mannan et al. Aug 2017 A1
20170230460 Briere et al. Aug 2017 A1
20170235966 Ray et al. Aug 2017 A1
20170235967 Ray et al. Aug 2017 A1
20170242717 Gaurav et al. Aug 2017 A1
20170243009 Sejpal et al. Aug 2017 A1
20170250998 Miliefsky et al. Aug 2017 A1
20170255890 Palavalli et al. Sep 2017 A1
20170262655 Runkis et al. Sep 2017 A1
20170270323 Butler et al. Sep 2017 A1
20170280109 Scalisi Sep 2017 A1
20170286690 Chari et al. Oct 2017 A1
20170289187 Noel et al. Oct 2017 A1
20170293501 Barapatre et al. Oct 2017 A1
20170293563 DeHon et al. Oct 2017 A1
20170295181 Parimi et al. Oct 2017 A1
20170295197 Parimi et al. Oct 2017 A1
20170300911 Alnajem Oct 2017 A1
20170302458 Berger et al. Oct 2017 A1
20170302635 Humphries et al. Oct 2017 A1
20170302653 Ortner et al. Oct 2017 A1
20170302696 Schutz et al. Oct 2017 A1
20170310556 Knowles et al. Oct 2017 A1
20170310686 Ray et al. Oct 2017 A1
20170310692 Ackerman et al. Oct 2017 A1
20170310693 Howard et al. Oct 2017 A1
20170310703 Ackerman et al. Oct 2017 A1
20170310708 Schiappa et al. Oct 2017 A1
20170316213 Mcclintock et al. Nov 2017 A1
20170318048 Htay Nov 2017 A1
20170324763 Vasudevan et al. Nov 2017 A1
20170324766 Gonzalez Granadillo et al. Nov 2017 A1
20170329975 Artes et al. Nov 2017 A1
20170331682 Cohen et al. Nov 2017 A1
20170346847 Borohovski et al. Nov 2017 A1
20170353313 Goldman Dec 2017 A1
20170353482 Sommer Dec 2017 A1
20170353534 Taheri et al. Dec 2017 A1
20170357814 Mahaffey et al. Dec 2017 A1
20170359306 Thomas et al. Dec 2017 A1
20170359370 Humphries et al. Dec 2017 A1
20170364844 Saraf Dec 2017 A1
20170371636 Palavalli et al. Dec 2017 A1
20170371872 Mcbride Dec 2017 A1
20170372070 Burdett et al. Dec 2017 A1
20170372384 Yaros et al. Dec 2017 A1
20170373937 Hovhannisyan et al. Dec 2017 A1
20180004503 OlmstedThompson Jan 2018 A1
20180004937 Shannon Jan 2018 A1
20180007014 Neal Jan 2018 A1
20180011708 DeHon Jan 2018 A1
20180014241 Perdomo Jan 2018 A1
20180024901 Tankersley et al. Jan 2018 A1
20180032733 Surdu Feb 2018 A1
20180032736 Inagaki et al. Feb 2018 A1
20180034840 Marquardt et al. Feb 2018 A1
20180040074 Raghu et al. Feb 2018 A1
20180041539 Htay Feb 2018 A1
20180041588 Straub et al. Feb 2018 A1
20180045189 Lee et al. Feb 2018 A1
20180046823 Durham et al. Feb 2018 A1
20180048668 Gupta et al. Feb 2018 A1
20180060106 Madtha et al. Mar 2018 A1
20180060216 Kasi et al. Mar 2018 A1
20180060361 Beveridge Mar 2018 A1
20180060867 Hagan et al. Mar 2018 A1
20180060894 Beveridge et al. Mar 2018 A1
20180062928 Beveridge et al. Mar 2018 A1
20180063017 Beveridge Mar 2018 A1
20180063026 Beveridge et al. Mar 2018 A1
20180063171 Yamada et al. Mar 2018 A1
20180063172 Yamada et al. Mar 2018 A1
20180063177 Yamada et al. Mar 2018 A1
20180063235 Beveridge et al. Mar 2018 A1
20180074029 DeVries et al. Mar 2018 A1
20180074030 DeVries et al. Mar 2018 A1
20180075249 Ray et al. Mar 2018 A1
20180075253 Auh Mar 2018 A1
20180075262 Auh Mar 2018 A1
20180077156 Ellingson et al. Mar 2018 A1
20180077188 Mandyam et al. Mar 2018 A1
20180077193 Roytman et al. Mar 2018 A1
20180077195 Gathala et al. Mar 2018 A1
20180089431 Nalluri et al. Mar 2018 A1
20180091539 Marquardt et al. Mar 2018 A1
20180091590 Olteanu et al. Mar 2018 A1
20180095610 Wieder et al. Apr 2018 A1
20180095731 Brown et al. Apr 2018 A1
20180096609 de la Cruz et al. Apr 2018 A1
20180097687 Brown Apr 2018 A1
20180103054 Cran et al. Apr 2018 A1
20180107525 Govindaraju et al. Apr 2018 A1
20180113817 Banginwar et al. Apr 2018 A1
20180121420 Onusko May 2018 A1
20180136951 Palavalli et al. May 2018 A1
20180136970 Nandagopal et al. May 2018 A1
20180145828 Coon et al. May 2018 A1
20180152292 Coon et al. May 2018 A1
20180157544 Brown et al. Jun 2018 A1
20180159953 Saint Clair Jun 2018 A1
20180165142 Harutyunyan et al. Jun 2018 A1
20180165173 Lin et al. Jun 2018 A1
20180165203 Boswell et al. Jun 2018 A1
20180165693 Jain et al. Jun 2018 A1
20180204029 Butler et al. Jul 2018 A1
20180210742 Costa Jul 2018 A1
20180211034 Costa Jul 2018 A1
20180211035 Costa Jul 2018 A1
20180211054 Costa Jul 2018 A1
20180211067 Costa Jul 2018 A1
20180212760 Costa Jul 2018 A1
20180212770 Costa Jul 2018 A1
20180212939 Costa Jul 2018 A1
20180212966 Costa Jul 2018 A1
20180212971 Costa Jul 2018 A1
20180219970 Shribman et al. Aug 2018 A1
20180225230 Litichever et al. Aug 2018 A1
20180235468 Khachaturian et al. Aug 2018 A1
20180235478 Khachaturian et al. Aug 2018 A1
20180247082 Durham et al. Aug 2018 A1
20180260251 Beveridge et al. Sep 2018 A1
20180260564 Porteboeuf Sep 2018 A1
20180262388 Johnson et al. Sep 2018 A1
20180276378 Ray et al. Sep 2018 A1
20180277241 Hamlin et al. Sep 2018 A1
20180278631 Harris et al. Sep 2018 A1
20180278649 Thomas et al. Sep 2018 A1
20180278650 Ray et al. Sep 2018 A1
20180293389 Mahaffey et al. Oct 2018 A1
20180303342 Khachaturian et al. Oct 2018 A1
20180316715 Liu et al. Nov 2018 A1
20180316761 Briere et al. Nov 2018 A1
20180317780 Khachaturian et al. Nov 2018 A1
20180324220 Ray et al. Nov 2018 A1
20180329738 Kasha et al. Nov 2018 A1
20180336031 DeHon et al. Nov 2018 A1
20180336032 DeHon et al. Nov 2018 A1
20180336033 DeHon et al. Nov 2018 A1
20180336286 Shah Nov 2018 A1
20180341490 DeHon et al. Nov 2018 A1
20180349221 Harutyunyan et al. Dec 2018 A1
20180349614 Ionescu et al. Dec 2018 A1
20180351780 Atanasov Dec 2018 A1
20180351781 Movsisyan et al. Dec 2018 A1
20180351838 Lui Dec 2018 A1
20180359250 Lerner Dec 2018 A1
20180365044 Movsisyan et al. Dec 2018 A1
20180365298 Poghosyan et al. Dec 2018 A1
20180365301 Poghosyan et al. Dec 2018 A1
20180367299 Schutz et al. Dec 2018 A1
20180367434 Kushmerick et al. Dec 2018 A1
20180373895 Durham et al. Dec 2018 A9
20190007521 Lipstone et al. Jan 2019 A1
20190012150 Dimitrov et al. Jan 2019 A1
20190012857 Noonan Jan 2019 A1
20190026206 Harutyunyan et al. Jan 2019 A1
20190026236 Barnes Jan 2019 A1
20190026459 Harutyunyan et al. Jan 2019 A1
20190026464 Nalluri et al. Jan 2019 A1
20190028438 Thomas et al. Jan 2019 A1
20190034464 Nozhchev et al. Jan 2019 A1
20190034664 Barnes et al. Jan 2019 A1
20190036766 Popov Jan 2019 A1
20190036901 Brooker et al. Jan 2019 A1
20190037047 Shribman et al. Jan 2019 A1
20190042764 Durham et al. Feb 2019 A1
20190042798 Mittal Feb 2019 A1
20190042799 Durham et al. Feb 2019 A1
20190044823 Soundararajan et al. Feb 2019 A1
20190046056 Khachaturian et al. Feb 2019 A1
20190046121 Khachaturian et al. Feb 2019 A1
20190068750 Shribman et al. Feb 2019 A1
20190072531 DeVries et al. Mar 2019 A1
20190080078 Teal Mar 2019 A1
20190080102 Teal Mar 2019 A1
20190081867 Lipstone et al. Mar 2019 A1
20190081873 Kraft Mar 2019 A1
20190081928 Teal Mar 2019 A1
20190081959 Yadav et al. Mar 2019 A1
20190081962 Teal Mar 2019 A1
20190081976 Kraft Mar 2019 A1
20190081983 Teal Mar 2019 A1
20190087359 Litichever et al. Mar 2019 A1
20190089720 Aditham et al. Mar 2019 A1
20190108342 Conikee et al. Apr 2019 A1
20190109772 Lipstone et al. Apr 2019 A1
20190114450 Butler et al. Apr 2019 A1
20190116242 Shribman et al. Apr 2019 A1
20190116243 Shribman et al. Apr 2019 A1
20190116244 Shribman et al. Apr 2019 A1
20190123904 Ackerman et al. Apr 2019 A1
20190124042 Thomas et al. Apr 2019 A1
20190124047 Thomas et al. Apr 2019 A1
20190124097 Thomas et al. Apr 2019 A1
20190124098 Thomas et al. Apr 2019 A1
20190124112 Thomas et al. Apr 2019 A1
20190132214 Porras et al. May 2019 A1
20190132417 Shribman et al. May 2019 A1
20190138419 Poghosyan et al. May 2019 A1
20190138420 Harutyunyan et al. May 2019 A1
20190149574 Thomas et al. May 2019 A1
20190149580 Ray et al. May 2019 A1
20190154439 Binder May 2019 A1
20190155953 Brown et al. May 2019 A1
20190163355 Govindaraju et al. May 2019 A1
20190163404 Pedersen et al. May 2019 A1
20190163550 Harutyunyan et al. May 2019 A1
20190163616 Govindaraju May 2019 A1
20190166125 Bender et al. May 2019 A1
20190171438 Franchitti Jun 2019 A1
20190171457 DeHon et al. Jun 2019 A1
20190171476 Lee et al. Jun 2019 A1
20190190929 Thomas et al. Jun 2019 A1
20190190936 Thomas et al. Jun 2019 A1
20190199824 Shribman et al. Jun 2019 A1
20190205773 Ackerman et al. Jul 2019 A1
20190208034 Shribman et al. Jul 2019 A1
20190208035 Shribman et al. Jul 2019 A1
20190208036 Shribman et al. Jul 2019 A1
20190213322 Dehon et al. Jul 2019 A1
20190220625 Durham et al. Jul 2019 A1
20190222619 Shribman et al. Jul 2019 A1
20190222673 Shribman et al. Jul 2019 A1
20190222674 Shribman et al. Jul 2019 A1
20190227781 Ramasamy et al. Jul 2019 A1
20190227793 Ramasamy Jul 2019 A1
20190227951 Durham et al. Jul 2019 A1
20190228172 Ray et al. Jul 2019 A1
20190229983 Govindaraju et al. Jul 2019 A1
20190230077 Lerner Jul 2019 A1
20190236825 Straub Aug 2019 A1
20190238589 Stutz Aug 2019 A1
20190245894 Epple et al. Aug 2019 A1
20190251267 Wysopal et al. Aug 2019 A1
20190253399 Humphries et al. Aug 2019 A1
20190260799 Chen et al. Aug 2019 A1
20190268149 Kariv et al. Aug 2019 A1
20190268150 Kariv et al. Aug 2019 A1
20190268302 McDonald Aug 2019 A1
20190268303 Schiappa et al. Aug 2019 A1
20190268316 Kurian Aug 2019 A1
20190294592 Hinterbichler et al. Sep 2019 A1
20190294613 Sullivan et al. Sep 2019 A1
20190294809 Strickland Sep 2019 A1
20190296967 Yang et al. Sep 2019 A1
20190297093 Kurian Sep 2019 A1
20190303586 Mahaffey et al. Oct 2019 A1
20190311134 Mahaffey et al. Oct 2019 A1
20190313907 Khachaturian et al. Oct 2019 A1
20190317816 Chandran et al. Oct 2019 A1
20190317817 Brown et al. Oct 2019 A1
20190317826 Jain et al. Oct 2019 A1
20190317829 Brown et al. Oct 2019 A1
20190340048 Brown Nov 2019 A1
20190340057 Brown et al. Nov 2019 A1
20190340481 Locke et al. Nov 2019 A1
20190349449 Shribman et al. Nov 2019 A1
20190350469 Khachaturian et al. Nov 2019 A1
20190350470 Khachaturian et al. Nov 2019 A1
20190372938 Pasdar Dec 2019 A1
20190373045 Raghu Dec 2019 A1
20190377570 Govindaraju et al. Dec 2019 A1
20190384604 Dehon et al. Dec 2019 A1
20190386957 Leon Dec 2019 A1
Non-Patent Literature Citations (4)
Entry
D. Y. Deng, D. Lo, G. Malysa, S. Schneider and G. E. Suh, “Flexible and Efficient Instruction-Grained Run-Time Monitoring Using On-Chip Reconfigurable Fabric,” 2010 43rd Annual IEEE/ACM International Symposium on Microarchitecture, 2010, pp. 137-148 (IEEE 2010) (Year: 2010).
Jonathan Heiner and Wilmar Sifre, Air Force Research Laboratory Report No. AFRL-RI-RS-TR-2015-210, Security-Tagged Architecture Co-Design (STACD) Final Technical Report (Sep. 2015) (Year: 2015).
H. Kannan, M. Dalton and C. Kozyrakis, “Decoupling Dynamic Information Flow Tracking with a dedicated coprocessor,” 2009 IEEE/IFIP International Conference on Dependable Systems & Networks, 2009, pp. 105-114 (IEEE 2009) (Year: 2009).
P. Akritidis, C. Cadar, C. Raiciu, M. Costa and M. Castro, “Preventing Memory Error Exploits with WIT,” 2008 IEEE Symposium on Security and Privacy, pp. 263-277 (IEEE 2008) (Year: 2008).
Related Publications (1)
Number Date Country
20200159888 A1 May 2020 US
Provisional Applications (1)
Number Date Country
62767908 Nov 2018 US