Patent Grant
9990255
A computing system can include code to perform various startup functions of the computing system. This code can include Basic Input/Output System (BIOS) code or other code.
Some implementations are described with respect to the following figures:
Various types of system data can be stored in a non-volatile memory of a computing system. The system data is accessed during operation of the computing system to ensure correct operation of the computing system. The system data can be stored in various data structures in the non-volatile memory, and can relate to a configuration of at least one component of the computing system. For example, the system data can relate to a configuration of the computing system, or alternatively, the system data can relate to a configuration of an individual component or multiple components of the computing system.
Examples of computing systems include desktop computers, notebook computers, tablet computers, personal digital assistants (PDAs), smartphones, game appliances, server computers, storage nodes, network communication nodes, and so forth.
The system data in the non-volatile memory may be compromised due to unauthorized access and operations in the computing system, such as by malware. Additionally, the system data in the non-volatile memory may be compromised inadvertently. Once system data is compromised, correct operation of the computing system may not be possible.
Although mechanisms are provided to protect system code stored in the non-volatile memory from being compromised, mechanisms may not exist for protecting system data stored in the non-volatile memory. Examples of system code that can be stored in the non-volatile memory include system firmware, which is used to perform startup or resume operations of a computing system. System firmware is in the form of machine-readable instructions executable on a processor (or processors) of the computing system.
System firmware can include Basic Input/Output System (BIOS) code, which can initialize various components of the computing system, and load an operating system (OS) of the computing system. The BIOS code can perform checking of hardware components to ensure that the hardware components are present and functioning properly. This can be part of a power-on self-test (POST) procedure, for example. After the POST procedure, the BIOS code can progress through the remainder of a booting sequence, after which the BIOS code can load and pass control to the OS. BIOS code can include legacy BIOS code or Unified Extensible Firmware Interface (UEFI) code. In some examples, the BIOS code can include a runtime portion that is executed after the OS loads.
Examples of system data that can be stored in the non-volatile memory include at least some of the following. Although reference is made to specific examples of system data, it is noted that techniques or mechanisms according to some implementations can be applied to other types of system data.
The system data can include machine unique data, which can refer to any configuration data or settings that are unique to each particular computing system. Examples of machine unique data can include any or some combination of the following: product name, product model, stock-keeping unit (SKU) number (for identifying the respective computing system for sale), a serial number of the computing system, a system or commodity tracking number (for identifying a system board of the computing system), a system configuration identifier (for identifying a configuration of the computing system), warranty data (for describing a warranty associated with the computing system), a universally unique identifier (UUID), a default setting of BIOS code, a unique cryptographic identifier (e.g. a cryptographic key) for protecting and binding information to the computing system, and so forth. The foregoing is provided as examples of machine unique data; in other examples, other or additional types of machine unique data can be provided. The machine unique data can be stored in corresponding data structure in the non-volatile memory, such as a machine unique data (MUD) region of the non-volatile memory.
The system data can also include configuration data of a network controller of the computing system. The network controller can be used to communicate over a network according to a network protocol, such as an Ethernet protocol (e.g. Gigabit Ethernet protocol or other type of Ethernet protocol), or another type of protocol. In examples where the network protocol supported by the network controller is the Gigabit Ethernet (GbE) protocol, the configuration data of the network controller can include data in a GbE region of the non-volatile memory. The GbE region is a data structure containing configuration data (e.g. programmable settings) for the network controller that can be part of the computing system. The programmable settings are read by the network controller upon deassertion of a bus reset signal on a bus to which the network controller is connected.
In other examples, the system data can include data in a Descriptor region in the non-volatile memory. The Descriptor region is a data structure containing information that describes a layout of the non-volatile memory that stores system firmware, and configuration parameters for an input/output (I/O) controller, such as the Platform Controller Hub (PCH) from Intel Corporation, or another type of I/O controller. The PCH can include various functions, including a display interface to a graphics subsystem, a system bus interface to a system bus to which various I/O devices can be connected, and so forth. The I/O controller can read the data in the Descriptor region upon exit of the I/O controller from reset.
In accordance with some implementations, to perform verification of the integrity of system data in the non-volatile memory, a redundant copy of the system data can be provided. In some implementations, the system data used by the computing system is stored in a primary non-volatile memory. The redundant copy of the system data is stored in a secondary non-volatile memory. The redundant copy of the system data can be identical to the system data in the primary non-volatile memory, or be of a different version (earlier version or later version) of the system data in the primary non-volatile memory.
The process of
The process of
In response to determining that the system data in the primary non-volatile memory is compromised, the embedded controller and/or system firmware can repair (at 106) the compromised system data in the primary non-volatile memory by using the redundant copy of system data in the secondary non-volatile memory.
Although not shown in
The secondary non-volatile memory 216 can be physically separate from the primary non-volatile memory 204 (such as implemented in different physical memory devices). Alternatively, the secondary non-volatile memory 216 and the primary non-volatile memory 204 can physically reside on a common memory device, but the primary non-volatile memory 204 and the secondary non-volatile memory 216 are in different segments of the physical memory device, where the segment of the physical memory device that contains the secondary non-volatile memory 216 is accessible by only the embedded controller 202. In other words, the segment that contains the secondary non-volatile memory 216 is under exclusive control of the embedded controller 202, and this segment is locked from access by the processor 206 or another entity.
The primary non-volatile memory 204 is accessible over a shared bus 220 by the embedded controller 202 or by another entity. Note that the secondary non-volatile memory 216 is electrically isolated from the shared bus 220. In some implementations, just one entity can have access to the shared bus 220 at any given time, such that just one entity can access the primary non-volatile memory 204 at a time. In some examples, the shared bus 220 is a shared Serial Peripheral Interface (SPI) bus. An SPI bus is a synchronous serial data link in which devices on the SPI bus operate in a master-slave mode. In other examples, another type of shared bus 220 can be used. In alternative examples, an arbitration mechanism can be provided to allow for shared access of the bus 220 in various states of the computing system, including a low power state and a normal runtime state.
The primary non-volatile memory 204 can store system firmware 207, which can include BIOS code. The system firmware 207 can include EC firmware 208 that is for execution by the embedded controller 202, and a boot block 210 that is to be executed by the processor 206. Although reference is made to “EC firmware,” it is noted that techniques or mechanisms can be applied to other forms of the controller code that can be executed by the embedded controller 202. The embedded controller code includes machine-readable instructions executable on the embedded controller.
In examples according to
The boot block 210 is a part of the BIOS code, and is first executed when the computing system 200 starts up. The boot block 210 is executed first before the rest of the BIOS code is allowed to execute on the processor 206. The boot block 210 can be used to check the integrity of the BIOS code as well as to perform other initial functions. If the boot block 210 confirms the integrity of the BIOS code, then the boot block 210 can pass control to the main portion of the BIOS code for initiating the remaining operations associated with the BIOS code.
In some implementations, the boot block 210 can include core root of trust for measurement (CRTM) logic, which is logic specified by the Trusted Computing Group (TCG), an industry standard work group. During a power on procedure of the computing system 200, the CRTM logic can perform certain initialization tasks and can make a number of measurements that are stored for later use. The CRTM logic can then check the BIOS code before passing control to the main portion of the BIOS code. Once the BIOS code completes execution and passes control to the OS, the OS can verify the trustworthiness of the computing system 200 based on measurements taken by the CRTM logic.
The embedded controller 202 is physically separate from the processor 206 of the computing system 200. The processor 206 is used for executing the OS, application code, and other code in the system 200. The embedded controller 202, on the other hand, can be used to perform specific predefined tasks, as programmed into the EC firmware 208. Examples of tasks that can be performed by the embedded controller 202 include any one or some combination of the following: power supply control in the computing system 200 (for controlling a power supply that supplies power supply voltages to various components in the computing system 200), charging and control of a battery in the computing system 200, thermal monitoring to monitor a temperature in the computing system 200), fan control (to control a fan in the computing system 200), and interaction with a user input device (such as performing a scan of a keyboard of the computing system 200 or interaction with a pointing device such as a mouse, touchpad, touchscreen, and so forth). The embedded controller 202 can be implemented with a microcontroller, an application-specific integrated circuit (ASIC), a programmable gate array (PGA), or any other type of programmable circuit.
The secondary non-volatile memory 216 stores a redundant copy 214 of system firmware, where the system firmware redundant copy 214 includes a boot block 232 and an EC firmware 230. The system firmware redundant copy 214 in the secondary non-volatile memory 216 can be a duplicate of the system firmware 207 in the primary non-volatile memory 204. Alternatively, the system firmware redundant copy 214 may be a different version (later version or earlier version) than the system firmware 207.
In some implementations, the system firmware redundant copy 214 includes just the boot block 232, but does not include the main portion of the system firmware 207. In other implementations, the system firmware redundant copy 214 can include the entirety of the system firmware 207.
The primary non-volatile memory 204 also stores system data 240, such as the system data discussed further above. The system data 240 is accessible by the computing system 200 during system operation.
The embedded controller 202 can be instructed, such as by the system firmware 207 executing on the processor 206, to copy the system data 240 in the primary non-volatile memory 204 to the secondary non-volatile memory 216. Such copying creates the system data copy 242 in the secondary non-volatile memory 216. The instruction to perform the copying of the system data 240 from the primary non-volatile memory 204 to the secondary non-volatile memory 216 can be performed in a secure environment, such as during the manufacturing process of the computing system at a factory. Alternatively, the copying of the system data 240 from the primary non-volatile memory 204 to the secondary non-volatile memory 216 can be performed in another context, such as at a product service facility that is used to service products.
In some examples, upon saving the system data copy 242 to the secondary non-volatile memory 216, the embedded controller 202 can calculate hash, checksum, or other value (generally referred to as a “check value”) based on the content of the system data. This check value can be saved to the secondary non-volatile memory 216 and associated with the system data copy 242.
Note that a separate check value can be calculated for each type of system data 240 (e.g. machine unique data, GbE region data, Descriptor region data, etc.) copied to the secondary non-volatile memory 216. The check values associated with the various types of system data in the secondary non-volatile memory 216 can be used later to verify the integrity of the content of each respective type of system data in the primary non-volatile memory 204, to ensure that the content has not been compromised due to malware, a code bug, or other cause.
The check value associated with the machine unique data copy stored in the secondary non-volatile memory 216 can be used by the system firmware 207 executing on the processor 206 to verify the integrity of the machine unique data in the primary non-volatile memory 204. The system firmware 207 can calculate the check value based on the machine unique data in the primary non-volatile memory 204, and can compare the calculated check value with the check value stored in the non-volatile memory 216. If the check values match, then the system firmware 207 determines that the machine unique data in the primary non-volatile memory 204 is valid. On the other hand, if the check values do not match, then the system firmware 207 determines that the machine unique data has been compromise.
If the machine unique data in the primary non-volatile memory 204 is determined to be compromised, then the copy of the machine unique data in the secondary non-volatile memory 216 can be used to repair the compromised machine unique data, by replacing the compromised machine unique data with the copy of the machine unique data from the secondary non-volatile memory 216.
The verification of the GbE region data or Descriptor region data in the primary non-volatile memory 204 may be performed by the embedded controller 202, instead of by the system firmware 207. Similar with verifying the integrity of the machine unique data, the embedded controller 202 can compare a calculated check value to a stored check value in the secondary non-volatile memory 216 to determine whether or not the GbE region data or Descriptor region data has been compromised.
In other implementations, instead of using the check values stored in the secondary non-volatile memory 216, each specific piece of the system data 240 in the primary non-volatile memory 204 can be verified by comparing the respective piece of system data copy 242 in the secondary non-volatile memory 216. For example, the machine unique data, GbE region data, or Descriptor region data in the primary non-volatile memory 204 can be compared to the respective copy of the machine unique data, GbE region data, or Descriptor region data, to determine whether the respective piece of data has changed, which indicates that the respective piece of data has been compromised.
In further implementations, the system firmware 207 and/or embedded controller 202 is able to monitor writes to the system data 240 in the primary non-volatile memory 204. The system firmware 207 and/or embedded controller 202 can be notified of any such writes, such that the system firmware 207 and/or embedded controller 202 can perform the verification of the written system data 240 to protect against unauthorized updating of the system data 240.
As noted above, the system data copy 242 can be captured in the secondary non-volatile memory 216 in a secure environment, such as at a factory or repair facility. The system data copy 242 stored in the secondary non-volatile memory 216 can be treated as read-only to protect the system data copy 242 from compromise.
In alternative implementations, signatures can be associated with the system data 240 stored in the primary non-volatile memory 204. Such signatures can include digital signatures produced using asymmetric or symmetric cryptography. Alternatively, the signatures can be hash values computed based on the content of the system data 240. For example, a signature can be associated with each of the machine unique data, GbE region data, and Descriptor region data stored in the primary non-volatile memory 204. A signature can be based on an encryption of a hash, check, or other value computed based on the content of the respective piece of system data 240. The encryption can be performed using an encryption key (e.g. public key or private key). To verify the integrity of the respective piece of system data 240 and its source, the signature can be decrypted using an encryption key (e.g. private key or public key). The decrypted value can then be compared to a hash value to verify the integrity of the piece of the system data 240 and its source.
Associating signatures with each of the different pieces of system data 240 allows for a secure update mechanism outside of a factory or service environment. For example, in the event that an update of the machine unique data, GbE region data, or Descriptor region data in the primary non-volatile memory 204 is to be performed, the respective signature can be used to ensure that the update data is from a trusted source.
Also, the embedded controller 202 can authenticate the machine unique data, GbE region data, or Descriptor region data in the primary non-volatile memory 204, to use for updating the respective piece of the system data copy 242 in the secondary non-volatile memory 216, in the event that the corresponding piece of the system data copy 242 becomes compromised.
By also storing signatures with each piece of the system data copy 242 in the secondary non-volatile memory 216, the system data copy 242 can be protected from tampering, such as by malware or even by a physical attack in which the secondary non-volatile memory 216 is removed and reprogrammed with different content.
In further implementations, as further shown in
Traditionally, the ME region data 302 is not recoverable in the field in the event of a compromise. In accordance with some implementations, the ME 304 can monitor the content of the ME region 302. For example, a hash, check, or other value can be computed based on the content of the ME region 302, and compared to a pre-stored hash, check, or other value.
The secondary non-volatile memory 216 can store ME personality information 308, The ME personality information 308 provides an indication of which feature(s) of the ME 304 has (have) been enabled or disabled. The feature(s) of the ME 304 may have been enabled/disabled at the factory or at another site. The ME personality information 308 is based on the enabling/disabling of the feature(s) of the ME 304 set at the factory or at another site.
The computing system 200 is booted (at 408) with the ME region 302 unlocked. During the boot procedure, the system firmware 207 can repair (at 410) the ME region 302, by copying a recovery image from an external storage device or from the secondary non-volatile memory 216 to the primary non-volatile memory 204.
In addition, the system firmware 207 can request (at 412) that the embedded controller 202 copy ME personality information 308 stored in the secondary non-volatile memory 216 to the ME region 302 of the primary non-volatile memory 204. The ME personality information 308 provides an indication of which feature(s) of the ME 304 has (have) been enabled or disabled. The feature(s) of the ME 304 may have been enabled/disabled at the factory or at another site. Copying the ME personality information 308 to the ME region 302 in the primary non-volatile memory 204 causes the appropriate feature(s) of the ME 304 to be enabled or disabled.
In the foregoing process of
Machine-readable instructions of various modules, described above are loaded for execution on a processing circuit (e.g. embedded controller 102 or processor 106). A processing circuit can include a microprocessor, microcontroller, processor module or subsystem programmable integrated circuit, programmable gate array, or another control or computing device.
Data and instructions are stored in respective storage devices, which are implemented as one or multiple computer-readable or machine-readable storage media. The storage media include different forms of memory including semiconductor memory devices such as dynamic or static random access memories (DRAMs or SRAMs), erasable and programmable read-only memories (EPROMs), electrically erasable and programmable read-only memories (EEPROMs) and flash memories; magnetic disks such as fixed, floppy and removable disks: other magnetic media including tape: optical media such as compact disks (CDs) or digital video disks (DVDs); or other types of storage devices. Note that the instructions discussed above can be provided on one computer-readable or machine-readable storage medium, or alternatively, can be provided on multiple computer-readable or machine-readable storage media distributed in a large system having possibly plural nodes. Such computer-readable or machine-readable storage medium or media is (are) considered to be part of an article (or article of manufacture). An article or article of manufacture can refer to any manufactured single component or multiple components. The storage medium or media can be located either in the machine running the machine-readable instructions, or located at a remote site from which machine-readable instructions can be downloaded over a network for execution.
In the foregoing description, numerous details are set forth to provide an understanding of the subject disclosed herein. However, implementations may be practiced without some or all of these details. Other implementations may include modifications and variations from the details discussed above. It is intended that the appended claims cover such modifications and variations.
| Filing Document | Filing Date | Country | Kind |
|---|---|---|---|
| PCT/US2013/037729 | 4/23/2013 | WO | 00 |
| Publishing Document | Publishing Date | Country | Kind |
|---|---|---|---|
| WO2014/175865 | 10/30/2014 | WO | A |
| Number | Name | Date | Kind |
|---|---|---|---|
| 5269022 | Shinjo | Dec 1993 | A |
| 5327531 | Bealkowski et al. | Jul 1994 | A |
| 5432927 | Grote | Jul 1995 | A |
| 5469573 | McGill, III | Nov 1995 | A |
| 5564054 | Bramnick | Oct 1996 | A |
| 5713024 | Halladay | Jan 1998 | A |
| 5745669 | Hugard | Apr 1998 | A |
| 5822581 | Christeson | Oct 1998 | A |
| 5828888 | Kozaki | Oct 1998 | A |
| 5918047 | Leavitt | Jun 1999 | A |
| 5987605 | Hill | Nov 1999 | A |
| 6205527 | Goshey | Mar 2001 | B1 |
| 6275930 | Bonamico | Aug 2001 | B1 |
| 6539473 | Hubacher | Mar 2003 | B1 |
| 6651188 | Harding | Nov 2003 | B2 |
| 6934881 | Gold | Aug 2005 | B2 |
| 7069445 | Cheston | Jun 2006 | B2 |
| 7100087 | Yang | Aug 2006 | B2 |
| 7136994 | Zimmer | Nov 2006 | B2 |
| 7193895 | Jin et al. | Mar 2007 | B2 |
| 7340595 | Blinick | Mar 2008 | B2 |
| 7383431 | Takamizawa | Jun 2008 | B2 |
| 7409539 | Arnez | Aug 2008 | B2 |
| 7613872 | Dayan | Nov 2009 | B2 |
| 7734945 | Levidow | Jun 2010 | B1 |
| 7818622 | Burks, III | Oct 2010 | B2 |
| 8006125 | Meng | Aug 2011 | B1 |
| 8341386 | Lee | Dec 2012 | B2 |
| 8392762 | Aralakuppe | Mar 2013 | B2 |
| 8429391 | Galbo | Apr 2013 | B2 |
| 8489922 | Matthew | Jul 2013 | B2 |
| 9063836 | Swanson | Jun 2015 | B2 |
| 9411688 | Poolla | Aug 2016 | B1 |
| 9417967 | Huang | Aug 2016 | B2 |
| 9542195 | Astarabadi | Jan 2017 | B1 |
| 9575768 | Kim | Feb 2017 | B1 |
| 9852298 | Jeansonne | Dec 2017 | B2 |
| 20010008011 | Oba | Jul 2001 | A1 |
| 20020002652 | Takahashi | Jan 2002 | A1 |
| 20020078338 | Lay | Jun 2002 | A1 |
| 20030126511 | Yang | Jul 2003 | A1 |
| 20030221114 | Hino | Nov 2003 | A1 |
| 20040025002 | Cepulis | Feb 2004 | A1 |
| 20040030877 | Frid | Feb 2004 | A1 |
| 20040133790 | Hensley | Jul 2004 | A1 |
| 20040193862 | Lin | Sep 2004 | A1 |
| 20040268079 | Riedle et al. | Dec 2004 | A1 |
| 20050081090 | Lin | Apr 2005 | A1 |
| 20050108564 | Freeman | May 2005 | A1 |
| 20050190699 | Smith | Sep 2005 | A1 |
| 20050251673 | Bosley | Nov 2005 | A1 |
| 20050273588 | Ong | Dec 2005 | A1 |
| 20060020844 | Gibbons | Jan 2006 | A1 |
| 20060075395 | Lee | Apr 2006 | A1 |
| 20060143431 | Rothman | Jun 2006 | A1 |
| 20060161784 | Hunter | Jul 2006 | A1 |
| 20060225067 | Yang | Oct 2006 | A1 |
| 20060236198 | Lintz, Jr. | Oct 2006 | A1 |
| 20070260866 | Wang | Nov 2007 | A1 |
| 20080040596 | Mai | Feb 2008 | A1 |
| 20080086631 | Chow | Apr 2008 | A1 |
| 20080098381 | Lin | Apr 2008 | A1 |
| 20080126782 | Dayan | May 2008 | A1 |
| 20080141016 | Chang | Jun 2008 | A1 |
| 20080155331 | Rothman | Jun 2008 | A1 |
| 20080172558 | Stakutis | Jul 2008 | A1 |
| 20080195750 | Sadovsky | Aug 2008 | A1 |
| 20080209553 | Lu | Aug 2008 | A1 |
| 20080289954 | Lev | Oct 2008 | A1 |
| 20090063834 | Huang | Mar 2009 | A1 |
| 20090089570 | Andrianov | Apr 2009 | A1 |
| 20090100287 | Chu | Apr 2009 | A1 |
| 20090158020 | Chen et al. | Jun 2009 | A1 |
| 20090158024 | Hung | Jun 2009 | A1 |
| 20090172639 | Natu | Jul 2009 | A1 |
| 20090249113 | Chou | Oct 2009 | A1 |
| 20090271602 | Burks, III | Oct 2009 | A1 |
| 20090327684 | Zimmer | Dec 2009 | A1 |
| 20100017589 | Reed | Jan 2010 | A1 |
| 20100064127 | Lee | Mar 2010 | A1 |
| 20100082960 | Grobman | Apr 2010 | A1 |
| 20100100720 | Wu | Apr 2010 | A1 |
| 20100235617 | Chen | Sep 2010 | A1 |
| 20110066837 | Lee | Mar 2011 | A1 |
| 20110087872 | Shah | Apr 2011 | A1 |
| 20110093675 | Lu | Apr 2011 | A1 |
| 20110093741 | Liang | Apr 2011 | A1 |
| 20120011393 | Roberts | Jan 2012 | A1 |
| 20120072710 | Gupta | Mar 2012 | A1 |
| 20120072897 | Selvam | Mar 2012 | A1 |
| 20120239920 | Yang | Sep 2012 | A1 |
| 20120303944 | Peng et al. | Nov 2012 | A1 |
| 20120324150 | Moshayedi et al. | Dec 2012 | A1 |
| 20130159690 | Tsukamoto | Jun 2013 | A1 |
| 20130232325 | Jang | Sep 2013 | A1 |
| 20140115314 | Huang | Apr 2014 | A1 |
| 20140237223 | Chudgar | Aug 2014 | A1 |
| 20140281455 | Kochar | Sep 2014 | A1 |
| 20140325203 | Roche | Oct 2014 | A1 |
| 20150095632 | Huang | Apr 2015 | A1 |
| 20150242656 | Dasari | Aug 2015 | A1 |
| 20150301880 | Allu | Oct 2015 | A1 |
| 20150324588 | Locke | Nov 2015 | A1 |
| 20160055113 | Hodge | Feb 2016 | A1 |
| 20160055338 | Jeansonne | Feb 2016 | A1 |
| 20160063255 | Jeansonne | Mar 2016 | A1 |
| 20160364570 | Stern | Dec 2016 | A1 |
| 20170249002 | Costa | Aug 2017 | A1 |
| Number | Date | Country |
|---|---|---|
| 101038567 | Jun 2011 | KR |
| 200842567 | Nov 2008 | TW |
| 201007465 | Feb 2010 | TW |
| Entry |
|---|
| Hodge et al., International Application No. PCT/US13/37725 entitled Redundant System Boot Code in a Secondary Non-Volatile Memory filed Apr. 23, 2013 (25 pages). |
| Jeansonne et al., International Application No. PCT/US13/37724 entitled Recovering From Compromised System Boot Code filed Apr. 23, 2013 (29 pages). |
| Jeansonne et al., International Application No, PCT/US13/37727 entitled Configuring a System filed Apr. 23, 2013 (35 pages). |
| Jeansonne et al., International Appiication No. PCT/US13/37728 entitled Event Data Structure to Store Event Data filed Apr. 23, 2013 (36 pages). |
| Jeansonne et al., International Application No. PCT/US13/37733 entitled Retrieving System Boot Code From a Non-Volatile Memory filed Apr. 23, 2013 (26 pages). |
| Jeansonne el al., International Appiication No. PCT/US13/37735 entitled Verifying Controller Code and System Boot Code filed Apr. 23, 2013 (36 pages). |
| Yin, et al; “Verification-based Multi-backup Firmware Architecture, an Assurance of Trusted Boot Process for the Embedded Systems”, < : http://ieexplore.ieee.org/document/6120953/. |
| European Patent Office, Extended European Search Report for Appl. No. 13883286.0 dated Dec. 16, 2016 (16 pages). |
| U.S. Appl. No, 14/780,892, Non-Final Office Action dated Jun. 16, 2017, pp. 1-23 and attachments. |
| U.S. Appl. No, 14/780,967, Final Rejection dated Jun. 28, 2017, pp. 1-12 and attachments. |
| U.S. Appl. No. 14/780,967, Non-Final Office Action dated Oct. 14, 2017 pp. 1-10 and attachments. |
| U.S. Appl. No. 14/780,989, Non-Final Rejection dated May 10, 2017, pp. 1-8 and attachments. |
| U.S. Appl. No. 14/780,989, Notice of Allowance dated Sep. 13, 2017, pp. 1-3 and attachments. |
| U.S. Appl. No. 14/780,892, Final Rejection dated Dec. 21, 2017, pp. 1-17 and attachments. |
| U.S. Appl, No. 14/780,967, Final Rejection dated Sep. 29, 2017, pp. 1-10 and attachments. |
| U.S. Appl. No. 14/780,967, Notice of Allowance dated Nov. 17, 2017, pp. 1-4 and attachments. |
| Number | Date | Country | |
|---|---|---|---|
| 20160055069 A1 | Feb 2016 | US |
