US20090284279A1 - Integrated Circuit Having Inverse Bit Storage Test - Google Patents

Integrated Circuit Having Inverse Bit Storage Test Download PDF

Info

Publication number
US20090284279A1
US20090284279A1 US12/505,513 US50551309A US2009284279A1 US 20090284279 A1 US20090284279 A1 US 20090284279A1 US 50551309 A US50551309 A US 50551309A US 2009284279 A1 US2009284279 A1 US 2009284279A1
Authority
US
United States
Prior art keywords
sopec
chip
printer
key
bit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US12/505,513
Inventor
Simon Robert Walmsley
Richard Thomas Plunkett
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Silverbrook Research Pty Ltd
Original Assignee
Silverbrook Research Pty Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from AU2002953135A external-priority patent/AU2002953135A0/en
Priority claimed from AU2002953134A external-priority patent/AU2002953134A0/en
Application filed by Silverbrook Research Pty Ltd filed Critical Silverbrook Research Pty Ltd
Priority to US12/505,513 priority Critical patent/US20090284279A1/en
Assigned to SILVERBROOK RESEARCH PTY LTD reassignment SILVERBROOK RESEARCH PTY LTD ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: PLUNKETT, RICHARD THOMAS, WALMSLEY, SIMON ROBERT
Publication of US20090284279A1 publication Critical patent/US20090284279A1/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/73Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B41PRINTING; LINING MACHINES; TYPEWRITERS; STAMPS
    • B41JTYPEWRITERS; SELECTIVE PRINTING MECHANISMS, i.e. MECHANISMS PRINTING OTHERWISE THAN FROM A FORME; CORRECTION OF TYPOGRAPHICAL ERRORS
    • B41J2/00Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed
    • B41J2/005Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed characterised by bringing liquid or particles selectively into contact with a printing material
    • B41J2/01Ink jet
    • B41J2/015Ink jet characterised by the jet generation process
    • B41J2/04Ink jet characterised by the jet generation process generating single droplets or particles on demand
    • B41J2/045Ink jet characterised by the jet generation process generating single droplets or particles on demand by pressure, e.g. electromechanical transducers
    • B41J2/04501Control methods or devices therefor, e.g. driver circuits, control circuits
    • B41J2/04505Control methods or devices therefor, e.g. driver circuits, control circuits aiming at correcting alignment
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B41PRINTING; LINING MACHINES; TYPEWRITERS; STAMPS
    • B41JTYPEWRITERS; SELECTIVE PRINTING MECHANISMS, i.e. MECHANISMS PRINTING OTHERWISE THAN FROM A FORME; CORRECTION OF TYPOGRAPHICAL ERRORS
    • B41J2/00Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed
    • B41J2/005Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed characterised by bringing liquid or particles selectively into contact with a printing material
    • B41J2/01Ink jet
    • B41J2/015Ink jet characterised by the jet generation process
    • B41J2/04Ink jet characterised by the jet generation process generating single droplets or particles on demand
    • B41J2/045Ink jet characterised by the jet generation process generating single droplets or particles on demand by pressure, e.g. electromechanical transducers
    • B41J2/04501Control methods or devices therefor, e.g. driver circuits, control circuits
    • B41J2/04508Control methods or devices therefor, e.g. driver circuits, control circuits aiming at correcting other parameters
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B41PRINTING; LINING MACHINES; TYPEWRITERS; STAMPS
    • B41JTYPEWRITERS; SELECTIVE PRINTING MECHANISMS, i.e. MECHANISMS PRINTING OTHERWISE THAN FROM A FORME; CORRECTION OF TYPOGRAPHICAL ERRORS
    • B41J2/00Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed
    • B41J2/005Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed characterised by bringing liquid or particles selectively into contact with a printing material
    • B41J2/01Ink jet
    • B41J2/015Ink jet characterised by the jet generation process
    • B41J2/04Ink jet characterised by the jet generation process generating single droplets or particles on demand
    • B41J2/045Ink jet characterised by the jet generation process generating single droplets or particles on demand by pressure, e.g. electromechanical transducers
    • B41J2/04501Control methods or devices therefor, e.g. driver circuits, control circuits
    • B41J2/0451Control methods or devices therefor, e.g. driver circuits, control circuits for detecting failure, e.g. clogging, malfunctioning actuator
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B41PRINTING; LINING MACHINES; TYPEWRITERS; STAMPS
    • B41JTYPEWRITERS; SELECTIVE PRINTING MECHANISMS, i.e. MECHANISMS PRINTING OTHERWISE THAN FROM A FORME; CORRECTION OF TYPOGRAPHICAL ERRORS
    • B41J2/00Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed
    • B41J2/005Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed characterised by bringing liquid or particles selectively into contact with a printing material
    • B41J2/01Ink jet
    • B41J2/015Ink jet characterised by the jet generation process
    • B41J2/04Ink jet characterised by the jet generation process generating single droplets or particles on demand
    • B41J2/045Ink jet characterised by the jet generation process generating single droplets or particles on demand by pressure, e.g. electromechanical transducers
    • B41J2/04501Control methods or devices therefor, e.g. driver circuits, control circuits
    • B41J2/04528Control methods or devices therefor, e.g. driver circuits, control circuits aiming at warming up the head
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B41PRINTING; LINING MACHINES; TYPEWRITERS; STAMPS
    • B41JTYPEWRITERS; SELECTIVE PRINTING MECHANISMS, i.e. MECHANISMS PRINTING OTHERWISE THAN FROM A FORME; CORRECTION OF TYPOGRAPHICAL ERRORS
    • B41J2/00Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed
    • B41J2/005Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed characterised by bringing liquid or particles selectively into contact with a printing material
    • B41J2/01Ink jet
    • B41J2/015Ink jet characterised by the jet generation process
    • B41J2/04Ink jet characterised by the jet generation process generating single droplets or particles on demand
    • B41J2/045Ink jet characterised by the jet generation process generating single droplets or particles on demand by pressure, e.g. electromechanical transducers
    • B41J2/04501Control methods or devices therefor, e.g. driver circuits, control circuits
    • B41J2/04541Specific driving circuit
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B41PRINTING; LINING MACHINES; TYPEWRITERS; STAMPS
    • B41JTYPEWRITERS; SELECTIVE PRINTING MECHANISMS, i.e. MECHANISMS PRINTING OTHERWISE THAN FROM A FORME; CORRECTION OF TYPOGRAPHICAL ERRORS
    • B41J2/00Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed
    • B41J2/005Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed characterised by bringing liquid or particles selectively into contact with a printing material
    • B41J2/01Ink jet
    • B41J2/015Ink jet characterised by the jet generation process
    • B41J2/04Ink jet characterised by the jet generation process generating single droplets or particles on demand
    • B41J2/045Ink jet characterised by the jet generation process generating single droplets or particles on demand by pressure, e.g. electromechanical transducers
    • B41J2/04501Control methods or devices therefor, e.g. driver circuits, control circuits
    • B41J2/04543Block driving
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B41PRINTING; LINING MACHINES; TYPEWRITERS; STAMPS
    • B41JTYPEWRITERS; SELECTIVE PRINTING MECHANISMS, i.e. MECHANISMS PRINTING OTHERWISE THAN FROM A FORME; CORRECTION OF TYPOGRAPHICAL ERRORS
    • B41J2/00Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed
    • B41J2/005Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed characterised by bringing liquid or particles selectively into contact with a printing material
    • B41J2/01Ink jet
    • B41J2/015Ink jet characterised by the jet generation process
    • B41J2/04Ink jet characterised by the jet generation process generating single droplets or particles on demand
    • B41J2/045Ink jet characterised by the jet generation process generating single droplets or particles on demand by pressure, e.g. electromechanical transducers
    • B41J2/04501Control methods or devices therefor, e.g. driver circuits, control circuits
    • B41J2/04563Control methods or devices therefor, e.g. driver circuits, control circuits detecting head temperature; Ink temperature
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B41PRINTING; LINING MACHINES; TYPEWRITERS; STAMPS
    • B41JTYPEWRITERS; SELECTIVE PRINTING MECHANISMS, i.e. MECHANISMS PRINTING OTHERWISE THAN FROM A FORME; CORRECTION OF TYPOGRAPHICAL ERRORS
    • B41J2/00Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed
    • B41J2/005Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed characterised by bringing liquid or particles selectively into contact with a printing material
    • B41J2/01Ink jet
    • B41J2/015Ink jet characterised by the jet generation process
    • B41J2/04Ink jet characterised by the jet generation process generating single droplets or particles on demand
    • B41J2/045Ink jet characterised by the jet generation process generating single droplets or particles on demand by pressure, e.g. electromechanical transducers
    • B41J2/04501Control methods or devices therefor, e.g. driver circuits, control circuits
    • B41J2/04573Timing; Delays
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B41PRINTING; LINING MACHINES; TYPEWRITERS; STAMPS
    • B41JTYPEWRITERS; SELECTIVE PRINTING MECHANISMS, i.e. MECHANISMS PRINTING OTHERWISE THAN FROM A FORME; CORRECTION OF TYPOGRAPHICAL ERRORS
    • B41J2/00Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed
    • B41J2/005Typewriters or selective printing mechanisms characterised by the printing or marking process for which they are designed characterised by bringing liquid or particles selectively into contact with a printing material
    • B41J2/01Ink jet
    • B41J2/015Ink jet characterised by the jet generation process
    • B41J2/04Ink jet characterised by the jet generation process generating single droplets or particles on demand
    • B41J2/045Ink jet characterised by the jet generation process generating single droplets or particles on demand by pressure, e.g. electromechanical transducers
    • B41J2/04501Control methods or devices therefor, e.g. driver circuits, control circuits
    • B41J2/04586Control methods or devices therefor, e.g. driver circuits, control circuits controlling heads of a type not covered by groups B41J2/04575 - B41J2/04585, or of an undefined type
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/74Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • HELECTRICITY
    • H03ELECTRONIC CIRCUITRY
    • H03KPULSE TECHNIQUE
    • H03K5/00Manipulating of pulses not covered by one of the other main groups of this subclass
    • H03K5/125Discriminating pulses
    • H03K5/1252Suppression or limitation of noise or interference
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N1/00Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
    • H04N1/40Picture signal circuits
    • H04N1/405Halftoning, i.e. converting the picture signal of a continuous-tone original into a corresponding signal showing only two levels
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B41PRINTING; LINING MACHINES; TYPEWRITERS; STAMPS
    • B41JTYPEWRITERS; SELECTIVE PRINTING MECHANISMS, i.e. MECHANISMS PRINTING OTHERWISE THAN FROM A FORME; CORRECTION OF TYPOGRAPHICAL ERRORS
    • B41J2202/00Embodiments of or processes related to ink-jet or thermal heads
    • B41J2202/01Embodiments of or processes related to ink-jet heads
    • B41J2202/20Modules
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10TECHNICAL SUBJECTS COVERED BY FORMER USPC
    • Y10STECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10S707/00Data processing: database and file management or data structures
    • Y10S707/99931Database or file accessing
    • Y10S707/99933Query processing, i.e. searching
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10TECHNICAL SUBJECTS COVERED BY FORMER USPC
    • Y10STECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10S707/00Data processing: database and file management or data structures
    • Y10S707/99931Database or file accessing
    • Y10S707/99939Privileged access
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y10TECHNICAL SUBJECTS COVERED BY FORMER USPC
    • Y10TTECHNICAL SUBJECTS COVERED BY FORMER US CLASSIFICATION
    • Y10T29/00Metal working
    • Y10T29/49Method of mechanical manufacture
    • Y10T29/49401Fluid pattern dispersing device making, e.g., ink jet

Definitions

  • the present invention relates to securing an integrated circuit against certain forms of security attacks.
  • the invention has primarily been developed for use in chips used in a printer system to authenticate communications between, for example, a printer controller and other peripheral devices such as ink cartridges.
  • a printer controller and other peripheral devices such as ink cartridges.
  • the invention can be applied to integrated circuits in other fields in which analogous problems are faced.
  • the quality of a joint region between adjacent printhead modules relies on factors including a precision with which the abutting ends of each module can be manufactured, the accuracy with which they can be aligned when assembled into a single printhead, and other more practical factors such as management of ink channels behind the nozzles. It will be appreciated that the difficulties include relative vertical displacement of the printhead modules with respect to each other.
  • printhead controllers are usually dedicated application specific integrated circuits (ASICs) designed for specific use with a single type of printhead module, that is used by itself rather than with other modules. It would be desirable to provide a way in which different lengths and types of printhead modules could be accounted for using a single printer controller.
  • ASICs application specific integrated circuits
  • Printer controllers face other difficulties when two or more printhead modules are involved, especially if it is desired to send dot data to each of the printheads directly (rather than via a single printhead connected to the controller).
  • One concern is that data delivered to different length controllers at the same rate will cause the shorter of the modules to be ready for printing before any longer modules.
  • the issue may not be of importance, but for large length differences, the result is that the bandwidth of a shared memory from which the dot data is supplied to the modules is effectively left idle once one of the modules is full and the remaining module or modules is still being filled. It would be desirable to provide a way of improving memory bandwidth usage in a system comprising a plurality of printhead modules of uneven length.
  • any printing system that includes multiple nozzles on a printhead or printhead module, there is the possibility of one or more of the nozzles failing in the field, or being inoperative due to manufacturing defect.
  • the printhead also outputs fixative on a per-nozzle basis, it is also desirable that the fixative is provided in such a way that dead nozzles are compensated for.
  • a printer controller can take the form of an integrated circuit, comprising a processor and one or more peripheral hardware units for implementing specific data manipulation functions. A number of these units and the processor may need access to a common resource such as memory.
  • One way of arbitrating between multiple access requests for a common resource is timeslot arbitration, in which access to the resource is guaranteed to a particular requester during a predetermined timeslot.
  • Timeslot arbitration does not take into account these differences, which may result in accesses being performed in a less efficient manner than might otherwise be the case. It would be desirable to provide a timeslot arbitration scheme that improved this efficiency as compared with prior art timeslot arbitration schemes.
  • a cache miss in which an attempt to load data or an instruction from a cache fails results in a memory access followed by a cache update. It is often desirable when updating the cache in this way to update data other than that which was actually missed.
  • a typical example would be a cache miss for a byte resulting in an entire word or line of the cache associated with that byte being updated.
  • this can have the effect of tying up bandwidth between the memory (or a memory manager) and the processor where the bandwidth is such that several cycles are required to transfer the entire word or line to the cache. It would be desirable to provide a mechanism for updating a cache that improved cache update speed and/or efficiency.
  • One form of attacking a secure chip is to induce (usually by increasing) a clock speed that takes the logic outside its rated operating frequency.
  • One way of doing this is to reduce the temperature of the integrated circuit, which can cause the clock to race. Above a certain frequency, some logic will start malfunctioning. In some cases, the malfunction can be such that information on the chip that would otherwise be secure may become available to an external connection. It would be desirable to protect an integrated circuit from such attacks.
  • a power failure can result in unintentional behaviour. For example, if an address or data becomes unreliable due to falling voltage supplied to the circuit but there is still sufficient power to cause a write, incorrect data can be written. Even worse, the data (incorrect or not) could be written to the wrong memory. The problem is exacerbated with multi-word writes. It would be desirable to provide a mechanism for reducing or preventing spurious writes when power to an integrated circuit is failing.
  • the memory includes a key or some other form of security information that allows the integrated circuit to communicate with another entity (such as another integrated circuit, for example) in a secure manner. It would be particularly advantageous to prevent attacks involving direct probing of memory addresses by physically investigating the chip (as distinct from electronic or logical attacks via manipulation of signals and power supplied to the integrated circuit). It is also desirable to provide an environment where the manufacturer of the integrated circuit (or some other authorised entity) can verify or authorize code to be run on an integrated circuit.
  • Another desideratum would be the ability of two or more entities, such as integrated circuits, to communicate with each other in a secure manner. It would also be desirable to provide a mechanism for secure communication between a first entity and a second entity, where the two entities, whilst capable of some form of secure communication, are not able to establish such communication between themselves.
  • ink quality can be a major issue, since the attributes of inks used by a given printhead can be quite specific. Use of incorrect ink can result in anything from misfiring or poor performance to damage or destruction of the printhead. It would therefore be desirable to provide a system that enables authentication of the correct ink being used, as well as providing various support systems secure enabling refilling of ink cartridges.
  • a symmetric encryption algorithm is one where:
  • K 1 K 2 .
  • K 2 K 2 .
  • K The security of these algorithms rests very much in the key K.
  • K allows anyone to encrypt or decrypt. Consequently K must remain a secret for the duration of the value of M.
  • M may be a wartime message “My current position is grid position 123-456”. Once the war is over the value of M is greatly reduced, and if K is made public, the knowledge of the combat unit's position may be of no relevance whatsoever.
  • the security of the particular symmetric algorithm is a function of two things: the strength of the algorithm and the length of the key.
  • An asymmetric encryption algorithm is one where:
  • two or more of the entities may use the same key to communicate with the main entity. However, this means that the main entity cannot be sure which of the entities it is communicating with. Similarly, messages from the main entity to one of the entities can be decrypted by any of the other entities with the same key. It would be desirable if a mechanism could be provided to allow secure communication between a main entity and one or more other entities that overcomes at least some of the shortcomings of prior art.
  • a first entity is capable of secure communication of some form, it may be desirable to establish a relationship with another entity without providing the other entity with any information related the first entity's security features.
  • the security features might include a key or a cryptographic function. It would be desirable to provide a mechanism for enabling secure communications between a first and second entity when they do not share the requisite secret function, key or other relationship to enable them to establish trust.
  • an integrated circuit comprising a processor and memory storing:
  • the integrated circuit is configured and programmed to perform a defensive action in the event the test fails.
  • the defensive action includes deleting or destroying some or all of the contents of the memory in the event the test fails.
  • the defensive action includes deleting or destroying at least the secret information and/or the inverse string.
  • the defensive action includes preventing the processor from executing software.
  • the defensive action includes resetting some or all of logic on the integrated circuit.
  • the first and second addresses are at the same address in the memory.
  • the string and inverse string are stored at different sub-addresses within the same address.
  • the first and second addresses are restricted to one of two potential locations in the memory of each integrated circuit, the secret information and the inverse string for each integrated circuit being allocated to the first and second addresses randomly, pseudo-randomly or arbitrarily.
  • the secret information differs between at least two of the integrated circuits.
  • FIG. 1 is an example of a single printer controller (hereinafter “SoPEC”) A4 simplex printer system
  • FIG. 2 is an example of a dual SoPEC A4 duplex printer system
  • FIG. 3 is an example of a dual SoPEC A3 simplex printer system
  • FIG. 4 is an example of a quad SoPEC A3 duplex printer system
  • FIG. 5 is an example of a SoPEC A4 simplex printing system with an extra SoPEC used as DRAM storage
  • FIG. 6 is an example of an A3 duplex printing system featuring four printing SoPECs
  • FIG. 7 shows pages containing different numbers of bands
  • FIG. 8 shows the contents of a page band
  • FIG. 9 illustrates a page data path from host to SoPEC
  • FIG. 10 shows a page structure
  • FIG. 11 shows a SoPEC system top level partition
  • FIG. 12 shows a SoPEC CPU memory map (not to scale)
  • FIG. 13 is a block diagram of CPU
  • FIG. 14 shows a printhead nozzle layout for 36-nozzle bi-lithic printhead
  • FIG. 15 shows a printhead nozzle layout for a 36-nozzle bi-lithic printhead
  • FIG. 16 shows printhead types 0 to 7
  • FIG. 17 shows an ideal join between two dilithic printhead segments
  • FIG. 18 shows an example of a join between two bilithic printhead segments
  • FIG. 19 shows relationship between datasets
  • FIG. 20 shows a validation hierarchy
  • FIG. 21 shows development of operating system code
  • FIG. 22 shows clock filter
  • FIG. 23 shows tamper detection line
  • FIG. 24 shows an oversize nMOS transistor layout of Tamper Detection Line
  • FIG. 25 shows a Tamper Detection Line
  • FIG. 26 shows how Tamper Detection Lines cover the Noise Generator
  • FIG. 27 shows a high level block diagram of QA Chip
  • FIG. 28 shows an analogue unit
  • FIG. 29 shows a serial bus protocol for trimming
  • FIG. 30 shows a block diagram of a trim unit
  • FIG. 31 shows a block diagram of a CPU of the QA chip
  • FIG. 32 shows block diagram of an MIU
  • FIG. 33 shows a block diagram of memory components
  • FIG. 34 shows a first byte sent to an IOU
  • FIG. 35 shows a block diagram of the IOU
  • FIG. 36 shows a relationship between external SDa and SClk and generation of internal signals
  • FIG. 37 shows block diagram of ALU
  • FIG. 38 shows a block diagram of DataSel
  • FIG. 39 shows a block diagram of ROR
  • FIG. 40 shows a block diagram of the ALU's IO block
  • FIG. 41 shows a block diagram of PCU
  • FIG. 42 shows a block diagram of an Address Generator Unit
  • FIG. 43 shows a block diagram for a Counter Unit
  • FIG. 44 shows a block diagram of PMU
  • FIG. 45 shows a state machine for PMU
  • FIG. 46 shows a block diagram of MRU
  • FIG. 47 shows simplified MAU state machine
  • FIG. 48 shows power-on reset behaviour
  • FIG. 49 shows a ring oscillator block diagram
  • FIG. 50 shows a system clock duty cycle
  • the preferred of the present invention is implemented in a printer using microelectromechanical systems (MEMS) printheads.
  • the printer can receive data from, for example, a personal computer such as an IBM compatible PC or Apple computer. In other embodiments, the printer can receive data directly from, for example, a digital still or video camera.
  • MEMS microelectromechanical systems
  • the particular choice of communication link is not important, and can be based, for example, on USB, Firewire, Bluetooth or any other wireless or hardwired communications protocol.
  • SoPEC Small office home office Print Engine Controller
  • SoPEC ASIC Application Specific Integrated Circuit
  • the SoPEC ASIC is intended to be a low cost solution for bi-lithic printhead control, replacing the multichip solutions in larger more professional systems with a single chip.
  • the increased cost competitiveness is achieved by integrating several systems such as a modified PEC1 printing pipeline, CPU control system, peripherals and memory sub-system onto one SoC ASIC, reducing component count and simplifying board design.
  • Memjet printing systems including bi-lithic printhead systems,
  • a bi-lithic based printhead is constructed from 2 printhead ICs of varying sizes.
  • the notation M:N is used to express the size relationship of each IC, where M specifies one printhead IC in inches and N specifies the remaining printhead IC in inches.
  • a bi-lithic printhead produces 1600 dpi bi-level dots. On low-diffusion paper, each ejected drop forms a 22.5 m diameter dot. Dots are easily produced in isolation, allowing dispersed-dot dithering to be exploited to its fullest. Since the bi-lithic printhead is the width of the page and operates with a constant paper velocity, color planes are printed in perfect registration, allowing ideal dot-on-dot printing. Dot-on-dot printing minimizes ‘muddying’ of midtones caused by inter-color bleed.
  • a page layout may contain a mixture of images, graphics and text. Continuous-tone (contone) images and graphics are reproduced using a stochastic dispersed-dot dither. Unlike a clustered-dot (or amplitude-modulated) dither, a dispersed-dot (or frequency-modulated) dither reproduces high spatial frequencies (i.e. image detail) almost to the limits of the dot resolution, while simultaneously reproducing lower spatial frequencies to their full color depth, when spatially integrated by the eye.
  • a stochastic dither matrix is carefully designed to be free of objectionable low-frequency patterns when tiled across the image. As such its size typically exceeds the minimum size required to support a particular number of intensity levels (e.g. 16 ⁇ 16 ⁇ 8 bits for 257 intensity levels).
  • Human contrast sensitivity peaks at a spatial frequency of about 3 cycles per degree of visual field and then falls off logarithmically, decreasing by a factor of 100 beyond about 40 cycles per degree and becoming immeasurable beyond 60 cycles per degree. At a normal viewing distance of 12 inches (about 300 mm), this translates roughly to 200-300 cycles per inch (cpi) on the printed page, or 400-600 samples per inch according to Nyquist's theorem.
  • contone resolution above about 300 ppi is of limited utility outside special applications such as medical imaging.
  • Black text and graphics are reproduced directly using bi-level black dots, and are therefore not anti-aliased (i.e. low-pass filtered) before being printed. Text should therefore be supersampled beyond the perceptual limits discussed above, to produce smoother edges when spatially integrated by the eye. Text resolution up to about 1200 dpi continues to contribute to perceived text sharpness (assuming low-diffusion paper, of course).
  • a Netpage printer may use a contone resolution of 267 ppi (i.e. 1600 dp ⁇ 6), and a black text and graphics resolution of 800 dpi.
  • a high end office or departmental printer may use a contone resolution of 320 ppi (1600 dpi/5) and a black text and graphics resolution of 1600 dpi. Both formats are capable of exceeding the quality of commercial (offset) printing and photographic reproduction.
  • SoPEC device can be used in several printer configurations and architectures. In the general sense every SoPEC based printer architecture will contain:
  • the printhead is constructed by abutting 2 printhead ICs together.
  • the printhead ICs can vary in size from 2 inches to 8 inches, so to produce an A4 printhead several combinations are possible. For example two printhead ICs of 7 inches and 3 inches could be used to create a A4 printhead (the notation is 7:3). Similarly 6 and 4 combination (6:4), or 5:5 combination.
  • For an A3 printhead it can be constructed from 8:6 or an 7:7 printhead IC combination.
  • For photographic printing smaller printheads can be constructed.
  • Each SoPEC system can have several QA devices. Normally each printing SoPEC will have an associated PRINTER_QA. Ink cartridges will contain an INK_QA chip. PRINTER_QA and INK_QA devices should be on separate LSS busses. All QA chips in the system are physically identical with flash memory contents defining PRINTER_QA from INK_QA chip.
  • SoPEC based system architectures are now described. It is possible to have extra SoPEC devices in the system used for DRAM storage.
  • the QA chip configurations shown are indicative of the flexibility of LSS bus architecture, but not limited to those configurations.
  • a single SoPEC device can be used to control two printhead ICs.
  • the SoPEC receives compressed data through the USB device from the host. The compressed data is processed and transferred to the printhead.
  • two SoPEC devices are used to control two bi-lithic printheads, each with two printhead ICs. Each bi-lithic printhead prints to opposite sides of the same page to achieve duplex printing.
  • the SoPEC connected to the USB is the ISIMaster SoPEC, the remaining SoPEC is an ISISlave.
  • the ISIMaster receives all the compressed page data for both SoPECs and re-distributes the compressed data over the Inter-SoPEC Interface (ISI) bus.
  • ISI Inter-SoPEC Interface
  • USB 1.1 connection may not have enough bandwidth.
  • An alternative would be for each SoPEC to have its own USB 1.1 connection. This would allow a faster average print speed.
  • FIG. 3 two SoPEC devices are used to control one A3 bi-lithic printhead. Each SoPEC controls only one printhead IC (the remaining PHI port typically remains idle).
  • This system uses the SoPEC with the USB connection as the ISIMaster. In this dual SoPEC configuration the compressed page store data is split across 2 SoPECs giving a total of 4 Mbyte page store, this allows the system to use compression rates as in an A4 architecture, but with the increased page size of A3.
  • the ISIMaster receives all the compressed page data for all SoPECs and re-distributes the compressed data over the Inter-SoPEC Interface (ISI) bus.
  • ISI Inter-SoPEC Interface
  • FIG. 4 a 4 SoPEC system is shown. It contains 2 A3 bi-lithic printheads, one for each side of an A3 page. Each printhead contain 2 printhead ICs, each printhead IC is controlled by an independent SoPEC device, with the remaining PHI port typically unused. Again the SoPEC with USB 1.1 connection is the ISIMaster with the other SoPECs as ISISlaves. In total, the system contains 8 Mbytes of compressed page store (2 Mbytes per SOPEC), so the increased page size does not degrade the system print quality, from that of an A4 simplex printer. The ISIMaster receives all the compressed page data for all SoPECs and re-distributes the compressed data over the Inter-SoPEC Interface (ISI) bus.
  • ISI Inter-SoPEC Interface
  • Extra SoPECs can be used for DRAM storage e.g. in FIG. 5 an A4 simplex printer can be built with a single extra SoPEC used for DRAM storage.
  • the DRAM SoPEC can provide guaranteed bandwidth delivery of data to the printing SoPEC.
  • SoPEC configurations can have multiple extra SoPECs used for DRAM storage.
  • an ISI-Bridge chip provides slave-only ISI connections to SoPEC devices.
  • FIG. 6 shows a ISI-Bridge chip with 2 separate ISI ports.
  • the ISI-Bridge chip is the ISIMaster on each of the ISI busses it is connected to. All connected SoPECs are ISISlaves.
  • the ISI-Bridge chip will typically have a high bandwidth connection to a host and may have an attached external DRAM for compressed page storage.
  • the SoPEC is a page rendering engine ASIC that takes compressed page images as input, and produces decompressed page images at up to 6 channels of bi-level dot data as output.
  • the bi-level dot data is generated for the Memjet bi-lithic printhead.
  • the dot generation process takes account of printhead construction, dead nozzles, and allows for fixative generation.
  • a single SoPEC can control 2 bi-lithic printheads and up to 6 color channels at 10,000 lines/sec 1 , equating to 30 pages per minute.
  • a single SoPEC can perform full-bleed printing of A3, A4 and Letter pages.
  • the 6 channels of colored ink are the expected maximum in a consumer SOHO, or office Bi-lithic printing environment:
  • SoPEC is color space agnostic. Although it can accept contone data as CMYX or RGBX, where X is an optional 4th channel, it also can accept contone data in any print color space. Additionally, SoPEC provides a mechanism for arbitrary mapping of input 110,000 lines per second equates to 30 A4/Letter pages per minute at 1600 dpi channels to output channels, including combining dots for ink optimization, generation of channels based on any number of other channels etc. However, inputs are typically CMYK for contone input, K for the bi-level input, and the optional Netpage tag dots are typically rendered to an infra-red layer. A fixative channel is typically generated for fast printing applications.
  • SoPEC is resolution agnostic. It merely provides a mapping between input resolutions and output resolutions by means of scale factors. The expected output resolution is 1600 dpi, but SoPEC actually has no knowledge of the physical resolution of the Bi-lithic printhead.
  • SoPEC is page-length agnostic. Successive pages are typically split into bands and downloaded into the page store as each band of information is consumed and becomes free.
  • SoPEC provides an interface for synchronization with other SoPECs. This allows simple multi-SoPEC solutions for simultaneous A3/A4/Letter duplex printing. However, SoPEC is also capable of printing only a portion of a page image. Combining synchronization functionality with partial page rendering allows multiple SoPECs to be readily combined for alternative printing requirements including simultaneous duplex printing and wide format printing.
  • the required printing rate for SoPEC is 30 sheets per minute with an inter-sheet spacing of 4 cm. To achieve a 30 sheets per minute print rate, this requires:
  • a printline for an A4 page consists of 13824 nozzles across the page [2].
  • 13824 dots of data can be generated in 86.4 seconds. Therefore data can be generated fast enough to meet the printing speed requirement. It is necessary to deliver this print data to the print-heads.
  • Printheads can be made up of 5:5, 6:4, 7:3 and 8:2 inch printhead combinations [2]. Print data is transferred to both print heads in a pair simultaneously. This means the longest time to print a line is determined by the time to transfer print data to the longest print segment. There are 9744 nozzles across a 7 inch printhead. The print data is transferred to the printhead at a rate of 106 MHz (2 ⁇ 3 of the system clock rate) per color plane. This means that it will take 91.9 s to transfer a single line for a 7:3 printhead configuration. So we can meet the requirement of 30 sheets per minute printing with a 4 cm gap with a 7:3 printhead combination. There are 11160 across an 8 inch printhead. To transfer the data to the printhead at 106 MHz will take 105.3 s. So an 8:2 printhead combination printing with an inter-sheet gap will print slower than 30 sheets per minute.
  • SoPEC device consists of 3 distinct subsystems
  • the CPU subsystem controls and configures all aspects of the other subsystems. It provides general support for interfacing and synchronising the external printer with the internal print engine. It also controls the low speed communication to the QA chips.
  • the CPU subsystem contains various peripherals to aid the CPU, such as GPIO (includes motor control), interrupt controller, LSS Master and general timers.
  • GPIO includes motor control
  • interrupt controller includes interrupt controller
  • LSS Master contains various peripherals to aid the CPU, such as GPIO (includes motor control), interrupt controller, LSS Master and general timers.
  • SB Serial Communications Block
  • the Serial Communications Block (SCB) on the CPU subsystem provides a full speed USB1.1 interface to the host as well as an Inter SoPEC Interface (ISI) to other SoPEC devices.
  • Security SoPEC use cases are now described. Use cases for both single and multi-SoPEC systems are outlined. Some tasks may be composed of a number of sub-tasks. Communication between SoPEC and the QA chips (i.e.
  • INK_QA and PRINTER_QA will take place on at least a per power cycle and per page basis.
  • Communication with the QA chips has three principal purposes: validating the presence of genuine QA chips (i.e the printer is using approved consumables), validation of the amount of ink remaining in the cartridge and authenticating the operating parameters for the printer.
  • SoPEC is expected to communicate the number of dots fired per ink plane to the QA chipset. SoPEC may also initiate decoy communications with the QA chips from time to time.
  • the QA chips are not involved in the authentication of downloaded SoPEC code
  • the QA chip in the ink cartridge does not directly affect the operation of the cartridge in any way i.e. it does not inhibit the flow of ink etc.
  • the INK_QA and PRINTER_QA chips are identical in their virgin state. They only become a INK_QA or PRINTER_QA after their FlashROM has been programmed.
  • an ISIMastrer SoPEC process For authentication of download code in a multi-SoPEC system, an ISIMastrer SoPEC process includes:
  • an ISISlave SoPEC process includes:
  • the SoPEC IC will be used in a range of printers with different capabilities (e.g. A3/A4 printing, printing speed, resolution etc.). It is expected that some printers will also have a software upgrade capability which would allow a user to purchase a license that enables an upgrade in their printer's capabilities (such as print speed). To facilitate this it must be possible to securely store the operating parameters in the PRINTER_QA chip, to securely communicate these parameters to the SoPEC and to securely reprogram the parameters in the event of an upgrade.
  • each printing SoPEC (as opposed to a SoPEC that is only used for the storage of data) will have its own PRINTER_QA chip (or at least access to a PRINTER_QA that contains the SoPEC's SoPEC_id_key). Therefore both ISIMaster and ISISlave SoPECs will need to authenticate operating parameters.
  • the CPU block consists of the CPU core, MMU, cache and associated logic.
  • the principal tasks for the program running on the CPU to fulfill in the system are:
  • the CPU is required to provide a level of performance at least equivalent to a 16-bit Hitachi H8-3664 microcontroller running at 16 MHz.
  • An as yet undetermined amount of additional CPU performance is needed to perform the other tasks, as well as to provide the potential for such activity as Netpage page assembly and processing, RIPing etc.
  • the extra performance required is dominated by the signature verification task and the SCB (including the USB) management task.
  • An operating system is not required at present.
  • a number of CPU cores have been evaluated and the LEON P1754 is considered to be the most appropriate solution.
  • a diagram of the CPU block is shown in FIG. 13 .
  • a “QA Chip” is a quality assurance chip can allows certain security functions and protocols to be implemented.
  • the preferred QA Chip is described in some detail later in this specification.
  • ChipR ChipT
  • ChipP ChipF
  • ChipU ChipS
  • each ink cartridge may contain a QA Chip referred to as an INK_QA, with all INK_QA chips being on the same physical bus.
  • the QA Chip inside the printer is referred to as PRINTER_QA, and will be on a separate bus to the INK_QA chips.
  • SoPEC includes a CPU that must run both manufacturer/owner program code and OEM program code.
  • the execution model envisaged for SoPEC is one where Manufacturer/owner program code forms an operating system (O/S), providing services such as controlling the print engine pipeline, interfaces to communications channels etc.
  • O/S operating system
  • the OEM program code must run in a form of user mode, protected from harming the Manufacturer/owner program code.
  • the OEM program code is permitted to obtain services by calling functions in the O/S, and the O/S may also call OEM code at specific times. For example, the OEM program code may request that the O/S call an OEM interrupt service routine when a particular GPIO pin is activated.
  • the Manufacturer/owner code may provide SHA1 as a service, and the OEM could call the SHA1 function, but execute that function with OEM permissions and not Silverbook permissions.
  • SoPEC SoPEC
  • Manufacturer/owner and OEM program code can co-exist without the OEM program code damaging operations or services provided by the Manufacturer/owner O/S. Since services rely on SoPEC peripherals (such as USB2 Host, LSS Master, Timers etc) access to these peripherals should also be restricted to Manufacturer/owner program code only.
  • SoPEC peripherals such as USB2 Host, LSS Master, Timers etc
  • a particular OEM will be licensed to run a Print Engine with a particular set of operating parameters (such as print speed or quality).
  • the OEM and/or end-user can upgrade the operating license for a fee and thereby obtain an upgraded set of operating parameters. Neither the OEM nor end-user should be able to upgrade the operating parameters without paying the appropriate fee to upgrade the license.
  • the OEM must be capable of assembly-line testing the Print Engine at the upgraded status before selling the Print Engine to the end-user.
  • the OEM may provide operating parameters to the end-user independent of the Manufacturer/owner operating parameters. For example, the OEM may want to sell a franking machine 2 . 2 a franking machine prints stamps
  • the end-user should not be able to upgrade the operating parameters without paying the appropriate fee to the OEM. Similarly, the end-user should not be able to bypass the authentication mechanism via any program code on SoPEC. This implies that end-users must not be able to tamper with or replace OEM program code or data, as well as not be able to tamper with the PEP blocks or service-related peripherals.
  • SoPEC SoPEC is intended to be implemented in 0.13 micron or smaller. Flash memory will not be available in any of the target processes being considered.
  • SoPEC can be placed in sleep mode to save power when printing is not required. RAM is not preserved in sleep mode. Therefore any program code and data in RAM will be lost. However, SoPEC must be capable of being woken up by the host when it is time to print again.
  • the host communicates with SoPEC via USB2. From SoPEC's point of view, it is activity on the USB2 device port that signals the time to wake up.
  • the host typically communicates with the Master SoPEC chip (as above), and then the Master relays messages to other Slave SoPECs by sending data out USB2 host port(s) and into the Slave SoPEC's device port.
  • the Slave SoPECs and the Master SoPEC all boot as a result of activity on the USB2 device port.
  • SoPEC must be capable of being woken up by activity on the USB2 device port.
  • SoPEC must also support the case where the printer is not connected to a PC (or the PC is currently turned off), and a digital camera or equivalent is plugged into the SoPEC-based printer. In this case, the entire printing application needs to be present within the hardware of the printer.
  • SoPEC requires a means of booting from a non-PC host. It is possible that this could be accomplished by the OEM adding a USB2-host chip to the printer and simulating the effect of a PC, and thereby download the program code. This solution requires the boot operation to be based on USB2 activity. However this is an unattractive solution since it adds microprocessor complexity and component cost when only a ROM-equivalent was desired.
  • SoPEC should ideally be able to boot from an external ROM of some kind.
  • booting from an external ROM means first booting from the internal ROM, and then downloading and authenticating the startup section of the program from the external ROM. This is not the same as simply running program code in-situ within an external ROM, since one of the security requirements was that OEMs and end-users must not be able to replace or tamper with Manufacturer/owner program code or data, i.e. we never want to blindly run code from an external ROM.
  • SoPEC if SoPEC is in sleep mode, SoPEC must be capable of instigating the boot process due to activity on a programmable GPIO. e.g. a wake-up button. This would be in addition to the standard power-on booting.
  • each of the slaves needs to be uniquely identifiable in order to be able for the host to send data to the correct slave.
  • the design constraint requirement is therefore to allow slaves to be IDed via a method that does not require any extra pins. This implies that whatever boot mechanism that satisfies the security requirements must also be able to assign IDs to slave SoPECs.
  • printer operating parameters are stored in the non-volatile memory of the Print Engine's on-board PRINTER_QA chip, both Manufacturer/owner and OEM program code cannot rely on the communication channel being secure. It is possible for an attacker to eavesdrop on communications to the PRINTER_QA chip, replace the PRINTER_QA chip and/or subvert the communications channel. It is also possible for this to be true during manufacture of the circuit board containing the SoPEC and the PRINTER_QA chip.
  • the amount of ink remaining for a given ink cartridge is stored in the non-volatile memory of that ink cartridge's INK_QA chip.
  • Both Manufacturer/owner and OEM program code cannot rely on the communication channel to the INK_QA being secure. It is possible for an attacker to eavesdrop on communications to the INK_QA chip, to replace the INK_QA chip and/or to subvert the communications channel. It is also possible for this to be true during manufacture of the consumable containing the INK_QA chip. In a multi-SoPEC system, or in a single-SoPEC system that has a non-USB2 connection to the host, a given SoPEC will receive its data over a USB2 host port. It is quite possible for an end-user to insert a chip that eavesdrops on and/or subverts the communications channel (for example performs man-in-the-middle attacks).
  • SoPEC_id_key is used to form a symmetric key unique to each SoPEC: SoPEC_id_key.
  • SoPEC_id is the 112-bit macro
  • SoPEC_id_key is a 160-bit result obtained by SHA1 (SoPEC_id).
  • SoPEC_id The verification of operating parameters and ink usage depends on SoPEC_id being difficult to determine. Difficult to determine means that someone should not be able to determine the id via software, or by viewing the communications between chips on the board. If the SoPEC_id is available through running a test procedure on specific test pins on the chip, then depending on the ease by which this can be done, it is likely to be acceptable. It is important to note that in the proposed solution, compromise of the SoPEC_id leads only to compromise of the operating parameters and ink usage on this particular SoPEC. It does not compromise any other SoPEC or all inks or operating parameters in general. It is ideal that the SoPEC_id be random, although this is unlikely to occur on standard manufacture processes for ASICs. If the id is within a small range however, it will be able to be broken by brute force. This is why 32-bits is not sufficient protection.
  • SoPEC contains a CPU with direct hardware support for user and supervisor modes.
  • the intended CPU is the LEON (a 32-bit processor with an instruction set according to the IEEE-1754 standard.
  • the IEEE1754 standard is compatible with the SPARC V8 instruction set).
  • Manufacturer/owner (operating system) program code will run in supervisor mode, and all OEM program code will run in user mode.
  • SoPEC contains a Memory Management Unit (MMU) that limits access to regions of DRAM by defining read, write and execute access permissions for supervisor and user mode.
  • Program code running in user mode is subject to user mode permission settings
  • program code running in supervisor mode is subject to supervisor mode settings.
  • a setting of 1 for a permission bit means that type of access (e.g. read, write, execute) is permitted.
  • a setting of 0 for a read permission bit means that that type of access is not permitted.
  • the settings for all the permission bits are 1 for all supervisor mode accesses, and 0 for all user mode accesses. This means that supervisor mode program code must explicitly set user mode access to be permitted on a section of DRAM.
  • Access permission to all the non-valid address space should be trapped, regardless of user or supervisor mode, and regardless of the access being read, execute, or write.
  • Access permission to all of the valid non-DRAM address space is supervisor read/write access only (no supervisor execute access, and user mode has no acccess at all) with the exception that certain GPIO and Timer registers can also be accessed by user code. These registers will require bitwise access permissions. Each peripheral block will determine how the access is restricted.
  • the SoPEC_id parameter should only be accessible in supervisor mode, and should only be stored and manipulated in a region of memory that has no user mode access.
  • the unique SoPEC_id needs to be available to supervisor code and not available to user code. This is taken care of by the MMU.
  • SoPEC_id must also not be accessible via the CPU's data cache or register windows. For example, if the user were to cause an interrupt to occur at a particular point in the program execution when the SoPEC_id was being manipulated, it must not be possible for the user program code to turn caching off and then access the SoPEC_id inside the data cache. This would bypass any MMU security.
  • register windows It must not be possible for user mode program code to read or modify register settings in a supervisor program's register windows.
  • SoPEC_id itself must not be cacheable.
  • any processed form of the SoPEC_id such as the SoPEC_id_key (e.g. read into registers or calculated expected results from a QA_Chip) should not be accessible by user program code.
  • the TRAP instruction allows programs to switch between user and supervisor mode in a controlled way.
  • the TRAP switches between user and supervisor register sets, and calls a specific entry point in the supervisor code space in supervisor mode.
  • the TRAP handler dispatches the service request, and then returns to the caller in user mode.
  • command dispatcher allows the O/S to provide services that filter access—e.g. a generalised print function will set PEP registers appropriately and ensure QA Chip ink updates occur.
  • the LEON also allows supervisor mode code to call user mode code in user mode. There are a number of ways that this functionality can be implemented. It is possible to call the user code without a trap, but to return to supervisor mode requires a trap (and associated latency).
  • SoPEC SoPEC's RAM
  • the intention is to load the Manufacturer/owner and OEM program code into SoPEC's RAM, where it can be subsequently executed.
  • the basic SoPEC therefore, must be capable of downloading program code.
  • SoPEC must be able to guarantee that only authorized Manufacturer/owner boot programs can be loaded, otherwise anyone could modify the O/S to do anything, and then load that—thereby bypassing the licensed operating parameters.
  • the boot loader needs to perform the following tasks:
  • Asymmetric decryption is used instead of symmetric decryption because the decrypting key must be held in SoPEC's ROM. If symmetric private keys are used, the ROM can be probed and the security is compromised.
  • the procedure requires the following data item:
  • boot loader 0 can be defined as in the following pseudocode:
  • the length of the key will depend on the asymmetric algorithm chosen.
  • the key must provide the equivalent protection of the entire QA Chip system—if the Manufacturer/owner O/S program code can be bypassed, then it is equivalent to the QA Chip keys being compromised. In fact it is worse because it would compromise Manufacturer/owner operating parameters, OEM operating parameters, and ink authentication by software downloaded off the net (e.g. from some hacker).
  • SoPEC is based on keeping the asymmetric private key paired to boot0key secure.
  • the entire security of SoPEC is also based on keeping the program that signs (i.e. authorizes) datasets using the asymmetric private key paired to boot0key secure.
  • the levels of authentication hierarchy are as follows:
  • the ComCo generates dataSet3, consisting of dataset1 plus dataset2, where dataset2 is an operating parameter block for a given OEM's print engine license (according to the print engine license arrangement) signed with the ComCo's asymmetric private key.
  • the operating parameter block (dataset2) would contain valid print speed ranges, a PrintEngineLicenseId, and the OEM's asymmetric public key.
  • the ComCo can generate as many of these operating parameter blocks for any number of Print Engine Licenses, but cannot write or sign any supervisor O/S program code.
  • SoPEC When the end-user uses dataset5, SoPEC itself validates dataset1 via the boot0key mechanism. Once dataset1 is executing, it validates dataset2, and uses dataset2 data to validate dataset4.
  • the validation hierarchy is shown in FIG. 20 .
  • a key If a key is compromised, it compromises all subsequent authorizations down the hierarchy. In the example from above (and as illustrated in FIG. 20 ) if the OEM's asymmetric private key is compromised, then O/S program code is not compromised since it is above OEM program code in the authentication hierarchy. However if the ComCo's asymmetric private key is compromised, then the OEM program code is also compromised. A compromise of boot0key compromises everything up to SoPEC itself, and would require a mask ROM change in SoPEC to fix.
  • the hierarchical boot procedure described above gives a hierarchy of protection in a final shipped product.
  • QACo needs to generate/create a special intermediate boot loader, signed with boot0key, that performs the exact same tasks as the normal boot loader, except that it checks the SoPECid to see if it is a specific SoPECid (or set of SoPECids). If the SoPEC_id is in the valid set, then the developmental boot loader validates dataset2 by means of its length and a SHA-1 digest of the developmental code 4 , and not by a further digital signature. The QACo can give this boot loader to the software development team within Manufacturer/owner. The software team can now write and run any program code, and load the program code using the development boot loader. There is no requirement for the subsequent software program (i.e.
  • the SHA-1 digest is to allow the total program load time to simulate the running time of the normal boot loader running on a non-developmental version of the program.
  • supervisor program code e.g. the operating system
  • SoPEC_id bits of the SoPEC_id to form some kind of date.
  • the granularity of the date could be as simple as a single bit that says the date is obtained from the regular IBM ECID, or it could be 6 bits that give 10 years worth of 3-month units.
  • the first step of the program loaded by boot loader 0 could check the SoPEC_id date, and run or refuse to run appropriately.
  • the Manufacturer/owner driver or OS could therefore be limited to run on SoPECs that are manufactured up until a particular date.
  • SoPECs are supplied with 3-month granularity in their date components.
  • Manufacturer/owner could ship a version of the OS that works for any SoPEC of the date (i.e. on any chip), or for all SoPECs manufactured during the year etc.
  • the driver issued the next year could work with all SoPECs up until that years etc.
  • the drivers for a chip will be backwards compatible, but will be deliberately not forwards-compatible. It allows the downloading of a new driver with no problems, but it protects against bugs in one years's driver OS from being used against future SoPECs. Note that the phasing in of a new OS doesn't have to be at the same time as the hardware.
  • the new OS can come in 3 months before the hardware that it supports.
  • the OEM must not ship the older driver with the newer SoPECs, for the old driver will not work on the newer SoPECs. Basically once the OEM has received the new driver, they should use that driver for all SoPEC systems from that point on (old SoPECs will work with the new driver).
  • This date-limiting feature would most likely be using a field in the ComCo specified operating parameters, so it allows the SoPEC to use date-checking in addition to additional QA Chip related parameter checking (such as the OEM's PrintEngineLicenseId etc).
  • a variant on this theme is a date-window, where a start-date and end-date are specified (as relating to SoPEC manufacture, not date of use).
  • Operating parameters need to be considered in terms of Manufacturer/owner operating parameters and OEM operating parameters. Both sets of operating parameters are stored on the PRINTER_QA chip (physically located inside the printer). This allows the printer to maintain parameters regardless of being moved to different computers, or a loss/replacement of host O/S drivers etc.
  • memory vector M 0 contains the upgradable operating parameters
  • memory vectors M 1+ contains any constant (non-upgradable) operating parameters.
  • the PRINTER_QA chip therefore contains the following symmetric keys:
  • K 0 is used to solve problem (a). It is only used to authenticate the actual upgrades of the operating parameters.
  • K 1 is used by SoPEC to solve problem (b). It is used to authenticate reads of data (i.e. the operating parameters) from PRINTER_QA.
  • K 1 never needs to be known by anyone except the SoPEC and PRINTER_QA.
  • Each printing SoPEC in a multi-SoPEC system need access to a PRINTER_QA chip that contains the appropriate SoPEC_id_key to validate ink useage and operating parameters. This can be accomplished by a separate PRINTER_QA for each SoPEC, or by adding extra keys (multiple SoPEC_id_keys) to a single PRINTER_QA.
  • SoPEC_id_key Assuming that OEM program code controls the physical motor speed (different motors per OEM), then the PHI within the first (or only) front-page SoPEC can be programmed to accept (or generate) line sync pulses no faster than a particular rate. If line syncs arrived faster than the particular rate, the PHI would simply print at the slower rate. If the motor speed was hacked to be fast, the print image will appear stretched.
  • Manufacturer/owner operating parameters include such items as print speed, print quality etc. and are tied to a license provided to an OEM. These parameters are under Manufacturer/owner control.
  • the licensed Manufacturer/owner operating parameters are typically stored in the PRINTER_QA.
  • SoPEC_id_key a key in the ADDITIONAL_PRINTER_QA because:
  • K 0 is used to allow writes to the various fields containing operating parameters in the ADDITIONAL_PRINTER_QA.
  • the upgrader (ChipS) also needs to check the appropriate licensing parameters such as OEM_Id for validity.
  • K 1 is used to allow SoPEC to authenticate reads of the ink remaining and any other ink data. This is accomplished by having the same UseExtParmsLicense_key within PRINTER_QA (e.g. in K 2 ), also with no write permissions. i.e:
  • SoPEC has to do is do an authenticated read [6] from ADDITIONAL_PRINTER_QA, pass the data/signature to PRINTER_QA, let PRINTER_QA validate the data/signature, and get PRINTER_QA to produce a similar signature based on the shared SoPEC_id_key. It can do so using the Translate function. SoPEC can then compare PRINTER_QA's signature with its own calculated signature, and if the signatures match, the data from ADDITIONAL_PRINTER_QA must be valid, and can therefore be trusted. Once the data from ADDITIONAL_PRINTER_QA is known to be trusted, the various operating parameters such as OEM_Id can be checked for validity.
  • Tying a QA_CHIP to be used only on a specific SoPEC can be easily accomplished by writing the PRINTER_QA's chipId (unique serial number) into an appropriate M 0 field on the ADDITIONAL_PRINTER_QA.
  • the system software can detect the match and function appropriately. If there is no match, the software can ignore the data read from the ADDITIONAL_PRINTER_QA.
  • SoPEC_id_key in one of the keys within the dongle, this must be done in an environment where power will not be removed partway through the key update process (if power is removed during the key update there is a possibility that the dongle QA Chip may be rendered unusable, although this can be checked for after the power failure).
  • an OEM should only be able sell the licensed operating parameters for a given Print Engine, they must be able to assembly-line test 6 or service/test the Print Engine with a different set of operating parameters e.g. a maximally upgraded Print Engine. 6 This section is referring to assembly-line testing rather than development testing. An OEM can maximally upgrade a given Print Engine to allow developmental testing of their own OEM program code & mechanics.
  • the simplest solution is to use an ADDITIONAL_PRINTER_QA (i.e. special dongle PRINTER_QA).
  • the ADDITIONAL_PRINTER_QA would contain the operating parameters that maximally upgrade the printer as long as the dongle is connected to the SoPEC.
  • the exact connection may be directly electrical (e.g. via the standard QA Chip connections) or may be over the USB connection to the printer test host depending on the nature of the test.
  • the exact preferred connection is yet to be determined.
  • the ADDITIONAL_PRINTER_QA also requires a numberOfImpressions field inside M 0 , which is writeable by K 0 .
  • the SoPEC Before the SoPEC prints a page at the higher speed, it decrements the numberOfImpressions counter, performs an authenticated read to ensure the count was decremented, and then prints the page. In this way, the total number of pages that can be printed at high speed is reduced in the event of someone stealing the ADDITIONAL_PRINTER_QA device. It also means that multiple test machines can make use of the same ADDITIONAL_PRINTER_QA.
  • Manufacturer/owner O/S program code contains the OEM's asymmetric public key to ensure that the subsequent OEM program code is authentic—i.e. from the OEM.
  • SoPEC only contains a single root key, it is theoretically possible for different OEM's applications to be run identically physical Print Engines i.e. printer driver for OEM 1 run on an identically physical Print Engine from OEM 2 .
  • the Manufacturer/owner O/S program code contains a PrintEngineLicense_id code (e.g. 16 bits) that matches the same named value stored as a fixed operating parameter in the PRINTER_QA (i.e. in M 1+ ).
  • the value of PrintEngineLicense_id is stored in PRINTER_QA (and any ADDITIONAL_PRINTER_QA devices) at the same time as the other various PRINTER_QA customizations are being applied, before being shipped to the OEM site. In this way, the OEMs can be sure of differentiating themselves through software functionality.
  • the Manufacturer/owner O/S must perform ink authentication during prints. Ink usage authentication makes use of counters in SoPEC that keep an accurate record of the exact number of dots printed for each ink.
  • the ink amount remaining in a given cartridge is stored in that cartridge's INK_QA chip.
  • Other data stored on the INK_QA chip includes ink color, viscosity, Memjet firing pulse profile information, as well as licensing parameters such as OEM_Id, inkType, InkUsageLicense_Id, etc. This information is typically constant, and is therefore likely to be stored in M 1+ within INK_QA.
  • Print Engine operating parameters are validated by means of PRINTER_QA
  • a given Print Engine license may only be permitted to function with specifically licensed ink. Therefore the software on SoPEC could contain a valid set of ink types, colors, OEM_Ids, InkUsageLicense_Ids etc. for subsequent matching against the data in the INK_QA.
  • SoPEC must be able to authenticate reads from the INK_QA, both in terms of ink parameters as well as ink remaining.
  • K 0 is used to authenticate the actual upgrades of the amount of ink remaining (e.g. to fill and refill the amount of ink).
  • the fill and refill upgrader (ChipS) also needs to check the appropriate ink licensing parameters such as OEM_Id, InkType and InkUsageLicense_Id for validity.
  • K 1 is used to allow SoPEC to authenticate reads of the ink remaining and any other ink data. This is accomplished by having the same UseInkLicense_key within PRINTER_QA (e.g. in K 2 or K 3 ), also with no write permissions.
  • SoPEC has to do is do an authenticated read [6] from INK_QA, pass the data/signature to PRINTER_QA, let PRINTER_QA validate the data/signature and get PRINTER_QA to produce a similar signature based on the shared SoPEC_id_key (i.e. the Translate function [6]). SoPEC can then compare PRINTER_QA's signature with its own calculated signature (i.e. implement a Test function [6] in software on the SoPEC), and if the signatures match, the data from INK_QA must be valid, and can therefore be trusted.
  • an authenticated read [6] from INK_QA pass the data/signature to PRINTER_QA, let PRINTER_QA validate the data/signature and get PRINTER_QA to produce a similar signature based on the shared SoPEC_id_key (i.e. the Translate function [6]). SoPEC can then compare PRINTER_QA's signature with its own calculated signature (i.e. implement
  • the amount of ink remaining can be checked, and the other ink licensing parameters such as OEM_Id, InkType, InkUsageLicense_Id can be checked for validity.
  • the SoPEC performs the non-authenticated write of ink remaining to the INK_QA chip, and then performs an authenticated read of the data via the PRINTER_QA as per the pseudocode above. If the value is authenticated, and the INK_QA ink-remaining value matches the expected value, the count was correctly decremented and the printing can continue.
  • each SoPEC attached to a printhead must broadcast its ink usage to all the SoPECs. In this way, each SoPEC will have its own version of the expected ink usage.
  • a single SoPEC performs the update of ink remaining to the INK_QA chip, and then all SoPECs perform an authenticated read of the data via the appropriate PRINTER_QA (the PRINTER_QA that contains their matching SoPEC_id_key—remember that multiple SoPEC_id_keys can be stored in a single PRINTER_QA). If the value is authenticated, and the INK_QA value matches the expected value, the count was correctly decremented and the printing can continue.
  • SoPEC Since a typical maximum is 4 printing SoPECs, it requires at most 4 authenticated reads. This should be completed within 0.5 seconds, well within the 1-2 seconds/page print time. There must be a mapping of logical to physical since specific SoPECs are responsible for printing on particular physical parts of the page, and/or have particular devices attached to specific pins.
  • the identification process is mostly solved by general USB2 enumeration.
  • Each slave SoPEC will need to verify the boot broadcast messages received over USB2, and only execute the code if the signatures are valid. Several levels of authorization may occur. However, at some stage, this common program code (broadcast to all of the slave SoPECs and signed by the appropriate asymmetric private key) can, among other things, set the slave SoPEC's id relating to the physical location. If there is only 1 slave, the id is easy to determine, but if there is more than 1 slave, the id must be determined in some fashion. For example, physical location/id determination may be:
  • each INK_QA chip needs the following keys:
  • K 1 there may be more than one K 1 depending on the number of PRINTER_QA chips and SoPECs in a system. These keys need to be appropriately set up in the QA Chips before they will function correctly together.
  • the ComCo is responsible for making Print Engines out of Memjet printheads, QA Chips, PECs or SoPECs, PCBs etc.
  • the ComCo must customize the INK_QA chips and PRINTER_QA chip on-board the print engine before shipping to the OEM.
  • the ComCo is issued QID hardware by QACo that allows programming of the various keys (except for K 1 ) in a given QA Chip to the final values, following the standard ChipF/ChipP replace key (indirect version) protocol.
  • the indirect version of the protocol allows each QACo_ComCo_Key to be different for each SoPEC.
  • the fixed operating parameters can be written to by means of a non-authenticated writes to M 1+ via a QID, and permission bits set such that they are ReadOnly.
  • the upgradable operating parameters can only be written to after the QA Chips have been programmed with the correct keys. Once they contain the correct keys they can be programmed with appropriate operating parameters by means of a QID and an appropriate ChipS (containing matching keys).
  • the QA Chip has a physical and a logical external interface.
  • the physical interface defines how the QA Chip can be connected to a physical System, while the logical interface determines how that System can communicate with the QA Chip.
  • the QA Chip has four operating modes—Idle Mode, Program Mode, Trim Mode and Active Mode.
  • the QA Chip starts up in Idle Mode.
  • the Chip waits for a command from the master by watching the primary id on the serial line.
  • the valid 8-bit serial mode values sent after a global id are specified to minimize the chances of them occurring by error after a global id (e.g. 0xFF and 0x00 are not used): Trim Mode is enabled by sending a global id byte (0x00) followed by the Trim Mode command byte.
  • Trim Mode is to set the trim value (an internal register setting) of the internal ring oscillator so that Flash erasures and writes are of the correct duration. This is necessary due to the variation of the clock speed due to process variations. If writes an erasures are too long, the Flash memory will wear out faster than desired, and in some cases can even be damaged.
  • Trim Mode works by measuring the number of system clock cycles that occur inside the chip from the receipt of the Trim Mode command byte until the receipt of a data byte.
  • the data byte is copied to the trim register and the current value of the count is transmitted to the outside world.
  • the QA Chip returns to Idle Mode.
  • the internal trim register setting is set to a known value r.
  • the external user can now perform the following operations:
  • the trim register will be v, and the external user will know the relationship between external time t and internal time c. Therefore a new value for v can be calculated.
  • the Trim Mode procedure can be repeated a number of times, varying both t and v in known ways, measuring the resultant c.
  • the final value for v is established (and stored in the trim register for subsequent use in Program Mode).
  • This value v must also be written to the flash for later use (every time the chip is placed in Active Mode for the first time after power-up).
  • Program Mode is enabled by sending a global id byte (0x00) followed by the Program Mode command byte.
  • the QA Chip determines whether or not the internal fuse has been blown (by reading 32-bit word 0 of the information block of flash memory).
  • the chip enters Program Mode and erases the entire contents of Flash memory.
  • the QA Chip then validates the erasure. If the erasure was successful, the QA Chip receives up to 4096 bytes of data corresponding to the new program code and variable data. The bytes are transferred in order byte 0 to byte 4095 .
  • the LSS Master must wait for 80 s (the time taken to write two bytes to flash at nybble rates) before sending the new transaction (eg Active Mode). Otherwise the last nybbles may not be written to flash.
  • Active Mode is entered either by receiving a global id byte (0x00) followed by the Active Mode command byte, or by sending a local id byte followed by a command opcode byte and an appropriate number of data bytes representing the required input parameters for that opcode.
  • Active Mode causes execution of program code previously stored in the flash memory via Program Mode.
  • Program Mode we never enter Active Mode after Trim Mode, without a Program Mode in between.
  • a chip is allowed to enter Active Mode after power-up, since valid data will be in flash.
  • the QA Chip executes specific reset startup code, typically setting up the local id and other IO specific data. If Active Mode is entered by the local id mechanism, the QA Chip executes specific code depending on the following byte, which functions as an opcode.
  • the next four commands are the commands most likely to be used during regular operation.
  • the next three commands are used to provide authenticated writes (which are expected to be uncommon).
  • the final set of commands (including SignM), are expected to be specially implemented on ChipS and ChipF QA Chips only.
  • the input parameters are sent in the specified order, with each parameter being sent least significant byte first and most significant byte last.
  • Return (output) values are read in the same way—least significant byte first and most significant byte last.
  • the client must know how many bytes to retrieve.
  • the QA Chip will time out and return to Idle Mode if an incorrect number of bytes is provided or read.
  • the output bytes from one chip's command (the return values) can be fed directly as the input bytes to another chip's command.
  • An example of this is the RND and RD commands.
  • the output data from a call to RND on a trusted QA Chip does not have to be kept by the System. Instead, the System can transfer the output bytes directly to the input of the non-trusted QA Chip's RD command. The description of each command points out where this is so.
  • the memory within the QA Chip contains some non-volatile (Flash) memory to store the variables required by the authentication protocol. Note that since these variables are in Flash memory, writes should be minimized. The it is not a simple matter to write a new value to replace the old. Care must be taken with flash endurance, and speed of access. This has an effect on the algorithms used to change Flash memory based registers. For example, Flash memory should not be used as a shift register. A reset of the QA Chip has no effect on the non-volatile variables.
  • Flash non-volatile
  • the base operating system clock SysClk is generated internally from a ring oscillator (process dependant). Since the frequency varies with operating temperature and voltage, the clock is passed through a temperature-based clock filter before use. The frequency is built into the chip during manufacture, and cannot be changed. The frequency is in the range 7-14 MHz.
  • the QA Chip is implemented with a standard Flash manufacturing process. It is important that a Flash process be used to ensure that good endurance is achieved (parts of the Flash memory can be erased/written many times).
  • the operating clock of the chip should be generated internally. This can be conveniently accomplished by an internal ring oscillator. The length of the ring depends on the process used for manufacturing the chip.
  • the clock needs to be trimmed to bring it into a range usable for timing of Flash memory writes and erases.
  • the internal clock should also contain a small amount of randomization to prevent attacks where light emissions from switching events are captured, as described below.
  • the generated clock must be passed through a temperature-based clock filter before being used by the rest of the chip.
  • the resultant power-ground short circuit causes a temporary increase in the current, and in fact accounts for around 20% of current consumed by a CMOS device.
  • a small amount of infrared light is emitted during the short circuit, and can be viewed through the silicon substrate (silicon is transparent to infrared light).
  • a small amount of light is also emitted during the charging and discharging of the transistor gate capacitance and transmission line capacitance. For circuitry that manipulates secret key information, such information must be kept hidden.
  • Randomizing the clock stops repeatability (from the point of view of collecting information about the same position in time), and therefore reduces the possibility of this attack.
  • the QA Chip circuitry is designed to operate within a specific clock speed range. Although the clock is generated by an internal ring oscillator, the speed varies with temperature and power. Since the user supplies the temperature and power, it is possible for an attacker to attempt to introduce race-conditions in the circuitry at specific times during processing. An example of this is where a low temperature causes a clock speed higher than the circuitry is designed for, and this may prevent an XOR from working properly, and of the two inputs, the first may always be returned. The lesson to be learned from this is that the input power and operating temperature cannot be trusted.
  • the chip contains a specific power filter, we must also filter the clock. This can be achieved with a temperature sensor that allows the clock pulses through only when the temperature range is such that the chip can function correctly.
  • the filtered clock signal would be further divided internally as required.
  • Each QA Chip should contain a noise generator that generates continuous circuit noise.
  • the noise will interfere with other electromagnetic emissions from the chip's regular activities and add noise to the Idd signal. Placement of the noise generator is not an issue on an QA Chip due to the length of the emission wavelengths.
  • the noise generator is used to generate electronic noise, multiple state changes each clock cycle, and as a source of pseudo-random bits for the Tamper Prevention and Detection circuitry.
  • a simple implementation of a noise generator is a 64-bit maximal period LFSR seeded with a non-zero number.
  • a set of circuits is required to test for and prevent physical attacks on the QA Chip. However what is actually detected as an attack may not be an intentional physical attack. It is therefore important to distinguish between these two types of attacks in an QA Chip:
  • the two types of detection differ in what is performed as a result of the detection.
  • erasure of flash memory key information is a sensible action.
  • the circuitry cannot be sure if an attack has occurred, there is still certainly something wrong. Action must be taken, but the action should not be the erasure of secret key information.
  • a suitable action to take in the second case is a chip RESET. If what was detected was an attack that has permanently damaged the chip, the same conditions will occur next time and the chip will RESET again. If, on the other hand, what was detected was part of the normal operating environment of the chip, a RESET will not harm the key.
  • a good example of an event that circuitry cannot have knowledge about is a power glitch.
  • the glitch may be an intentional attack, attempting to reveal information about the key. It may, however, be the result of a faulty connection, or simply the start of a powerdown sequence. It is therefore best to only RESET the chip, and not erase the key. If the chip was powering down, nothing is lost. If the System is faulty, repeated RESETs will cause the consumer to get the System repaired. In both cases the consumable is still intact.
  • a good example of an event that circuitry can have knowledge about is the cutting of a data line within the chip. If this attack is somehow detected, it could only be a result of a faulty chip (manufacturing defect) or an attack. In either case, the erasure of the secret information is a sensible step to take.
  • each QA Chip should have 2 Tamper Detection Lines—one for definite attacks, and one for possible attacks. Connected to these Tamper Detection Lines would be a number of Tamper Detection test units, each testing for different forms of tampering. In addition, we want to ensure that the Tamper Detection Lines and Circuits themselves cannot also be tampered with.
  • the Tamper Detection Line is a source of pseudo-random bits (clocking at high speed compared to the general operating circuitry).
  • the Noise Generator circuit described above is an adequate source.
  • the generated bits pass through two different paths—one carries the original data, and the other carries the inverse of the data.
  • the wires carrying these bits are in the layer above the general chip circuitry (for example, the memory, the key manipulation circuitry etc.).
  • the wires must also cover the random bit generator.
  • the bits are recombined at a number of places via an XOR gate. If the bits are different (they should be), a 1 is output, and used by the particular unit (for example, each output bit from a memory read should be ANDed with this bit value).
  • FIG. 23 illustrates the basic principle of a Tamper Detection Line in terms of tests and the XOR connected to either the Erase or RESET circuitry.
  • the Tamper Detection Line must go through the drain of an output transistor for each test, as illustrated by FIG. 24 .
  • FIG. 25 illustrates the taking of multiple XORs from the Tamper Detect Line to be used in the different parts of the chip. Each of these XORs can be considered to be generating a ChipOK bit that can be used within each unit or sub-unit.
  • a typical usage would be to have an OK bit in each unit that is ANDed with a given ChipOK bit each cycle.
  • the OK bit is loaded with 1 on a RESET. If OK is 0, that unit will fail until the next RESET. If the Tamper Detect Line is functioning correctly, the chip will either RESET or erase all key information. If the RESET or erase circuitry has been destroyed, then this unit will not function, thus thwarting an attacker.
  • the destination of the RESET and Erase line and associated circuitry is very context sensitive. It needs to be protected in much the same way as the individual tamper tests. There is no point generating a RESET pulse if the attacker can simply cut the wire leading to the RESET circuitry. The actual implementation will depend very much on what is to be cleared at RESET, and how those items are cleared.
  • FIG. 26 shows how the Tamper Lines cover the noise generator circuitry of the chip.
  • the generator and NOT gate are on one level, while the Tamper Detect Lines run on a level above the generator.
  • Flash memory and RAM must be protected from an attacker who would attempt to modify (or set) a particular bit of program code or key information.
  • the mechanism used must conform to being used in the Tamper Detection Circuitry (described above).
  • the first part of the solution is to ensure that the Tamper Detection Line passes directly above each flash or RAM bit. This ensures that an attacker cannot probe the contents of flash or RAM.
  • a breach of the covering wire is a break in the Tamper Detection Line. The breach causes the Erase signal to be set, thus deleting any contents of the memory.
  • the high frequency noise on the Tamper Detection Line also obscures passive observation.
  • the second part of the solution for flash is to always store the data with its inverse.
  • 4 bits contains the data
  • 4 bits (the shadow) contains the inverse of the data. If both are 0, this is a valid erase state, and the value is 0. Otherwise, the memory is only valid if the 4 bits of shadow are the inverse of the main 4 bits.
  • the reasoning is that it is possible to add electrons to flash via a FIB, but not take electrons away. If it is possible to change a 0 to 1 for example, it is not possible to do the same to its inverse, and therefore regardless of the sense of flash, an attack can be detected.
  • the second part of the solution for RAM is to use a parity bit.
  • the data part of the register can be checked against the parity bit (which will not match after an attack).
  • the bits coming from Flash and RAM can therefore be validated by a number of test units (one per bit) connected to the common Tamper Detection Line.
  • the Tamper Detection circuitry would be the first circuitry the data passes through (thus stopping an attacker from cutting the data lines).
  • every flash location is read before performing any program code. This allows the flash tamper detection to be activated in a common spot instead of when the data is actually used or program code executed. This reduces the ability of an attacker to know exactly what was written to.
  • Program code should be kept in protected flash instead of ROM, since ROM is subject to being altered in a non-testable way.
  • a boot-strap mechanism is therefore required to load the program code into flash memory (flash memory is in an indeterminate state after manufacture).
  • the boot-strap circuitry must not be in a ROM—a small state-machine suffices. Otherwise the boot code could be trivially modified in an undetectable way.
  • the boot-strap circuitry must erase all flash memory, check to ensure the erasure worked, and then load the program code.
  • the program code should only be executed once the flash program memory has been validated via Program Mode.
  • a fuse can be blown to prevent further programming of the chip.
  • connections along which the key or secret data flows should be made in the polysilicon layers. Where necessary, they can be in metal 1, but must never be in the top metal layer (containing the Tamper Detection Lines).
  • Each QA Chip requires an OverUnder Power Detection Unit (PDU) to prevent Power Supply Attacks.
  • PDU detects power glitches and tests the power level against a Voltage Reference to ensure it is within a certain tolerance.
  • the Unit contains a single Voltage Reference and two comparators. The PDU would be connected into the RESET Tamper Detection Line, thus causing a RESET when triggered.
  • a side effect of the PDU is that as the voltage drops during a power-down, a RESET is triggered, thus erasing any work registers.
  • Test hardware on an QA Chip could very easily introduce vulnerabilities.
  • test hardware such as scan paths and BIST units could in fact take a sizeable chunk of the final chip, lowering yield and causing a situation where an error in the test hardware causes the chip to be unusable.
  • the QA Chip should not contain any BIST or scan paths. Instead, the program memory must first be validated via the Program Mode mechanism, and then a series of program tests run to verify the remaining parts of the chip.
  • FIG. 27 shows a high level block diagram of the QA Chip. Note that the tamper prevention and detection circuitry is not shown.
  • FIG. 28 shows a block diagram of the Analogue Unit.
  • the operating clock of the chip (SysClk) is generated by an internal ring oscillator whose frequency can be trimmed to reduce the variation from 4:1 (due to process and temperature) down to 2:1 (temperature variations only) in order to satisfy the timing requirements of the Flash memory.
  • the length of the ring depends on the process used for manufacturing the chip. A nominal operating frequency range of 10 MHz is sufficient. This clock should contain a small amount of randomization to prevent attacks where light emissions from switching events are captured.
  • the ring oscillator is covered by both Tamper Detection and Prevention lines so that if an attacker attempts to tamper with the unit, the chip will either RESET or erase all secret information.
  • the voltage reference block maintains an output which is substantially independent of process, supply voltage and temperature. It provides a reference voltage which is used by the PDU and a reference current to stabilise the ring oscillator. It may also be used as part of the temperature based clock filter.
  • the Under Voltage Detection Unit provides the signal PwrFailing which, if asserted, indicates that the power supply may be turning off. This signal is used to rapidly terminate any Flash write that may be in progress to avoid accidentally writing to an indeterminate memory location.
  • the PDU triggers the RESET Tamper Detection Line only. It does not trigger the Erase Tamper Detection Line.
  • the PDU can be implemented with regular CMOS, since the key does not pass through this unit. It does not have to be implemented with non-flashing CMOS.
  • the PDU is covered by both Tamper Detection and Prevention lines so that if an attacker attempts to tamper with the unit, the chip will either RESET or erase all secret information.
  • the Power-on Reset unit detects a power-on condition and generates the PORstL signal that is fed to all the validation units, including the two inside the Tamper Detect Unit (TDU).
  • the Noise Generator is based on a 64-bit maximal period LFSR loaded with a set non-zero bit pattern on RESET.
  • the NG must be protected by both Tamper Detection and Prevention lines so that if an attacker attempts to tamper with the unit, the chip will either RESET or erase all secret information.
  • the bits in the LFSR must be validated to ensure they have not been tampered with (i.e. a parity check). If the parity check fails, the Erase Tamper Detection Line is triggered.
  • the 8-bit Trim register within the Trim Unit has a reset value of 0x00 (to enable the flash reads to succeed even in the fastest process corners), and is written to either by the PMU during Trim Mode or by the CPU in Active Mode. Note that the CPU is only able to write once to the Trim register between power-on-reset due to the TrimDone flag which provides overloading of LocalIdWE.
  • the reset value of Trim (0) means that the chip has a nominal frequency of 2.7 MHz-10 MHz.
  • the upper of the range is when we cannot trim it lower than this (or we could allow some spread on the acceptable trimmed frequency but this will reduce our tolerance to ageing, voltage and temperature which is the range 7 MHz to 14 MHz).
  • the frequency of the ring oscillator is measured by counting cycles 7 , in the PMU, over the byte period of the serial interface.
  • the frequency of the serial clock, SClk, and therefore the byte period will be accurately controlled during the measurement.
  • the cycle count (Fineas) at the end of the period is read over the serial bus and the Trim register updated (Trimval) from its power on default (POD) value.
  • the steps are shown in FIG. 29 .
  • Multiple measure—read—trim cycles are possible to improve the accuracy of the trim procedure. 7 Note that the PMU counts using 12-bits, saturates at 0xFFF, and returns the cycle count divided by 2 as an 8-bit value. This means that multiple measure-read-trim cycles may be necessary to resolve any amibguity. In any case, multiple cycles are necessary to test the correctness of the trim circuitry during manufacture test.
  • a single byte for both Fineas and Trimval provide sufficient accuracy for measurement and trimming of the frequency. If the bus operates at 400 kHz, a byte (8 bits) can be sent in 20 s. By dividing the maximum oscillator frequency, expected to be 20 MHz, by 2 results in a cycle count of 200 and 50 for the minimum frequency of 5 MHz resulting in a worst case accuracy of 2%.
  • FIG. 30 shows a block diagram of the Trim Unit:
  • the 8-bit Trim value is used in the analog Trim Block to adjust the frequency of the ring oscillator by controlling its bias current.
  • the two lsbs are used as a voltage trim, and the 6 msbs are used as a frequency trim.
  • the Central Processing Unit (CPU) block provides the majority of the circuitry of the 4-bit microprocessor.
  • FIG. 31 shows a high level view of the block.
  • the Memory Interface Unit provides the interface to flash and RAM.
  • the MIU contains a Program Mode Unit that allows flash memory to be loaded via the IOU, a Memory Request Unit that maps 8-bit and 32-bit requests into multiple byte based requests, and a Memory Access Unit that generates read/write strobes for individual accesses to the memory.
  • FIG. 32 shows a high level view of the MIU block.
  • the Memory Components block isolates the memory implementation from the rest of the QA Chip.
  • the 8-bit wide RAM also needs to be parity-checked.
  • FIG. 33 shows a high level view of the Memory Components block. It consists of 8 KBytes of flash memory and 3072 bits of parity checked RAM.
  • Flash memory block is used to hold all non-volatile data. This includes program code and variables.
  • the Flash memory block is implemented by TSMC component SFC0008 — 08B9_HE, which has the following characteristics:
  • the FlashCtrl line are the various inputs on the SFC0008 — 08B9_HE required to read and write bytes, erase pages and erase the device. A total of 9 bits are required.
  • Flash values are unchanged by a RESET. After manufacture, the Flash contents must be considered to be garbage. After an erasure, the Flash contents in the SFC0008 — 08B9_HE is all 1s.
  • the I/O Unit (IOU) is responsible for providing the physical implementation of the logical interface moving between the various modes (Idle, Program, Trim and Active) according to commands sent by the master.
  • the IOU therefore contains the circuitry for communicating externally with the external world via the SClk and SDa pins.
  • the IOU sends and receives data in 8-bit chunks. Data is sent serially, most significant bit (bit 7 ) first through to least significant bit (bit 0 ) last.
  • bit 7 most significant bit
  • bit 0 least significant bit
  • the command commences with a single byte containing an id in bits 7 - 1 , and a read/write sense in bit 0 , as shown in FIG. 34 .
  • the IOU recognizes a global id of 0x00 and a local id of LocalId (set after the CPU has executed program code at reset or due to a global id/ActiveMode command on the serial bus). Subsequent bytes contain modal information in the case of global id, and command/data bytes in the case of a match with the local id.
  • the master If the master sends data too fast, then the IOU will miss data, since the IOU never holds the bus. The meaning of too fast depends on what is running. In Program Mode, the master must send data a little slower than the time it takes to write the byte to flash (actually written as 2 ⁇ 8-bit writes, or 40 s). In ActiveMode, the master is permitted to send and request data at rates up to 500 KHz.
  • the IOU outputs 0s and inputs 0s if either of the Tamper Detection Lines is broken. This will only come into effect if an attacker has disabled the RESET and/or erase circuitry, since breaking either Tamper Detection Lines should result in a RESET or the erasure of all Flash memory.
  • IOU's InByte, InByteValid, OutByte, and OutByteValid registers are used for communication between the master and the QA Chip.
  • InByte and InByteValid provide the means for clients to pass commands and data to the QA Chip.
  • OutByte and OutByteValid provide the means for the master to read data from the QA Chip.
  • FIG. 35 shows a block diagram of the IOU.
  • InByteValid inputs set has priority over reset, although both set and reset in correct operation should never be asserted at the same time.
  • IOSetInByte and IOLoadInByte if IOSetInByte is asserted, it will set InByte to be 0xFF regardless of the setting of IOLoadInByte.
  • the two VAL units are validation units connected to the Tamper Prevention and Detection circuitry, each with an OK bit.
  • the OK bit is set to 1 on PORstL, and ORed with the ChipOK values from both Tamper Detection Lines each cycle.
  • the OK bit is ANDed with each data bit that passes through the unit.
  • the effective byte output from the chip will always be 0 if the chip has been tampered with. Thus no useful output can be generated by an attacker.
  • the effective byte input to the chip will always be 0 if the chip has been tampered with. Thus no useful input can be chosen by an attacker.
  • the current mode of the IOU is output as a 2-bit IOMode to allow the other units within the QA Chip to take correct action.
  • the Logic blocks generate a 1 if the current IOMode is in Program Mode, Active Mode or Trim Mode respectively.
  • the logic blocks are:
  • the Program Counter Unit includes the 12 bit PC (Program Counter), as well as logic for branching and subroutine control.
  • the PCU latches need to be parity-checked.
  • the logic and registers contained in the PCU must be covered by both Tamper Detection Lines to ensure that the PC cannot be changed by an attacker.
  • the PC is implemented as a 12 entry by 12-bit PCA (PC Array), indexed by a 4-bit SP (Stack Pointer) register.
  • PCA PC Array
  • SP Stack Pointer
  • the current value for the PC is normally updated during the Execute cycle according to the command being executed. However it is also incremented by 1 during the Fetch cycle for two byte instructions such as JMP, JSR, DBR, TBR, and instructions that require an additional byte for immediate addressing.
  • the mechanism for calculating the new PC value depends upon the opcode being processed.
  • FIG. 41 shows a block diagram of the PCU:
  • the signed input is either a constant of 0x01, or an 8-bit offset (the 8 bits from the MIU).
  • the “+1” block takes a 4-bit input and increments it by 1 (modulo 12).
  • the “ ⁇ 1” block takes a 4-bit input and decrements it by 1 (modulo 12).
  • the Address Generator Unit generates effective addresses for accessing the Memory Unit (MU).
  • the PC is passed through to the MU in order to fetch the next opcode.
  • the AGU interprets the returned opcode in order to generate the effective address for Cycle 1.
  • the generated address is passed to the MU.
  • the logic and registers contained in the AGU must be covered by both Tamper Detection Lines. This is to ensure that an attacker cannot alter any generated address.
  • the latches for the counters and calculated address should also be parity-checked.
  • the AGU will generate address 0 each cycle and all counters will be fixed at 0. This will only come into effect if an attacker has disabled the RESET and/or erase circuitry, since under normal circumstances, breaking a Tamper Detection Line will result in a RESET or the erasure of all Flash memory.
  • FIG. 42 The block diagram for the AGU is shown in FIG. 42 :
  • the accessMode and WriteMask registers must be cleared to 0 on reset to ensure that no access to memory occurs at startup of the CPU.
  • the accessMode register is also updated in the same way.
  • the WriteMask register is only ever written to during execution of an appropriate ROR instruction. Logic, sets the WriteMask and MMR WriteEnables respectively based on this condition:
  • the data written to the WriteMask register is the lower 8 bits of the Accumulator.
  • the Address Register Unit is only updated by an RIA or LIA instruction, so the writeEnable is generated by Logic 2 as follows:
  • the Counter Unit (CU) generates counters C 1 , C 2 and the selected N index. In addition, the CU outputs a CZ flag for use by the PCU.
  • the CU is described in more detail below.
  • the VAL 1 unit is a validation unit connected to the Tamper Prevention and Detection circuitry). It contains an OK bit that is set to 1 on PORstL, and ORed with the ChipOK values from both Tamper Detection Lines each cycle. The OK bit is ANDed with the 12 bits of Adr before they can be used. If the chip has been tampered with, the address output will be always 0, thereby preventing an attacker from accessing other parts of memory.
  • the VAL 1 unit also performs a parity check on the Adr Address bits to ensure it has not been tampered with. If the parity-check fails, the Erase Tamper Detection Line is triggered.
  • the Program Mode Unit (PMU) is responsible for Program Mode and Trim Mode operations:
  • the PMU relies on a fuse (implemented as the value of word 0 of the flash information block) to determine whether it is allowed to perform Program Mode operations.
  • the purpose of this fuse is to prevent easy (or accidental) reprogramming of QA Chips once their purpose has been set. For example, an attacker may want to reuse chips from old consumables. If an attacker somehow bypasses the fuse check, the PMU will still erase all of flash before storing the desired program. Even if the attacker somehow disconnects the erasure logic, they will be unable to store a program in the flash due to the shadow nybbles.
  • the PMU contains an 8-bit buff register that is used to hold the byte being written to flash and a 12-bit adr register that is used to hold the byte address currently being written to.
  • the PMU is also used to load word 1 of the information block into a 32-bit register (combined from 8-bits of buff, 12-bits of adr, and a further 12-bit register) so it can be used to XOR all data to and from memory (both Flash and RAM) for future CPU accesses.
  • This logic is activated only when the chip enters ActiveMode (so as not to access flash and possibly cause an erasure directly after manufacture since shadows will not be correct).
  • the logic and 32-bit mask register is in the PMU to minimize chip area.
  • the PMU therefore has an asymmetric access to flash memory:
  • the reads and writes are automatically directed appropriately in the MRU.
  • FIG. 44 A block diagram of the PMU is shown in FIG. 44 .
  • the Memory Access Unit takes memory access control signals and turns them into RAM accesses and flash access strobed signals with appropriate duration.
  • MRUNewTrans A new transaction is given by MRUNewTrans.
  • the address to be read from or written to is on MRUAdr, which is a nybble-based address.
  • the MRUAdr (13-bits) is used as-is for Flash addressing.
  • RAMAdr the RAM address
  • the data to be written is on MRUData.
  • the return value MAURdy is set when the MAU is capable of receiving a new transaction the following cycle.
  • MAURdy will be 1 during the final cycle of a flash or ram access, and should be 1 when the MAU is idle.
  • MAURdy should only be 0 during startup or when a transaction has yet to finish.
  • the MAU consists of logic that calculates MAURdy, and additional logic that produces the various strobed signals according to the TSMC Flash memory SFC0008 — 08B9_HE. Both main memory and information blocks can be accessed in the Flash.
  • the MAU can be considered to be a RAM control block and a flash control block, with appropriate action selected by MRURAMSel.
  • the Flash requires wait states (which are implemented with a single counter) during which it is possible to access the RAM. Only 1 transaction may be pending while waiting for the wait states to expire. Multiple bytes may be written to Flash without exiting the write mode.
  • the MAU ensures that only valid control sequences meeting the timing requirements of the Flash memory are provided.
  • a write time-out is included which ensures the Flash cannot be left in write mode indefinitely; this is used when the Flash is programmed via the IO Unit to ensure the X address does not change while in write mode. Otherwise, other units should ensure that when writing bytes to Flash, the X address does not change.
  • the X address is held constant by the MAU during write and page erase modes to protect the Flash. If an X address change is detected by the MAU during a Flash write sequence, it will exit write mode allowing the X address to change and re-enter write mode. Thus, the data will still be written to Flash but it will take longer.
  • the MAU sets the control signals to put the particular memory type into standby to minimise power consumption.
  • the MAU assumes no new transactions can start while one is in progress and all inputs must remain constant until MAU is ready.
  • the MAU will protect the Flash by switching off the charge pump (high voltage supply used for programming and erasing) as soon as the power starts to fail. After a time delay of about 5 s (programmable), to allow the discharge of the charge pump, the QA chip will be reset whether or not the power supply recovers.
  • the analogue unit provides power on reset, protection of the Flash memory against erroneous writes during power down (in conjunction with the MAU) and the system clock SysClk.
  • the table below shows the key thresholds for V DD which define the requirements for power on reset and normal operation.
  • VDD limits VDD parameter Description Voltage VDDFTmax Flash test maximum 3.6 8 VDDFTtyp Flash test typical 3.3 VDDFTmin Flash test minimum 3.0 VDDmax Normal operation maximum (typ + 10%) 2.75 9 VDDtyp Normal operation typical 2.5 VDDmin Normal operation minimum (typ ⁇ 5%) 2.375 VDDPORmax Power on reset maximum 2.0 10 8 The voltage VDDFT may only be applied for the times specified in the TSMC Flash memory test document. 9 Voltage regulators used to derive VDD will typically have symmetric tolerance limits 10 The minimum allowable voltage for Flash memory operation.
  • the power detection unit provides over and under voltage detection. With under voltage detection two outputs are required:
  • Both signals are derived by comparing scaled versions of V DD against the reference voltage V bg .
  • V DD (from the external power supply) shall be monotonic in order to guarantee correct operation of power on reset and power failing detection. Random noise may be present but should have a peak to peak amplitude of less than the hysteresis of the comparators used for detection in the PDU.
  • the underL signal of the under voltage detection unit generates the global reset to the logic which should be de-asserted when the supply voltage is high enough for the logic and analogue circuits to operate. Since the logic reset is asynchronous, it is not necessary to ensure the clock is active before releasing the reset or to include any delay.
  • the QA chip logic will start immediately the power on reset is released so this should only be done when the conditions of supply voltage and clock frequency are within limits for the correct operation of the logic.
  • the power on reset signal shall not be triggered by narrow spikes ( ⁇ 100 ns) on the power supply. Some immunity should be provided to power supply glitches although since the QA chip may be under attack, any reset delay should be kept short.
  • the unit should not be triggered by logic dynamic current spikes resulting in short voltage spikes due to bond wire and package inductance.
  • the maximum threshold for de-asserting the signal shall be when V DD >V DDmin .
  • the minimum threshold for asserting the signal shall be V DD ⁇ V DDPORmax .
  • the reset signal must be held low long enough (T pwmin ) to ensure all flip-flops are reset.
  • T pwmin The standard cell data sheet gives a figure of 0.73 ns for the minimum width of the reset pulse for all flip-flop types.
  • V DD voltage that can be trimmed (which gives the maximum hysterisis). This voltage should be recorded (or it may be sufficient to estimate it from the reset release voltage recorded above).
  • V DD is then increased above the reset release threshold and the PDU trim adjusted to the setting the closest to V DDPORmaX .
  • V DD should then be lowered and the threshold at which the reset is re-asserted confirmed.
  • the signal PwrFailing will be used to protect the Flash memory by turning off the charge pump during a write or page erase if the supply voltage drops below a certain threshold.
  • the charge pump is expected to take about 5us to discharge.
  • the PwrFailing signal shall be protected against narrow spikes ( ⁇ 100 ns) on the power supply.
  • V DD slew rate limitation which must be ⁇ 200 mV/5 us to ensure enough time to detect that power is failing before the supply drops too low and the reset is activated. This requirement must be met in the application by provision of adequate supply decoupling or other means to control the rate of descent of V DD .
  • SysClk is required to be in the range 7-14 MHz throughout the lifetime of the circuit provided V DD is maintained within the range V DDMIN ⁇ V DD ⁇ V DDMAX .
  • the 2:1 range is derived from the programming time requirements of the TSMC Flash memory. If this range is exceeded, the useful lifetime of the Flash may be reduced.
  • the first version of the QA chip does not require the addition of random jitter to the clock.
  • the ring oscillator be designed in such a way as to allow for the addition of jitter later on with minimal modification. In this way, the un-trimmed centre frequency would not be expected to change.
  • the initial frequency error must be reduced to remain within the range 10 MHz/1.41 to 10 MHz ⁇ 1.41 allowing for variation in:
  • the range budget must be partitioned between these variables.
  • FIG. 49 shows the ring oscillator block diagram
  • SysClk is derived by dividing the oscillator frequency by 5 which makes the oscillator smaller and allows the duty cycle of the clock to be better controlled.
  • this block sources a current that can be programmed by the Trim signal. 6 of the available 8 trim bits will be used (trim 7-2 ) giving a clock adjustment resolution of about 250 kHz.
  • the range of current should be such that the ring oscillator frequency can be adjusted over a 4 to 1 range.
  • K VDD will give rise to a maximum variation of ⁇ 50 kHz and K T to ⁇ 1.8 MHz over the specified range of V DD and temperature.
  • the ring oscillator will be prescaled by 5 to obtain the nominal 10 MHz clock.
  • An asynchronous design may be used to save power.
  • Several divided clock duty cycles are obtainable, eg 4:1, 3:2 etc.
  • the following clock will be generated; most flip-flops will operate on the rising edge of the clock allowing negative edge clocking to meet memory timing.
  • This block combines the overL (omitted from the current version), underL and MAURstOutL signals to provide the global reset.
  • MAURstOutL is delayed by one clock cycle to ensure a reset generated when this signal is asserted has at least this duration since the reset deasserts the signal itself. It should be noted that the register, with active low reset RN, is the only one in the QA chip not connected to RstL.

Abstract

An integrated circuit is provided having a memory storing first and second strings of bit values, each bit value in the second string being the logical inverse of a bit value at a corresponding bit position in the first string, and a processor configured to test whether the bit values of the second string are the inverse of the bit values at respective corresponding bit positions of the first string by combining the corresponding bits of the first and second strings.

Description

    CROSS REFERENCE TO RELATED APPLICATION
  • This application is a continuation of U.S. application Ser. No. 10/727,159 filed Dec. 2, 2003 all of which are herein incorporated by reference.
  • FIELD OF INVENTION
  • The present invention relates to securing an integrated circuit against certain forms of security attacks.
  • The invention has primarily been developed for use in chips used in a printer system to authenticate communications between, for example, a printer controller and other peripheral devices such as ink cartridges. However, it will be appreciated that the invention can be applied to integrated circuits in other fields in which analogous problems are faced.
  • BACKGROUND OF INVENTION
  • Manufacturing a printhead that has relatively high resolution and print-speed raises a number of problems.
  • Difficulties in manufacturing pagewidth printheads of any substantial size arise due to the relatively small dimensions of standard silicon wafers that are used in printhead (or printhead module) manufacture. For example, if it is desired to make an 8 inch wide pagewidth printhead, only one such printhead can be laid out on a standard 8-inch wafer, since such wafers are circular in plan. Manufacturing a pagewidth printhead from two or more smaller modules can reduce this limitation to some extent, but raises other problems related to providing a joint between adjacent printhead modules that is precise enough to avoid visible artifacts (which would typically take the form of noticeable lines) when the printhead is used. The problem is exacerbated in relatively high-resolution applications because of the tight tolerances dictated by the small spacing between nozzles.
  • The quality of a joint region between adjacent printhead modules relies on factors including a precision with which the abutting ends of each module can be manufactured, the accuracy with which they can be aligned when assembled into a single printhead, and other more practical factors such as management of ink channels behind the nozzles. It will be appreciated that the difficulties include relative vertical displacement of the printhead modules with respect to each other.
  • Whilst some of these issues may be dealt with by careful design and manufacture, the level of precision required renders it relatively expensive to manufacture printheads within the required tolerances. It would be desirable to provide a solution to one or more of the problems associated with precision manufacture and assembly of multiple printhead modules to form a printhead, and especially a pagewidth printhead.
  • In some cases, it is desirable to produce a number of different printhead module types or lengths on a substrate to maximise usage of the substrate's surface area. However, different sizes and types of modules will have different numbers and layouts of print nozzles, potentially including different horizontal and vertical offsets. Where two or more modules are to be joined to form a single printhead, there is also the problem of dealing with different seam shapes between abutting ends of joined modules, which again may incorporate vertical or horizontal offsets between the modules. Printhead controllers are usually dedicated application specific integrated circuits (ASICs) designed for specific use with a single type of printhead module, that is used by itself rather than with other modules. It would be desirable to provide a way in which different lengths and types of printhead modules could be accounted for using a single printer controller.
  • Printer controllers face other difficulties when two or more printhead modules are involved, especially if it is desired to send dot data to each of the printheads directly (rather than via a single printhead connected to the controller). One concern is that data delivered to different length controllers at the same rate will cause the shorter of the modules to be ready for printing before any longer modules. Where there is little difference involved, the issue may not be of importance, but for large length differences, the result is that the bandwidth of a shared memory from which the dot data is supplied to the modules is effectively left idle once one of the modules is full and the remaining module or modules is still being filled. It would be desirable to provide a way of improving memory bandwidth usage in a system comprising a plurality of printhead modules of uneven length.
  • In any printing system that includes multiple nozzles on a printhead or printhead module, there is the possibility of one or more of the nozzles failing in the field, or being inoperative due to manufacturing defect. Given the relatively large size of a typical printhead module, it would be desirable to provide some form of compensation for one or more “dead” nozzles. Where the printhead also outputs fixative on a per-nozzle basis, it is also desirable that the fixative is provided in such a way that dead nozzles are compensated for.
  • A printer controller can take the form of an integrated circuit, comprising a processor and one or more peripheral hardware units for implementing specific data manipulation functions. A number of these units and the processor may need access to a common resource such as memory. One way of arbitrating between multiple access requests for a common resource is timeslot arbitration, in which access to the resource is guaranteed to a particular requester during a predetermined timeslot.
  • One difficulty with this arrangement lies in the fact that not all access requests make the same demands on the resource in terms of timing and latency. For example, a memory read requires that data be fetched from memory, which may take a number of cycles, whereas a memory write can commence immediately. Timeslot arbitration does not take into account these differences, which may result in accesses being performed in a less efficient manner than might otherwise be the case. It would be desirable to provide a timeslot arbitration scheme that improved this efficiency as compared with prior art timeslot arbitration schemes.
  • Also of concern when allocating resources in a timeslot arbitration scheme is the fact that the priority of an access request may not be the same for all units. For example, it would be desirable to provide a timeslot arbitration scheme in which one requestor (typically the memory) is granted special priority such that its requests are dealt with earlier than would be the case in the absence of such priority.
  • In systems that use a memory and cache, a cache miss (in which an attempt to load data or an instruction from a cache fails) results in a memory access followed by a cache update. It is often desirable when updating the cache in this way to update data other than that which was actually missed. A typical example would be a cache miss for a byte resulting in an entire word or line of the cache associated with that byte being updated. However, this can have the effect of tying up bandwidth between the memory (or a memory manager) and the processor where the bandwidth is such that several cycles are required to transfer the entire word or line to the cache. It would be desirable to provide a mechanism for updating a cache that improved cache update speed and/or efficiency. Most integrated circuits an externally provided signal as (or to generate) a clock, often provided from a dedicated clock generation circuit. This is often due to the difficulties of providing an onboard clock that can operate at a speed that is predictable. Manufacturing tolerances of such on-board clock generation circuitry can result in clock rates that vary by a factor of two, and operating temperatures can increase this margin by an additional factor of two. In some cases, the particular rate at which the clock operates is not of particular concern. However, where the integrated circuit will be writing to an internal circuit that is sensitive to the time over which a signal is provided, it may be undesirable to have the signal be applied for too long or short a time. For example, flash memory is sensitive to being written too for too long a period. It would be desirable to provide a mechanism for adjusting a rate of an on-chip system clock to take into account the impact of manufacturing variations on clockspeed.
  • One form of attacking a secure chip is to induce (usually by increasing) a clock speed that takes the logic outside its rated operating frequency. One way of doing this is to reduce the temperature of the integrated circuit, which can cause the clock to race. Above a certain frequency, some logic will start malfunctioning. In some cases, the malfunction can be such that information on the chip that would otherwise be secure may become available to an external connection. It would be desirable to protect an integrated circuit from such attacks.
  • In an integrated circuit comprising non-volatile memory, a power failure can result in unintentional behaviour. For example, if an address or data becomes unreliable due to falling voltage supplied to the circuit but there is still sufficient power to cause a write, incorrect data can be written. Even worse, the data (incorrect or not) could be written to the wrong memory. The problem is exacerbated with multi-word writes. It would be desirable to provide a mechanism for reducing or preventing spurious writes when power to an integrated circuit is failing.
  • In an integrated circuit, it is often desirable to reduce unauthorised access to the contents of memory. This is particularly the case where the memory includes a key or some other form of security information that allows the integrated circuit to communicate with another entity (such as another integrated circuit, for example) in a secure manner. It would be particularly advantageous to prevent attacks involving direct probing of memory addresses by physically investigating the chip (as distinct from electronic or logical attacks via manipulation of signals and power supplied to the integrated circuit). It is also desirable to provide an environment where the manufacturer of the integrated circuit (or some other authorised entity) can verify or authorize code to be run on an integrated circuit.
  • Another desideratum would be the ability of two or more entities, such as integrated circuits, to communicate with each other in a secure manner. It would also be desirable to provide a mechanism for secure communication between a first entity and a second entity, where the two entities, whilst capable of some form of secure communication, are not able to establish such communication between themselves.
  • In a system that uses resources (such as a printer, which uses inks) it may be desirable to monitor and update a record related to resource usage. Authenticating ink quality can be a major issue, since the attributes of inks used by a given printhead can be quite specific. Use of incorrect ink can result in anything from misfiring or poor performance to damage or destruction of the printhead. It would therefore be desirable to provide a system that enables authentication of the correct ink being used, as well as providing various support systems secure enabling refilling of ink cartridges.
  • In a system that prevents unauthorized programs from being loaded onto or run on an integrated circuit, it can be laborious to allow developers of software to access the circuits during software development. Enabling access to integrated circuits of a particular type requires authenticating software with a relatively high-level key. Distributing the key for use by developers is inherently unsafe, since a single leak of the key outside the organization could endanger security of all chips that use a related key to authorize programs. Having a small number of people with high-security clearance available to authenticate programs for testing can be inconvenient, particularly in the case where frequent incremental changes in programs during development require testing. It would be desirable to provide a mechanism for allowing access to one or more integrated circuits without risking the security of other integrated circuits in a series of such integrated circuits.
  • In symmetric key security, a message, denoted by M, is plaintext. The process of transforming M into ciphertext C, where the substance of M is hidden, is called encryption. The process of transforming C back into M is called decryption. Referring to the encryption function as E, and the decryption function as D, we have the following identities:

  • E[M]=C

  • D[C]=M
  • Therefore the following identity is true:

  • D[E[M]]=M
  • A symmetric encryption algorithm is one where:
      • the encryption function E relies on key K1,
      • the decryption function D relies on key K2,
      • K2 can be derived from K1, and
      • K1 can be derived from K2.
  • In most symmetric algorithms, K1 equals K2. However, even if K1 does not equal K2, given that one key can be derived from the other, a single key K can suffice for the mathematical definition. Thus:

  • EK[M]=C

  • DK[C]=M
  • The security of these algorithms rests very much in the key K. Knowledge of K allows anyone to encrypt or decrypt. Consequently K must remain a secret for the duration of the value of M. For example, M may be a wartime message “My current position is grid position 123-456”. Once the war is over the value of M is greatly reduced, and if K is made public, the knowledge of the combat unit's position may be of no relevance whatsoever. The security of the particular symmetric algorithm is a function of two things: the strength of the algorithm and the length of the key.
  • An asymmetric encryption algorithm is one where:
      • the encryption function E relies on key K1,
      • the decryption function D relies on key K2,
      • K2 cannot be derived from K1 in a reasonable amount of time, and
      • K1 cannot be derived from K2 in a reasonable amount of time.
  • Thus:

  • EK1[M]=C

  • DK2[C]=M
  • These algorithms are also called public-key because one key K1 can be made public. Thus anyone can encrypt a message (using K1) but only the person with the corresponding decryption key (K2) can decrypt and thus read the message.
  • In most cases, the following identity also holds:

  • EK2[M]=C

  • DK1[C]=M
  • This identity is very important because it implies that anyone with the public key K1 can see M and know that it came from the owner of K2. No-one else could have generated C because to do so would imply knowledge of K2. This gives rise to a different application, unrelated to encryption—digital signatures.
  • A number of public key cryptographic algorithms exist. Most are impractical to implement, and many generate a very large C for a given M or require enormous keys. Still others, while secure, are far too slow to be practical for several years. Because of this, many public key systems are hybrid—a public key mechanism is used to transmit a symmetric session key, and then the session key is used for the actual messages.
  • All of the algorithms have a problem in terms of key selection. A random number is simply not secure enough. The two large primes p and q must be chosen carefully—there are certain weak combinations that can be factored more easily (some of the weak keys can be tested for). But nonetheless, key selection is not a simple matter of randomly selecting 1024 bits for example. Consequently the key selection process must also be secure. Symmetric and asymmetric schemes both suffer from a difficulty in allowing establishment of multiple relationships between one entity and a two or more others, without the need to provide multiple sets of keys. For example, if a main entity wants to establish secure communications with two or more additional entities, it will need to maintain a different key for each of the additional entities. For practical reasons, it is desirable to avoid generating and storing large numbers of keys. To reduce key numbers, two or more of the entities may use the same key to communicate with the main entity. However, this means that the main entity cannot be sure which of the entities it is communicating with. Similarly, messages from the main entity to one of the entities can be decrypted by any of the other entities with the same key. It would be desirable if a mechanism could be provided to allow secure communication between a main entity and one or more other entities that overcomes at least some of the shortcomings of prior art. In a system where a first entity is capable of secure communication of some form, it may be desirable to establish a relationship with another entity without providing the other entity with any information related the first entity's security features. Typically, the security features might include a key or a cryptographic function. It would be desirable to provide a mechanism for enabling secure communications between a first and second entity when they do not share the requisite secret function, key or other relationship to enable them to establish trust.
  • A number of other aspects, features, preferences and embodiments are disclosed in the Detailed Description of the Preferred Embodiment below.
  • SUMMARY OF THE INVENTION
  • In accordance with a first aspect of the invention, there is provided an integrated circuit comprising a processor and memory storing:
      • secret information accessible via a first address, the secret information comprising a string of bit values;
      • an inverse-string accessible via a second address, the inverse-string comprising a string of bit values, wherein each of the bit values in the inverse-string is the logical inverse of a bit value at a corresponding bit position in the secret information, the integrated circuit being programmed with code configured to:
        (i) receive a request for the secret information; and
        (ii) test whether the bit-values of the inverse string are the inverse of the bit-values at respective corresponding bit positions of the secret information.
  • In accordance with a second aspect of the invention, there is provided a method of ensuring validity of secret information stored in a memory in the form of a string of bit values accessible via a first address, the memory also storing an inverse-string accessible via a second address, the inverse-string comprising a string of bit values that are the logical inverses of the bit values at corresponding respective bit positions of the secret information, the method including the steps of:
  • receiving a request for the secret information; and
    testing whether the bit-values of the inverse string are the inverse of the bit-values at respective corresponding bit positions of the secret information.
  • Preferably, the integrated circuit is configured and programmed to perform a defensive action in the event the test fails.
  • More preferably, the defensive action includes deleting or destroying some or all of the contents of the memory in the event the test fails. Preferably, the defensive action includes deleting or destroying at least the secret information and/or the inverse string. Preferably, the defensive action includes preventing the processor from executing software.
  • Preferably, the defensive action includes resetting some or all of logic on the integrated circuit.
  • Preferably, the first and second addresses are at the same address in the memory.
  • Preferably, the string and inverse string are stored at different sub-addresses within the same address.
  • In accordance with a third aspect of the invention, there is provided method of manufacturing a plurality of the integrated circuits defined in claim 1, comprising the steps, for each of the plurality of integrated circuits, of:
      • storing the secret information and the inverse string at the first and second addresses in the memory of the integrated circuit; and
      • storing the code on the integrated circuit;
      • wherein the first and second addresses are randomly, pseudo-randomly or arbitrarily selected for each of the integrated circuits and the code for each integrated circuit is customised to know the first and second addresses of its secret information and inverse string.
  • Preferably, the first and second addresses are restricted to one of two potential locations in the memory of each integrated circuit, the secret information and the inverse string for each integrated circuit being allocated to the first and second addresses randomly, pseudo-randomly or arbitrarily.
  • More preferably, the secret information differs between at least two of the integrated circuits.
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • Preferred and other embodiments of the invention will now be described, by way of example only, with reference to the accompanying drawings, in which:
  • FIG. 1 is an example of a single printer controller (hereinafter “SoPEC”) A4 simplex printer system
  • FIG. 2 is an example of a dual SoPEC A4 duplex printer system
  • FIG. 3 is an example of a dual SoPEC A3 simplex printer system
  • FIG. 4 is an example of a quad SoPEC A3 duplex printer system
  • FIG. 5 is an example of a SoPEC A4 simplex printing system with an extra SoPEC used as DRAM storage
  • FIG. 6 is an example of an A3 duplex printing system featuring four printing SoPECs
  • FIG. 7 shows pages containing different numbers of bands
  • FIG. 8 shows the contents of a page band
  • FIG. 9 illustrates a page data path from host to SoPEC
  • FIG. 10 shows a page structure
  • FIG. 11 shows a SoPEC system top level partition
  • FIG. 12 shows a SoPEC CPU memory map (not to scale)
  • FIG. 13 is a block diagram of CPU
  • FIG. 14 shows a printhead nozzle layout for 36-nozzle bi-lithic printhead
  • FIG. 15 shows a printhead nozzle layout for a 36-nozzle bi-lithic printhead
  • FIG. 16 shows printhead types 0 to 7
  • FIG. 17 shows an ideal join between two dilithic printhead segments
  • FIG. 18 shows an example of a join between two bilithic printhead segments
  • FIG. 19 shows relationship between datasets
  • FIG. 20 shows a validation hierarchy
  • FIG. 21 shows development of operating system code
  • FIG. 22 shows clock filter
  • FIG. 23 shows tamper detection line
  • FIG. 24 shows an oversize nMOS transistor layout of Tamper Detection Line
  • FIG. 25 shows a Tamper Detection Line
  • FIG. 26 shows how Tamper Detection Lines cover the Noise Generator
  • FIG. 27 shows a high level block diagram of QA Chip
  • FIG. 28 shows an analogue unit
  • FIG. 29 shows a serial bus protocol for trimming
  • FIG. 30 shows a block diagram of a trim unit
  • FIG. 31 shows a block diagram of a CPU of the QA chip
  • FIG. 32 shows block diagram of an MIU
  • FIG. 33 shows a block diagram of memory components
  • FIG. 34 shows a first byte sent to an IOU
  • FIG. 35 shows a block diagram of the IOU
  • FIG. 36 shows a relationship between external SDa and SClk and generation of internal signals
  • FIG. 37 shows block diagram of ALU
  • FIG. 38 shows a block diagram of DataSel
  • FIG. 39 shows a block diagram of ROR
  • FIG. 40 shows a block diagram of the ALU's IO block
  • FIG. 41 shows a block diagram of PCU
  • FIG. 42 shows a block diagram of an Address Generator Unit
  • FIG. 43 shows a block diagram for a Counter Unit
  • FIG. 44 shows a block diagram of PMU
  • FIG. 45 shows a state machine for PMU
  • FIG. 46 shows a block diagram of MRU
  • FIG. 47 shows simplified MAU state machine
  • FIG. 48 shows power-on reset behaviour
  • FIG. 49 shows a ring oscillator block diagram
  • FIG. 50 shows a system clock duty cycle
  • DETAILED DESCRIPTION OF EMBODIMENTS
  • The preferred of the present invention is implemented in a printer using microelectromechanical systems (MEMS) printheads. The printer can receive data from, for example, a personal computer such as an IBM compatible PC or Apple computer. In other embodiments, the printer can receive data directly from, for example, a digital still or video camera. The particular choice of communication link is not important, and can be based, for example, on USB, Firewire, Bluetooth or any other wireless or hardwired communications protocol.
  • A SoPEC (Small office home office Print Engine Controller) ASIC (Application Specific Integrated Circuit) suitable for use in, for example, SoHo printer products is described. The SoPEC ASIC is intended to be a low cost solution for bi-lithic printhead control, replacing the multichip solutions in larger more professional systems with a single chip. The increased cost competitiveness is achieved by integrating several systems such as a modified PEC1 printing pipeline, CPU control system, peripherals and memory sub-system onto one SoC ASIC, reducing component count and simplifying board design. In particular, application to Memjet printing systems is described, including bi-lithic printhead systems,
  • A bi-lithic based printhead is constructed from 2 printhead ICs of varying sizes. The notation M:N is used to express the size relationship of each IC, where M specifies one printhead IC in inches and N specifies the remaining printhead IC in inches.
  • A bi-lithic printhead produces 1600 dpi bi-level dots. On low-diffusion paper, each ejected drop forms a 22.5 m diameter dot. Dots are easily produced in isolation, allowing dispersed-dot dithering to be exploited to its fullest. Since the bi-lithic printhead is the width of the page and operates with a constant paper velocity, color planes are printed in perfect registration, allowing ideal dot-on-dot printing. Dot-on-dot printing minimizes ‘muddying’ of midtones caused by inter-color bleed.
  • A page layout may contain a mixture of images, graphics and text. Continuous-tone (contone) images and graphics are reproduced using a stochastic dispersed-dot dither. Unlike a clustered-dot (or amplitude-modulated) dither, a dispersed-dot (or frequency-modulated) dither reproduces high spatial frequencies (i.e. image detail) almost to the limits of the dot resolution, while simultaneously reproducing lower spatial frequencies to their full color depth, when spatially integrated by the eye. A stochastic dither matrix is carefully designed to be free of objectionable low-frequency patterns when tiled across the image. As such its size typically exceeds the minimum size required to support a particular number of intensity levels (e.g. 16×16×8 bits for 257 intensity levels).
  • Human contrast sensitivity peaks at a spatial frequency of about 3 cycles per degree of visual field and then falls off logarithmically, decreasing by a factor of 100 beyond about 40 cycles per degree and becoming immeasurable beyond 60 cycles per degree. At a normal viewing distance of 12 inches (about 300 mm), this translates roughly to 200-300 cycles per inch (cpi) on the printed page, or 400-600 samples per inch according to Nyquist's theorem.
  • In practice, contone resolution above about 300 ppi is of limited utility outside special applications such as medical imaging. Offset printing of magazines, for example, uses contone resolutions in the range 150 to 300 ppi. Higher resolutions contribute slightly to color error through the dither.
  • Black text and graphics are reproduced directly using bi-level black dots, and are therefore not anti-aliased (i.e. low-pass filtered) before being printed. Text should therefore be supersampled beyond the perceptual limits discussed above, to produce smoother edges when spatially integrated by the eye. Text resolution up to about 1200 dpi continues to contribute to perceived text sharpness (assuming low-diffusion paper, of course).
  • A Netpage printer, for example, may use a contone resolution of 267 ppi (i.e. 1600 dpĩ 6), and a black text and graphics resolution of 800 dpi. A high end office or departmental printer may use a contone resolution of 320 ppi (1600 dpi/5) and a black text and graphics resolution of 1600 dpi. Both formats are capable of exceeding the quality of commercial (offset) printing and photographic reproduction.
  • The SoPEC device can be used in several printer configurations and architectures. In the general sense every SoPEC based printer architecture will contain:
      • One or more SoPEC devices.
      • One or more bi-lithic printheads.
      • Two or more LSS busses.
      • Two or more QA chips.
      • USB 1.1 connection to host or ISI connection to Bridge Chip.
      • ISI bus connection between SoPECs (when multiple SoPECs are used).
  • The printhead is constructed by abutting 2 printhead ICs together. The printhead ICs can vary in size from 2 inches to 8 inches, so to produce an A4 printhead several combinations are possible. For example two printhead ICs of 7 inches and 3 inches could be used to create a A4 printhead (the notation is 7:3). Similarly 6 and 4 combination (6:4), or 5:5 combination. For an A3 printhead it can be constructed from 8:6 or an 7:7 printhead IC combination. For photographic printing smaller printheads can be constructed.
  • Each SoPEC system can have several QA devices. Normally each printing SoPEC will have an associated PRINTER_QA. Ink cartridges will contain an INK_QA chip. PRINTER_QA and INK_QA devices should be on separate LSS busses. All QA chips in the system are physically identical with flash memory contents defining PRINTER_QA from INK_QA chip.
  • Several possible SoPEC based system architectures are now described. It is possible to have extra SoPEC devices in the system used for DRAM storage. The QA chip configurations shown are indicative of the flexibility of LSS bus architecture, but not limited to those configurations.
  • In FIG. 1, a single SoPEC device can be used to control two printhead ICs. The SoPEC receives compressed data through the USB device from the host. The compressed data is processed and transferred to the printhead.
  • In FIG. 2, two SoPEC devices are used to control two bi-lithic printheads, each with two printhead ICs. Each bi-lithic printhead prints to opposite sides of the same page to achieve duplex printing. The SoPEC connected to the USB is the ISIMaster SoPEC, the remaining SoPEC is an ISISlave. The ISIMaster receives all the compressed page data for both SoPECs and re-distributes the compressed data over the Inter-SoPEC Interface (ISI) bus.
  • It may not be possible to print an A4 page every 2 seconds in this configuration since the USB 1.1 connection to the host may not have enough bandwidth. An alternative would be for each SoPEC to have its own USB 1.1 connection. This would allow a faster average print speed.
  • In FIG. 3, two SoPEC devices are used to control one A3 bi-lithic printhead. Each SoPEC controls only one printhead IC (the remaining PHI port typically remains idle). This system uses the SoPEC with the USB connection as the ISIMaster. In this dual SoPEC configuration the compressed page store data is split across 2 SoPECs giving a total of 4 Mbyte page store, this allows the system to use compression rates as in an A4 architecture, but with the increased page size of A3. The ISIMaster receives all the compressed page data for all SoPECs and re-distributes the compressed data over the Inter-SoPEC Interface (ISI) bus.
  • It may not be possible to print an A3 page every 2 seconds in this configuration since the USB 1.1 connection to the host will only have enough bandwidth to supply 2 Mbytes every 2 seconds. Pages which require more than 2 MBytes every 2 seconds will therefore print more slowly. An alternative would be for each SoPEC to have its own USB 1.1 connection. This would allow a faster average print speed.
  • In FIG. 4 a 4 SoPEC system is shown. It contains 2 A3 bi-lithic printheads, one for each side of an A3 page. Each printhead contain 2 printhead ICs, each printhead IC is controlled by an independent SoPEC device, with the remaining PHI port typically unused. Again the SoPEC with USB 1.1 connection is the ISIMaster with the other SoPECs as ISISlaves. In total, the system contains 8 Mbytes of compressed page store (2 Mbytes per SOPEC), so the increased page size does not degrade the system print quality, from that of an A4 simplex printer. The ISIMaster receives all the compressed page data for all SoPECs and re-distributes the compressed data over the Inter-SoPEC Interface (ISI) bus.
  • It may not be possible to print an A3 page every 2 seconds in this configuration since the USB 1.1 connection to the host will only have enough bandwidth to supply 2 Mbytes every 2 seconds. Pages which require more than 2 MBytes every 2 seconds will therefore print more slowly. An alternative would be for each SoPEC or set of SoPECs on the same side of the page to have their own USB 1.1 connection (as ISISlaves may also have direct USB connections to the host). This would allow a faster average print speed.
  • Extra SoPECs can be used for DRAM storage e.g. in FIG. 5 an A4 simplex printer can be built with a single extra SoPEC used for DRAM storage. The DRAM SoPEC can provide guaranteed bandwidth delivery of data to the printing SoPEC. SoPEC configurations can have multiple extra SoPECs used for DRAM storage.
  • In FIG. 6, an ISI-Bridge chip provides slave-only ISI connections to SoPEC devices. FIG. 6 shows a ISI-Bridge chip with 2 separate ISI ports. The ISI-Bridge chip is the ISIMaster on each of the ISI busses it is connected to. All connected SoPECs are ISISlaves. The ISI-Bridge chip will typically have a high bandwidth connection to a host and may have an attached external DRAM for compressed page storage.
  • An alternative to having a ISI-Bridge chip would be for each SoPEC or each set of SoPECs on the same side of a page to have their own USB 1.1 connection. This would allow a faster average print speed.
  • The SoPEC is a page rendering engine ASIC that takes compressed page images as input, and produces decompressed page images at up to 6 channels of bi-level dot data as output. The bi-level dot data is generated for the Memjet bi-lithic printhead. The dot generation process takes account of printhead construction, dead nozzles, and allows for fixative generation.
  • A single SoPEC can control 2 bi-lithic printheads and up to 6 color channels at 10,000 lines/sec1, equating to 30 pages per minute. A single SoPEC can perform full-bleed printing of A3, A4 and Letter pages. The 6 channels of colored ink are the expected maximum in a consumer SOHO, or office Bi-lithic printing environment:
      • CMY, for regular color printing.
      • K, for black text, line graphics and gray-scale printing.
      • IR (infrared), for Netpage-enabled [5] applications.
      • F (fixative), to enable printing at high speed. Because the bi-lithic printer is capable of printing so fast, a fixative may be required to enable the ink to dry before the page touches the page already printed. Otherwise the pages may bleed on each other. In low speed printing environments the fixative may not be required. 110,000 lines per second equates to 30 A4/Letter pages per minute at 1600 dpi
  • SoPEC is color space agnostic. Although it can accept contone data as CMYX or RGBX, where X is an optional 4th channel, it also can accept contone data in any print color space. Additionally, SoPEC provides a mechanism for arbitrary mapping of input 110,000 lines per second equates to 30 A4/Letter pages per minute at 1600 dpi channels to output channels, including combining dots for ink optimization, generation of channels based on any number of other channels etc. However, inputs are typically CMYK for contone input, K for the bi-level input, and the optional Netpage tag dots are typically rendered to an infra-red layer. A fixative channel is typically generated for fast printing applications.
  • SoPEC is resolution agnostic. It merely provides a mapping between input resolutions and output resolutions by means of scale factors. The expected output resolution is 1600 dpi, but SoPEC actually has no knowledge of the physical resolution of the Bi-lithic printhead.
  • SoPEC is page-length agnostic. Successive pages are typically split into bands and downloaded into the page store as each band of information is consumed and becomes free.
  • SoPEC provides an interface for synchronization with other SoPECs. This allows simple multi-SoPEC solutions for simultaneous A3/A4/Letter duplex printing. However, SoPEC is also capable of printing only a portion of a page image. Combining synchronization functionality with partial page rendering allows multiple SoPECs to be readily combined for alternative printing requirements including simultaneous duplex printing and wide format printing.
  • The required printing rate for SoPEC is 30 sheets per minute with an inter-sheet spacing of 4 cm. To achieve a 30 sheets per minute print rate, this requires:

  • 300 mm×63 (dot/mm)/2 sec=105.8 seconds per line, with no inter-sheet gap.

  • 340 mm×63 (dot/mm)/2 sec=93.3 seconds per line, with a 4 cm inter-sheet gap.
  • A printline for an A4 page consists of 13824 nozzles across the page [2]. At a system clock rate of 160 MHz 13824 dots of data can be generated in 86.4 seconds. Therefore data can be generated fast enough to meet the printing speed requirement. It is necessary to deliver this print data to the print-heads.
  • Printheads can be made up of 5:5, 6:4, 7:3 and 8:2 inch printhead combinations [2]. Print data is transferred to both print heads in a pair simultaneously. This means the longest time to print a line is determined by the time to transfer print data to the longest print segment. There are 9744 nozzles across a 7 inch printhead. The print data is transferred to the printhead at a rate of 106 MHz (⅔ of the system clock rate) per color plane. This means that it will take 91.9 s to transfer a single line for a 7:3 printhead configuration. So we can meet the requirement of 30 sheets per minute printing with a 4 cm gap with a 7:3 printhead combination. There are 11160 across an 8 inch printhead. To transfer the data to the printhead at 106 MHz will take 105.3 s. So an 8:2 printhead combination printing with an inter-sheet gap will print slower than 30 sheets per minute.
  • From the highest point of view the SoPEC device consists of 3 distinct subsystems
      • CPU Subsystem
      • DRAM Subsystem
      • Print Engine Pipeline (PEP) Subsystem
  • See FIG. 11 for a block level diagram of SoPEC.
  • The CPU subsystem controls and configures all aspects of the other subsystems. It provides general support for interfacing and synchronising the external printer with the internal print engine. It also controls the low speed communication to the QA chips. The CPU subsystem contains various peripherals to aid the CPU, such as GPIO (includes motor control), interrupt controller, LSS Master and general timers. The Serial Communications Block (SCB) on the CPU subsystem provides a full speed USB1.1 interface to the host as well as an Inter SoPEC Interface (ISI) to other SoPEC devices. Security SoPEC use cases are now described. Use cases for both single and multi-SoPEC systems are outlined. Some tasks may be composed of a number of sub-tasks. Communication between SoPEC and the QA chips (i.e. INK_QA and PRINTER_QA) will take place on at least a per power cycle and per page basis. Communication with the QA chips has three principal purposes: validating the presence of genuine QA chips (i.e the printer is using approved consumables), validation of the amount of ink remaining in the cartridge and authenticating the operating parameters for the printer. After each page has been printed, SoPEC is expected to communicate the number of dots fired per ink plane to the QA chipset. SoPEC may also initiate decoy communications with the QA chips from time to time.
  • Process:
      • When validating ink consumption SoPEC is expected to principally act as a conduit between the PRINTER_QA and INK_QA chips and to take certain actions (basically enable or disable printing and report status to host PC) based on the result. The communication channels are insecure but all traffic is signed to guarantee authenticity.
  • Known Weaknesses
      • All communication to the QA chips is over the LSS interfaces using a serial communication protocol. This is open to observation and so the communication protocol could be reverse engineered. In this case both the PRINTER_QA and INK_QA chips could be replaced by impostor devices (e.g. a single FPGA) that successfully emulated the communication protocol. As this would require physical modification of each printer this is considered to be an acceptably low risk. Any messages that are not signed by one of the symmetric keys (such as the SoPEC_id key) could be reverse engineered. The imposter device must also have access to the appropriate keys to crack the system.
      • If the secret keys in the QA chips are exposed or cracked then the system, or parts of it, is compromised.
  • Assumptions:
  • [1] The QA chips are not involved in the authentication of downloaded SoPEC code
    [2] The QA chip in the ink cartridge (INK_QA) does not directly affect the operation of the cartridge in any way i.e. it does not inhibit the flow of ink etc.
    [3] The INK_QA and PRINTER_QA chips are identical in their virgin state. They only become a INK_QA or PRINTER_QA after their FlashROM has been programmed.
  • The process is as follows:
    • 1) SoPEC identification by activity on USB end-points 2-4 indicates it is the ISIMaster (unless the SoPEC CPU has explicitly disabled this function).
    • 2) The program is downloaded to the embedded DRAM.
    • 3) The CPU calculates a SHA-1 hash digest of the downloaded program.
    • 4) The ResetSrc register in the CPR block is read to determine whether or not a power-on reset occurred.
    • 5) If a power-on reset occurred the signature of the downloaded code (which needs to be in a known location such as the first or last N bytes of the downloaded code) is decrypted using the Silverbrook public boot0key stored in ROM. This decrypted signature is the expected SHA-1 hash of the accompanying program. The encryption algorithm is likely to be a public key algorithm such as RSA. If a power-on reset did not occur then the expected SHA-1 hash is retrieved from the PSS and the compute intensive decryption is not required.
    • 6) The calculated and expected hash values are compared and if they match then the programs authenticity has been verified.
    • 7) If the hash values do not match then the host PC is notified of the failure and the SoPEC will await a new program download.
    • 8) If the hash values match then the CPU starts executing the downloaded program.
    • 9) If, as is very likely, the downloaded program wishes to download subsequent programs (such as OEM code) it is responsible for ensuring the authenticity of everything it downloads. The downloaded program may contain public keys that are used to authenticate subsequent downloads, thus forming a hierarchy of authentication. The SoPEC ROM does not control these authentications—it is solely concerned with verifying that the first program downloaded has come from a trusted source.
    • 10) At some subsequent point OEM code starts executing. The Silverbrook supervisor code acts as an O/S to the OEM user mode code. The OEM code must access most SoPEC functionality via system calls to the Silverbrook code.
    • 11) The OEM code is expected to perform some simple ‘turn on the lights’ tasks after which the host PC is informed that the printer is ready to print and the Start Printing use case comes into play.
  • Known Weaknesses:
      • If the Silverbrook private boot0key is exposed or cracked then the system is seriously compromised. A ROM mask change would be required to reprogram the boot0key.
  • For authentication of download code in a multi-SoPEC system, an ISIMastrer SoPEC process includes:
    • 1) SoPEC identification by activity on USB end-points 2-4 indicates it is the ISIMaster.
    • 2) The SCB is configured to broadcast the data received from the host PC.
    • 3) The program is downloaded to the embedded DRAM and broadcasted to all ISISlave SoPECs over the ISI.
    • 4) The CPU calculates a SHA-1 hash digest of the downloaded program.
    • 5) The ResetSrc register in the CPR block is read to determine whether or not a power-on reset occurred.
    • 6) If a power-on reset occurred the signature of the downloaded code (which needs to be in a known location such as the first or last N bytes of the downloaded code) is decrypted using the Silverbrook public boot0key stored in ROM. This decrypted signature is the expected SHA-1 hash of the accompanying program. The encryption algorithm is likely to be a public key algorithm such as RSA. If a power-on reset did not occur then the expected SHA-1 hash is retrieved from the PSS and the compute intensive decryption is not required.
    • 7) The calculated and expected hash values are compared and if they match then the programs authenticity has been verified.
    • 8) If the hash values do not match then the host PC is notified of the failure and the SoPEC will await a new program download.
    • 9) If the hash values match then the CPU starts executing the downloaded program.
    • 10) It is likely that the downloaded program will poll each ISISlave SoPEC for the result of its authentication process and to determine the number of slaves present and their ISIIds.
    • 11) If any ISISlave SoPEC reports a failed authentication then the ISIMaster communicates this to the host PC and the SoPEC will await a new program download.
    • 12) If all ISISlaves report successful authentication then the downloaded program is responsible for the downloading, authentication and distribution of subsequent programs within the multi-SoPEC system.
    • 13) At some subsequent point OEM code starts executing. The Silverbrook supervisor code acts as an O/S to the OEM user mode code. The OEM code must access most SoPEC functionality via system calls to the Silverbrook code.
    • 14) The OEM code is expected to perform some simple ‘turn on the lights’ tasks after which the master SoPEC determines that all SoPECs are ready to print. The host PC is informed that the printer is ready to print and the Start Printing use case comes into play.
  • While, an ISISlave SoPEC process includes:
    • 1) When the CPU comes out of reset the SCB will be in slave mode, and the SCB is already configured to receive data from both the ISI and USB.
    • 2) The program is downloaded (via ISI or USB) to embedded DRAM.
    • 3) The CPU calculates a SHA-1 hash digest of the downloaded program.
    • 4) The ResetSrc register in the CPR block is read to determine whether or not a power-on reset occurred.
    • 5) If a power-on reset occurred the signature of the downloaded code (which needs to be in a known location such as the first or last N bytes of the downloaded code) is decrypted using the Silverbrook public boot0key stored in ROM. This decrypted signature is the expected SHA-1 hash of the accompanying program. The encryption algorithm is likely to be a public key algorithm such as RSA. If a power-on reset did not occur then the expected SHA-1 hash is retrieved from the PSS and the compute intensive decryption is not required.
    • 6) The calculated and expected hash values are compared and if they match then the programs authenticity has been verified.
    • 7) If the hash values do not match, then the ISISlave device will await a new program again
    • 8) If the hash values match then the CPU starts executing the downloaded program.
    • 9) It is likely that the downloaded program will communicate the result of its authentication process to the ISIMaster. The downloaded program is responsible for determining the SoPECs ISIId, receiving and authenticating any subsequent programs.
    • 10) At some subsequent point OEM code starts executing. The Silverbrook supervisor code acts as an O/S to the OEM user mode code. The OEM code must access most SoPEC functionality via system calls to the Silverbrook code.
    • 11) The OEM code is expected to perform some simple ‘turn on the lights’ tasks after which the master SoPEC is informed that this slave is ready to print. The Start Printing use case then comes into play.
  • Known Weaknesses
      • If the Silverbrook private boot0key is exposed or cracked then the system is seriously compromised.
      • ISI is an open interface i.e. messages sent over the ISI are in the clear. The communication channels are insecure but all traffic is signed to guarantee authenticity. As all communication over the ISI is controlled by Supervisor code on both the ISIMaster and ISISlave then this also provides some protection against software attacks.
  • The SoPEC IC will be used in a range of printers with different capabilities (e.g. A3/A4 printing, printing speed, resolution etc.). It is expected that some printers will also have a software upgrade capability which would allow a user to purchase a license that enables an upgrade in their printer's capabilities (such as print speed). To facilitate this it must be possible to securely store the operating parameters in the PRINTER_QA chip, to securely communicate these parameters to the SoPEC and to securely reprogram the parameters in the event of an upgrade. Note that each printing SoPEC (as opposed to a SoPEC that is only used for the storage of data) will have its own PRINTER_QA chip (or at least access to a PRINTER_QA that contains the SoPEC's SoPEC_id_key). Therefore both ISIMaster and ISISlave SoPECs will need to authenticate operating parameters.
  • Process:
    • 1) Program code is downloaded and authenticated.
    • 2) The program code has a function to create the SoPEC_id key from the unique SoPEC_id that was programmed when the SoPEC was manufactured.
    • 3) The SoPEC retrieves the signed operating parameters from its PRINTER_QA chip. The PRINTER_QA chip uses the SoPEC_id_key (which is stored as part of the pairing process executed during printhead assembly manufacture & test) to sign the operating parameters which are appended with a random number to thwart replay attacks.
    • 4) The SoPEC checks the signature of the operating parameters using its SoPEC_id_key. If this signature authentication process is successful then the operating parameters are considered valid and the overall boot process continues. If not the error is reported to the host PC.
    • 5) Operating parameters may also be set or upgraded using a second key, the PrintEngineLicense_key, which is stored on the PRINTER_QA and used to authenticate the change in operating parameters.
  • Known Weaknesses:
      • It may be possible to retrieve the unique SoPEC_id by placing the SoPEC in test mode and scanning it out. It is certainly possible to obtain it by reverse engineering the device. Either way the SoPEC_id (and by extension the SoPEC_id_key) so obtained is valid only for that specific SoPEC and so printers may only be compromised one at a time by parties with the appropriate specialised equipment. Furthermore even if the SoPEC_id is compromised, the other keys in the system, which protect the authentication of consumables and of program code, are unaffected.
  • The CPU block consists of the CPU core, MMU, cache and associated logic. The principal tasks for the program running on the CPU to fulfill in the system are:
  • Communications:
      • Control the flow of data from the USB interface to the DRAM and ISI
      • Communication with the host via USB or ISI
      • Running the USB device driver
    PEP Subsystem Control:
      • Page and band header processing (may possibly be performed on host PC)
      • Configure printing options on a per band, per page, per job or per power cycle basis
      • Initiate page printing operation in the PEP subsystem
      • Retrieve dead nozzle information from the printhead interface (PHI) and forward to the host PC
      • Select the appropriate firing pulse profile from a set of predefined profiles based on the printhead characteristics
      • Retrieve printhead temperature via the PHI
    Security:
      • Authenticate downloaded program code
      • Authenticate printer operating parameters
      • Authenticate consumables via the PRINTER_QA and INK_QA chips
      • Monitor ink usage
      • Isolation of OEM code from direct access to the system resources
    Other:
      • Drive the printer motors using the GPIO pins
      • Monitoring the status of the printer (paper jam, tray empty etc.)
      • Driving front panel LEDs
      • Perform post-boot initialisation of the SoPEC device
      • Memory management (likely to be in conjunction with the host PC)
      • Miscellaneous housekeeping tasks
  • To control the Print Engine Pipeline the CPU is required to provide a level of performance at least equivalent to a 16-bit Hitachi H8-3664 microcontroller running at 16 MHz. An as yet undetermined amount of additional CPU performance is needed to perform the other tasks, as well as to provide the potential for such activity as Netpage page assembly and processing, RIPing etc. The extra performance required is dominated by the signature verification task and the SCB (including the USB) management task. An operating system is not required at present. A number of CPU cores have been evaluated and the LEON P1754 is considered to be the most appropriate solution. A diagram of the CPU block is shown in FIG. 13.
  • A number of hardware, software and protocol solutions to security issues have been developed. These range from authorization and encryption protocols for enabling secure communication between hardware and software modules, to physical and electrical systems that protect the integrity of integrated circuits and other hardware.
  • It should be understood that in many cases, principles described with reference to hardware such as integrated circuits (ie, chips) can be implemented wholly or partly in software running on, for example, a computer. Mixed systems in which software and hardware (and combinations) embody various entities, modules and units can also be constructed using may of these principles, particularly in relation to authorization and authentication protocols. The particular extent to which the principles described below can be translated to or from hardware or software will be apparent to one skilled in the art, and so will not always explicitly be explained.
  • It should also be understood that many of the techniques disclosed below have application to many fields other than printing. Some specific examples are described towards the end of this description.
  • A “QA Chip” is a quality assurance chip can allows certain security functions and protocols to be implemented. The preferred QA Chip is described in some detail later in this specification.
  • Any given physical QA Chip will contain functionality that allows it to operate as an entity in some number of these protocols. Therefore, wherever the terms ChipR, ChipT, ChipP, ChipF, ChipU and ChipS are used, they are referring to logical entities involved in an authentication protocol.
  • Physical QA Chips are referred to by their location. For example, each ink cartridge may contain a QA Chip referred to as an INK_QA, with all INK_QA chips being on the same physical bus. In the same way, the QA Chip inside the printer is referred to as PRINTER_QA, and will be on a separate bus to the INK_QA chips.
  • When applied to a printing environment, the functional security requirements for the preferred embodiment are:
      • Code of QA chip owner or licensee co-existing safely with code of authorized OEMs
      • Chip owner/licensee operating parameters authentication
      • Parameters authentication for authorized OEMs
      • Ink usage authentication
  • The authentication requirements imply that:
      • OEMs and end-users must not be able to replace or tamper with QA chip manufacturer/owner's program code or data
      • OEMs and end-users must not be able to perform unauthorized activities for example by calling chip manufacturer/owner's code
      • End-users must not be able to replace or tamper with OEM program code or data
      • End-users must not be able to call unauthorized functions within OEM program code
      • Manufacturer/owner's development program code must not be capable of running on all SoPECs.
      • OEMs must be able to test products at their highest upgradable status, yet not be able to ship them outside the terms of their license
      • OEMs and end-users must not be able to directly access the print engine pipeline (PEP) hardware, the LSS Master (for QA Chip access) or any other peripheral block with the exception of operating system permitted GPIO pins and timers.
  • SoPEC includes a CPU that must run both manufacturer/owner program code and OEM program code. The execution model envisaged for SoPEC is one where Manufacturer/owner program code forms an operating system (O/S), providing services such as controlling the print engine pipeline, interfaces to communications channels etc. The OEM program code must run in a form of user mode, protected from harming the Manufacturer/owner program code. The OEM program code is permitted to obtain services by calling functions in the O/S, and the O/S may also call OEM code at specific times. For example, the OEM program code may request that the O/S call an OEM interrupt service routine when a particular GPIO pin is activated.
  • In addition, we may wish to permit the OEM code to directly call functions in Manufacturer/owner code with the same permissions as the OEM code. For example, the Manufacturer/owner code may provide SHA1 as a service, and the OEM could call the SHA1 function, but execute that function with OEM permissions and not Silverbook permissions.
  • A basic requirement then, for SoPEC, is a form of protection management, whereby Manufacturer/owner and OEM program code can co-exist without the OEM program code damaging operations or services provided by the Manufacturer/owner O/S. Since services rely on SoPEC peripherals (such as USB2 Host, LSS Master, Timers etc) access to these peripherals should also be restricted to Manufacturer/owner program code only. A particular OEM will be licensed to run a Print Engine with a particular set of operating parameters (such as print speed or quality). The OEM and/or end-user can upgrade the operating license for a fee and thereby obtain an upgraded set of operating parameters. Neither the OEM nor end-user should be able to upgrade the operating parameters without paying the appropriate fee to upgrade the license. Similarly, neither the OEM nor end-user should be able to bypass the authentication mechanism via any program code on SoPEC. This implies that OEMs and end-users must not be able to tamper with or replace Manufacturer/owner program code or data, nor be able to call unauthorized functions within Manufacturer/owner program code.
  • However, the OEM must be capable of assembly-line testing the Print Engine at the upgraded status before selling the Print Engine to the end-user.
  • The OEM may provide operating parameters to the end-user independent of the Manufacturer/owner operating parameters. For example, the OEM may want to sell a franking machine2. 2a franking machine prints stamps
  • The end-user should not be able to upgrade the operating parameters without paying the appropriate fee to the OEM. Similarly, the end-user should not be able to bypass the authentication mechanism via any program code on SoPEC. This implies that end-users must not be able to tamper with or replace OEM program code or data, as well as not be able to tamper with the PEP blocks or service-related peripherals.
  • If an end user takes the time and energy to hack the print engine and thereby succeeds in upgrading the single print engine only, yet not be able to use the same keys etc on another print engine, that is an acceptable security compromise. However it doesn't mean we have to make it totally simple or cheap for the end-user to accomplish this.
  • Software-only attacks are the most dangerous, since they can be transmitted via the internet and have no perceived cost. Physical modification attacks are far less problematic, since most printer users are not likely to want their print engine to be physically modified. This is even more true if the cost of the physical modification is likely to exceed the price of a legitimate upgrade.
  • Any solution to the above requirements should also meet certain preferred implementation constraints. These are:
      • No flash memory inside SoPEC
      • SoPEC must be simple to verify
      • Manufacturer/owner program code must be updateable
      • OEM program code must be updateable
      • Must be bootable from activity on USB2
      • Must be bootable from an external ROM to allow stand-alone printer operation
      • No extra pins for assigning IDs to slave SoPECs
      • Cannot trust the comms channel to the QA Chip in the printer (PRINTER_QA)
      • Cannot trust the comms channel to the QA Chip in the ink cartridges (INK_QA)
      • Cannot trust the USB comms channel
  • These constraints are detailed below.
  • The preferred embodiment of SoPEC is intended to be implemented in 0.13 micron or smaller. Flash memory will not be available in any of the target processes being considered.
  • All combinatorial logic and embedded program code within SoPEC must be verified before manufacture. Every increase in complexity in either of these increases verification effort and increases risk.
  • It is neither possible nor desirable to write a single complete operating system that is:
      • verified completely
      • correct for all possible future uses of SoPEC systems
      • finished in time for SoPEC manufacture
  • Therefore the complete Manufacturer/owner program code must not permanently reside on SoPEC. It must be possible to update the Manufacturer/owner program code as enhancements to functionality are made and bug fixes are applied.
  • In the worst case, only new printers would receive the new functionality or bug fixes. In the best case, existing SoPEC users can download new embedded code to enable functionality or bug fixes. Ideally, these same users would be obtaining these updates from the OEM website or equivalent, and not require any interaction with Manufacturer/owner.
  • Given that each OEM will be writing specific program code for printers that have not yet been conceived, it is impossible for all OEM program code to be embedded in SoPEC at the ASIC manufacture stage.
  • Since flash memory is not available, OEMs cannot store their program code in on-chip flash. While it is theoretically possible to store OEM program code in ROM on SoPEC, this would entail OEM-specific ASICs which would be prohibitively expensive.
  • Therefore OEM program code cannot permanently reside on SoPEC.
  • Since OEM program code must be downloadable for SoPEC to execute, it should therefore be possible to update the OEM program code as enhancements to functionality are made and bug fixes are applied.
  • In the worst case, only new printers would receive the new functionality or bug fixes. In the best case, existing SoPEC users can download new embedded code to enable functionality or bug fixes. Ideally, these same users would be obtaining these updates from the OEM website or equivalent, and not require any interaction with Manufacturer/owner.
  • SoPEC can be placed in sleep mode to save power when printing is not required. RAM is not preserved in sleep mode. Therefore any program code and data in RAM will be lost. However, SoPEC must be capable of being woken up by the host when it is time to print again.
  • In the case of a single SoPEC system, the host communicates with SoPEC via USB2. From SoPEC's point of view, it is activity on the USB2 device port that signals the time to wake up.
  • In the case of a multi-SoPEC system, the host typically communicates with the Master SoPEC chip (as above), and then the Master relays messages to other Slave SoPECs by sending data out USB2 host port(s) and into the Slave SoPEC's device port. The net result is that the Slave SoPECs and the Master SoPEC all boot as a result of activity on the USB2 device port.
  • Therefore SoPEC must be capable of being woken up by activity on the USB2 device port.
  • SoPEC must also support the case where the printer is not connected to a PC (or the PC is currently turned off), and a digital camera or equivalent is plugged into the SoPEC-based printer. In this case, the entire printing application needs to be present within the hardware of the printer.
  • Since the Manufacturer/owner program code and OEM program code will vary depending on the application, it is not possible to store the program in SoPEC's ROM.
  • Therefore SoPEC requires a means of booting from a non-PC host. It is possible that this could be accomplished by the OEM adding a USB2-host chip to the printer and simulating the effect of a PC, and thereby download the program code. This solution requires the boot operation to be based on USB2 activity. However this is an unattractive solution since it adds microprocessor complexity and component cost when only a ROM-equivalent was desired.
  • As a result SoPEC should ideally be able to boot from an external ROM of some kind. Note that booting from an external ROM means first booting from the internal ROM, and then downloading and authenticating the startup section of the program from the external ROM. This is not the same as simply running program code in-situ within an external ROM, since one of the security requirements was that OEMs and end-users must not be able to replace or tamper with Manufacturer/owner program code or data, i.e. we never want to blindly run code from an external ROM.
  • As an additional point, if SoPEC is in sleep mode, SoPEC must be capable of instigating the boot process due to activity on a programmable GPIO. e.g. a wake-up button. This would be in addition to the standard power-on booting.
  • In a single SoPEC system the host only sends data to the single SoPEC. However in a multi-SoPEC system, each of the slaves needs to be uniquely identifiable in order to be able for the host to send data to the correct slave.
  • Since there is no flash on board SoPEC we are unable to store a slave ID in each SoPEC. Moreover, any ROM in each SoPEC will be identical.
  • It is possible to assign n pins to allow 2n combinations of IDs for slave SoPECs. However a design goal of SoPEC is to minimize pins for cost reasons, and this is particularly true of features only used in multi-SoPEC systems.
  • The design constraint requirement is therefore to allow slaves to be IDed via a method that does not require any extra pins. This implies that whatever boot mechanism that satisfies the security requirements must also be able to assign IDs to slave SoPECs.
  • If the printer operating parameters are stored in the non-volatile memory of the Print Engine's on-board PRINTER_QA chip, both Manufacturer/owner and OEM program code cannot rely on the communication channel being secure. It is possible for an attacker to eavesdrop on communications to the PRINTER_QA chip, replace the PRINTER_QA chip and/or subvert the communications channel. It is also possible for this to be true during manufacture of the circuit board containing the SoPEC and the PRINTER_QA chip.
  • The amount of ink remaining for a given ink cartridge is stored in the non-volatile memory of that ink cartridge's INK_QA chip. Both Manufacturer/owner and OEM program code cannot rely on the communication channel to the INK_QA being secure. It is possible for an attacker to eavesdrop on communications to the INK_QA chip, to replace the INK_QA chip and/or to subvert the communications channel. It is also possible for this to be true during manufacture of the consumable containing the INK_QA chip. In a multi-SoPEC system, or in a single-SoPEC system that has a non-USB2 connection to the host, a given SoPEC will receive its data over a USB2 host port. It is quite possible for an end-user to insert a chip that eavesdrops on and/or subverts the communications channel (for example performs man-in-the-middle attacks).
  • A proposed solution to the above requirements, can be summarised as:
      • Each SoPEC has a unique id
      • CPU with user/supervisor mode
      • Memory Management Unit
      • The unique id is not cached
      • Specific entry points in O/S
      • Boot procedure, including authentication of program code and operating parameters
      • SoPEC physical identification
  • Each SoPEC needs to contains a unique SoPEC_id of minimum size 64-bits. This SoPEC_id is used to form a symmetric key unique to each SoPEC: SoPEC_id_key. On SoPEC we make use of an additional 112-bit ECID3 macro that has been programmed with a random number on a per-chip basis. Thus SoPEC_id is the 112-bit macro, and the SoPEC_id_key is a 160-bit result obtained by SHA1 (SoPEC_id). 3Electronic Chip Id
  • The verification of operating parameters and ink usage depends on SoPEC_id being difficult to determine. Difficult to determine means that someone should not be able to determine the id via software, or by viewing the communications between chips on the board. If the SoPEC_id is available through running a test procedure on specific test pins on the chip, then depending on the ease by which this can be done, it is likely to be acceptable. It is important to note that in the proposed solution, compromise of the SoPEC_id leads only to compromise of the operating parameters and ink usage on this particular SoPEC. It does not compromise any other SoPEC or all inks or operating parameters in general. It is ideal that the SoPEC_id be random, although this is unlikely to occur on standard manufacture processes for ASICs. If the id is within a small range however, it will be able to be broken by brute force. This is why 32-bits is not sufficient protection.
  • SoPEC contains a CPU with direct hardware support for user and supervisor modes. At present, the intended CPU is the LEON (a 32-bit processor with an instruction set according to the IEEE-1754 standard. The IEEE1754 standard is compatible with the SPARC V8 instruction set).
  • Manufacturer/owner (operating system) program code will run in supervisor mode, and all OEM program code will run in user mode.
  • SoPEC contains a Memory Management Unit (MMU) that limits access to regions of DRAM by defining read, write and execute access permissions for supervisor and user mode. Program code running in user mode is subject to user mode permission settings, and program code running in supervisor mode is subject to supervisor mode settings. A setting of 1 for a permission bit means that type of access (e.g. read, write, execute) is permitted. A setting of 0 for a read permission bit means that that type of access is not permitted.
  • At reset and whenever SoPEC wakes up, the settings for all the permission bits are 1 for all supervisor mode accesses, and 0 for all user mode accesses. This means that supervisor mode program code must explicitly set user mode access to be permitted on a section of DRAM.
  • Access permission to all the non-valid address space should be trapped, regardless of user or supervisor mode, and regardless of the access being read, execute, or write.
  • Access permission to all of the valid non-DRAM address space (for example the PEP blocks) is supervisor read/write access only (no supervisor execute access, and user mode has no acccess at all) with the exception that certain GPIO and Timer registers can also be accessed by user code. These registers will require bitwise access permissions. Each peripheral block will determine how the access is restricted.
  • With respect to the DRAM and PEP subsystems of SoPEC, typically we would set user read/write/execute mode permissions to be 1/1/0 only in the region of memory that is used for OEM program data, 1/0/1 for regions of OEM program code, and 0/0/0 elsewhere (including the trap table). By contrast we would typically set supervisor mode read/write/execute permissions for this memory to be 1/1/0 (to avoid accidentally executing user code in supervisor mode).
  • The SoPEC_id parameter should only be accessible in supervisor mode, and should only be stored and manipulated in a region of memory that has no user mode access.
  • The unique SoPEC_id needs to be available to supervisor code and not available to user code. This is taken care of by the MMU.
  • However the SoPEC_id must also not be accessible via the CPU's data cache or register windows. For example, if the user were to cause an interrupt to occur at a particular point in the program execution when the SoPEC_id was being manipulated, it must not be possible for the user program code to turn caching off and then access the SoPEC_id inside the data cache. This would bypass any MMU security.
  • The same must be true of register windows. It must not be possible for user mode program code to read or modify register settings in a supervisor program's register windows.
  • This means that at the least, the SoPEC_id itself must not be cacheable. Likewise, any processed form of the SoPEC_id such as the SoPEC_id_key (e.g. read into registers or calculated expected results from a QA_Chip) should not be accessible by user program code.
  • Given that user mode program code cannot even call functions in supervisor code space, the question arises as how OEM programs can access functions, or request services. The implementation for this depends on the CPU.
  • On the LEON processor, the TRAP instruction allows programs to switch between user and supervisor mode in a controlled way. The TRAP switches between user and supervisor register sets, and calls a specific entry point in the supervisor code space in supervisor mode. The TRAP handler dispatches the service request, and then returns to the caller in user mode.
  • Use of a command dispatcher allows the O/S to provide services that filter access—e.g. a generalised print function will set PEP registers appropriately and ensure QA Chip ink updates occur.
  • The LEON also allows supervisor mode code to call user mode code in user mode. There are a number of ways that this functionality can be implemented. It is possible to call the user code without a trap, but to return to supervisor mode requires a trap (and associated latency).
  • The intention is to load the Manufacturer/owner and OEM program code into SoPEC's RAM, where it can be subsequently executed. The basic SoPEC therefore, must be capable of downloading program code. However SoPEC must be able to guarantee that only authorized Manufacturer/owner boot programs can be loaded, otherwise anyone could modify the O/S to do anything, and then load that—thereby bypassing the licensed operating parameters.
  • We perform authentication of program code and data using asymmetric (public-key) digital signatures and without using a QA Chip.
  • Assuming we have already downloaded some data and a 160-bit signature into eDRAM, the boot loader needs to perform the following tasks:
      • perform SHA-1 on the downloaded data to calculate a digest localDigest
      • perform asymmetric decryption on the downloaded signature (160-bits) using an asymmetric public key to obtain authorizedDigest
      • If authorizedDigest is the PKCS#1 (patent free) form of localDigest, then the down-loaded data is authorized (the signature must have been signed with the asymmetric private key) and control can then be passed to the downloaded data
  • Asymmetric decryption is used instead of symmetric decryption because the decrypting key must be held in SoPEC's ROM. If symmetric private keys are used, the ROM can be probed and the security is compromised.
  • The procedure requires the following data item:
      • boot0key=an n-bit asymmetric public key
  • The procedure also requires the following two functions:
      • SHA-1=a function that performs SHA-1 on a range of memory and returns a 160-bit digest
      • decrypt=a function that performs asymmetric decryption of a message using the passed-in key
        • PKCS#1 form of localDigest is 2048-bits formatted as follows: bits 2047-2040=0x00, bits 2039-2032=0x01, bits 2031-288=0xFF . . . 0xFF, bits 287-160=0x003021300906052BOE03021A05000414, bits 159-0=localDigest.
  • Assuming that all of these are available (e.g. in the boot ROM), boot loader 0 can be defined as in the following pseudocode:
  •    bootloader0(data, sig)
        localDigest ← SHA-1(data)
        authorizedDigest ← decrypt(sig, boot0key)
        expectedDigest     =     0x00|0x01|0xFF..0xFF|
          0x003021300906052B0E03021A05000414 |localDigest)
    // “|” = concat
        If (authorizedDigest == expectedDigest)
        jump to program code at data-start address// will never return
        Else
        // program code is unauthorized
        EndIf
  • The length of the key will depend on the asymmetric algorithm chosen. The key must provide the equivalent protection of the entire QA Chip system—if the Manufacturer/owner O/S program code can be bypassed, then it is equivalent to the QA Chip keys being compromised. In fact it is worse because it would compromise Manufacturer/owner operating parameters, OEM operating parameters, and ink authentication by software downloaded off the net (e.g. from some hacker).
  • In the case of RSA, a 2048-bit key is required to match the 160-bit symmetric-key security of the QA Chip. In the case of ECDSA, a key length of 132 bits is likely to suffice. RSA is convenient because the patent (U.S. Pat. No. 4,405,829) expired in September 2000.
  • There is no advantage to storing multiple keys in SoPEC and having the external message choose which key to validate against, because a compromise of any key allows the external user to always select that key.
  • There is also no particular advantage to having the boot mechanism select the key (e.g. one for USB-based booting and one for external ROM booting) a compromise of the external ROM booting key is enough to compromise all the SoPEC systems. However, there are advantages in having multiple keys present in the boot ROM and having a wire-bonding option on the pads select which of the keys is to be used. Ideally, the pads would be connected within the package, and the selection is not available via external means once the die has been packaged. This means we can have different keys for different application areas (e.g. different uses of the chip), and if any particular SoPEC key is compromised, the die could be kept constant and only the bonding changed. Note that in the worst case of all keys being compromised, it may be economically feasible to change the boot0key value in SoPEC's ROM, since this is only a single mask change, and would be easy to verify and characterize.
  • Therefore the entire security of SoPEC is based on keeping the asymmetric private key paired to boot0key secure. The entire security of SoPEC is also based on keeping the program that signs (i.e. authorizes) datasets using the asymmetric private key paired to boot0key secure.
  • It may therefore be reasonable to have multiple signatures (and hence multiple signature programs) to reduce the chance of a single point of weakness by a rogue employee. Note that the authentication time increases linearly with the number of signatures, and requires a 2048-bit public key in ROM for each signature.
  • Given that test programs, evaluation programs, and Manufacturer/owner O/S code needs to be written and tested, and OEM program code etc. also needs to be tested, it is not secure to have a single authentication of a monolithic dataset combining Manufacturer/owner O/S, non-O/S, and OEM program code—we certainly don't want OEMs signing Manufacturer/owner program code, and Manufacturer/owner shouldn't have to be involved with the signing of OEM program code.
  • Therefore we require differing levels of authentication and therefore a number of keys, although the procedure for authentication is identical to the first—a section of program code contains the key and procedure for authenticating the next.
  • This method allows for any hierarchy of authentication, based on a root key of boot0key. For example, assume that we have the following entities:
      • QACo, Manufacturer/owner's QA/key company. Knows private version of boot0key, and owner of security concerns.
      • SoPECCo, Manufacturer/owner's SoPEC hardware/software company. Supplies SoPEC ASICs and SoPEC O/S printing software to a ComCo.
      • ComCo, a company that assembles Print Engines from SoPECs, Memjet printheads etc, customizing the Print Engine for a given OEM according to a license
      • OEM, a company that uses a Print Engine to create a printer product to sell to the end-users. The OEM would supply the motor control logic, user interface, and casing.
  • The levels of authentication hierarchy are as follows:
      • QACo writes the boot ROM, agenerates dataset1, consisting of a boot loader program that loads and validates dataset2and QACo's asymmetric public boot1key. QACo signs dataset0 with the asymmetric private boot0key.
      • SoPECCo generates dataset1, consisting of the print engine security kernel O/S (which incorporates the security-based features of the print engine functionality) and the ComCo's asymmetric public key. Upon a special “formal release” request from SoPECCo, QACo signs dataset0 with QACo's asymmetric private boot0key key. The print engine program code expects to see an operating parameter block signed by the ComCo's asymmetric private key. Note that this is a special “formal release” request to by SoPECCo.
  • The ComCo generates dataSet3, consisting of dataset1 plus dataset2, where dataset2 is an operating parameter block for a given OEM's print engine license (according to the print engine license arrangement) signed with the ComCo's asymmetric private key. The operating parameter block (dataset2) would contain valid print speed ranges, a PrintEngineLicenseId, and the OEM's asymmetric public key. The ComCo can generate as many of these operating parameter blocks for any number of Print Engine Licenses, but cannot write or sign any supervisor O/S program code.
      • The OEM would generate dataset5, consisting of dataset3 plus dataset4, where dataset4 is the OEM program code signed with the OEM's asymmetric private key. The OEM can produce as many versions of dataset5 as it likes (e.g. for testing purposes or for updates to drivers etc) and need not involve Manufacturer/owner, QACo, or ComCo in any way.
  • The relationship is shown in FIG. 19.
  • When the end-user uses dataset5, SoPEC itself validates dataset1 via the boot0key mechanism. Once dataset1 is executing, it validates dataset2, and uses dataset2 data to validate dataset4. The validation hierarchy is shown in FIG. 20.
  • If a key is compromised, it compromises all subsequent authorizations down the hierarchy. In the example from above (and as illustrated in FIG. 20) if the OEM's asymmetric private key is compromised, then O/S program code is not compromised since it is above OEM program code in the authentication hierarchy. However if the ComCo's asymmetric private key is compromised, then the OEM program code is also compromised. A compromise of boot0key compromises everything up to SoPEC itself, and would require a mask ROM change in SoPEC to fix.
  • It is worthwhile repeating that in any hierarchy the security of the entire hierarchy is based on keeping the asymmetric private key paired to boot0key secure. It is also a requirement that the program that signs (i.e. authorizes) datasets using the asymmetric private key paired to boot0key secure.
  • The hierarchical boot procedure described above gives a hierarchy of protection in a final shipped product.
  • It is also desirable to use a hierarchy of protection during software development within Manufacturer/owner.
  • For a program to be downloaded and run on SoPEC during development, it will need to be signed. In addition, we don't want to have to sign each and every Manufacturer/owner development code with the boot0key, as it creates the possibility of any developmental (including buggy or rogue) application being run on any SoPEC.
  • Therefore QACo needs to generate/create a special intermediate boot loader, signed with boot0key, that performs the exact same tasks as the normal boot loader, except that it checks the SoPECid to see if it is a specific SoPECid (or set of SoPECids). If the SoPEC_id is in the valid set, then the developmental boot loader validates dataset2 by means of its length and a SHA-1 digest of the developmental code4, and not by a further digital signature. The QACo can give this boot loader to the software development team within Manufacturer/owner. The software team can now write and run any program code, and load the program code using the development boot loader. There is no requirement for the subsequent software program (i.e. the developmental program code) to be signed with any key since the programs can only be run on the particular SoPECs. 4The SHA-1 digest is to allow the total program load time to simulate the running time of the normal boot loader running on a non-developmental version of the program.
  • If the developmental boot loader (and/or signature generator) were compromised, or any of the developmental programs were compromised, the worst situation is that an attacker could run programs on that particular set of SoPECs, and on no others.
  • This should greatly reduce the possibility of erroneous programs signed with boot0key being available to an attacker (only official releases are signed by boot0key), and therefore reduces the possibility of a Manufacturer/owner employee intentionally or inadvertently creating a back door for attackers.
  • The relationship is shown below in FIG. 21.
  • Theoretically the same kind of hierarchy could also be used to allow OEMs to be assured that their program code will only work on specific SoPECs, but this is unlikely to be necessary, and is probably undesirable.
  • It is possible that errors in supervisor program code (e.g. the operating system) could allow attackers to subvert the program in SoPEC and gain supervisor control.
  • To reduce the impact of this kind of attack, it is possible to allocate some bits of the SoPEC_id to form some kind of date. The granularity of the date could be as simple as a single bit that says the date is obtained from the regular IBM ECID, or it could be 6 bits that give 10 years worth of 3-month units.
  • The first step of the program loaded by boot loader 0 could check the SoPEC_id date, and run or refuse to run appropriately. The Manufacturer/owner driver or OS could therefore be limited to run on SoPECs that are manufactured up until a particular date.
  • This means that the OEM would require a new version of the OS for SoPECs after a particular date, but the new driver could be made to work on all previous versions of SoPEC. The function simply requires a form of date, whose granularity for working can be determined by agreement with the OEM.
  • For example, suppose that SoPECs are supplied with 3-month granularity in their date components. Manufacturer/owner could ship a version of the OS that works for any SoPEC of the date (i.e. on any chip), or for all SoPECs manufactured during the year etc. The driver issued the next year could work with all SoPECs up until that years etc. In this way the drivers for a chip will be backwards compatible, but will be deliberately not forwards-compatible. It allows the downloading of a new driver with no problems, but it protects against bugs in one years's driver OS from being used against future SoPECs. Note that the phasing in of a new OS doesn't have to be at the same time as the hardware. For example, the new OS can come in 3 months before the hardware that it supports. However once the new SoPECs are being delivered, the OEM must not ship the older driver with the newer SoPECs, for the old driver will not work on the newer SoPECs. Basically once the OEM has received the new driver, they should use that driver for all SoPEC systems from that point on (old SoPECs will work with the new driver). This date-limiting feature would most likely be using a field in the ComCo specified operating parameters, so it allows the SoPEC to use date-checking in addition to additional QA Chip related parameter checking (such as the OEM's PrintEngineLicenseId etc).
  • A variant on this theme is a date-window, where a start-date and end-date are specified (as relating to SoPEC manufacture, not date of use).
  • Operating parameters need to be considered in terms of Manufacturer/owner operating parameters and OEM operating parameters. Both sets of operating parameters are stored on the PRINTER_QA chip (physically located inside the printer). This allows the printer to maintain parameters regardless of being moved to different computers, or a loss/replacement of host O/S drivers etc.
  • On PRINTER_QA, memory vector M0 contains the upgradable operating parameters, and memory vectors M1+ contains any constant (non-upgradable) operating parameters. Considering only Manufacturer/owner operating parameters for the moment, there are actually two problems:
    • a. setting and storing the Manufacturer/owner operating parameters, which should be authorized only by Manufacturer/owner
    • b. reading the parameters into SoPEC, which is an issue of SoPEC authenticating the data on the PRINTER_QA chip since we don't trust PRINTER_QA.
  • The PRINTER_QA chip therefore contains the following symmetric keys:
      • K0=PrintEngineLicense_key. This key is constant for all SoPECs supplied for a given print engine license agreement between an OEM and a Manufacturer/owner ComCo. K0 has write permissions to the Manufacturer/owner upgradeable region of M0 on PRINTER_QA.
      • K1=SoPEC_id_key. This key is unique for each SoPEC, and is known only to the SoPEC and PRINTER_QA. K1 does not have write permissions for anything.
  • K0 is used to solve problem (a). It is only used to authenticate the actual upgrades of the operating parameters.
  • K1 is used by SoPEC to solve problem (b). It is used to authenticate reads of data (i.e. the operating parameters) from PRINTER_QA.
  • Note that the procedure for verifying reads of data from PRINTER_QA does not rely on Manufacturer/owner's key K0. This means that precisely the same mechanism can be used to read and authenticate the OEM data also stored in PRINTER_QA. Of course this must be done by Manufacturer/owner supervisor code so that SoPEC_id_key is not revealed. If the OEM also requires upgradable parameters, we can add an extra key to PRINTER_QA, where that key is an OEM_key and has write permissions to the OEM part of M0.
  • In this way, K1 never needs to be known by anyone except the SoPEC and PRINTER_QA.
  • Each printing SoPEC in a multi-SoPEC system need access to a PRINTER_QA chip that contains the appropriate SoPEC_id_key to validate ink useage and operating parameters. This can be accomplished by a separate PRINTER_QA for each SoPEC, or by adding extra keys (multiple SoPEC_id_keys) to a single PRINTER_QA.
  • However, if ink usage is not being validated (e.g. if print speed were the only Manufacturer/owner upgradable parameter) then not all SoPECs require access to a PRINTER_QA chip that contains the appropriate SoPEC_id_key. Assuming that OEM program code controls the physical motor speed (different motors per OEM), then the PHI within the first (or only) front-page SoPEC can be programmed to accept (or generate) line sync pulses no faster than a particular rate. If line syncs arrived faster than the particular rate, the PHI would simply print at the slower rate. If the motor speed was hacked to be fast, the print image will appear stretched.
  • Manufacturer/owner operating parameters include such items as print speed, print quality etc. and are tied to a license provided to an OEM. These parameters are under Manufacturer/owner control. The licensed Manufacturer/owner operating parameters are typically stored in the PRINTER_QA.
  • However there are situations when it is desirable to have a floating upgrade to a license, for use on a printer of the user's choice. For example, OEMs may sell a speed-increase license upgrade that can be plugged into the printer of the user's choice. This form of upgrade can be considered a floating upgrade in that it upgrades whichever printer it is currently plugged into. This dongle is referred to as ADDITIONAL_PRINTER_QA. The software checks for the existence of an ADDITIONAL_PRINTER_QA, and if present the operating parameters are chosen from the values stored on both QA chips.
  • The basic problem of authenticating the additional operating parameters boils down to the problem that we don't trust ADDITIONAL_PRINTER_QA. Therefore we need a system whereby a given SoPEC can perform an authenticated read of the data in ADDITIONAL_PRINTER_QA.
  • We should not write the SoPEC_id_key to a key in the ADDITIONAL_PRINTER_QA because:
      • then it will be tied specifically to that SoPEC, and the primary intention of the ADDITIONAL_PRINTER_QA is that it be floatable;
      • the ink cartridge would then not work in another printer since the other printer would not know the old SoPEC_id_key (knowledge of the old key is required in order to change the old key to a new one).
      • updating keys is not power-safe (i.e. if at the user's site, power is removed mid-update, the ADDITIONAL_PRINTER_QA could be rendered useless)
  • The proposed solution is to let ADDITIONAL_PRINTER_QA have two keys:
      • K0=FloatingPrintEngineLicense_key. This key has the same function as the PrintEngineLicense_key in the PRINTER_QA5 in that K0 has write permissions to the Manufacturer/owner upgradeable region of M0 on ADDITIONAL_PRINTER_QA.
      • K1=UseExtParmsLicense_key. This key is constant for all of the ADDITIONAL_PRINTER_QAs for a given license agreement between an OEM and a Manufacturer/owner ComCo (this is not the same key as PrintEngineLicense_key which is stored as K0 in PRINTER_QA). K1 has no write permissions to anything. 5This can be identical to PrintEngineLicense_key in the PRINTER_QA if it is desirable (unlikely) that upgraders can function on PRINTER_QAs as well as ADDITIONAL_PRINTER_QAs
  • K0 is used to allow writes to the various fields containing operating parameters in the ADDITIONAL_PRINTER_QA. The upgrader (ChipS) also needs to check the appropriate licensing parameters such as OEM_Id for validity.
  • K1 is used to allow SoPEC to authenticate reads of the ink remaining and any other ink data. This is accomplished by having the same UseExtParmsLicense_key within PRINTER_QA (e.g. in K2), also with no write permissions. i.e:
      • PRINTER_QA.K2=UseExtParmsLicense_key. This key is constant for all of the PRINTER_QAs for a given license agreement between an OEM and a Manufacturer/owner ComCo. K2 has no write permissions to anything.
  • This means there are two shared keys, with PRINTER_QA sharing both, and thereby acting as a bridge between INK_QA and SoPEC.
      • UseExtParmsLicense_key is shared between PRINTER_QA and ADDITIONAL_PRINTER_QA
      • SoPEC_id_key is shared between SoPEC and PRINTER_QA
  • All SoPEC has to do is do an authenticated read [6] from ADDITIONAL_PRINTER_QA, pass the data/signature to PRINTER_QA, let PRINTER_QA validate the data/signature, and get PRINTER_QA to produce a similar signature based on the shared SoPEC_id_key. It can do so using the Translate function. SoPEC can then compare PRINTER_QA's signature with its own calculated signature, and if the signatures match, the data from ADDITIONAL_PRINTER_QA must be valid, and can therefore be trusted. Once the data from ADDITIONAL_PRINTER_QA is known to be trusted, the various operating parameters such as OEM_Id can be checked for validity.
  • With respect to floating dongles i.e. dongles that can be used on any SoPEC, sometimes it is desirable to tie a dongle to a specific SoPEC.
  • Tying a QA_CHIP to be used only on a specific SoPEC can be easily accomplished by writing the PRINTER_QA's chipId (unique serial number) into an appropriate M0 field on the ADDITIONAL_PRINTER_QA. The system software can detect the match and function appropriately. If there is no match, the software can ignore the data read from the ADDITIONAL_PRINTER_QA.
  • Although it is also possible to store the SoPEC_id_key in one of the keys within the dongle, this must be done in an environment where power will not be removed partway through the key update process (if power is removed during the key update there is a possibility that the dongle QA Chip may be rendered unusable, although this can be checked for after the power failure).
  • Although an OEM should only be able sell the licensed operating parameters for a given Print Engine, they must be able to assembly-line test6 or service/test the Print Engine with a different set of operating parameters e.g. a maximally upgraded Print Engine. 6This section is referring to assembly-line testing rather than development testing. An OEM can maximally upgrade a given Print Engine to allow developmental testing of their own OEM program code & mechanics.
  • Several different mechanisms can be employed to allow OEMs to test the upgraded capabilities of the Print Engine. At present it is unclear exactly what kind of assembly-line tests would be performed.
  • The simplest solution is to use an ADDITIONAL_PRINTER_QA (i.e. special dongle PRINTER_QA). The ADDITIONAL_PRINTER_QA would contain the operating parameters that maximally upgrade the printer as long as the dongle is connected to the SoPEC. The exact connection may be directly electrical (e.g. via the standard QA Chip connections) or may be over the USB connection to the printer test host depending on the nature of the test. The exact preferred connection is yet to be determined.
  • In the testing environment, the ADDITIONAL_PRINTER_QA also requires a numberOfImpressions field inside M0, which is writeable by K0. Before the SoPEC prints a page at the higher speed, it decrements the numberOfImpressions counter, performs an authenticated read to ensure the count was decremented, and then prints the page. In this way, the total number of pages that can be printed at high speed is reduced in the event of someone stealing the ADDITIONAL_PRINTER_QA device. It also means that multiple test machines can make use of the same ADDITIONAL_PRINTER_QA.
  • Manufacturer/owner O/S program code contains the OEM's asymmetric public key to ensure that the subsequent OEM program code is authentic—i.e. from the OEM. However given that SoPEC only contains a single root key, it is theoretically possible for different OEM's applications to be run identically physical Print Engines i.e. printer driver for OEM1 run on an identically physical Print Engine from OEM2.
  • To guard against this, the Manufacturer/owner O/S program code contains a PrintEngineLicense_id code (e.g. 16 bits) that matches the same named value stored as a fixed operating parameter in the PRINTER_QA (i.e. in M1+). As with all other operating parameters, the value of PrintEngineLicense_id is stored in PRINTER_QA (and any ADDITIONAL_PRINTER_QA devices) at the same time as the other various PRINTER_QA customizations are being applied, before being shipped to the OEM site. In this way, the OEMs can be sure of differentiating themselves through software functionality.
  • The Manufacturer/owner O/S must perform ink authentication during prints. Ink usage authentication makes use of counters in SoPEC that keep an accurate record of the exact number of dots printed for each ink.
  • The ink amount remaining in a given cartridge is stored in that cartridge's INK_QA chip. Other data stored on the INK_QA chip includes ink color, viscosity, Memjet firing pulse profile information, as well as licensing parameters such as OEM_Id, inkType, InkUsageLicense_Id, etc. This information is typically constant, and is therefore likely to be stored in M1+ within INK_QA.
  • Just as the Print Engine operating parameters are validated by means of PRINTER_QA, a given Print Engine license may only be permitted to function with specifically licensed ink. Therefore the software on SoPEC could contain a valid set of ink types, colors, OEM_Ids, InkUsageLicense_Ids etc. for subsequent matching against the data in the INK_QA.
  • SoPEC must be able to authenticate reads from the INK_QA, both in terms of ink parameters as well as ink remaining.
  • To authenticate ink a number of steps must be taken:
      • restrict access to dot counts
      • authenticate ink usage and ink parameters via INK_QA and PRINTER_QA
      • broadcast ink dot usage to all SoPECs in a multi-SoPEC system
  • Since the dot counts are accessed via the PHI in the PEP section of SoPEC, access to these registers (and more generally all PEP registers) must be only available from supervisor mode, and not by OEM code (running in user mode). Otherwise it might be possible for OEM program code to clear dot counts before authentication has occurred. The basic problem of authentication of ink remaining and other ink data boils down to the problem that we don't trust INK_QA. Therefore how can a SoPEC know the initial value of ink (or the ink parameters), and how can a SoPEC know that after a write to the INK_QA, the count has been correctly decremented.
  • Taking the first issue, which is determining the initial ink count or the ink parameters, we need a system whereby a given SoPEC can perform an authenticated read of the data in INK_QA.
  • We cannot write the SoPEC_id_key to the INK_QA for two reasons:
      • updating keys is not power-safe (i.e. if power is removed mid-update, the INK_QA could be rendered useless)
      • the ink cartridge would then not work in another printer since the other printer would not know the old SoPEC_id_key (knowledge of the old key is required in order to change the old key to a new one).
  • The proposed solution is to let INK_QA have two keys:
      • K0=SupplyInkLicense_key. This key is constant for all ink cartridges for a given ink supply agreement between an OEM and a Manufacturer/owner ComCo (this is not the same key as PrintEngineLicense_key which is stored as K0 in PRINTER_QA). K0 has write permissions to the ink remaining regions of M0 on INK_QA.
      • K1=UseInkLicense_key. This key is constant for all ink cartridges for a given ink usage agreement between an OEM and a Manufacturer/owner ComCo (this is not the same key as PrintEngineLicense_key which is stored as K0 in PRINTER_QA). K1 has no write permissions to anything.
  • K0 is used to authenticate the actual upgrades of the amount of ink remaining (e.g. to fill and refill the amount of ink). The fill and refill upgrader (ChipS) also needs to check the appropriate ink licensing parameters such as OEM_Id, InkType and InkUsageLicense_Id for validity.
  • K1 is used to allow SoPEC to authenticate reads of the ink remaining and any other ink data. This is accomplished by having the same UseInkLicense_key within PRINTER_QA (e.g. in K2 or K3), also with no write permissions.
  • This means there are two shared keys, with PRINTER_QA sharing both, and thereby acting as a bridge between INK_QA and SoPEC.
      • UseInkLicense_key is shared between INK_QA and PRINTER_QA
      • SoPEC_id_key is shared between SoPEC and PRINTER_QA
  • All SoPEC has to do is do an authenticated read [6] from INK_QA, pass the data/signature to PRINTER_QA, let PRINTER_QA validate the data/signature and get PRINTER_QA to produce a similar signature based on the shared SoPEC_id_key (i.e. the Translate function [6]). SoPEC can then compare PRINTER_QA's signature with its own calculated signature (i.e. implement a Test function [6] in software on the SoPEC), and if the signatures match, the data from INK_QA must be valid, and can therefore be trusted.
  • Once the data from INK_QA is known to be trusted, the amount of ink remaining can be checked, and the other ink licensing parameters such as OEM_Id, InkType, InkUsageLicense_Id can be checked for validity.
  • In summary, the SoPEC performs the non-authenticated write of ink remaining to the INK_QA chip, and then performs an authenticated read of the data via the PRINTER_QA as per the pseudocode above. If the value is authenticated, and the INK_QA ink-remaining value matches the expected value, the count was correctly decremented and the printing can continue.
  • In a multi-SoPEC system, each SoPEC attached to a printhead must broadcast its ink usage to all the SoPECs. In this way, each SoPEC will have its own version of the expected ink usage.
  • In the case of a man-in-the-middle attack, at worst the count in a given SoPEC is only its own count (i.e. all broadcasts are turned into 0 ink usage by the man-in-the-middle). We would also require the broadcast amount to be treated as an unsigned integer to prevent negative amounts from being substituted.
  • A single SoPEC performs the update of ink remaining to the INK_QA chip, and then all SoPECs perform an authenticated read of the data via the appropriate PRINTER_QA (the PRINTER_QA that contains their matching SoPEC_id_key—remember that multiple SoPEC_id_keys can be stored in a single PRINTER_QA). If the value is authenticated, and the INK_QA value matches the expected value, the count was correctly decremented and the printing can continue.
  • If any of the broadcasts are not received, or have been tampered with, the updated ink counts will not match. The only case this does not cater for is if each SoPEC is tricked (via a USB2 inter-SoPEC-comms man-in-the-middle attack) into a total that is the same, yet not the true total. Apart from the fact that this is not viable for general pages, at worst this is the maximum amount of ink printed by a single SoPEC. We don't care about protecting against this case.
  • Since a typical maximum is 4 printing SoPECs, it requires at most 4 authenticated reads. This should be completed within 0.5 seconds, well within the 1-2 seconds/page print time. There must be a mapping of logical to physical since specific SoPECs are responsible for printing on particular physical parts of the page, and/or have particular devices attached to specific pins.
  • The identification process is mostly solved by general USB2 enumeration.
  • Each slave SoPEC will need to verify the boot broadcast messages received over USB2, and only execute the code if the signatures are valid. Several levels of authorization may occur. However, at some stage, this common program code (broadcast to all of the slave SoPECs and signed by the appropriate asymmetric private key) can, among other things, set the slave SoPEC's id relating to the physical location. If there is only 1 slave, the id is easy to determine, but if there is more than 1 slave, the id must be determined in some fashion. For example, physical location/id determination may be:
      • given by the physical USB2 port on the master
      • related to the physical wiring up of the USB2 interconnects
      • based on GPIO wiring. On other systems, a particular physical arrangement of SoPECs may exist such that each slave SoPEC will have a different set of connections on GPIOs. For example, one SoPEC maybe in charge of motor control, while another may be driving the LEDs etc. The unused GPIO pins (not necessarily the same on each SoPEC) can be set as inputs and then tied to 0 or 1. As long as the connection settings are mutually exclusive, program code can determine which is which, and the id appropriately set.
  • This scheme of slave SoPEC identification does not introduce a security breach. If an attacker rewires the pinouts to confuse identification, at best it will simply cause strange printouts (e.g. swapping of printout data) to occur, while at worst the Print Engine will simply not function.
  • In use, each INK_QA chip needs the following keys:
      • K0=SupplyInkLicense_key
      • K1=UseInkLicense_key
  • Each PRINTER_QA chip tied to a specific SoPEC requires the following keys:
      • K0=PrintEngineLicense_key
      • K1=SoPEC_id_key
      • K2=UseExtParmsLicense_key
      • K3=UseInkLicense_key
  • Note that there may be more than one K1 depending on the number of PRINTER_QA chips and SoPECs in a system. These keys need to be appropriately set up in the QA Chips before they will function correctly together.
  • When original QA Chips are shipped from QACo to a specific ComCo their keys are as follows:
      • K0=QACo_ComCo_Key0
      • K1=QACo_ComCo_Key1
      • K2=QACo_ComCo_Key2
      • K3=QACo_ComCo_Key3
  • All 4 keys are only known to QACo. Note that these keys are different for each QA Chip. The ComCo is responsible for making Print Engines out of Memjet printheads, QA Chips, PECs or SoPECs, PCBs etc.
  • In addition, the ComCo must customize the INK_QA chips and PRINTER_QA chip on-board the print engine before shipping to the OEM.
  • There are two stages:
      • replacing the keys in QA Chips with specific keys for the application (i.e. INK_QA and PRINTER_QA)
      • setting operating parameters as per the license with the OEM
  • The ComCo is issued QID hardware by QACo that allows programming of the various keys (except for K1) in a given QA Chip to the final values, following the standard ChipF/ChipP replace key (indirect version) protocol. The indirect version of the protocol allows each QACo_ComCo_Key to be different for each SoPEC.
  • In the case of programming of PRINTER_QA's K1 to be SoPEC_id_key, there is the additional step of transferring an asymmetrically encrypted SoPEC_id_key (by the public-key) along with the nonce (RP) used in the replace key protocol to the device that is functioning as a ChipF. The ChipF must decrypt the SoPEC_id_key so it can generate the standard replace key message for PRINTER_QA (functioning as a ChipP in the ChipF/ChipP protocol). The asymmetric key pair held in the ChipF equivalent should be unique to a ComCo (but still known only by QACo) to prevent damage in the case of a compromise.
  • Note that the various keys installed in the QA Chips (both INK_QA and PRINTER_QA) are only known to the QACo. The OEM only uses QIDs and QACo supplied ChipFs. The replace key protocol allows the programming to occur without compromising the old or new key.
  • There are two sets of operating parameters stored in PRINTER_QA and INK_QA:
      • fixed
      • upgradable
  • The fixed operating parameters can be written to by means of a non-authenticated writes to M1+ via a QID, and permission bits set such that they are ReadOnly.
  • The upgradable operating parameters can only be written to after the QA Chips have been programmed with the correct keys. Once they contain the correct keys they can be programmed with appropriate operating parameters by means of a QID and an appropriate ChipS (containing matching keys).
  • The QA Chip has a physical and a logical external interface. The physical interface defines how the QA Chip can be connected to a physical System, while the logical interface determines how that System can communicate with the QA Chip.
  • The QA Chip has four operating modes—Idle Mode, Program Mode, Trim Mode and Active Mode.
      • Idle Mode is used to allow the chip to wait for the next instruction from the System.
      • Trim Mode is used to determine the clock speed of the chip and to trim the frequency during the initial programming stage of the chip (when Flash memory is garbage). The clock frequency must be trimmed via Trim Mode before Program Mode is used to store the program code.
      • Program Mode is used to load up the operating program code, and is required because the operating program code is stored in Flash memory instead of ROM (for security reasons).
      • Active Mode is used to execute the specific authentication command specified by the System. Program code is executed in Active Mode. When the results of the command have been returned to the System, the chip enters Idle Mode to wait for the next instruction.
  • The QA Chip starts up in Idle Mode. When the Chip is in Idle Mode, it waits for a command from the master by watching the primary id on the serial line.
      • If the primary id matches the global id (0x00, common to all QA Chips), and the following byte from the master is the Trim Mode id byte, the QA Chip enters Trim Mode and starts counting the number of internal clock cycles until the next byte is received.
      • If the primary id matches the global id (0x00, common to all QA Chips), and the following byte from the master is the Program Mode id byte, the QA Chip enters Program Mode.
      • If the primary id matches the global id (0x00, common to all QA Chips), and the following byte from the master is the Active Mode id byte, the QA Chip enters Active Mode and executes startup code, allowing the chip to set itself into a state to receive authentication commands (includes setting a local id).
      • If the primary id matches the chip's local id, and the following byte is a valid command code, the QA Chip enters Active Mode, allowing the command to be executed.
  • The valid 8-bit serial mode values sent after a global id are specified to minimize the chances of them occurring by error after a global id (e.g. 0xFF and 0x00 are not used): Trim Mode is enabled by sending a global id byte (0x00) followed by the Trim Mode command byte.
  • The purpose of Trim Mode is to set the trim value (an internal register setting) of the internal ring oscillator so that Flash erasures and writes are of the correct duration. This is necessary due to the variation of the clock speed due to process variations. If writes an erasures are too long, the Flash memory will wear out faster than desired, and in some cases can even be damaged.
  • Trim Mode works by measuring the number of system clock cycles that occur inside the chip from the receipt of the Trim Mode command byte until the receipt of a data byte. When the data byte is received, the data byte is copied to the trim register and the current value of the count is transmitted to the outside world.
  • Once the count has been transmitted, the QA Chip returns to Idle Mode.
  • At reset, the internal trim register setting is set to a known value r. The external user can now perform the following operations:
      • send the global id+write followed by the Trim Mode command byte
      • send the 8-bit value v over a specified time t
      • send a stop bit to signify no more data
      • send the global id+read followed by the Trim Mode command byte
      • receive the count c
      • send a stop bit to signify no more data
  • At the end of this procedure, the trim register will be v, and the external user will know the relationship between external time t and internal time c. Therefore a new value for v can be calculated.
  • The Trim Mode procedure can be repeated a number of times, varying both t and v in known ways, measuring the resultant c. At the end of the process, the final value for v is established (and stored in the trim register for subsequent use in Program Mode). This value v must also be written to the flash for later use (every time the chip is placed in Active Mode for the first time after power-up).
  • Program Mode is enabled by sending a global id byte (0x00) followed by the Program Mode command byte.
  • The QA Chip determines whether or not the internal fuse has been blown (by reading 32-bit word 0 of the information block of flash memory).
  • If the fuse has been blown the Program Mode command is ignored, and the QA Chip returns to Idle Mode.
  • If the fuse is still intact, the chip enters Program Mode and erases the entire contents of Flash memory. The QA Chip then validates the erasure. If the erasure was successful, the QA Chip receives up to 4096 bytes of data corresponding to the new program code and variable data. The bytes are transferred in order byte0 to byte4095.
  • Once all bytes of data have been loaded into Flash, the QA Chip returns to Idle Mode. Note that Trim Mode functionality must be performed before a chip enters Program Mode for the first time.
  • Once the desired number of bytes have been downloaded in Program Mode, the LSS Master must wait for 80 s (the time taken to write two bytes to flash at nybble rates) before sending the new transaction (eg Active Mode). Otherwise the last nybbles may not be written to flash.
  • Active Mode is entered either by receiving a global id byte (0x00) followed by the Active Mode command byte, or by sending a local id byte followed by a command opcode byte and an appropriate number of data bytes representing the required input parameters for that opcode.
  • In both cases, Active Mode causes execution of program code previously stored in the flash memory via Program Mode. As a result, we never enter Active Mode after Trim Mode, without a Program Mode in between. However once programmed via Program Mode, a chip is allowed to enter Active Mode after power-up, since valid data will be in flash.
  • If Active Mode is entered by the global id mechanism, the QA Chip executes specific reset startup code, typically setting up the local id and other IO specific data. If Active Mode is entered by the local id mechanism, the QA Chip executes specific code depending on the following byte, which functions as an opcode.
  • Apart from the Reset command, the next four commands are the commands most likely to be used during regular operation. The next three commands are used to provide authenticated writes (which are expected to be uncommon). The final set of commands (including SignM), are expected to be specially implemented on ChipS and ChipF QA Chips only. The input parameters are sent in the specified order, with each parameter being sent least significant byte first and most significant byte last.
  • Return (output) values are read in the same way—least significant byte first and most significant byte last. The client must know how many bytes to retrieve. The QA Chip will time out and return to Idle Mode if an incorrect number of bytes is provided or read. In most cases, the output bytes from one chip's command (the return values) can be fed directly as the input bytes to another chip's command. An example of this is the RND and RD commands. The output data from a call to RND on a trusted QA Chip does not have to be kept by the System. Instead, the System can transfer the output bytes directly to the input of the non-trusted QA Chip's RD command. The description of each command points out where this is so.
  • Note that some algorithms are specifically designed because flash memory is assumed for the implementation of non-volatile variables.
  • The memory within the QA Chip contains some non-volatile (Flash) memory to store the variables required by the authentication protocol. Note that since these variables are in Flash memory, writes should be minimized. The it is not a simple matter to write a new value to replace the old. Care must be taken with flash endurance, and speed of access. This has an effect on the algorithms used to change Flash memory based registers. For example, Flash memory should not be used as a shift register. A reset of the QA Chip has no effect on the non-volatile variables.
  • The base operating system clock SysClk is generated internally from a ring oscillator (process dependant). Since the frequency varies with operating temperature and voltage, the clock is passed through a temperature-based clock filter before use. The frequency is built into the chip during manufacture, and cannot be changed. The frequency is in the range 7-14 MHz.
  • Manufacturing comments are not normally made when normally describing the architecture of a chip. However, in the case of the QA Chip, the physical implementation of the chip is very much tied to the security of the key. Consequently a number of specialized circuits and components are necessary for implementation of the QA Chip. They are listed here.
      • Flash process
      • Internal randomized clock
      • Temperature based clock filter
      • Noise generator
      • Tamper Prevention and Detection circuitry
      • Protected memory with tamper detection
      • Boot-strap circuitry for loading program code
      • Data connections in polysilicon layers where possible
      • OverUnderPower Detection Unit
      • No scan-chains or BIST
  • The QA Chip is implemented with a standard Flash manufacturing process. It is important that a Flash process be used to ensure that good endurance is achieved (parts of the Flash memory can be erased/written many times).
  • To prevent clock glitching and external clock-based attacks, the operating clock of the chip should be generated internally. This can be conveniently accomplished by an internal ring oscillator. The length of the ring depends on the process used for manufacturing the chip.
  • Due to process and temperature variations, the clock needs to be trimmed to bring it into a range usable for timing of Flash memory writes and erases.
  • The internal clock should also contain a small amount of randomization to prevent attacks where light emissions from switching events are captured, as described below.
  • Finally, the generated clock must be passed through a temperature-based clock filter before being used by the rest of the chip.
  • The normal situation for FET implementation for the case of a CMOS inverter (which involves a pMOS transistor combined with an nMOS transistor).
  • During the transition, there is a small period of time where both the nMOS transistor and the pMOS transistor have an intermediate resistance. The resultant power-ground short circuit causes a temporary increase in the current, and in fact accounts for around 20% of current consumed by a CMOS device. A small amount of infrared light is emitted during the short circuit, and can be viewed through the silicon substrate (silicon is transparent to infrared light). A small amount of light is also emitted during the charging and discharging of the transistor gate capacitance and transmission line capacitance. For circuitry that manipulates secret key information, such information must be kept hidden.
  • Fortunately, IBM's PICA system and LVP (laser voltage probe) both have a requirement for repeatability due to the fact that the photo emissions are extremely weak (one photon requires more than 105 switching events). PICA requires around 109 pases to build a picture of the optical waveform. Similarly the LVP requires multiple passes to ensure an adequate SNR.
  • Randomizing the clock stops repeatability (from the point of view of collecting information about the same position in time), and therefore reduces the possibility of this attack. The QA Chip circuitry is designed to operate within a specific clock speed range. Although the clock is generated by an internal ring oscillator, the speed varies with temperature and power. Since the user supplies the temperature and power, it is possible for an attacker to attempt to introduce race-conditions in the circuitry at specific times during processing. An example of this is where a low temperature causes a clock speed higher than the circuitry is designed for, and this may prevent an XOR from working properly, and of the two inputs, the first may always be returned. The lesson to be learned from this is that the input power and operating temperature cannot be trusted.
  • Since the chip contains a specific power filter, we must also filter the clock. This can be achieved with a temperature sensor that allows the clock pulses through only when the temperature range is such that the chip can function correctly.
  • The filtered clock signal would be further divided internally as required.
  • Each QA Chip should contain a noise generator that generates continuous circuit noise. The noise will interfere with other electromagnetic emissions from the chip's regular activities and add noise to the Idd signal. Placement of the noise generator is not an issue on an QA Chip due to the length of the emission wavelengths.
  • The noise generator is used to generate electronic noise, multiple state changes each clock cycle, and as a source of pseudo-random bits for the Tamper Prevention and Detection circuitry.
  • A simple implementation of a noise generator is a 64-bit maximal period LFSR seeded with a non-zero number.
  • A set of circuits is required to test for and prevent physical attacks on the QA Chip. However what is actually detected as an attack may not be an intentional physical attack. It is therefore important to distinguish between these two types of attacks in an QA Chip:
      • where you can be certain that a physical attack has occurred.
      • where you cannot be certain that a physical attack has occurred.
  • The two types of detection differ in what is performed as a result of the detection. In the first case, where the circuitry can be certain that a true physical attack has occurred, erasure of flash memory key information is a sensible action. In the second case, where the circuitry cannot be sure if an attack has occurred, there is still certainly something wrong. Action must be taken, but the action should not be the erasure of secret key information. A suitable action to take in the second case is a chip RESET. If what was detected was an attack that has permanently damaged the chip, the same conditions will occur next time and the chip will RESET again. If, on the other hand, what was detected was part of the normal operating environment of the chip, a RESET will not harm the key.
  • A good example of an event that circuitry cannot have knowledge about, is a power glitch. The glitch may be an intentional attack, attempting to reveal information about the key. It may, however, be the result of a faulty connection, or simply the start of a powerdown sequence. It is therefore best to only RESET the chip, and not erase the key. If the chip was powering down, nothing is lost. If the System is faulty, repeated RESETs will cause the consumer to get the System repaired. In both cases the consumable is still intact. A good example of an event that circuitry can have knowledge about, is the cutting of a data line within the chip. If this attack is somehow detected, it could only be a result of a faulty chip (manufacturing defect) or an attack. In either case, the erasure of the secret information is a sensible step to take.
  • Consequently each QA Chip should have 2 Tamper Detection Lines—one for definite attacks, and one for possible attacks. Connected to these Tamper Detection Lines would be a number of Tamper Detection test units, each testing for different forms of tampering. In addition, we want to ensure that the Tamper Detection Lines and Circuits themselves cannot also be tampered with.
  • At one end of the Tamper Detection Line is a source of pseudo-random bits (clocking at high speed compared to the general operating circuitry). The Noise Generator circuit described above is an adequate source. The generated bits pass through two different paths—one carries the original data, and the other carries the inverse of the data. The wires carrying these bits are in the layer above the general chip circuitry (for example, the memory, the key manipulation circuitry etc.). The wires must also cover the random bit generator. The bits are recombined at a number of places via an XOR gate. If the bits are different (they should be), a 1 is output, and used by the particular unit (for example, each output bit from a memory read should be ANDed with this bit value). The lines finally come together at the Flash memory Erase circuit, where a complete erasure is triggered by a 0 from the XOR. Attached to the line is a number of triggers, each detecting a physical attack on the chip. Each trigger has an oversize nMOS transistor attached to GND. The Tamper Detection Line physically goes through this nMOS transistor. If the test fails, the trigger causes the Tamper Detect Line to become 0. The XOR test will therefore fail on either this clock cycle or the next one (on average), thus RESETing or erasing the chip. FIG. 23 illustrates the basic principle of a Tamper Detection Line in terms of tests and the XOR connected to either the Erase or RESET circuitry.
  • The Tamper Detection Line must go through the drain of an output transistor for each test, as illustrated by FIG. 24.
  • It is not possible to break the Tamper Detect Line since this would stop the flow of 1s and 0s from the random source. The XOR tests would therefore fail. As the Tamper Detect Line physically passes through each test, it is not possible to eliminate any particular test without breaking the Tamper Detect Line.
  • It is important that the XORs take values from a variety of places along the Tamper Detect Lines in order to reduce the chances of an attack. FIG. 25 illustrates the taking of multiple XORs from the Tamper Detect Line to be used in the different parts of the chip. Each of these XORs can be considered to be generating a ChipOK bit that can be used within each unit or sub-unit.
  • A typical usage would be to have an OK bit in each unit that is ANDed with a given ChipOK bit each cycle. The OK bit is loaded with 1 on a RESET. If OK is 0, that unit will fail until the next RESET. If the Tamper Detect Line is functioning correctly, the chip will either RESET or erase all key information. If the RESET or erase circuitry has been destroyed, then this unit will not function, thus thwarting an attacker.
  • The destination of the RESET and Erase line and associated circuitry is very context sensitive. It needs to be protected in much the same way as the individual tamper tests. There is no point generating a RESET pulse if the attacker can simply cut the wire leading to the RESET circuitry. The actual implementation will depend very much on what is to be cleared at RESET, and how those items are cleared.
  • Finally, FIG. 26 shows how the Tamper Lines cover the noise generator circuitry of the chip. The generator and NOT gate are on one level, while the Tamper Detect Lines run on a level above the generator.
  • It is not enough to simply store secret information or program code in flash memory. The Flash memory and RAM must be protected from an attacker who would attempt to modify (or set) a particular bit of program code or key information. The mechanism used must conform to being used in the Tamper Detection Circuitry (described above). The first part of the solution is to ensure that the Tamper Detection Line passes directly above each flash or RAM bit. This ensures that an attacker cannot probe the contents of flash or RAM. A breach of the covering wire is a break in the Tamper Detection Line. The breach causes the Erase signal to be set, thus deleting any contents of the memory. The high frequency noise on the Tamper Detection Line also obscures passive observation.
  • The second part of the solution for flash is to always store the data with its inverse. In each byte, 4 bits contains the data, and 4 bits (the shadow) contains the inverse of the data. If both are 0, this is a valid erase state, and the value is 0. Otherwise, the memory is only valid if the 4 bits of shadow are the inverse of the main 4 bits. The reasoning is that it is possible to add electrons to flash via a FIB, but not take electrons away. If it is possible to change a 0 to 1 for example, it is not possible to do the same to its inverse, and therefore regardless of the sense of flash, an attack can be detected.
  • The second part of the solution for RAM is to use a parity bit. The data part of the register can be checked against the parity bit (which will not match after an attack).
  • The bits coming from Flash and RAM can therefore be validated by a number of test units (one per bit) connected to the common Tamper Detection Line. The Tamper Detection circuitry would be the first circuitry the data passes through (thus stopping an attacker from cutting the data lines).
  • In addition, the data and program code should be stored in different locations for each chip, so an attacker does not know where to launch an attack. Finally, XORing the data coming in and going to Flash with a random number that varies for each chip means that the attacker cannot learn anything about the key by setting or clearing an individual bit that has a probability of being the key (the inverse of the key must also be stored somewhere in flash).
  • Finally, each time the chip is called, every flash location is read before performing any program code. This allows the flash tamper detection to be activated in a common spot instead of when the data is actually used or program code executed. This reduces the ability of an attacker to know exactly what was written to.
  • Program code should be kept in protected flash instead of ROM, since ROM is subject to being altered in a non-testable way. A boot-strap mechanism is therefore required to load the program code into flash memory (flash memory is in an indeterminate state after manufacture).
  • The boot-strap circuitry must not be in a ROM—a small state-machine suffices. Otherwise the boot code could be trivially modified in an undetectable way.
  • The boot-strap circuitry must erase all flash memory, check to ensure the erasure worked, and then load the program code.
  • The program code should only be executed once the flash program memory has been validated via Program Mode.
  • Once the final program has been loaded, a fuse can be blown to prevent further programming of the chip.
  • Wherever possible, the connections along which the key or secret data flows, should be made in the polysilicon layers. Where necessary, they can be in metal 1, but must never be in the top metal layer (containing the Tamper Detection Lines).
  • Each QA Chip requires an OverUnder Power Detection Unit (PDU) to prevent Power Supply Attacks. A PDU detects power glitches and tests the power level against a Voltage Reference to ensure it is within a certain tolerance. The Unit contains a single Voltage Reference and two comparators. The PDU would be connected into the RESET Tamper Detection Line, thus causing a RESET when triggered.
  • A side effect of the PDU is that as the voltage drops during a power-down, a RESET is triggered, thus erasing any work registers.
  • Test hardware on an QA Chip could very easily introduce vulnerabilities. In addition, due to the small size of the QA Chip logic, test hardware such as scan paths and BIST units could in fact take a sizeable chunk of the final chip, lowering yield and causing a situation where an error in the test hardware causes the chip to be unusable. As a result, the QA Chip should not contain any BIST or scan paths. Instead, the program memory must first be validated via the Program Mode mechanism, and then a series of program tests run to verify the remaining parts of the chip.
  • FIG. 27 shows a high level block diagram of the QA Chip. Note that the tamper prevention and detection circuitry is not shown.
  • FIG. 28 shows a block diagram of the Analogue Unit.
  • The operating clock of the chip (SysClk) is generated by an internal ring oscillator whose frequency can be trimmed to reduce the variation from 4:1 (due to process and temperature) down to 2:1 (temperature variations only) in order to satisfy the timing requirements of the Flash memory.
  • The length of the ring depends on the process used for manufacturing the chip. A nominal operating frequency range of 10 MHz is sufficient. This clock should contain a small amount of randomization to prevent attacks where light emissions from switching events are captured.
  • Note that this is different to the input SClk which is the serial clock for external communication.
  • The ring oscillator is covered by both Tamper Detection and Prevention lines so that if an attacker attempts to tamper with the unit, the chip will either RESET or erase all secret information.
  • The voltage reference block maintains an output which is substantially independent of process, supply voltage and temperature. It provides a reference voltage which is used by the PDU and a reference current to stabilise the ring oscillator. It may also be used as part of the temperature based clock filter.
  • The Under Voltage Detection Unit provides the signal PwrFailing which, if asserted, indicates that the power supply may be turning off. This signal is used to rapidly terminate any Flash write that may be in progress to avoid accidentally writing to an indeterminate memory location.
  • Note that the PDU triggers the RESET Tamper Detection Line only. It does not trigger the Erase Tamper Detection Line.
  • The PDU can be implemented with regular CMOS, since the key does not pass through this unit. It does not have to be implemented with non-flashing CMOS.
  • The PDU is covered by both Tamper Detection and Prevention lines so that if an attacker attempts to tamper with the unit, the chip will either RESET or erase all secret information.
  • The Power-on Reset unit (POR) detects a power-on condition and generates the PORstL signal that is fed to all the validation units, including the two inside the Tamper Detect Unit (TDU).
  • All other logic is connected to RstL, which is the PORstL gated by the VAL unit attached to the Reset tamper detection lines within the TDU. Therefore, if the Reset tamper line is asserted, the validation will drive RstL low, and can only be cleared by a power-down. If the tamper line is not asserted, then RstL=PORstL.
  • The TDU contains a second VAL unit attached to the Erase tamper detection lines within the TDU. It produces a TamperEraseOK signal that is output to the MWU (1=the tamper lines are all OK, 0=force an erasure of Flash).
  • The Noise Generator (NG) is based on a 64-bit maximal period LFSR loaded with a set non-zero bit pattern on RESET.
  • The NG must be protected by both Tamper Detection and Prevention lines so that if an attacker attempts to tamper with the unit, the chip will either RESET or erase all secret information.
  • In addition, the bits in the LFSR must be validated to ensure they have not been tampered with (i.e. a parity check). If the parity check fails, the Erase Tamper Detection Line is triggered.
  • Finally, all 64 bits of the NG are ORed into a single bit. If this bit is 0, the Erase Tamper Detection Line is triggered. This is because 0 is an invalid state for an LFSR.
  • The 8-bit Trim register within the Trim Unit has a reset value of 0x00 (to enable the flash reads to succeed even in the fastest process corners), and is written to either by the PMU during Trim Mode or by the CPU in Active Mode. Note that the CPU is only able to write once to the Trim register between power-on-reset due to the TrimDone flag which provides overloading of LocalIdWE.
  • The reset value of Trim (0) means that the chip has a nominal frequency of 2.7 MHz-10 MHz. The upper of the range is when we cannot trim it lower than this (or we could allow some spread on the acceptable trimmed frequency but this will reduce our tolerance to ageing, voltage and temperature which is the range 7 MHz to 14 MHz). The 2.7 MHz value is determined by a chip whose oscillator runs at 10 MHz when the trim register is set to its maximum value, so then it must run at 2.7 MHz when trim=0. This is based on the non-linear frequency-current characteristic of the oscillator. Chips found outside of these limits will be rejected.
  • The frequency of the ring oscillator is measured by counting cycles7, in the PMU, over the byte period of the serial interface. The frequency of the serial clock, SClk, and therefore the byte period will be accurately controlled during the measurement. The cycle count (Fineas) at the end of the period is read over the serial bus and the Trim register updated (Trimval) from its power on default (POD) value. The steps are shown in FIG. 29. Multiple measure—read—trim cycles are possible to improve the accuracy of the trim procedure. 7Note that the PMU counts using 12-bits, saturates at 0xFFF, and returns the cycle count divided by 2 as an 8-bit value. This means that multiple measure-read-trim cycles may be necessary to resolve any amibguity. In any case, multiple cycles are necessary to test the correctness of the trim circuitry during manufacture test.
  • A single byte for both Fineas and Trimval provide sufficient accuracy for measurement and trimming of the frequency. If the bus operates at 400 kHz, a byte (8 bits) can be sent in 20 s. By dividing the maximum oscillator frequency, expected to be 20 MHz, by 2 results in a cycle count of 200 and 50 for the minimum frequency of 5 MHz resulting in a worst case accuracy of 2%.
  • FIG. 30 shows a block diagram of the Trim Unit:
  • The 8-bit Trim value is used in the analog Trim Block to adjust the frequency of the ring oscillator by controlling its bias current. The two lsbs are used as a voltage trim, and the 6 msbs are used as a frequency trim.
  • The Central Processing Unit (CPU) block provides the majority of the circuitry of the 4-bit microprocessor. FIG. 31 shows a high level view of the block.
  • The Memory Interface Unit (MIU) provides the interface to flash and RAM. The MIU contains a Program Mode Unit that allows flash memory to be loaded via the IOU, a Memory Request Unit that maps 8-bit and 32-bit requests into multiple byte based requests, and a Memory Access Unit that generates read/write strobes for individual accesses to the memory.
  • FIG. 32 shows a high level view of the MIU block.
  • The Memory Components block isolates the memory implementation from the rest of the QA Chip.
  • The entire contents of the Memory Components block must be protected from tampering. Therefore the logic must be covered by both Tamper Detection Lines. This is to ensure that program code, keys, and intermediate data values cannot be changed by an attacker.
  • The 8-bit wide RAM also needs to be parity-checked.
  • FIG. 33 shows a high level view of the Memory Components block. It consists of 8 KBytes of flash memory and 3072 bits of parity checked RAM.
  • A single Flash memory block is used to hold all non-volatile data. This includes program code and variables. The Flash memory block is implemented by TSMC component SFC000808B9_HE, which has the following characteristics:
      • 8K×8-bit main memory, plus 128×8-bit information memory
      • 512 byte page erase
      • Endurance of 20,000 cycles (min)
      • Greater than 100 years data retention at room temperature
      • Access time: 20 ns (max)
      • Byte write time: 20 s (min)
      • Page erase time: 20 ms (min)
      • Device erase time: 200 ms (min)
      • Area of 0.494 mm2 (724.66 m×682.05 m)
  • The FlashCtrl line are the various inputs on the SFC000808B9_HE required to read and write bytes, erase pages and erase the device. A total of 9 bits are required.
  • Flash values are unchanged by a RESET. After manufacture, the Flash contents must be considered to be garbage. After an erasure, the Flash contents in the SFC000808B9_HE is all 1s.
  • The I/O Unit (IOU) is responsible for providing the physical implementation of the logical interface moving between the various modes (Idle, Program, Trim and Active) according to commands sent by the master.
  • The IOU therefore contains the circuitry for communicating externally with the external world via the SClk and SDa pins. The IOU sends and receives data in 8-bit chunks. Data is sent serially, most significant bit (bit 7) first through to least significant bit (bit 0) last. When a master sends a command to an QA Chip, the command commences with a single byte containing an id in bits 7-1, and a read/write sense in bit 0, as shown in FIG. 34. The IOU recognizes a global id of 0x00 and a local id of LocalId (set after the CPU has executed program code at reset or due to a global id/ActiveMode command on the serial bus). Subsequent bytes contain modal information in the case of global id, and command/data bytes in the case of a match with the local id.
  • If the master sends data too fast, then the IOU will miss data, since the IOU never holds the bus. The meaning of too fast depends on what is running. In Program Mode, the master must send data a little slower than the time it takes to write the byte to flash (actually written as 2×8-bit writes, or 40 s). In ActiveMode, the master is permitted to send and request data at rates up to 500 KHz.
  • None of the latches in the IOU need to be parity checked since there is no advantage for an attacker to destroy or modify them.
  • The IOU outputs 0s and inputs 0s if either of the Tamper Detection Lines is broken. This will only come into effect if an attacker has disabled the RESET and/or erase circuitry, since breaking either Tamper Detection Lines should result in a RESET or the erasure of all Flash memory.
  • The IOU's InByte, InByteValid, OutByte, and OutByteValid registers are used for communication between the master and the QA Chip. InByte and InByteValid provide the means for clients to pass commands and data to the QA Chip. OutByte and OutByteValid provide the means for the master to read data from the QA Chip.
      • Reads from InByte should wait until InByteValid is set. InByteValid will remain clear until the master has written the next input byte to the QA Chip. When the IOU is told (by the FEU or MU) that InByte has been read, the IOU clears the InByteValid bit to allow the next byte to be read from the client.
      • Writes to OutByte should wait until OutByteValid is clear. Writing OutByte sets the OutByteValid bit to signify that data is available to be transmitted to the master. OutByteValid will then remain set until the master has read the data from OutByte. If the master requests a byte but OutByteValid is clear, the IOU sends a NAck to indicate the data is not yet ready.
  • When the chip is reset via RstL, the IOU enters ActiveMode to allow the PMU to run to load the fuse. Once the fuse has been loaded (when MIUAvail transitions from 0 to 1) the IOU checks to see if the program is known to be safe. If it is not safe, the IOU reverts to IdleMode. If it is safe (FuseBlown=1), the IOU stays in ActiveMode to allow the program to load up the localId and do any other reset initialization, and will not process any further serial commands until the CPU has written a byte to the OutByte register (which may be read or not at the discretion of the master using a localId read). In both cases the master is then able to send commands to the QA Chip.
  • FIG. 35 shows a block diagram of the IOU.
  • With regards to InByteValid inputs, set has priority over reset, although both set and reset in correct operation should never be asserted at the same time. With regards to IOSetInByte and IOLoadInByte, if IOSetInByte is asserted, it will set InByte to be 0xFF regardless of the setting of IOLoadInByte.
  • The two VAL units are validation units connected to the Tamper Prevention and Detection circuitry, each with an OK bit. The OK bit is set to 1 on PORstL, and ORed with the ChipOK values from both Tamper Detection Lines each cycle. The OK bit is ANDed with each data bit that passes through the unit.
  • In the case of VAL1, the effective byte output from the chip will always be 0 if the chip has been tampered with. Thus no useful output can be generated by an attacker. In the case of VAL2, the effective byte input to the chip will always be 0 if the chip has been tampered with. Thus no useful input can be chosen by an attacker.
  • There is no need to verify the registers in the IOU since an attacker does not gain anything by destroying or modifying them.
  • The current mode of the IOU is output as a 2-bit IOMode to allow the other units within the QA Chip to take correct action.
  • The Logic blocks generate a 1 if the current IOMode is in Program Mode, Active Mode or Trim Mode respectively. The logic blocks are:
  • The Program Counter Unit (PCU) includes the 12 bit PC (Program Counter), as well as logic for branching and subroutine control.
  • The PCU latches need to be parity-checked. In addition, the logic and registers contained in the PCU must be covered by both Tamper Detection Lines to ensure that the PC cannot be changed by an attacker.
  • The PC is implemented as a 12 entry by 12-bit PCA (PC Array), indexed by a 4-bit SP (Stack Pointer) register. The PC, PCRamSel and SP registers are all cleared to 0 on a RstL, and updated during the flow of program control according to the opcodes.
  • The current value for the PC is normally updated during the Execute cycle according to the command being executed. However it is also incremented by 1 during the Fetch cycle for two byte instructions such as JMP, JSR, DBR, TBR, and instructions that require an additional byte for immediate addressing. The mechanism for calculating the new PC value depends upon the opcode being processed.
  • FIG. 41 shows a block diagram of the PCU:
  • The ADD block is a simple adder modulo 212 with two inputs: an unsigned 12 bit number and an 8-bit signed number (high bit=sign). The signed input is either a constant of 0x01, or an 8-bit offset (the 8 bits from the MIU).
  • The “+1” block takes a 4-bit input and increments it by 1 (modulo 12). The “−1” block takes a 4-bit input and decrements it by 1 (modulo 12).
  • The Address Generator Unit (AGU) generates effective addresses for accessing the Memory Unit (MU). In Cycle 0, the PC is passed through to the MU in order to fetch the next opcode. The AGU interprets the returned opcode in order to generate the effective address for Cycle 1. In Cycle 1, the generated address is passed to the MU.
  • The logic and registers contained in the AGU must be covered by both Tamper Detection Lines. This is to ensure that an attacker cannot alter any generated address. The latches for the counters and calculated address should also be parity-checked.
  • If either of the Tamper Detection Lines is broken, the AGU will generate address 0 each cycle and all counters will be fixed at 0. This will only come into effect if an attacker has disabled the RESET and/or erase circuitry, since under normal circumstances, breaking a Tamper Detection Line will result in a RESET or the erasure of all Flash memory.
  • The block diagram for the AGU is shown in FIG. 42:
  • The accessMode and WriteMask registers must be cleared to 0 on reset to ensure that no access to memory occurs at startup of the CPU.
  • The Adr and accessMode registers are written to during the final cycle of cycle 0 (Fetch) and cycle 1 (Exec) with the address to use during the following cycle phase. For example, when cycle=1, the PC is selected so that it can be written to Adr during Exec. During cycle 0, while the PC is being output from Adr, the address to be used in the following cycle 1 is calculated (based on the fetched opcode seen as Cmd) and finally stored in Adr when Fetch is 1. The accessMode register is also updated in the same way.
  • It is important to distinguish between the value of Cmd during different values for Cycle:
  • During Cycle 0, when Fetch is 1, the 8-bit input Cmd holds the instruction to be executed in the following Cycle 1. This 8-bit value is used to decode the effective address for the operand of the instruction.
  • During Cycle 1, when Exec is 1, Cmd holds the currently executing instruction.
  • The WriteMask register is only ever written to during execution of an appropriate ROR instruction. Logic, sets the WriteMask and MMR WriteEnables respectively based on this condition:
  • Logic1 Exec
    Figure US20090284279A1-20091119-P00001
    Cmd7−0 = ROR WriteMask)
  • The data written to the WriteMask register is the lower 8 bits of the Accumulator.
  • The Address Register Unit is only updated by an RIA or LIA instruction, so the writeEnable is generated by Logic2 as follows:
  • Logic2 Exec
    Figure US20090284279A1-20091119-P00002
    (Cmd6−3 = 1111)
  • The Counter Unit (CU) generates counters C1, C2 and the selected N index. In addition, the CU outputs a CZ flag for use by the PCU. The CU is described in more detail below. The VAL1 unit is a validation unit connected to the Tamper Prevention and Detection circuitry). It contains an OK bit that is set to 1 on PORstL, and ORed with the ChipOK values from both Tamper Detection Lines each cycle. The OK bit is ANDed with the 12 bits of Adr before they can be used. If the chip has been tampered with, the address output will be always 0, thereby preventing an attacker from accessing other parts of memory. The VAL1 unit also performs a parity check on the Adr Address bits to ensure it has not been tampered with. If the parity-check fails, the Erase Tamper Detection Line is triggered.
  • The Program Mode Unit (PMU) is responsible for Program Mode and Trim Mode operations:
      • Program Mode involves erasing the existing flash memory and loading the new program/data into the flash. The program that is loaded can be a bootstrap program if desired, and may contain additional program code to produce a digital signature of the final program to verify that the program was written correctly (e.g. by producing a SHA-1 signature of the entire flash memory).
      • Trim Mode involves counting the number of internal cycles that have elapsed between the entry of Trim Mode (at the falling edge of the ack) and the receipt of the next byte (at the falling edge of the last bit before the ack) from the Master. When the byte is received, the current count value divided by 2 is transmitted to the Master.
  • The PMU relies on a fuse (implemented as the value of word 0 of the flash information block) to determine whether it is allowed to perform Program Mode operations. The purpose of this fuse is to prevent easy (or accidental) reprogramming of QA Chips once their purpose has been set. For example, an attacker may want to reuse chips from old consumables. If an attacker somehow bypasses the fuse check, the PMU will still erase all of flash before storing the desired program. Even if the attacker somehow disconnects the erasure logic, they will be unable to store a program in the flash due to the shadow nybbles.
  • The PMU contains an 8-bit buff register that is used to hold the byte being written to flash and a 12-bit adr register that is used to hold the byte address currently being written to. The PMU is also used to load word 1 of the information block into a 32-bit register (combined from 8-bits of buff, 12-bits of adr, and a further 12-bit register) so it can be used to XOR all data to and from memory (both Flash and RAM) for future CPU accesses. This logic is activated only when the chip enters ActiveMode (so as not to access flash and possibly cause an erasure directly after manufacture since shadows will not be correct). The logic and 32-bit mask register is in the PMU to minimize chip area.
  • The PMU therefore has an asymmetric access to flash memory:
      • writes are to main memory
      • reads are from information block memory
  • The reads and writes are automatically directed appropriately in the MRU.
  • A block diagram of the PMU is shown in FIG. 44.
  • The Memory Access Unit (MAU) takes memory access control signals and turns them into RAM accesses and flash access strobed signals with appropriate duration.
  • A new transaction is given by MRUNewTrans. The address to be read from or written to is on MRUAdr, which is a nybble-based address. The MRUAdr (13-bits) is used as-is for Flash addressing. When MRURAMSel=1, then the RAM address (RAMAdr) is taken from bits 9-3 of MRUAdr. The data to be written is on MRUData.
  • The return value MAURdy is set when the MAU is capable of receiving a new transaction the following cycle. Thus MAURdy will be 1 during the final cycle of a flash or ram access, and should be 1 when the MAU is idle. MAURdy should only be 0 during startup or when a transaction has yet to finish.
  • The MAU consists of logic that calculates MAURdy, and additional logic that produces the various strobed signals according to the TSMC Flash memory SFC000808B9_HE. Both main memory and information blocks can be accessed in the Flash.
  • The MAU can be considered to be a RAM control block and a flash control block, with appropriate action selected by MRURAMSel. For all modes except read, the Flash requires wait states (which are implemented with a single counter) during which it is possible to access the RAM. Only 1 transaction may be pending while waiting for the wait states to expire. Multiple bytes may be written to Flash without exiting the write mode.
  • The MAU ensures that only valid control sequences meeting the timing requirements of the Flash memory are provided. A write time-out is included which ensures the Flash cannot be left in write mode indefinitely; this is used when the Flash is programmed via the IO Unit to ensure the X address does not change while in write mode. Otherwise, other units should ensure that when writing bytes to Flash, the X address does not change. The X address is held constant by the MAU during write and page erase modes to protect the Flash. If an X address change is detected by the MAU during a Flash write sequence, it will exit write mode allowing the X address to change and re-enter write mode. Thus, the data will still be written to Flash but it will take longer.
  • When either the Flash or RAM is not being used, the MAU sets the control signals to put the particular memory type into standby to minimise power consumption.
  • The MAU assumes no new transactions can start while one is in progress and all inputs must remain constant until MAU is ready.
  • MAU also enables the Flash test mode register to be programmed which allows various production tests to be carried out. If MRUTestWE=1, transactions are directed towards the test mode register. Most of the tests use the same control sequences that are used for normal operation except that one time value needs to be changed. This is provided by the flashTime register that can be written to by the CPU allowing the timer to be set to a range of values up to more than 1 second. A special control sequence is generated when the test mode register is set to 0x1E and is initiated by writing to the Flash.
  • Note that on reset, timeSel and flashTime are both cleared to 0. The 5-bit flash test register within the TSMC flash IP is also reset by setting TMR=1. When MRUTestWE=1, any open write sequence is closed even if the write is not to the 5-bit flash test register within the TSMC flash IP.
  • Power could fail at any time; the most serious consequence would be if this occurred during writing to the Flash and data became corrupted in another location to that being written to. The MAU will protect the Flash by switching off the charge pump (high voltage supply used for programming and erasing) as soon as the power starts to fail. After a time delay of about 5 s (programmable), to allow the discharge of the charge pump, the QA chip will be reset whether or not the power supply recovers.
  • Circuits need to operate over the temperature range −40° C. to +125° C. The analogue unit provides power on reset, protection of the Flash memory against erroneous writes during power down (in conjunction with the MAU) and the system clock SysClk.
  • The table below shows the key thresholds for VDD which define the requirements for power on reset and normal operation.
  • TABLE 1
    VDD limits
    VDD parameter Description Voltage
    VDDFTmax Flash test maximum 3.68
    VDDFTtyp Flash test typical 3.3
    VDDFTmin Flash test minimum 3.0
    VDDmax Normal operation maximum (typ + 10%) 2.759
    VDDtyp Normal operation typical 2.5
    VDDmin Normal operation minimum (typ − 5%) 2.375
    VDDPORmax Power on reset maximum 2.010
    8The voltage VDDFT may only be applied for the times specified in the TSMC Flash memory test document.
    9Voltage regulators used to derive VDD will typically have symmetric tolerance limits
    10The minimum allowable voltage for Flash memory operation.
  • The voltage reference circuit generates a stable voltage that is approximately independent of PVT (process, voltage, temperature) and will typically be implemented as a bandgap. Usually, a startup circuit is required to avoid the stable Vbg=0 condition. The design should aim to minimise the additional voltage above Vbg required for the circuit to operate. An additional output, BGOn, will be provided and asserted when the bandgap has started and indicates to other blocks that the output voltage is stable and may be used. The power detection unit provides over and under voltage detection. With under voltage detection two outputs are required:
      • underL controls the power on reset; and
      • PwrFailing indicates possible failure of the power supply.
  • Both signals are derived by comparing scaled versions of VDD against the reference voltage Vbg.
  • The rising and falling edges of VDD (from the external power supply) shall be monotonic in order to guarantee correct operation of power on reset and power failing detection. Random noise may be present but should have a peak to peak amplitude of less than the hysteresis of the comparators used for detection in the PDU.
  • The underL signal of the under voltage detection unit generates the global reset to the logic which should be de-asserted when the supply voltage is high enough for the logic and analogue circuits to operate. Since the logic reset is asynchronous, it is not necessary to ensure the clock is active before releasing the reset or to include any delay.
  • The QA chip logic will start immediately the power on reset is released so this should only be done when the conditions of supply voltage and clock frequency are within limits for the correct operation of the logic.
  • The power on reset signal shall not be triggered by narrow spikes (<100 ns) on the power supply. Some immunity should be provided to power supply glitches although since the QA chip may be under attack, any reset delay should be kept short. The unit should not be triggered by logic dynamic current spikes resulting in short voltage spikes due to bond wire and package inductance.
  • On the rising edge of VDD, the maximum threshold for de-asserting the signal shall be when VDD>VDDmin. On the falling edge of VDD, the minimum threshold for asserting the signal shall be VDD<VDDPORmax.
  • The reset signal must be held low long enough (Tpwmin) to ensure all flip-flops are reset. The standard cell data sheet gives a figure of 0.73 ns for the minimum width of the reset pulse for all flip-flop types.
  • 2 bits of trimming (trim1-0) will be provided to take up all of the error in the bandgap voltage. This will only affect the assertion of the reset during power down since the power on default setting must be used during power up.
  • Although the reference voltage cannot be directly measured, it is compared against VDD in the PDU. The state of the power on reset signal can be inferred by trying to communicate through the serial bus with the chip. By polling the chip and slowly increasing VDD, a point will be reached where the power on reset is released allowing the serial bus to operate; this voltage should be recorded. As VDD is lowered, it will cross the threshold which asserts the reset signal. The power on default is set to the lowest voltage that can be trimmed (which gives the maximum hysterisis). This voltage should be recorded (or it may be sufficient to estimate it from the reset release voltage recorded above). VDD is then increased above the reset release threshold and the PDU trim adjusted to the setting the closest to VDDPORmaX. VDD should then be lowered and the threshold at which the reset is re-asserted confirmed.
  • TABLE 2
    Power on reset target performance
    Parameter Conditions Min Typ Max Units
    Vthrup T = 27° C. 2.0 2.375 V
    Vthrdn T = 27° C. 2.0 2.1 V
    Vhystmin
    16 mV
    IDD 5 A
    Tspike 100 ns
    Vminr 0.5 V
    Tpwmin
    1 ns
  • The signal PwrFailing will be used to protect the Flash memory by turning off the charge pump during a write or page erase if the supply voltage drops below a certain threshold. The charge pump is expected to take about 5us to discharge. The PwrFailing signal shall be protected against narrow spikes (<100 ns) on the power supply.
  • The nominal threshold for asserting the signal needs to be in the range VPORmax<VDDPFtyp<VDDmin so is chosen to be asserted when VDD<VDDPFtyp=VDDPORmaX+200 mV. This infers a VDD slew rate limitation which must be <200 mV/5 us to ensure enough time to detect that power is failing before the supply drops too low and the reset is activated. This requirement must be met in the application by provision of adequate supply decoupling or other means to control the rate of descent of VDD.
  • TABLE 3
    Power failing detection target performance
    Parameter Conditions Min Typ Max Units
    Vthr T = 27° C. 2.1 2.2 2.3 V11
    Vhyst 16 mV
    IDD 5 A
    Tspike 100 ns
    Vminr 0.5 V
    11These limits are after trimming and include an allowance for VDD ramping.
  • 2 bits of trimming (trim1-0) will be provided to take up all of the error in the bandgap voltage.
  • SysClk is required to be in the range 7-14 MHz throughout the lifetime of the circuit provided VDD is maintained within the range VDDMIN<VDD<VDDMAX. The 2:1 range is derived from the programming time requirements of the TSMC Flash memory. If this range is exceeded, the useful lifetime of the Flash may be reduced.
  • The first version of the QA chip, without physical protection, does not require the addition of random jitter to the clock. However, it is recommended that the ring oscillator be designed in such a way as to allow for the addition of jitter later on with minimal modification. In this way, the un-trimmed centre frequency would not be expected to change.
  • The initial frequency error must be reduced to remain within the range 10 MHz/1.41 to 10 MHz×1.41 allowing for variation in:
      • voltage
      • temperature
      • ageing
      • added jitter
      • errors in frequency measurement and setting accuracy
  • The range budget must be partitioned between these variables.
  • FIG. 49 shows the ring oscillator block diagram
  • The above arrangement allows the oscillator centre frequency to be trimmed since the bias current of the ring oscillator is controlled by the DAC. SysClk is derived by dividing the oscillator frequency by 5 which makes the oscillator smaller and allows the duty cycle of the clock to be better controlled.
  • Using Vbg, this block sources a current that can be programmed by the Trim signal. 6 of the available 8 trim bits will be used (trim7-2) giving a clock adjustment resolution of about 250 kHz. The range of current should be such that the ring oscillator frequency can be adjusted over a 4 to 1 range.
  • TABLE 4
    Programmable current source target performance
    Parameter Conditions Min Typ Max Units
    Iout Trim7-2 = 0 5 A
    Trim7-2 = 32 12.5
    Trim7-2 = 63 20
    Vrefin 1.23 V
    Rout Trim7-2 = 63 2.5 M
  • TABLE 5
    Ring oscillator target performance
    Parameter Conditions Min Typ Max Units
    Fosc
    12 7 10 14 MHz
    IDD 10 A
    KI 1 MHz/A
    KVDD +200 KHz/V
    KT +30 KHz/° C.
    Vstart 1.5 V
    KI = control sensitivity,
    KVDD = VDD sensitivity,
    KT = temperature sensitivity
    12Accounting for division by 5
  • With the figures above, KVDD will give rise to a maximum variation of ±50 kHz and KT to ±1.8 MHz over the specified range of VDD and temperature.
  • The ring oscillator will be prescaled by 5 to obtain the nominal 10 MHz clock. An asynchronous design may be used to save power. Several divided clock duty cycles are obtainable, eg 4:1, 3:2 etc. To ease timing requirements for the standard cell logic block, the following clock will be generated; most flip-flops will operate on the rising edge of the clock allowing negative edge clocking to meet memory timing.
  • TABLE 6
    Div5 target performance
    Parameter Conditions Min Typ Max Units
    Fmax Vdd = 1.5 V 100 MHz
    IDD 10 A
  • This block combines the overL (omitted from the current version), underL and MAURstOutL signals to provide the global reset. MAURstOutL is delayed by one clock cycle to ensure a reset generated when this signal is asserted has at least this duration since the reset deasserts the signal itself. It should be noted that the register, with active low reset RN, is the only one in the QA chip not connected to RstL.

Claims (7)

1. An integrated circuit comprising:
a memory storing first and second strings of bit values, each bit value in the second string being the logical inverse of a bit value at a corresponding bit position in the first string; and
a processor configured to test whether the bit values of the second string are the inverse of the bit values at respective corresponding
bit positions of the first string by combining the corresponding bits of the first and second strings.
2. An integrated circuit according to claim 1, configured and programmed to perform a defensive action in the event the test fails.
3. An integrated circuit according to claim 2, wherein the defensive action includes deleting or destroying some or all of the contents of the memory in the event the test fails.
4. An integrated circuit according to claim 3, wherein the defensive action includes deleting or destroying the first and/or second strings.
5. An integrated circuit according to claim 3, wherein the defensive action includes preventing the processor from executing software.
6. An integrated circuit according to claim 3, wherein the defensive action includes resetting some or all of logic on the integrated circuit.
7. An integrated circuit according to claim 1, wherein the first and second strings are stored at different sub-addresses within the same address of the memory.
US12/505,513 2002-12-02 2009-07-19 Integrated Circuit Having Inverse Bit Storage Test Abandoned US20090284279A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US12/505,513 US20090284279A1 (en) 2002-12-02 2009-07-19 Integrated Circuit Having Inverse Bit Storage Test

Applications Claiming Priority (6)

Application Number Priority Date Filing Date Title
AU2002953135 2002-12-02
AU2002953134 2002-12-02
AU2002953135A AU2002953135A0 (en) 2002-12-02 2002-12-02 Method and apparatus (pec10)
AU2002953134A AU2002953134A0 (en) 2002-12-02 2002-12-02 Method and apparatus (auth16)
US10/727,159 US7592829B2 (en) 2002-12-02 2003-12-02 On-chip storage of secret information as inverse pair
US12/505,513 US20090284279A1 (en) 2002-12-02 2009-07-19 Integrated Circuit Having Inverse Bit Storage Test

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US10/727,159 Continuation US7592829B2 (en) 2002-12-02 2003-12-02 On-chip storage of secret information as inverse pair

Publications (1)

Publication Number Publication Date
US20090284279A1 true US20090284279A1 (en) 2009-11-19

Family

ID=32471018

Family Applications (49)

Application Number Title Priority Date Filing Date
US10/727,227 Abandoned US20040201647A1 (en) 2002-12-02 2003-12-02 Stitching of integrated circuit components
US10/727,164 Expired - Fee Related US7707621B2 (en) 2002-12-02 2003-12-02 Creation and usage of mutually exclusive messages
US10/727,180 Abandoned US20040199786A1 (en) 2002-12-02 2003-12-02 Randomisation of the location of secret information on each of a series of integrated circuits
US10/727,233 Active 2025-03-26 US7165824B2 (en) 2002-12-02 2003-12-02 Dead nozzle compensation
US10/727,280 Expired - Fee Related US7152942B2 (en) 2002-12-02 2003-12-02 Fixative compensation
US10/727,251 Active 2025-06-26 US7188282B2 (en) 2002-12-02 2003-12-02 Tamper resistant shadow memory
US10/727,178 Active 2025-01-16 US7181572B2 (en) 2002-12-02 2003-12-02 Cache updating method and apparatus
US10/727,245 Active 2024-05-21 US7399043B2 (en) 2002-12-02 2003-12-02 Compensation for uneven printhead module lengths in a multi-module printhead
US10/727,274 Expired - Fee Related US7770008B2 (en) 2002-12-02 2003-12-02 Embedding data and information related to function with which data is associated into a payload
US10/727,192 Abandoned US20040225881A1 (en) 2002-12-02 2003-12-02 Variant keys
US10/727,257 Expired - Fee Related US7302592B2 (en) 2002-12-02 2003-12-02 Integrated circuit which disables writing circuitry to memory when the power drops below a power threshold predetermined and controlled by the processor
US10/727,159 Expired - Fee Related US7592829B2 (en) 2002-12-02 2003-12-02 On-chip storage of secret information as inverse pair
US10/727,179 Abandoned US20050213761A1 (en) 2002-12-02 2003-12-02 Storing number and a result of a function on an integrated circuit
US10/727,160 Abandoned US20040249757A1 (en) 2002-12-02 2003-12-02 Authentication of resources usage in a multi-user environment
US10/727,204 Active 2024-12-05 US7121639B2 (en) 2002-12-02 2003-12-02 Data rate equalisation to account for relatively different printhead widths
US10/727,157 Expired - Fee Related US7818519B2 (en) 2002-12-02 2003-12-02 Timeslot arbitration scheme
US10/727,198 Expired - Fee Related US7573301B2 (en) 2002-12-02 2003-12-02 Temperature based filter for an on-chip system clock
US10/727,238 Expired - Fee Related US7278034B2 (en) 2002-12-02 2003-12-02 Integrated circuit which disables writing circuitry to memory when the power drops below a power threshold predetermined and controlled by the processor
US10/727,161 Expired - Fee Related US7523111B2 (en) 2002-12-02 2003-12-02 Labelling of secret information
US10/727,162 Abandoned US20060082609A1 (en) 2002-12-02 2003-12-02 Compensation for horizontal skew between adjacent rows of nozzles on a printhead module
US10/727,210 Active 2024-09-10 US7096137B2 (en) 2002-12-02 2003-12-02 Clock trim mechanism for onboard system clock
US10/727,163 Active 2025-07-10 US7377608B2 (en) 2002-12-02 2003-12-02 Compensation for vertical skew between adjacent rows of nozzles on a printhead module
US10/727,158 Expired - Fee Related US7660998B2 (en) 2002-12-02 2003-12-02 Relatively unique ID in integrated circuit
US10/754,536 Expired - Fee Related US7783886B2 (en) 2002-12-02 2004-01-12 Multi-level boot hierarchy for software development on an integrated circuit
US10/754,938 Expired - Fee Related US7831827B2 (en) 2002-12-02 2004-01-12 Authenticated communication between multiple entities
US11/212,702 Expired - Fee Related US7171323B2 (en) 2002-12-02 2005-08-29 Integrated circuit having clock trim circuitry
US11/272,491 Expired - Fee Related US7278697B2 (en) 2002-12-02 2005-11-14 Data rate supply proportional to the ratio of different printhead lengths
US11/442,131 Expired - Fee Related US7465005B2 (en) 2002-12-02 2006-05-30 Printer controller with dead nozzle compensation
US11/474,278 Expired - Fee Related US7360131B2 (en) 2002-12-02 2006-06-26 Printer controller having tamper resistant shadow memory
US11/488,841 Expired - Fee Related US7328115B2 (en) 2002-12-02 2006-07-19 Quality assurance IC having clock trimmer
US11/749,750 Expired - Fee Related US7747887B2 (en) 2002-12-02 2007-05-16 Print engine having authentication device for preventing multi-word memory writing upon power drop
US11/749,749 Expired - Fee Related US7805626B2 (en) 2002-12-02 2007-05-16 Print engine having authentication device for disabling memory writing upon power drop
US11/951,213 Expired - Fee Related US7610163B2 (en) 2002-12-02 2007-12-05 Method of controlling quality for a print controller
US11/955,127 Expired - Lifetime US7467839B2 (en) 2002-12-02 2007-12-12 Printer controller with equalised data supply rate to multi-color printhead ICS
US12/043,844 Abandoned US20080150997A1 (en) 2002-12-02 2008-03-06 Method Of Manufacturing Printhead ICS Incorporating Mems Inkjet Nozzles
US12/047,315 Abandoned US20080155826A1 (en) 2002-12-02 2008-03-12 Method of manufacturing mems ics
US12/050,941 Expired - Lifetime US7540579B2 (en) 2002-12-02 2008-03-19 Controller for multi-color, multi-length printhead ICS
US12/266,479 Abandoned US20090058903A1 (en) 2002-12-02 2008-11-06 Printer controller configured to compensate for dead printhead nozzles
US12/276,368 Expired - Fee Related US7611215B2 (en) 2002-12-02 2008-11-23 Inkjet printer system having equalised control of multi-length printhead ICS
US12/324,889 Expired - Fee Related US7747646B2 (en) 2002-12-02 2008-11-27 System having secure access between IC entities
US12/436,129 Expired - Fee Related US7722146B2 (en) 2002-12-02 2009-05-06 Printing system having controlled multi-length printhead ICS
US12/500,593 Expired - Fee Related US7800410B2 (en) 2002-12-02 2009-07-09 Integrated circuit having temperature based clock filter
US12/505,513 Abandoned US20090284279A1 (en) 2002-12-02 2009-07-19 Integrated Circuit Having Inverse Bit Storage Test
US12/564,045 Expired - Fee Related US8005636B2 (en) 2002-12-02 2009-09-21 Method of controlling clock signal
US12/582,632 Expired - Fee Related US7976116B2 (en) 2002-12-02 2009-10-20 Inkjet printer system having equalised control of different nozzle count printhead ICs
US12/697,272 Expired - Fee Related US7996880B2 (en) 2002-12-02 2010-01-31 Secure updating of integrated circuits
US12/778,966 Abandoned US20100223453A1 (en) 2002-12-02 2010-05-12 Integrated circuit for validating and decrypting software data
US12/790,945 Abandoned US20100238213A1 (en) 2002-12-02 2010-05-31 Method for dead nozzle remapping
US12/958,968 Expired - Fee Related US8038239B2 (en) 2002-12-02 2010-12-02 Controller for printhead having arbitrarily joined nozzle rows

Family Applications Before (42)

Application Number Title Priority Date Filing Date
US10/727,227 Abandoned US20040201647A1 (en) 2002-12-02 2003-12-02 Stitching of integrated circuit components
US10/727,164 Expired - Fee Related US7707621B2 (en) 2002-12-02 2003-12-02 Creation and usage of mutually exclusive messages
US10/727,180 Abandoned US20040199786A1 (en) 2002-12-02 2003-12-02 Randomisation of the location of secret information on each of a series of integrated circuits
US10/727,233 Active 2025-03-26 US7165824B2 (en) 2002-12-02 2003-12-02 Dead nozzle compensation
US10/727,280 Expired - Fee Related US7152942B2 (en) 2002-12-02 2003-12-02 Fixative compensation
US10/727,251 Active 2025-06-26 US7188282B2 (en) 2002-12-02 2003-12-02 Tamper resistant shadow memory
US10/727,178 Active 2025-01-16 US7181572B2 (en) 2002-12-02 2003-12-02 Cache updating method and apparatus
US10/727,245 Active 2024-05-21 US7399043B2 (en) 2002-12-02 2003-12-02 Compensation for uneven printhead module lengths in a multi-module printhead
US10/727,274 Expired - Fee Related US7770008B2 (en) 2002-12-02 2003-12-02 Embedding data and information related to function with which data is associated into a payload
US10/727,192 Abandoned US20040225881A1 (en) 2002-12-02 2003-12-02 Variant keys
US10/727,257 Expired - Fee Related US7302592B2 (en) 2002-12-02 2003-12-02 Integrated circuit which disables writing circuitry to memory when the power drops below a power threshold predetermined and controlled by the processor
US10/727,159 Expired - Fee Related US7592829B2 (en) 2002-12-02 2003-12-02 On-chip storage of secret information as inverse pair
US10/727,179 Abandoned US20050213761A1 (en) 2002-12-02 2003-12-02 Storing number and a result of a function on an integrated circuit
US10/727,160 Abandoned US20040249757A1 (en) 2002-12-02 2003-12-02 Authentication of resources usage in a multi-user environment
US10/727,204 Active 2024-12-05 US7121639B2 (en) 2002-12-02 2003-12-02 Data rate equalisation to account for relatively different printhead widths
US10/727,157 Expired - Fee Related US7818519B2 (en) 2002-12-02 2003-12-02 Timeslot arbitration scheme
US10/727,198 Expired - Fee Related US7573301B2 (en) 2002-12-02 2003-12-02 Temperature based filter for an on-chip system clock
US10/727,238 Expired - Fee Related US7278034B2 (en) 2002-12-02 2003-12-02 Integrated circuit which disables writing circuitry to memory when the power drops below a power threshold predetermined and controlled by the processor
US10/727,161 Expired - Fee Related US7523111B2 (en) 2002-12-02 2003-12-02 Labelling of secret information
US10/727,162 Abandoned US20060082609A1 (en) 2002-12-02 2003-12-02 Compensation for horizontal skew between adjacent rows of nozzles on a printhead module
US10/727,210 Active 2024-09-10 US7096137B2 (en) 2002-12-02 2003-12-02 Clock trim mechanism for onboard system clock
US10/727,163 Active 2025-07-10 US7377608B2 (en) 2002-12-02 2003-12-02 Compensation for vertical skew between adjacent rows of nozzles on a printhead module
US10/727,158 Expired - Fee Related US7660998B2 (en) 2002-12-02 2003-12-02 Relatively unique ID in integrated circuit
US10/754,536 Expired - Fee Related US7783886B2 (en) 2002-12-02 2004-01-12 Multi-level boot hierarchy for software development on an integrated circuit
US10/754,938 Expired - Fee Related US7831827B2 (en) 2002-12-02 2004-01-12 Authenticated communication between multiple entities
US11/212,702 Expired - Fee Related US7171323B2 (en) 2002-12-02 2005-08-29 Integrated circuit having clock trim circuitry
US11/272,491 Expired - Fee Related US7278697B2 (en) 2002-12-02 2005-11-14 Data rate supply proportional to the ratio of different printhead lengths
US11/442,131 Expired - Fee Related US7465005B2 (en) 2002-12-02 2006-05-30 Printer controller with dead nozzle compensation
US11/474,278 Expired - Fee Related US7360131B2 (en) 2002-12-02 2006-06-26 Printer controller having tamper resistant shadow memory
US11/488,841 Expired - Fee Related US7328115B2 (en) 2002-12-02 2006-07-19 Quality assurance IC having clock trimmer
US11/749,750 Expired - Fee Related US7747887B2 (en) 2002-12-02 2007-05-16 Print engine having authentication device for preventing multi-word memory writing upon power drop
US11/749,749 Expired - Fee Related US7805626B2 (en) 2002-12-02 2007-05-16 Print engine having authentication device for disabling memory writing upon power drop
US11/951,213 Expired - Fee Related US7610163B2 (en) 2002-12-02 2007-12-05 Method of controlling quality for a print controller
US11/955,127 Expired - Lifetime US7467839B2 (en) 2002-12-02 2007-12-12 Printer controller with equalised data supply rate to multi-color printhead ICS
US12/043,844 Abandoned US20080150997A1 (en) 2002-12-02 2008-03-06 Method Of Manufacturing Printhead ICS Incorporating Mems Inkjet Nozzles
US12/047,315 Abandoned US20080155826A1 (en) 2002-12-02 2008-03-12 Method of manufacturing mems ics
US12/050,941 Expired - Lifetime US7540579B2 (en) 2002-12-02 2008-03-19 Controller for multi-color, multi-length printhead ICS
US12/266,479 Abandoned US20090058903A1 (en) 2002-12-02 2008-11-06 Printer controller configured to compensate for dead printhead nozzles
US12/276,368 Expired - Fee Related US7611215B2 (en) 2002-12-02 2008-11-23 Inkjet printer system having equalised control of multi-length printhead ICS
US12/324,889 Expired - Fee Related US7747646B2 (en) 2002-12-02 2008-11-27 System having secure access between IC entities
US12/436,129 Expired - Fee Related US7722146B2 (en) 2002-12-02 2009-05-06 Printing system having controlled multi-length printhead ICS
US12/500,593 Expired - Fee Related US7800410B2 (en) 2002-12-02 2009-07-09 Integrated circuit having temperature based clock filter

Family Applications After (6)

Application Number Title Priority Date Filing Date
US12/564,045 Expired - Fee Related US8005636B2 (en) 2002-12-02 2009-09-21 Method of controlling clock signal
US12/582,632 Expired - Fee Related US7976116B2 (en) 2002-12-02 2009-10-20 Inkjet printer system having equalised control of different nozzle count printhead ICs
US12/697,272 Expired - Fee Related US7996880B2 (en) 2002-12-02 2010-01-31 Secure updating of integrated circuits
US12/778,966 Abandoned US20100223453A1 (en) 2002-12-02 2010-05-12 Integrated circuit for validating and decrypting software data
US12/790,945 Abandoned US20100238213A1 (en) 2002-12-02 2010-05-31 Method for dead nozzle remapping
US12/958,968 Expired - Fee Related US8038239B2 (en) 2002-12-02 2010-12-02 Controller for printhead having arbitrarily joined nozzle rows

Country Status (7)

Country Link
US (49) US20040201647A1 (en)
EP (1) EP1572463B1 (en)
AT (1) ATE504446T1 (en)
CA (1) CA2508141C (en)
DE (1) DE60336677D1 (en)
DK (1) DK1572463T3 (en)
WO (1) WO2004050369A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9767271B2 (en) 2010-07-15 2017-09-19 The Research Foundation For The State University Of New York System and method for validating program execution at run-time
US9767284B2 (en) 2012-09-14 2017-09-19 The Research Foundation For The State University Of New York Continuous run-time validation of program execution: a practical approach

Families Citing this family (1120)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE19950249C1 (en) * 1999-10-18 2001-02-01 Siemens Ag Electronic device with software protection for runtime software for automated systems
US6700590B1 (en) * 1999-11-01 2004-03-02 Indx Software Corporation System and method for retrieving and presenting data using class-based component and view model
US7930531B2 (en) * 2000-01-06 2011-04-19 Super Talent Electronics, Inc. Multi-partition USB device that re-boots a PC to an alternate operating system for virus recovery
US7062749B2 (en) * 2000-12-15 2006-06-13 Promenix, Inc. Measuring, monitoring and tracking enterprise communications and processes
US8385476B2 (en) * 2001-04-25 2013-02-26 Texas Instruments Incorporated Digital phase locked loop
US7552191B1 (en) * 2001-06-12 2009-06-23 F5 Networks, Inc. Method and apparatus to facilitate automatic sharing in a client server environment
US7613699B2 (en) * 2001-08-03 2009-11-03 Itt Manufacturing Enterprises, Inc. Apparatus and method for resolving security association database update coherency in high-speed systems having multiple security channels
EP1359550A1 (en) 2001-11-30 2003-11-05 STMicroelectronics S.A. Regeneration of a secret number by using an identifier of an integrated circuit
EP1391853A1 (en) * 2001-11-30 2004-02-25 STMicroelectronics S.A. Diversification of the unique identifier of an integrated circuit
FR2833119A1 (en) 2001-11-30 2003-06-06 St Microelectronics Sa GENERATION OF SECRET QUANTITIES OF IDENTIFICATION OF AN INTEGRATED CIRCUIT
FR2838210B1 (en) * 2002-04-03 2005-11-04 Gemplus Card Int CRYPTOGRAPHIC METHOD PROTECTED FROM CACHE-CHANNEL TYPE ATTACKS
DE50207195D1 (en) * 2002-04-08 2006-07-27 Aladdin Knowledge Systems Deut Process for updating and licensing computer programs and computer system therefor
GB0211812D0 (en) * 2002-05-23 2002-07-03 Koninkl Philips Electronics Nv S-box encryption in block cipher implementations
US20030229643A1 (en) * 2002-05-29 2003-12-11 Digimarc Corporation Creating a footprint of a computer file
US20040044508A1 (en) * 2002-08-29 2004-03-04 Hoffman Robert R. Method for generating commands for testing hardware device models
GB2402785B (en) * 2002-11-18 2005-12-07 Advanced Risc Mach Ltd Processor switching between secure and non-secure modes
US20090319802A1 (en) * 2002-12-02 2009-12-24 Silverbrook Research Pty Ltd Key Genaration In An Integrated Circuit
US20040201647A1 (en) * 2002-12-02 2004-10-14 Mark Jackson Pulver Stitching of integrated circuit components
US7801120B2 (en) * 2003-01-13 2010-09-21 Emulex Design & Manufacturing Corporation Method and system for efficient queue management
US7010416B2 (en) * 2003-01-17 2006-03-07 Ph2 Solutions, Inc. Systems and methods for resetting vehicle emission system error indicators
JP3823925B2 (en) * 2003-02-05 2006-09-20 ソニー株式会社 Information processing apparatus, license information recording medium, information processing method, and computer program
US7370212B2 (en) 2003-02-25 2008-05-06 Microsoft Corporation Issuing a publisher use license off-line in a digital rights management (DRM) system
SE0300670L (en) * 2003-03-10 2004-08-17 Smarttrust Ab Procedure for secure download of applications
US7278080B2 (en) * 2003-03-20 2007-10-02 Arm Limited Error detection and recovery within processing stages of an integrated circuit
WO2004084070A1 (en) * 2003-03-20 2004-09-30 Arm Limited Systematic and random error detection and recovery within processing stages of an integrated circuit
US7260001B2 (en) * 2003-03-20 2007-08-21 Arm Limited Memory system having fast and slow data reading mechanisms
US8185812B2 (en) 2003-03-20 2012-05-22 Arm Limited Single event upset error detection within an integrated circuit
US8650470B2 (en) 2003-03-20 2014-02-11 Arm Limited Error recovery within integrated circuit
US7610487B2 (en) 2003-03-27 2009-10-27 Microsoft Corporation Human input security codes
US8261062B2 (en) 2003-03-27 2012-09-04 Microsoft Corporation Non-cryptographic addressing
US7409544B2 (en) 2003-03-27 2008-08-05 Microsoft Corporation Methods and systems for authenticating messages
US7624264B2 (en) 2003-03-27 2009-11-24 Microsoft Corporation Using time to determine a hash extension
JP2004341768A (en) * 2003-05-15 2004-12-02 Fujitsu Ltd Magnetic disk device, cipher processing method and program
WO2004114094A2 (en) * 2003-06-18 2004-12-29 Sailalong, Llc System and method for managing information
US8386648B1 (en) 2003-06-26 2013-02-26 Nvidia Corporation Hardware support system for accelerated disk I/O
JP4624732B2 (en) * 2003-07-16 2011-02-02 パナソニック株式会社 how to access
US7496715B1 (en) * 2003-07-16 2009-02-24 Unisys Corporation Programmable cache management system and method
US6999887B2 (en) * 2003-08-06 2006-02-14 Infineon Technologies Ag Memory cell signal window testing apparatus
US8229108B2 (en) * 2003-08-15 2012-07-24 Broadcom Corporation Pseudo-random number generation based on periodic sampling of one or more linear feedback shift registers
JP2005100270A (en) * 2003-09-26 2005-04-14 Minolta Co Ltd Printing control program and printer
US8683132B1 (en) 2003-09-29 2014-03-25 Nvidia Corporation Memory controller for sequentially prefetching data for a processor of a computer system
US7395527B2 (en) 2003-09-30 2008-07-01 International Business Machines Corporation Method and apparatus for counting instruction execution and data accesses
US8381037B2 (en) 2003-10-09 2013-02-19 International Business Machines Corporation Method and system for autonomic execution path selection in an application
US7779212B2 (en) 2003-10-17 2010-08-17 Micron Technology, Inc. Method and apparatus for sending data from multiple sources over a communications bus
US8356142B1 (en) 2003-11-12 2013-01-15 Nvidia Corporation Memory controller for non-sequentially prefetching data for a processor of a computer system
US8156343B2 (en) * 2003-11-26 2012-04-10 Intel Corporation Accessing private data about the state of a data processing machine from storage that is publicly accessible
US8700808B2 (en) * 2003-12-01 2014-04-15 Nvidia Corporation Hardware support system for accelerated disk I/O
US7774604B2 (en) 2003-12-10 2010-08-10 Mcafee, Inc. Verifying captured objects before presentation
US7814327B2 (en) 2003-12-10 2010-10-12 Mcafee, Inc. Document registration
US7899828B2 (en) 2003-12-10 2011-03-01 Mcafee, Inc. Tag data structure for maintaining relational data over captured objects
US8656039B2 (en) 2003-12-10 2014-02-18 Mcafee, Inc. Rule parser
US8548170B2 (en) 2003-12-10 2013-10-01 Mcafee, Inc. Document de-registration
US7984175B2 (en) 2003-12-10 2011-07-19 Mcafee, Inc. Method and apparatus for data capture and analysis system
US20050132194A1 (en) * 2003-12-12 2005-06-16 Ward Jean R. Protection of identification documents using open cryptography
US7283944B2 (en) * 2003-12-15 2007-10-16 Springsoft, Inc. Circuit simulation bus transaction analysis
US7543142B2 (en) * 2003-12-19 2009-06-02 Intel Corporation Method and apparatus for performing an authentication after cipher operation in a network processor
US7512945B2 (en) * 2003-12-29 2009-03-31 Intel Corporation Method and apparatus for scheduling the processing of commands for execution by cryptographic algorithm cores in a programmable network processor
KR100631673B1 (en) * 2003-12-30 2006-10-09 엘지전자 주식회사 High Frequency Module Structure for Mobile Communication
US7831511B1 (en) 2004-01-07 2010-11-09 Intuit Inc. Automating setup of a user's financial management application account for electronic transfer of data with a financial institution
US7895382B2 (en) 2004-01-14 2011-02-22 International Business Machines Corporation Method and apparatus for qualifying collection of performance monitoring events by types of interrupt when interrupt occurs
US7415705B2 (en) 2004-01-14 2008-08-19 International Business Machines Corporation Autonomic method and apparatus for hardware assist for patching code
US7930540B2 (en) 2004-01-22 2011-04-19 Mcafee, Inc. Cryptographic policy enforcement
KR101157409B1 (en) * 2004-02-10 2012-06-21 가부시키가이샤 한도오따이 에네루기 켄큐쇼 Nonvolatile memory and IC card, ID card and ID tag incorporated with the same
JP2005228123A (en) * 2004-02-13 2005-08-25 Sharp Corp Communication method, communication system and information reception-side device used in the communication system
US7260025B2 (en) * 2004-02-18 2007-08-21 Farinella & Associates, Llc Bookmark with integrated electronic timer and method therefor
US8578258B2 (en) * 2004-02-20 2013-11-05 Continental Teves Ag & Co., Ohg Method and integrated circuit for increasing the immunity to interference
US7607025B1 (en) * 2004-02-26 2009-10-20 Xilinx, Inc. Methods of intrusion detection and prevention in secure programmable logic devices
US7478158B1 (en) * 2004-03-01 2009-01-13 Adobe Systems Incorporated Bandwidth management system
US7822428B1 (en) 2004-03-01 2010-10-26 Adobe Systems Incorporated Mobile rich media information system
US7706782B1 (en) 2004-03-01 2010-04-27 Adobe Systems Incorporated System and method for developing information for a wireless information system
JP2007529821A (en) * 2004-03-15 2007-10-25 トムソン ライセンシング Efficient video resampling method
US7142478B2 (en) * 2004-03-19 2006-11-28 Infineon Technologies Ag Clock stop detector
US7738137B2 (en) * 2004-03-23 2010-06-15 Lexmark International, Inc. Inkjet print head synchronous serial output for data integrity
US20050216762A1 (en) * 2004-03-25 2005-09-29 Cyrus Peikari Protecting embedded devices with integrated reset detection
US7185301B2 (en) * 2004-04-06 2007-02-27 Lsi Logic Corporation Generic method and apparatus for implementing source synchronous interface in platform ASIC
US20050234986A1 (en) * 2004-04-09 2005-10-20 Microsoft Corporation Systems and methods for fragment-based serialization
JP4343867B2 (en) * 2004-04-13 2009-10-14 キヤノン株式会社 Inkjet recording device
US8400645B2 (en) * 2004-04-16 2013-03-19 Marvell International Technology Ltd. Printer with selectable capabilities
US20050246762A1 (en) * 2004-04-29 2005-11-03 International Business Machines Corporation Changing access permission based on usage of a computer resource
US20060242406A1 (en) 2005-04-22 2006-10-26 Microsoft Corporation Protected computing environment
US20050254085A1 (en) * 2004-05-12 2005-11-17 Koji Oshikiri Image forming system
US20050257205A1 (en) * 2004-05-13 2005-11-17 Microsoft Corporation Method and system for dynamic software updates
US7757086B2 (en) * 2004-05-27 2010-07-13 Silverbrook Research Pty Ltd Key transportation
US7735944B2 (en) 2004-05-27 2010-06-15 Silverbrook Research Pty Ltd Printer comprising two printhead modules and at least two printer controllers
US7328956B2 (en) * 2004-05-27 2008-02-12 Silverbrook Research Pty Ltd Printer comprising a printhead and at least two printer controllers connected to a common input of the printhead
US7549718B2 (en) * 2004-05-27 2009-06-23 Silverbrook Research Pty Ltd Printhead module having operation controllable on basis of thermal sensors
US7267417B2 (en) * 2004-05-27 2007-09-11 Silverbrook Research Pty Ltd Printer controller for supplying data to one or more printheads via serial links
US7484831B2 (en) * 2004-05-27 2009-02-03 Silverbrook Research Pty Ltd Printhead module having horizontally grouped firing order
US7427117B2 (en) * 2004-05-27 2008-09-23 Silverbrook Research Pty Ltd Method of expelling ink from nozzles in groups, alternately, starting at outside nozzles of each group
US7448707B2 (en) * 2004-05-27 2008-11-11 Silverbrook Research Pty Ltd Method of expelling ink from nozzels in groups, starting at outside nozzels of each group
US7252353B2 (en) * 2004-05-27 2007-08-07 Silverbrook Research Pty Ltd Printer controller for supplying data to a printhead module having one or more redundant nozzle rows
US7551298B2 (en) * 2004-06-04 2009-06-23 Primax Electronics Ltd. Print control device with embedded engine simulation module and test method thereof
US7143221B2 (en) * 2004-06-08 2006-11-28 Arm Limited Method of arbitrating between a plurality of transfers to be routed over a corresponding plurality of paths provided by an interconnect circuit of a data processing apparatus
JP4612461B2 (en) * 2004-06-24 2011-01-12 株式会社東芝 Microprocessor
JP4275583B2 (en) * 2004-06-24 2009-06-10 ユーディナデバイス株式会社 Electronic module
US7409315B2 (en) * 2004-06-28 2008-08-05 Broadcom Corporation On-board performance monitor and power control system
JP4874440B2 (en) * 2004-06-29 2012-02-15 株式会社デンソー PROGRAM GENERATION PROGRAM, PROGRAM GENERATION DEVICE, PROGRAM GENERATION METHOD, AND PROGRAM GENERATED BY THE SAME
US7929689B2 (en) 2004-06-30 2011-04-19 Microsoft Corporation Call signs
US7586904B2 (en) * 2004-07-15 2009-09-08 Broadcom Corp. Method and system for a gigabit Ethernet IP telephone chip with no DSP core, which uses a RISC core with instruction extensions to support voice processing
US20060015732A1 (en) * 2004-07-15 2006-01-19 Sony Corporation Processing system using internal digital signatures
US7552326B2 (en) * 2004-07-15 2009-06-23 Sony Corporation Use of kernel authorization data to maintain security in a digital processing system
US7716494B2 (en) * 2004-07-15 2010-05-11 Sony Corporation Establishing a trusted platform in a digital processing system
US7568102B2 (en) * 2004-07-15 2009-07-28 Sony Corporation System and method for authorizing the use of stored information in an operating system
US7840607B2 (en) * 2004-08-06 2010-11-23 Siemens Aktiengesellschaft Data mart generation and use in association with an operations intelligence platform
US7343496B1 (en) 2004-08-13 2008-03-11 Zilog, Inc. Secure transaction microcontroller with secure boot loader
US20060037077A1 (en) * 2004-08-16 2006-02-16 Cisco Technology, Inc. Network intrusion detection system having application inspection and anomaly detection characteristics
US8700671B2 (en) * 2004-08-18 2014-04-15 Siemens Aktiengesellschaft System and methods for dynamic generation of point / tag configurations
US7182422B2 (en) 2004-08-23 2007-02-27 Silverbrook Research Pty Ltd Printhead having first and second rows of print nozzles
US8560534B2 (en) 2004-08-23 2013-10-15 Mcafee, Inc. Database for a capture system
US7949849B2 (en) 2004-08-24 2011-05-24 Mcafee, Inc. File system for a capture system
WO2006026461A2 (en) * 2004-08-27 2006-03-09 Board Of Regents, The University Of Texas System Methods for memory assignment schemes and architecture for shareable parallel memory module based internet switches
US8032787B2 (en) * 2004-09-02 2011-10-04 Intel Corporation Volatile storage based power loss recovery mechanism
US20110071949A1 (en) * 2004-09-20 2011-03-24 Andrew Petrov Secure pin entry device for mobile phones
US8347078B2 (en) 2004-10-18 2013-01-01 Microsoft Corporation Device certificate individualization
US8356143B1 (en) 2004-10-22 2013-01-15 NVIDIA Corporatin Prefetch mechanism for bus master memory access
US7644272B2 (en) 2004-10-22 2010-01-05 Broadcom Corporation Systems and methods for providing security to different functions
US20060088160A1 (en) * 2004-10-27 2006-04-27 Lexmark International, Inc. Method and apparatus for generating and printing a security stamp with custom logo on an electrophotographic printer
US9032192B2 (en) 2004-10-28 2015-05-12 Broadcom Corporation Method and system for policy based authentication
US7450723B2 (en) * 2004-11-12 2008-11-11 International Business Machines Corporation Method and system for providing for security in communication
US8336085B2 (en) 2004-11-15 2012-12-18 Microsoft Corporation Tuning product policy using observed evidence of customer behavior
US8176564B2 (en) 2004-11-15 2012-05-08 Microsoft Corporation Special PC mode entered upon detection of undesired state
US8464348B2 (en) * 2004-11-15 2013-06-11 Microsoft Corporation Isolated computing environment anchored into CPU and motherboard
DE102004055505A1 (en) * 2004-11-17 2006-05-24 Nec Europe Ltd. A method for authorizing service requests to service hosts in a network
US7814123B2 (en) * 2004-12-02 2010-10-12 Siemens Aktiengesellschaft Management of component members using tag attributes
JP4570952B2 (en) * 2004-12-28 2010-10-27 富士通株式会社 High speed information processing apparatus, high speed information processing method and program thereof
US20060146100A1 (en) * 2005-01-04 2006-07-06 Dull Daniel J Ink jet supply component including a secure memory serial device
US7778812B2 (en) * 2005-01-07 2010-08-17 Micron Technology, Inc. Selecting data to verify in hardware device model simulation test generation
US8442938B2 (en) 2005-01-14 2013-05-14 Siemens Aktiengesellschaft Child data structure update in data management system
US7770205B2 (en) * 2005-01-19 2010-08-03 Microsoft Corporation Binding a device to a computer
US7536542B2 (en) * 2005-01-19 2009-05-19 Microsoft Corporation Method and system for intercepting, analyzing, and modifying interactions between a transport client and a transport provider
US7966643B2 (en) * 2005-01-19 2011-06-21 Microsoft Corporation Method and system for securing a remote file system
US7315917B2 (en) * 2005-01-20 2008-01-01 Sandisk Corporation Scheduling of housekeeping operations in flash memory systems
US7132823B2 (en) * 2005-01-21 2006-11-07 Microsoft Corporation Design for test for a high speed serial interface
TW200627258A (en) * 2005-01-27 2006-08-01 Lite On Technology Corp Medium transfer-recording control method and the embedded system using the same
US7636911B2 (en) * 2005-01-28 2009-12-22 Microsoft Corporation System and methods for capturing structure of data models using entity patterns
EP1696321A1 (en) * 2005-02-23 2006-08-30 Deutsche Thomson-Brandt Gmbh Method and apparatus for executing software applications
US9300641B2 (en) * 2005-02-11 2016-03-29 Nokia Corporation Method and apparatus for providing bootstrapping procedures in a communication network
US7221878B2 (en) * 2005-02-18 2007-05-22 Hewlett-Packard Development Company, L.P. Allowing image formation using consumable item where code of consumable item is identical to code of image-formation device
US7376809B2 (en) * 2005-03-09 2008-05-20 International Business Machines Corporation Systems and methods for multi-frame control blocks
US7620711B2 (en) * 2005-03-18 2009-11-17 Siemens Aktiengesellschaft Method of using configuration files for configuring technical devices
US20060218649A1 (en) * 2005-03-22 2006-09-28 Brickell Ernie F Method for conditional disclosure of identity information
JP4517907B2 (en) * 2005-03-23 2010-08-04 セイコーエプソン株式会社 Printing system, printing method, and printing control apparatus
JP4389829B2 (en) * 2005-03-28 2009-12-24 セイコーエプソン株式会社 Client computer, printer driver generation method, printer driver search method
US20060215207A1 (en) * 2005-03-28 2006-09-28 Konica Minolta Systems Laboratory, Inc. Color and monochrome management printing system
US8438645B2 (en) 2005-04-27 2013-05-07 Microsoft Corporation Secure clock with grace periods
KR100723777B1 (en) * 2005-04-11 2007-05-30 주식회사 하이닉스반도체 Autoread circuit
EP1869551A1 (en) * 2005-04-13 2007-12-26 TELEFONAKTIEBOLAGET LM ERICSSON (publ) Data value coherence in computer systems
US8725646B2 (en) 2005-04-15 2014-05-13 Microsoft Corporation Output protection levels
US7509250B2 (en) * 2005-04-20 2009-03-24 Honeywell International Inc. Hardware key control of debug interface
US9363481B2 (en) 2005-04-22 2016-06-07 Microsoft Technology Licensing, Llc Protected media pipeline
US9436804B2 (en) 2005-04-22 2016-09-06 Microsoft Technology Licensing, Llc Establishing a unique session key using a hardware functionality scan
JP4855710B2 (en) * 2005-04-28 2012-01-18 株式会社東芝 Software plug-in method and application program
US8127147B2 (en) * 2005-05-10 2012-02-28 Seagate Technology Llc Method and apparatus for securing data storage while insuring control by logical roles
US20060259828A1 (en) 2005-05-16 2006-11-16 Texas Instruments Incorporated Systems and methods for controlling access to secure debugging and profiling features of a computer system
US20060265758A1 (en) 2005-05-20 2006-11-23 Microsoft Corporation Extensible media rights
DE102005024917A1 (en) * 2005-05-31 2006-12-07 Advanced Micro Devices, Inc., Sunnyvale Register transfer level simulation device for simulating bit or bus synchronization of digital electronic circuit in e.g. silicon chip, has delay unit selectively delaying digital signal of flip-flop register around variable delay time
JP5130646B2 (en) * 2005-06-06 2013-01-30 ソニー株式会社 Storage device
US8353046B2 (en) 2005-06-08 2013-01-08 Microsoft Corporation System and method for delivery of a modular operating system
US8223910B2 (en) * 2005-06-10 2012-07-17 Freescale Semiconductor, Inc. Method and device for frame synchronization
JP2008542932A (en) * 2005-06-10 2008-11-27 フリースケール セミコンダクター インコーポレイテッド Medium access control apparatus and method
TWI267061B (en) * 2005-06-21 2006-11-21 Asustek Comp Inc Method for processing multi-layered images
US20090210701A1 (en) * 2005-06-23 2009-08-20 Junbiao Zhang Multi-Media Access Device Registration System and Method
US8639946B2 (en) * 2005-06-24 2014-01-28 Sigmatel, Inc. System and method of using a protected non-volatile memory
US7337147B2 (en) * 2005-06-30 2008-02-26 Microsoft Corporation Dynamic digital content licensing
JP4410162B2 (en) * 2005-07-05 2010-02-03 富士通株式会社 Reconfigurable LSI
US7797291B1 (en) * 2005-07-11 2010-09-14 Sprint Communications Company L.P. Data retention auditing
JP4345721B2 (en) * 2005-07-14 2009-10-14 コニカミノルタビジネステクノロジーズ株式会社 Management system
KR100648658B1 (en) * 2005-07-19 2006-11-24 삼성전자주식회사 Printing system and printer capable of electronic signature and method using the same
US20070022250A1 (en) * 2005-07-19 2007-01-25 International Business Machines Corporation System and method of responding to a cache read error with a temporary cache directory column delete
EP1748343A1 (en) 2005-07-29 2007-01-31 STMicroelectronics Limited Circuit personalisation
JP4412733B2 (en) * 2005-08-02 2010-02-10 キヤノン株式会社 Image processing apparatus and method, and computer program and storage medium
US7907608B2 (en) 2005-08-12 2011-03-15 Mcafee, Inc. High speed packet capture
US8887309B2 (en) * 2005-08-23 2014-11-11 Intrinsic Id B.V. Method and apparatus for information carrier authentication
JP2007058969A (en) * 2005-08-24 2007-03-08 Sanyo Electric Co Ltd Memory
KR100833178B1 (en) * 2005-08-26 2008-05-28 삼성전자주식회사 System capable of controlling the number of block in a cache memory and method thereof
JP2007064762A (en) * 2005-08-30 2007-03-15 Matsushita Electric Ind Co Ltd Semiconductor device and test mode control circuit
US8255108B2 (en) * 2005-08-31 2012-08-28 Spx Corporation Dynamic file system creation for scan tools
JP2007066109A (en) * 2005-08-31 2007-03-15 Fujitsu Ltd Apparatus and method for controlling data transmission/reception
US8183980B2 (en) * 2005-08-31 2012-05-22 Assa Abloy Ab Device authentication using a unidirectional protocol
US7818326B2 (en) 2005-08-31 2010-10-19 Mcafee, Inc. System and method for word indexing in a capture system and querying thereof
JP4513725B2 (en) * 2005-11-09 2010-07-28 ソニー株式会社 Packet transmission apparatus, communication system, and program
JP4674513B2 (en) * 2005-09-14 2011-04-20 富士ゼロックス株式会社 Spatial layout reproduction method, reader, and program
US7979048B2 (en) * 2005-09-15 2011-07-12 Silicon Laboratories Inc. Quasi non-volatile memory for use in a receiver
US20070067445A1 (en) * 2005-09-16 2007-03-22 Smart Link Ltd. Remote computer wake-up for network applications
US8135741B2 (en) 2005-09-20 2012-03-13 Microsoft Corporation Modifying service provider context information to facilitate locating interceptor context information
EP1768028A1 (en) * 2005-09-22 2007-03-28 STMicroelectronics (Research & Development) Limited Addressing peripherals in an ic
US20070074046A1 (en) * 2005-09-23 2007-03-29 Czajkowski David R Secure microprocessor and method
US20100191959A1 (en) * 2005-09-23 2010-07-29 Space Micro Inc. Secure microprocessor and method
US7385491B2 (en) * 2005-09-28 2008-06-10 Itt Manufacturing Enterprises, Inc. Tamper monitor circuit
KR20080068647A (en) * 2005-09-28 2008-07-23 온텔라, 인크. Method and system for establishing a service application execution environment in a heterogeneous, distributed computing system and a user friendly data transfer service application executing within the service application execution environment
US8015253B1 (en) 2005-09-28 2011-09-06 Photobucket Corporation System and method for controlling inter-device media exchanges
US9009265B2 (en) 2005-09-28 2015-04-14 Photobucket Corporation System and method for automatic transfer of data from one device to another
US9049243B2 (en) * 2005-09-28 2015-06-02 Photobucket Corporation System and method for allowing a user to opt for automatic or selectively sending of media
US7870103B1 (en) * 2005-10-13 2011-01-11 Emc Corporation Tolerating and reporting collisions in content-derived identifiers of data segments using secondary identifiers
US7730011B1 (en) 2005-10-19 2010-06-01 Mcafee, Inc. Attributes of captured objects in a capture system
US7954037B2 (en) * 2005-10-25 2011-05-31 Sandisk Il Ltd Method for recovering from errors in flash memory
US8645712B1 (en) * 2005-10-27 2014-02-04 Altera Corporation Electronic circuit design copy protection
US7657104B2 (en) 2005-11-21 2010-02-02 Mcafee, Inc. Identifying image type in a capture system
US9176713B2 (en) * 2005-11-30 2015-11-03 International Business Machines Corporation Method, apparatus and program storage device that provides a user mode device interface
US7571368B1 (en) 2006-01-26 2009-08-04 Promethean Storage Llc Digital content protection systems and methods
US8832466B1 (en) 2006-01-27 2014-09-09 Trustwave Holdings, Inc. Methods for augmentation and interpretation of data objects
US9352573B1 (en) 2006-01-30 2016-05-31 Shahar Turgeman Ink printing system comprising groups of inks, each group having a unique inkbase composition
US9718268B1 (en) 2006-01-30 2017-08-01 Shahar Turgeman Ink printing system comprising groups of inks, each group having a unique ink base composition
US10144222B1 (en) 2006-01-30 2018-12-04 Shahar Turgeman Ink printing system
US7421542B2 (en) * 2006-01-31 2008-09-02 Cisco Technology, Inc. Technique for data cache synchronization
US20070240126A1 (en) * 2006-02-01 2007-10-11 International Business Machines Corporation System and method for event based resource selection
US8386782B2 (en) * 2006-02-02 2013-02-26 Nokia Corporation Authenticated group key agreement in groups such as ad-hoc scenarios
US7421601B2 (en) * 2006-02-17 2008-09-02 International Business Machines Corporation Method and system for controlling power in a chip through a power-performance monitor and control unit
US8243922B1 (en) 2006-02-24 2012-08-14 Hitachi Global Storage Technologies Netherlands B.V. Digital content modification for content protection
US7996899B1 (en) 2006-02-24 2011-08-09 Hitachi Global Storage Technologies Netherlands B.V. Communication systems and methods for digital content modification and protection
US7441102B2 (en) * 2006-02-28 2008-10-21 Freescale Semiconductor, Inc. Integrated circuit with functional state configurable memory and method of configuring functional states of the integrated circuit memory
US8321691B2 (en) * 2006-03-06 2012-11-27 Stmicroelectronics S.A. EMA protection of a calculation by an electronic circuit
JP5060057B2 (en) * 2006-03-08 2012-10-31 富士通株式会社 Communication line monitoring system, relay device, and communication line monitoring method
KR20070094320A (en) * 2006-03-17 2007-09-20 엘지전자 주식회사 Apparatus for receiving broadcasting, method for transmitting and receiving application, method for transmitting information of status receiving broadcasting, and data structure in accordance with status receiving broadcasting
US8504537B2 (en) 2006-03-24 2013-08-06 Mcafee, Inc. Signature distribution in a document registration system
US8086842B2 (en) 2006-04-21 2011-12-27 Microsoft Corporation Peer-to-peer contact exchange
US20070280510A1 (en) * 2006-04-24 2007-12-06 Encryptakey, Inc. Systems and methods for performing secure network communication
WO2007125877A1 (en) * 2006-04-28 2007-11-08 Panasonic Corporation Communication device and communication system
US7818740B2 (en) * 2006-05-05 2010-10-19 Microsoft Corporation Techniques to perform gradual upgrades
US8560829B2 (en) * 2006-05-09 2013-10-15 Broadcom Corporation Method and system for command interface protection to achieve a secure interface
US8285988B2 (en) * 2006-05-09 2012-10-09 Broadcom Corporation Method and system for command authentication to achieve a secure interface
WO2007137090A2 (en) * 2006-05-16 2007-11-29 Hercules Software, Llc Hardware support for computer speciation
US20070282318A1 (en) * 2006-05-16 2007-12-06 Spooner Gregory J Subcutaneous thermolipolysis using radiofrequency energy
US7689614B2 (en) 2006-05-22 2010-03-30 Mcafee, Inc. Query generation for a capture system
US7958227B2 (en) 2006-05-22 2011-06-07 Mcafee, Inc. Attributes of captured objects in a capture system
US8141058B2 (en) 2006-06-05 2012-03-20 Rogue Wave Software, Inc. System for and method of capturing application characteristics data from a computer system and modeling target system
TW200807425A (en) * 2006-06-05 2008-02-01 Renesas Tech Corp Semiconductor device, unique ID of semiconductor device and method for verifying unique ID
FR2902213B1 (en) * 2006-06-08 2008-10-17 Thomson Licensing Sas ELECTRONIC CARD WITH SECURITY FUNCTIONS
US20070288740A1 (en) * 2006-06-09 2007-12-13 Dale Jason N System and method for secure boot across a plurality of processors
US20070288761A1 (en) * 2006-06-09 2007-12-13 Dale Jason N System and method for booting a multiprocessor device based on selection of encryption keys to be provided to processors
US7594104B2 (en) * 2006-06-09 2009-09-22 International Business Machines Corporation System and method for masking a hardware boot sequence
US7774616B2 (en) * 2006-06-09 2010-08-10 International Business Machines Corporation Masking a boot sequence by providing a dummy processor
US20070288738A1 (en) * 2006-06-09 2007-12-13 Dale Jason N System and method for selecting a random processor to boot on a multiprocessor system
US7397275B2 (en) * 2006-06-21 2008-07-08 Element Cxi, Llc Element controller for a resilient integrated circuit architecture
KR100804698B1 (en) * 2006-06-26 2008-02-18 삼성에스디아이 주식회사 The method of assuming the state of charge of the battery, battery management system using the method and the driving method of the battery management system using the method
US7934092B2 (en) * 2006-07-10 2011-04-26 Silverbrook Research Pty Ltd Electronic device having improved security
US20080028226A1 (en) * 2006-07-31 2008-01-31 Brocker Matthew W System-on-a-chip and method for securely transferring data on a system-on-a-chip
GB0615392D0 (en) * 2006-08-03 2006-09-13 Wivenhoe Technology Ltd Pseudo random number circuitry
US7769842B2 (en) * 2006-08-08 2010-08-03 Endl Texas, Llc Storage management unit to configure zoning, LUN masking, access controls, or other storage area network parameters
GB0616135D0 (en) * 2006-08-14 2006-09-20 British Telecomm Application controller
US8422673B2 (en) * 2006-08-31 2013-04-16 Red Hat, Inc. Method and system for protecting against unity keys
US8010995B2 (en) * 2006-09-08 2011-08-30 International Business Machines Corporation Methods, systems, and computer program products for implementing inter-process integrity serialization
CA2662968C (en) * 2006-09-11 2013-07-09 Research In Motion Limited Apparatus, and associated method, for paging an access terminal in a radio communication system
US20080080511A1 (en) * 2006-09-28 2008-04-03 Jian-Guo Chen Buffer cluster structure and arbiter scheme for multi-port upper-layer network processor
DE102006045906A1 (en) * 2006-09-28 2008-04-17 Infineon Technologies Ag Module with a controller for a chip card
US9424270B1 (en) 2006-09-28 2016-08-23 Photobucket Corporation System and method for managing media files
US8094685B2 (en) * 2006-10-04 2012-01-10 Siemens Medical Solutions Usa, Inc. Systems and methods for synchronizing multiple video streams
US8452987B2 (en) * 2006-10-06 2013-05-28 Broadcom Corporation Method and system for disaster recovery in a secure reprogrammable system
EP2078272B1 (en) * 2006-10-06 2010-12-15 Agere Systems, Inc. Protecting secret information in a programmed electronic device
US20080098380A1 (en) * 2006-10-18 2008-04-24 Toby Klusmeyer System, method, and device for updating programmable electronic equipment with a transport device from a deployment server via the internet or other communication medium
KR100831677B1 (en) * 2006-10-27 2008-05-22 주식회사 하이닉스반도체 Counter control signal generating circuit
WO2008049235A1 (en) * 2006-10-27 2008-05-02 Storage Appliance Corporation Systems and methods for controlling production quantities
US7656331B2 (en) * 2006-10-31 2010-02-02 Freescale Semiconductor, Inc. System on a chip with multiple independent outputs
DE102006052173B4 (en) * 2006-11-02 2023-06-01 Fast Lta Gmbh Write protection method and apparatus for at least one random access memory device
US8443341B2 (en) 2006-11-09 2013-05-14 Rogue Wave Software, Inc. System for and method of capturing application characteristics data from a computer system and modeling target system
US7607752B2 (en) * 2006-11-17 2009-10-27 Hewlett-Packard Development Company, L.P. Misfiring print nozzle compensation
US8706968B2 (en) 2007-12-06 2014-04-22 Fusion-Io, Inc. Apparatus, system, and method for redundant write caching
US8489817B2 (en) 2007-12-06 2013-07-16 Fusion-Io, Inc. Apparatus, system, and method for caching data
US9104599B2 (en) 2007-12-06 2015-08-11 Intelligent Intellectual Property Holdings 2 Llc Apparatus, system, and method for destaging cached data
US9116823B2 (en) 2006-12-06 2015-08-25 Intelligent Intellectual Property Holdings 2 Llc Systems and methods for adaptive error-correction coding
US7778020B2 (en) 2006-12-06 2010-08-17 Fusion Multisystems, Inc. Apparatus, system, and method for a modular blade
US8935302B2 (en) * 2006-12-06 2015-01-13 Intelligent Intellectual Property Holdings 2 Llc Apparatus, system, and method for data block usage information synchronization for a non-volatile storage volume
US8443134B2 (en) 2006-12-06 2013-05-14 Fusion-Io, Inc. Apparatus, system, and method for graceful cache device degradation
US8074011B2 (en) * 2006-12-06 2011-12-06 Fusion-Io, Inc. Apparatus, system, and method for storage space recovery after reaching a read count limit
US9495241B2 (en) 2006-12-06 2016-11-15 Longitude Enterprise Flash S.A.R.L. Systems and methods for adaptive data storage
WO2008070191A2 (en) 2006-12-06 2008-06-12 Fusion Multisystems, Inc. (Dba Fusion-Io) Apparatus, system, and method for a reconfigurable baseboard management controller
US20100318953A1 (en) * 2006-12-13 2010-12-16 Luminary Micro, Inc. Platform programming for mass customization
JP5043416B2 (en) * 2006-12-15 2012-10-10 キヤノン株式会社 Information processing apparatus, system and program, device, and storage medium
CN101568907B (en) * 2006-12-20 2011-04-13 Nxp股份有限公司 Clock generation for memory access without a local oscillator
US7794036B2 (en) * 2006-12-22 2010-09-14 Pitney Bowes Inc. Ensuring print quality for postage meter systems
US7711684B2 (en) 2006-12-28 2010-05-04 Ebay Inc. Collaborative content evaluation
US7877812B2 (en) * 2007-01-04 2011-01-25 International Business Machines Corporation Method, system and computer program product for enforcing privacy policies
US8472066B1 (en) * 2007-01-11 2013-06-25 Marvell International Ltd. Usage maps in image deposition devices
US8234624B2 (en) * 2007-01-25 2012-07-31 International Business Machines Corporation System and method for developing embedded software in-situ
WO2008094470A1 (en) * 2007-01-26 2008-08-07 Magtek, Inc. Card reader for use with web based transactions
JP2008183884A (en) * 2007-01-31 2008-08-14 Fujifilm Corp Image forming device and transfer method of printing data
US20110047630A1 (en) * 2007-02-09 2011-02-24 Agency For Science, Technology And Research Method and system for tamper proofing a system of interconnected electronic devices
US7925465B2 (en) 2007-02-12 2011-04-12 Mentor Graphics Corporation Low power scan testing techniques and apparatus
NZ553309A (en) * 2007-02-19 2009-07-31 Kevin I Plumpton System and method minimisation, management and recovery of interruption
US7703060B2 (en) * 2007-02-23 2010-04-20 International Business Machines Corporation Stitched IC layout methods, systems and program product
US7532993B2 (en) * 2007-02-26 2009-05-12 Infineon Technologies Ag Device providing trim values
US8260783B2 (en) 2007-02-27 2012-09-04 Siemens Aktiengesellschaft Storage of multiple, related time-series data streams
DE102007009909B4 (en) * 2007-02-28 2016-09-08 Globalfoundries Inc. A method of validating an atomic transaction in a multi-core microprocessor environment
US8484220B2 (en) * 2007-03-06 2013-07-09 Mcafee, Inc. Clustered index with differentiated subfields
US7636875B2 (en) * 2007-03-08 2009-12-22 Texas Instruments Incorporated Low noise coding for digital data interface
US8316158B1 (en) 2007-03-12 2012-11-20 Cypress Semiconductor Corporation Configuration of programmable device using a DMA controller
DE102007029133A1 (en) * 2007-03-20 2008-09-25 Ludwig-Maximilians-Universität Method for computer-aided determination of the dependencies of a plurality of modules of a technical system, in particular of a software system
WO2009022239A2 (en) * 2007-03-26 2009-02-19 Acumem Ab System for and method of capturing performance characteristics data from a computer system and modeling target system performance
US8060661B1 (en) 2007-03-27 2011-11-15 Cypress Semiconductor Corporation Interface circuit and method for programming or communicating with an integrated circuit via a power supply pin
JP5029101B2 (en) * 2007-04-04 2012-09-19 富士ゼロックス株式会社 Image processing apparatus, image recording apparatus, image processing method, and image processing program
EP1978468A1 (en) * 2007-04-04 2008-10-08 Sap Ag A method and a system for secure execution of workflow tasks in a distributed workflow management system within a decentralized network system
US7958432B2 (en) * 2007-04-11 2011-06-07 International Business Machines Corporation Verification of non volatile storage storing preserved unneeded data
KR101351019B1 (en) * 2007-04-13 2014-01-13 엘지전자 주식회사 apparatus for transmitting and receiving a broadcast signal and method of transmitting and receiving a broadcast signal
KR101351026B1 (en) 2007-04-13 2014-01-13 엘지전자 주식회사 apparatus for transmitting and receiving a broadcast signal and method of transmitting and receiving a broadcast signal
EP2036491B1 (en) * 2007-04-18 2018-03-28 Weinmann Emergency Medical Technology GmbH + Co. KG Lung ventilator and method for updating a lung ventilator
US20080263233A1 (en) * 2007-04-19 2008-10-23 Thomas Hein Integrated circuit and memory device
US20080266563A1 (en) * 2007-04-26 2008-10-30 Redman David J Measuring color using color filter arrays
US7814250B2 (en) 2007-04-27 2010-10-12 Atmel Corporation Serialization of data for multi-chip bus implementation
US7761632B2 (en) 2007-04-27 2010-07-20 Atmel Corporation Serialization of data for communication with slave in multi-chip bus implementation
US7769933B2 (en) * 2007-04-27 2010-08-03 Atmel Corporation Serialization of data for communication with master in multi-chip bus implementation
US7743186B2 (en) * 2007-04-27 2010-06-22 Atmel Corporation Serialization of data for communication with different-protocol slave in multi-chip bus implementation
US7827455B1 (en) * 2007-05-01 2010-11-02 Unisys Corporation System and method for detecting glitches on a high-speed interface
US20080273584A1 (en) * 2007-05-01 2008-11-06 Vladimir Dmitriev-Zdorov Generating test sequences for circuit channels exhibiting duty-cycle distortion
WO2008137458A2 (en) * 2007-05-01 2008-11-13 Mentor Graphics Corporation Generating test sequences for testing circuit channels
US20080275662A1 (en) 2007-05-01 2008-11-06 Vladimir Dmitriev-Zdorov Generating transmission-code compliant test sequences
KR100970003B1 (en) * 2007-05-02 2010-07-16 한국전자통신연구원 Method and apparatus for transmitting signal
US9406388B2 (en) 2007-05-10 2016-08-02 Micron Technology, Inc. Memory area protection system and methods
TW200847087A (en) * 2007-05-18 2008-12-01 Beyond Innovation Tech Co Ltd Method and system for protecting information between a master terminal and a slave terminal
US8040556B2 (en) * 2007-05-24 2011-10-18 Dainippon Screen Mfg. Co., Ltd. Image data generating method, printing method, image data generating apparatus, and printer
US7823006B2 (en) * 2007-05-29 2010-10-26 Microsoft Corporation Analyzing problem signatures
US20080301433A1 (en) * 2007-05-30 2008-12-04 Atmel Corporation Secure Communications
WO2008151339A2 (en) * 2007-06-11 2008-12-18 Fts Computertechnik Gmbh Method and architecture for securing real-time data
US9037750B2 (en) * 2007-07-10 2015-05-19 Qualcomm Incorporated Methods and apparatus for data exchange in peer to peer communications
US20090022319A1 (en) * 2007-07-19 2009-01-22 Mark Shahaf Method and apparatus for securing data and communication
JP2009027472A (en) * 2007-07-19 2009-02-05 Toshiba Corp Cipher calculation device
US8122322B2 (en) 2007-07-31 2012-02-21 Seagate Technology Llc System and method of storing reliability data
KR20090014034A (en) * 2007-08-03 2009-02-06 삼성전자주식회사 Inkjet image forming apparatus
CN101364210B (en) * 2007-08-06 2012-05-30 鸿富锦精密工业(深圳)有限公司 Portable computer with components expandable
JP2009053901A (en) * 2007-08-27 2009-03-12 Seiko Epson Corp Printer
US7505340B1 (en) * 2007-08-28 2009-03-17 International Business Machines Corporation Method for implementing SRAM cell write performance evaluation
US8006095B2 (en) * 2007-08-31 2011-08-23 Standard Microsystems Corporation Configurable signature for authenticating data or program code
US7917716B2 (en) * 2007-08-31 2011-03-29 Standard Microsystems Corporation Memory protection for embedded controllers
KR101429674B1 (en) * 2007-09-11 2014-08-13 삼성전자주식회사 Apparatus and method for reducing power consumption in system on chip
FR2921171B1 (en) * 2007-09-14 2015-10-23 Airbus France METHOD OF MINIMIZING THE VOLUME OF INFORMATION REQUIRED FOR DEBUGGING OPERATING SOFTWARE OF AN ON-BOARD AIRCRAFT SYSTEM, AND DEVICE FOR IMPLEMENTING THE SAME
US8127233B2 (en) * 2007-09-24 2012-02-28 Microsoft Corporation Remote user interface updates using difference and motion encoding
US9201790B2 (en) * 2007-10-09 2015-12-01 Seagate Technology Llc System and method of matching data rates
JP5082737B2 (en) * 2007-10-09 2012-11-28 パナソニック株式会社 Information processing apparatus and information theft prevention method
US8619877B2 (en) * 2007-10-11 2013-12-31 Microsoft Corporation Optimized key frame caching for remote interface rendering
US8121423B2 (en) 2007-10-12 2012-02-21 Microsoft Corporation Remote user interface raster segment motion detection and encoding
US8106909B2 (en) * 2007-10-13 2012-01-31 Microsoft Corporation Common key frame caching for a remote user interface
US8327191B2 (en) * 2007-10-19 2012-12-04 International Business Machines Corporation Automatically populating symptom databases for software applications
US20090113256A1 (en) * 2007-10-24 2009-04-30 Nokia Corporation Method, computer program product, apparatus and device providing scalable structured high throughput LDPC decoding
US7741659B2 (en) * 2007-10-25 2010-06-22 United Microelectronics Corp. Semiconductor device
US8260891B2 (en) * 2007-10-30 2012-09-04 Dell Products L.P. System and method for the provision of secure network boot services
US8135960B2 (en) * 2007-10-30 2012-03-13 International Business Machines Corporation Multiprocessor electronic circuit including a plurality of processors and electronic data processing system
CN101431413B (en) * 2007-11-08 2012-04-25 华为技术有限公司 Method, system, server and terminal for authentication
JP4992678B2 (en) * 2007-11-13 2012-08-08 富士通株式会社 Image processing method, control program, and image processing apparatus
US7866779B2 (en) * 2007-11-16 2011-01-11 Hewlett-Packard Development Company, L.P. Defective nozzle replacement in a printer
CN101441587B (en) * 2007-11-19 2011-05-18 辉达公司 Method and system for automatically analyzing GPU test result
JP5007663B2 (en) * 2007-11-30 2012-08-22 セイコーエプソン株式会社 Business management system and program
US9519540B2 (en) 2007-12-06 2016-12-13 Sandisk Technologies Llc Apparatus, system, and method for destaging cached data
US8195912B2 (en) 2007-12-06 2012-06-05 Fusion-io, Inc Apparatus, system, and method for efficient mapping of virtual and physical addresses
US8316277B2 (en) 2007-12-06 2012-11-20 Fusion-Io, Inc. Apparatus, system, and method for ensuring data validity in a data storage process
US7809980B2 (en) * 2007-12-06 2010-10-05 Jehoda Refaeli Error detector in a cache memory using configurable way redundancy
US7836226B2 (en) 2007-12-06 2010-11-16 Fusion-Io, Inc. Apparatus, system, and method for coordinating storage requests in a multi-processor/multi-thread environment
US8411665B2 (en) 2007-12-11 2013-04-02 At&T Intellectual Property I, L.P. System and method of routing voice communications via peering networks
US8786359B2 (en) * 2007-12-12 2014-07-22 Sandisk Technologies Inc. Current mirror device and method
EP2562956B1 (en) * 2007-12-13 2017-09-27 Certicom Corp. System and method for controlling features on a device
KR100909067B1 (en) * 2007-12-18 2009-07-23 한국전자통신연구원 Wake-up Receiver and Wake-up Method Using Constant Cyclic Power Shutdown
US8028195B2 (en) * 2007-12-18 2011-09-27 International Business Machines Corporation Structure for indicating status of an on-chip power supply system
US7917806B2 (en) * 2007-12-18 2011-03-29 International Business Machines Corporation System and method for indicating status of an on-chip power supply system
US7723153B2 (en) * 2007-12-26 2010-05-25 Organicid, Inc. Printed organic logic circuits using an organic semiconductor as a resistive load device
US8341751B2 (en) * 2007-12-26 2012-12-25 Wilson Kelce S Software license management
US7934052B2 (en) 2007-12-27 2011-04-26 Pliant Technology, Inc. System and method for performing host initiated mass storage commands using a hierarchy of data structures
US7756659B2 (en) * 2008-01-11 2010-07-13 Fairchild Semiconductor Corporation Delay stabilization for skew tolerance
US8503679B2 (en) * 2008-01-23 2013-08-06 The Boeing Company Short message encryption
CN101364444B (en) * 2008-02-05 2011-05-11 威盛电子股份有限公司 Control method and memory and process system using the control method
US8108831B2 (en) * 2008-02-07 2012-01-31 Microsoft Corporation Iterative component binding
US9069706B2 (en) * 2008-02-11 2015-06-30 Nvidia Corporation Confidential information protection system and method
US7886089B2 (en) * 2008-02-13 2011-02-08 International Business Machines Corporation Method, system and computer program product for enhanced shared store buffer management scheme for differing buffer sizes with limited resources for optimized performance
JP4557021B2 (en) * 2008-02-29 2010-10-06 ブラザー工業株式会社 Droplet ejector
US8423993B2 (en) * 2008-02-29 2013-04-16 Red Hat, Inc. Systems and methods for managing software patches
KR100997239B1 (en) * 2008-03-03 2010-11-29 삼성전자주식회사 Crum unit, replaceable unit, image forming device comprising them, and method for performing an authentication and cryptographic data communication thereof
US8312534B2 (en) * 2008-03-03 2012-11-13 Lenovo (Singapore) Pte. Ltd. System and method for securely clearing secret data that remain in a computer system memory
US20090228875A1 (en) * 2008-03-04 2009-09-10 Devries Alex Method and System for Reducing Disk Allocation by Profiling Symbol Usage
US20100198830A1 (en) * 2008-03-06 2010-08-05 Nitrosecurity, Inc. Dynamic data distribution aggregation
PT2263146E (en) * 2008-03-14 2013-06-04 Hewlett Packard Development Co Secure access to fluid cartridge memory
US8752038B1 (en) * 2008-03-17 2014-06-10 Symantec Corporation Reducing boot time by providing quantitative performance cost data within a boot management user interface
US8314942B1 (en) 2009-02-27 2012-11-20 Marvell International Ltd. Positioning and printing of a handheld device
JP4990315B2 (en) * 2008-03-20 2012-08-01 アナパス・インコーポレーテッド Display device and method for transmitting clock signal during blank period
US8171386B2 (en) * 2008-03-27 2012-05-01 Arm Limited Single event upset error detection within sequential storage circuitry of an integrated circuit
US8434064B2 (en) * 2008-03-28 2013-04-30 Microsoft Corporation Detecting memory errors using write integrity testing
US8504980B1 (en) * 2008-04-14 2013-08-06 Sap Ag Constraining data changes during transaction processing by a computer system
US8031952B2 (en) * 2008-04-21 2011-10-04 Broadcom Corporation Method and apparatus for optimizing memory usage in image processing
US8200986B2 (en) * 2008-04-24 2012-06-12 Apple Inc. Computer enabled secure status return
JP5050985B2 (en) * 2008-04-30 2012-10-17 富士通株式会社 Verification support program, verification support apparatus, and verification support method
WO2009136402A2 (en) * 2008-05-07 2009-11-12 Cosmologic Ltd. Register file system and method thereof for enabling a substantially direct memory access
US9058483B2 (en) * 2008-05-08 2015-06-16 Google Inc. Method for validating an untrusted native code module
JP5056573B2 (en) * 2008-05-09 2012-10-24 富士通株式会社 Design support program, design support apparatus, and design support method
US7882406B2 (en) * 2008-05-09 2011-02-01 Lsi Corporation Built in test controller with a downloadable testing program
KR20110050404A (en) 2008-05-16 2011-05-13 퓨전-아이오, 인크. Apparatus, system, and method for detecting and replacing failed data storage
US8838924B2 (en) * 2008-05-24 2014-09-16 Via Technologies, Inc. Microprocessor having internal secure memory
US8819839B2 (en) * 2008-05-24 2014-08-26 Via Technologies, Inc. Microprocessor having a secure execution mode with provisions for monitoring, indicating, and managing security levels
US8156391B2 (en) * 2008-05-27 2012-04-10 Lsi Corporation Data controlling in the MBIST chain architecture
CN102112958A (en) 2008-05-29 2011-06-29 惠普开发有限公司 Replaceable printer component including a memory storing a tag encryption mask
ES2662058T3 (en) * 2008-05-29 2018-04-05 Hewlett-Packard Development Company, L.P. Authentication of a replaceable printer component
JP5217647B2 (en) * 2008-06-04 2013-06-19 富士通株式会社 Information processing apparatus and information processing method
US8175403B1 (en) * 2008-06-05 2012-05-08 Google Inc. Iterative backward reference selection with reduced entropy for image compression
US8046643B2 (en) * 2008-06-09 2011-10-25 Lsi Corporation Transport subsystem for an MBIST chain architecture
US20090319736A1 (en) * 2008-06-24 2009-12-24 Hitachi, Ltd. Method and apparatus for integrated nas and cas data backup
WO2010001324A2 (en) * 2008-06-30 2010-01-07 Mominis Ltd Method of generating and distributing a computer application
US8181230B2 (en) * 2008-06-30 2012-05-15 International Business Machines Corporation System and method for adaptive approximating of a user for role authorization in a hierarchical inter-organizational model
US8151008B2 (en) * 2008-07-02 2012-04-03 Cradle Ip, Llc Method and system for performing DMA in a multi-core system-on-chip using deadline-based scheduling
US8325554B2 (en) * 2008-07-10 2012-12-04 Sanmina-Sci Corporation Battery-less cache memory module with integrated backup
US8205242B2 (en) 2008-07-10 2012-06-19 Mcafee, Inc. System and method for data mining and security policy management
US8954804B2 (en) * 2008-07-15 2015-02-10 Ati Technologies Ulc Secure boot circuit and method
US9176754B2 (en) 2008-07-16 2015-11-03 Google Inc. Method and system for executing applications using native code modules
US8706951B2 (en) * 2008-07-18 2014-04-22 Marvell World Trade Ltd. Selectively accessing faster or slower multi-level cell memory
US20100014670A1 (en) * 2008-07-18 2010-01-21 Texas Instruments Incorporated One-Way Hash Extension for Encrypted Communication
US8151349B1 (en) * 2008-07-21 2012-04-03 Google Inc. Masking mechanism that facilitates safely executing untrusted native code
CH699208B1 (en) * 2008-07-25 2019-03-29 Em Microelectronic Marin Sa Shared memory processor circuit and buffer system.
US8255749B2 (en) 2008-07-29 2012-08-28 Texas Instruments Incorporated Ascertaining configuration by storing data signals in a topology register
CN101329719B (en) * 2008-08-01 2010-11-10 西安西电捷通无线网络通信股份有限公司 Anonymous authentication method suitable for homogeneous electronic label
US20100033788A1 (en) * 2008-08-01 2010-02-11 University Of Florida Research Foundation, Inc. Micromirror and fabrication method for producing micromirror
EP2316180A4 (en) 2008-08-11 2011-12-28 Assa Abloy Ab Secure wiegand communications
US9253154B2 (en) 2008-08-12 2016-02-02 Mcafee, Inc. Configuration management for a capture/registration system
FR2935078B1 (en) * 2008-08-12 2012-11-16 Groupe Des Ecoles De Telecommunications Get Ecole Nationale Superieure Des Telecommunications Enst METHOD OF PROTECTING THE DECRYPTION OF CONFIGURATION FILES OF PROGRAMMABLE LOGIC CIRCUITS AND CIRCUIT USING THE METHOD
US20100049658A1 (en) * 2008-08-22 2010-02-25 Javier Sanchez Secure electronic transaction system
US8582052B2 (en) * 2008-08-22 2013-11-12 Gentex Corporation Discrete LED backlight control for a reduced power LCD display system
US9324072B1 (en) * 2008-08-22 2016-04-26 Ixys Intl Limited Bit-flipping memory controller to prevent SRAM data remanence
US8051467B2 (en) 2008-08-26 2011-11-01 Atmel Corporation Secure information processing
US8239567B1 (en) * 2008-09-09 2012-08-07 Marvell International Ltd. Filtering superfluous data fragments on a computer network
US8356128B2 (en) * 2008-09-16 2013-01-15 Nvidia Corporation Method and system of reducing latencies associated with resource allocation by using multiple arbiters
US20100083365A1 (en) * 2008-09-30 2010-04-01 Naga Gurumoorthy Apparatus and method to harden computer system
US8132267B2 (en) 2008-09-30 2012-03-06 Intel Corporation Apparatus and method to harden computer system
US20100082846A1 (en) * 2008-10-01 2010-04-01 Kyung Hwan Kim Usb device and method for connecting the usb device with usb host
US20100085239A1 (en) * 2008-10-03 2010-04-08 Rosemount Aerospace Inc. Device and method for detecting a target using a high speed sampling device
US8161367B2 (en) * 2008-10-07 2012-04-17 Arm Limited Correction of single event upset error within sequential storage circuitry of an integrated circuit
US8370552B2 (en) * 2008-10-14 2013-02-05 Nvidia Corporation Priority based bus arbiters avoiding deadlock and starvation on buses that support retrying of transactions
US7825721B2 (en) * 2008-10-17 2010-11-02 United Technologies Corp. Systems and methods for filtering signals corresponding to sensed parameters
US8056044B2 (en) * 2008-10-21 2011-11-08 Atmel Corporation Signal processing
US8020053B2 (en) * 2008-10-29 2011-09-13 Hewlett-Packard Development Company, L.P. On-line memory testing
US8510713B1 (en) 2008-10-31 2013-08-13 Google Inc. Method and system for validating a disassembler
US20100132047A1 (en) * 2008-11-24 2010-05-27 Honeywell International Inc. Systems and methods for tamper resistant memory devices
US8180730B2 (en) * 2008-11-25 2012-05-15 International Business Machines Corporation Arbitration token for managing data integrity and data accuracy of information services that utilize distributed data replicas
US10452844B2 (en) * 2008-11-26 2019-10-22 International Business Machines Corporation Protecting isolated secret data of integrated circuit devices
JP5458556B2 (en) * 2008-11-27 2014-04-02 ソニー株式会社 Timing adjustment circuit, solid-state imaging device, and camera system
US8266593B2 (en) * 2008-12-01 2012-09-11 Wipro Limited System and method for analyzing performance of a software testing system
US8417761B2 (en) * 2008-12-08 2013-04-09 International Business Machines Corporation Direct decimal number tripling in binary coded adders
WO2010067495A1 (en) * 2008-12-08 2010-06-17 パナソニック株式会社 System clock monitoring apparatus and motor control system
US7895385B2 (en) * 2008-12-09 2011-02-22 Nvidia Corporation Establishing communication over serial buses in a slave device
US8194481B2 (en) 2008-12-18 2012-06-05 Mosaid Technologies Incorporated Semiconductor device with main memory unit and auxiliary memory unit requiring preset operation
US8037235B2 (en) * 2008-12-18 2011-10-11 Mosaid Technologies Incorporated Device and method for transferring data to a non-volatile memory device
JP2010149537A (en) * 2008-12-23 2010-07-08 Autonetworks Technologies Ltd Control apparatus, control method, and computer program
TWI387023B (en) * 2008-12-25 2013-02-21 Silicon Motion Inc Method of preventing data loss during a solder reflow process and memory device using the same
US8055936B2 (en) * 2008-12-31 2011-11-08 Pitney Bowes Inc. System and method for data recovery in a disabled integrated circuit
CN101772020B (en) * 2009-01-05 2011-12-28 华为技术有限公司 Method and system for authentication processing, 3GPP authentication authorization accounting server and user device
US8850591B2 (en) 2009-01-13 2014-09-30 Mcafee, Inc. System and method for concept building
US8706709B2 (en) 2009-01-15 2014-04-22 Mcafee, Inc. System and method for intelligent term grouping
US8125672B2 (en) * 2009-01-21 2012-02-28 Infoprint Solutions Company Llc Dual ink systems in a printer
US8788850B1 (en) * 2009-01-22 2014-07-22 Marvell International Ltd. Systems and methods for using a security circuit to monitor a voltage of an integrated circuit to counter security threats to the integrated circuit
KR20110128858A (en) 2009-02-12 2011-11-30 모사이드 테크놀로지스 인코퍼레이티드 Termination circuit for on-die termination
US8371669B1 (en) * 2009-02-18 2013-02-12 Marvell International Ltd. Fire timing control in printing devices
US8242790B2 (en) * 2009-02-23 2012-08-14 Lewis James M Method and system for detection of tampering related to reverse engineering
US8598890B2 (en) * 2009-02-23 2013-12-03 Lewis Innovative Technologies Method and system for protecting products and technology from integrated circuits which have been subject to tampering, stressing and replacement as well as detecting integrated circuits that have been subject to tampering
US8473442B1 (en) 2009-02-25 2013-06-25 Mcafee, Inc. System and method for intelligent state management
JP2010200090A (en) * 2009-02-26 2010-09-09 Toshiba Corp Phase compensation clock synchronizing circuit
US8782025B2 (en) * 2009-03-10 2014-07-15 Ims Software Services Ltd. Systems and methods for address intelligence
US8266503B2 (en) 2009-03-13 2012-09-11 Fusion-Io Apparatus, system, and method for using multi-level cell storage in a single-level cell mode
WO2010106537A2 (en) * 2009-03-15 2010-09-23 Authix Tecnologies Srl. Remote product authentication
JP5366600B2 (en) * 2009-03-16 2013-12-11 キヤノン株式会社 Image forming apparatus
US8938717B1 (en) * 2009-03-16 2015-01-20 Xilinx, Inc. Updating an installed computer program
US9442846B2 (en) * 2009-03-17 2016-09-13 Cisco Technology, Inc. High speed memory systems and methods for designing hierarchical memory systems
US8433880B2 (en) 2009-03-17 2013-04-30 Memoir Systems, Inc. System and method for storing data in a virtualized high speed memory system
US8667121B2 (en) 2009-03-25 2014-03-04 Mcafee, Inc. System and method for managing data and policies
US8447722B1 (en) 2009-03-25 2013-05-21 Mcafee, Inc. System and method for data mining and security policy management
US8162433B2 (en) * 2009-03-30 2012-04-24 Xerox Corporation System and method for scheduling ink jet recovery in an ink jet printer
US8698823B2 (en) * 2009-04-08 2014-04-15 Nvidia Corporation System and method for deadlock-free pipelining
US9569282B2 (en) * 2009-04-24 2017-02-14 Microsoft Technology Licensing, Llc Concurrent mutation of isolated object graphs
US8352679B2 (en) * 2009-04-29 2013-01-08 Empire Technology Development Llc Selectively securing data and/or erasing secure data caches responsive to security compromising conditions
US8726043B2 (en) 2009-04-29 2014-05-13 Empire Technology Development Llc Securing backing storage data passed through a network
US8799671B2 (en) * 2009-05-06 2014-08-05 Empire Technology Development Llc Techniques for detecting encrypted data
US8924743B2 (en) 2009-05-06 2014-12-30 Empire Technology Development Llc Securing data caches through encryption
US8417754B2 (en) * 2009-05-11 2013-04-09 Empire Technology Development, Llc Identification of integrated circuits
US8180981B2 (en) * 2009-05-15 2012-05-15 Oracle America, Inc. Cache coherent support for flash in a memory hierarchy
US8281227B2 (en) 2009-05-18 2012-10-02 Fusion-10, Inc. Apparatus, system, and method to increase data integrity in a redundant storage system
US8307258B2 (en) 2009-05-18 2012-11-06 Fusion-10, Inc Apparatus, system, and method for reconfiguring an array to operate with less storage elements
US8725299B2 (en) * 2009-05-21 2014-05-13 Lennox Industries, Inc. Customer equipment profile system for HVAC controls
US20100303239A1 (en) * 2009-05-27 2010-12-02 Fujitsu Limited Method and apparatus for protecting root key in control system
IL199272A0 (en) 2009-06-10 2012-07-16 Nds Ltd Protection of secret value using hardware instability
US9298894B2 (en) 2009-06-26 2016-03-29 International Business Machines Corporation Cache structure for a computer system providing support for secure objects
US8954752B2 (en) 2011-02-23 2015-02-10 International Business Machines Corporation Building and distributing secure object software
US8578175B2 (en) 2011-02-23 2013-11-05 International Business Machines Corporation Secure object having protected region, integrity tree, and unprotected region
US9846789B2 (en) 2011-09-06 2017-12-19 International Business Machines Corporation Protecting application programs from malicious software or malware
US8819446B2 (en) 2009-06-26 2014-08-26 International Business Machines Corporation Support for secure objects in a computer system
US9954875B2 (en) 2009-06-26 2018-04-24 International Business Machines Corporation Protecting from unintentional malware download
JP4772891B2 (en) * 2009-06-30 2011-09-14 株式会社東芝 Host controller, computer terminal and card access method
US8797337B1 (en) 2009-07-02 2014-08-05 Google Inc. Graphics scenegraph rendering for web applications using native code modules
KR101196410B1 (en) * 2009-07-07 2012-11-01 삼성전자주식회사 Method for auto setting configuration of television according to installation type of television and television using the same
US8397088B1 (en) 2009-07-21 2013-03-12 The Research Foundation Of State University Of New York Apparatus and method for efficient estimation of the energy dissipation of processor based systems
US8984198B2 (en) * 2009-07-21 2015-03-17 Microchip Technology Incorporated Data space arbiter
US20110258372A1 (en) * 2009-07-29 2011-10-20 Panasonic Corporation Memory device, host device, and memory system
US8176150B2 (en) * 2009-08-12 2012-05-08 Dell Products L.P. Automated services procurement through multi-stage process
US8375442B2 (en) * 2009-08-17 2013-02-12 Fatskunk, Inc. Auditing a device
US8370935B1 (en) 2009-08-17 2013-02-05 Fatskunk, Inc. Auditing a device
US8949989B2 (en) 2009-08-17 2015-02-03 Qualcomm Incorporated Auditing a device
US8544089B2 (en) * 2009-08-17 2013-09-24 Fatskunk, Inc. Auditing a device
WO2011031796A2 (en) 2009-09-08 2011-03-17 Fusion-Io, Inc. Apparatus, system, and method for caching data on a solid-state storage device
US9223514B2 (en) 2009-09-09 2015-12-29 SanDisk Technologies, Inc. Erase suspend/resume for memory
WO2011031903A2 (en) * 2009-09-09 2011-03-17 Fusion-Io, Inc. Apparatus, system, and method for allocating storage
US9122579B2 (en) 2010-01-06 2015-09-01 Intelligent Intellectual Property Holdings 2 Llc Apparatus, system, and method for a storage layer
EP2476039B1 (en) 2009-09-09 2016-10-26 SanDisk Technologies LLC Apparatus, system, and method for power reduction management in a storage device
US9084071B2 (en) * 2009-09-10 2015-07-14 Michael-Anthony Lisboa Simple mobile registration mechanism enabling automatic registration via mobile devices
US8689434B2 (en) * 2009-10-14 2014-04-08 Nanya Technology Corporation Integrated circuit manufacturing system
JP5556405B2 (en) * 2009-10-19 2014-07-23 株式会社リコー Power supply control apparatus, image forming apparatus, and power supply control method
CN102055887A (en) * 2009-10-29 2011-05-11 鸿富锦精密工业(深圳)有限公司 Network camera and data management and control method thereof
CN102640457B (en) 2009-11-04 2015-01-21 新泽西理工学院 Differential frame based scheduling for input queued switches
US8131889B2 (en) * 2009-11-10 2012-03-06 Apple Inc. Command queue for peripheral component
US8819452B2 (en) 2009-11-25 2014-08-26 Cleversafe, Inc. Efficient storage of encrypted data in a dispersed storage network
US9672109B2 (en) * 2009-11-25 2017-06-06 International Business Machines Corporation Adaptive dispersed storage network (DSN) and system
DE102009047538B4 (en) * 2009-12-04 2018-02-22 Endress + Hauser Process Solutions Ag Method for optimizing the parameter setting of power supply parameters of a field device power module
KR101714108B1 (en) * 2009-12-04 2017-03-08 크라이프토그라피 리서치, 인코포레이티드 Verifiable, leak-resistant encryption and decryption
US8452989B1 (en) * 2009-12-09 2013-05-28 Emc Corporation Providing security to an electronic device
CN102095956B (en) * 2009-12-11 2013-02-13 名硕电脑(苏州)有限公司 Detecting device and method
WO2011075167A1 (en) * 2009-12-15 2011-06-23 Memoir Systems,Inc. System and method for reduced latency caching
DE102009055271A1 (en) * 2009-12-23 2011-06-30 Carl Zeiss NTS GmbH, 73447 Method for generating a representation of an object by means of a particle beam and particle beam apparatus for carrying out the method
US20110161560A1 (en) * 2009-12-31 2011-06-30 Hutchison Neil D Erase command caching to improve erase performance on flash memory
US9134918B2 (en) * 2009-12-31 2015-09-15 Sandisk Technologies Inc. Physical compression of data with flat or systematic pattern
US9514055B2 (en) * 2009-12-31 2016-12-06 Seagate Technology Llc Distributed media cache for data storage systems
US8645930B2 (en) * 2010-01-04 2014-02-04 Apple Inc. System and method for obfuscation by common function and common function prototype
WO2011088074A2 (en) * 2010-01-12 2011-07-21 Stc. Unm System and methods for generating unclonable security keys in integrated circuits
CA2787933C (en) * 2010-01-26 2016-09-13 Silver Tail Systems, Inc. System and method for network security including detection of man-in-the-browser attacks
US8661184B2 (en) 2010-01-27 2014-02-25 Fusion-Io, Inc. Managing non-volatile media
US8315092B2 (en) * 2010-01-27 2012-11-20 Fusion-Io, Inc. Apparatus, system, and method for determining a read voltage threshold for solid-state storage media
US8380915B2 (en) 2010-01-27 2013-02-19 Fusion-Io, Inc. Apparatus, system, and method for managing solid-state storage media
US8854882B2 (en) 2010-01-27 2014-10-07 Intelligent Intellectual Property Holdings 2 Llc Configuring storage cells
JP5446943B2 (en) * 2010-01-29 2014-03-19 ソニー株式会社 Printing system and printer apparatus control method
US9219936B2 (en) 2010-02-05 2015-12-22 Maxlinear, Inc. Conditional access integration in a SOC for mobile TV applications
US8432981B1 (en) * 2010-03-10 2013-04-30 Smsc Holdings S.A.R.L. High frequency and idle communication signal state detection
US9245653B2 (en) 2010-03-15 2016-01-26 Intelligent Intellectual Property Holdings 2 Llc Reduced level cell mode for non-volatile memory
US8370648B1 (en) * 2010-03-15 2013-02-05 Emc International Company Writing and reading encrypted data using time-based encryption keys
KR20110105153A (en) * 2010-03-18 2011-09-26 삼성전자주식회사 Flipflop circuit and scan flipflop circuit
JP5479177B2 (en) * 2010-03-19 2014-04-23 株式会社Pfu Information processing apparatus, consumable management method, and program
US9141580B2 (en) 2010-03-23 2015-09-22 Citrix Systems, Inc. Systems and methods for monitoring and maintaining consistency of a configuration
WO2011119985A2 (en) 2010-03-26 2011-09-29 Maxlinear, Inc. Firmware authentication and deciphering for secure tv receiver
WO2011123462A1 (en) * 2010-03-29 2011-10-06 Maxlinear, Inc. Generation of sw encryption key during silicon manufacturing process
US8935520B2 (en) 2010-03-30 2015-01-13 Maxlinear, Inc. Control word obfuscation in secure TV receiver
WO2011143628A2 (en) 2010-05-13 2011-11-17 Fusion-Io, Inc. Apparatus, system, and method for conditional and atomic storage operations
WO2011146489A1 (en) * 2010-05-17 2011-11-24 Jon Parsons System and method for multi-dimensional secretion of digital data
US10353774B2 (en) * 2015-10-30 2019-07-16 International Business Machines Corporation Utilizing storage unit latency data in a dispersed storage network
JP5528209B2 (en) * 2010-05-20 2014-06-25 キヤノン株式会社 Image processing apparatus and image processing method
US9311664B2 (en) * 2010-05-25 2016-04-12 Salesforce.Com, Inc. Systems and methods for automatically collection of performance data in a multi-tenant database system environment
US20110302551A1 (en) * 2010-06-02 2011-12-08 Hummel Jr David Martin System and method for analytic process design
WO2011156745A2 (en) * 2010-06-10 2011-12-15 The Regents Of The University Of California Strong single and multiple error correcting wom codes, coding methods and devices
US8433727B2 (en) * 2010-06-22 2013-04-30 Red Hat Israel, Ltd. Method and apparatus for restricting access to writable properties at runtime
US8432732B2 (en) 2010-07-09 2013-04-30 Sandisk Technologies Inc. Detection of word-line leakage in memory arrays
US8514630B2 (en) 2010-07-09 2013-08-20 Sandisk Technologies Inc. Detection of word-line leakage in memory arrays: current based approach
US8305807B2 (en) 2010-07-09 2012-11-06 Sandisk Technologies Inc. Detection of broken word-lines in memory arrays
US8904189B1 (en) 2010-07-15 2014-12-02 The Research Foundation For The State University Of New York System and method for validating program execution at run-time using control flow signatures
WO2012016089A2 (en) 2010-07-28 2012-02-02 Fusion-Io, Inc. Apparatus, system, and method for conditional and atomic storage operations
US8725934B2 (en) 2011-12-22 2014-05-13 Fusion-Io, Inc. Methods and appratuses for atomic storage operations
US9213522B2 (en) 2010-07-29 2015-12-15 Ford Global Technologies, Llc Systems and methods for scheduling driver interface tasks based on driver workload
DE112010005774T5 (en) * 2010-07-29 2013-05-08 Ford Global Technologies, Llc Systems and methods for scheduling driver interface tasks based on driver workload
US8972106B2 (en) 2010-07-29 2015-03-03 Ford Global Technologies, Llc Systems and methods for scheduling driver interface tasks based on driver workload
US8892855B2 (en) 2010-08-10 2014-11-18 Maxlinear, Inc. Encryption keys distribution for conditional access software in TV receiver SOC
JP2012043071A (en) * 2010-08-16 2012-03-01 Canon Inc Adjusting system, adjusting device, adjusting method and program for the same
US8867682B2 (en) 2010-08-30 2014-10-21 Exar Corporation Dejitter (desynchronize) technique to smooth gapped clock with jitter/wander attenuation using all digital logic
US8984216B2 (en) 2010-09-09 2015-03-17 Fusion-Io, Llc Apparatus, system, and method for managing lifetime of a storage device
US8819672B2 (en) * 2010-09-20 2014-08-26 International Business Machines Corporation Multi-image migration system and method
JP5159849B2 (en) * 2010-09-24 2013-03-13 株式会社東芝 Memory management device and memory management method
US9454504B2 (en) * 2010-09-30 2016-09-27 Hewlett-Packard Development Company, L.P. Slave device bit sequence zero driver
US9042353B2 (en) 2010-10-06 2015-05-26 Blackbird Technology Holdings, Inc. Method and apparatus for low-power, long-range networking
US8976691B2 (en) 2010-10-06 2015-03-10 Blackbird Technology Holdings, Inc. Method and apparatus for adaptive searching of distributed datasets
US8718551B2 (en) 2010-10-12 2014-05-06 Blackbird Technology Holdings, Inc. Method and apparatus for a multi-band, multi-mode smartcard
US8532100B2 (en) * 2010-10-19 2013-09-10 Cisco Technology, Inc. System and method for data exchange in a heterogeneous multiprocessor system
US8904356B2 (en) 2010-10-20 2014-12-02 International Business Machines Corporation Collaborative software debugging in a distributed system with multi-member variable expansion
US9009673B2 (en) 2010-10-21 2015-04-14 International Business Machines Corporation Collaborative software debugging in a distributed system with collaborative step over operation
US8671393B2 (en) 2010-10-21 2014-03-11 International Business Machines Corporation Collaborative software debugging in a distributed system with client-specific dynamic breakpoints
US8972945B2 (en) 2010-10-21 2015-03-03 International Business Machines Corporation Collaborative software debugging in a distributed system with client-specific access control
US8687004B2 (en) 2010-11-01 2014-04-01 Apple Inc. Font file with graphic images
US8806615B2 (en) 2010-11-04 2014-08-12 Mcafee, Inc. System and method for protecting specified data combinations
US8850397B2 (en) 2010-11-10 2014-09-30 International Business Machines Corporation Collaborative software debugging in a distributed system with client-specific display of local variables
US9411709B2 (en) 2010-11-10 2016-08-09 International Business Machines Corporation Collaborative software debugging in a distributed system with client-specific event alerts
US8990775B2 (en) 2010-11-10 2015-03-24 International Business Machines Corporation Collaborative software debugging in a distributed system with dynamically displayed chat sessions
WO2012068227A1 (en) 2010-11-16 2012-05-24 Blackbird Technology Holdings, Inc. Method and apparatus for interfacing with a smartcard
US9047178B2 (en) 2010-12-13 2015-06-02 SanDisk Technologies, Inc. Auto-commit memory synchronization
US9208071B2 (en) 2010-12-13 2015-12-08 SanDisk Technologies, Inc. Apparatus, system, and method for accessing memory
US9218278B2 (en) 2010-12-13 2015-12-22 SanDisk Technologies, Inc. Auto-commit memory
US10817421B2 (en) 2010-12-13 2020-10-27 Sandisk Technologies Llc Persistent data structures
WO2012082792A2 (en) 2010-12-13 2012-06-21 Fusion-Io, Inc. Apparatus, system, and method for auto-commit memory
US10817502B2 (en) 2010-12-13 2020-10-27 Sandisk Technologies Llc Persistent memory management
WO2012083308A2 (en) 2010-12-17 2012-06-21 Fusion-Io, Inc. Apparatus, system, and method for persistent data management on a non-volatile storage media
KR101424411B1 (en) 2010-12-21 2014-07-28 엠파이어 테크놀로지 디벨롭먼트 엘엘씨 Dummy information for location privacy in location based services
FR2970133B1 (en) * 2010-12-30 2013-01-18 Thales Sa METHOD AND SYSTEM FOR TESTING CRYPTOGRAPHIC INTEGRITY OF ERROR TOLERANT DATA
US8589509B2 (en) 2011-01-05 2013-11-19 Cloudium Systems Limited Controlling and optimizing system latency
US20120179943A1 (en) * 2011-01-06 2012-07-12 International Business Machines Corporation Method for information transfer in a voltage-driven intelligent characterization bench for semiconductor
JP5598337B2 (en) * 2011-01-12 2014-10-01 ソニー株式会社 Memory access control circuit, prefetch circuit, memory device, and information processing system
WO2012100087A2 (en) 2011-01-19 2012-07-26 Fusion-Io, Inc. Apparatus, system, and method for managing out-of-service conditions
US9104548B2 (en) 2011-01-21 2015-08-11 Blackbird Technology Holdings, Inc. Method and apparatus for memory management
EP2668593A4 (en) 2011-01-28 2016-06-29 Hewlett Packard Development Co Document management system and method
US8484477B2 (en) 2011-01-30 2013-07-09 Hewlett-Packard Development Company, L.P. Document management system and method
WO2012106362A2 (en) 2011-01-31 2012-08-09 Fusion-Io, Inc. Apparatus, system, and method for managing eviction of data
JP5842335B2 (en) * 2011-02-08 2016-01-13 セイコーエプソン株式会社 Image recording apparatus, image recording apparatus control method, and program
WO2012109139A1 (en) * 2011-02-08 2012-08-16 Telcordia Technologies, Inc. Method and apparatus for secure data representation allowing efficient collection, search and retrieval
US9003104B2 (en) 2011-02-15 2015-04-07 Intelligent Intellectual Property Holdings 2 Llc Systems and methods for a file-level cache
US9201677B2 (en) 2011-05-23 2015-12-01 Intelligent Intellectual Property Holdings 2 Llc Managing data input/output operations
US8909865B2 (en) 2011-02-15 2014-12-09 Blackbird Technology Holdings, Inc. Method and apparatus for plug and play, networkable ISO 18000-7 connectivity
US8874823B2 (en) 2011-02-15 2014-10-28 Intellectual Property Holdings 2 Llc Systems and methods for managing data input/output operations
JP2012174184A (en) * 2011-02-24 2012-09-10 Canon Inc Information processing device and control method of information processing device
US9141527B2 (en) 2011-02-25 2015-09-22 Intelligent Intellectual Property Holdings 2 Llc Managing cache pools
US20120221767A1 (en) 2011-02-28 2012-08-30 Apple Inc. Efficient buffering for a system having non-volatile memory
US8885586B2 (en) 2011-03-02 2014-11-11 Blackbird Technology Holdings, Inc. Method and apparatus for query-based congestion control
US8763075B2 (en) * 2011-03-07 2014-06-24 Adtran, Inc. Method and apparatus for network access control
US8493120B2 (en) 2011-03-10 2013-07-23 Arm Limited Storage circuitry and method with increased resilience to single event upsets
CN102180022B (en) * 2011-03-11 2013-08-14 珠海艾派克微电子有限公司 Imaging box, imaging device and imaging control method
US8364729B2 (en) 2011-03-17 2013-01-29 Hewlett-Packard Development Company, L.P. Document management system and method
WO2012129191A2 (en) 2011-03-18 2012-09-27 Fusion-Io, Inc. Logical interfaces for contextual storage
US9563555B2 (en) 2011-03-18 2017-02-07 Sandisk Technologies Llc Systems and methods for storage allocation
US8649609B1 (en) 2011-03-24 2014-02-11 The United States Of America As Represented By The Adminstrator Of The National Aeronautics And Space Administration Field programmable gate array apparatus, method, and computer program
TW201242333A (en) * 2011-04-06 2012-10-16 Hon Hai Prec Ind Co Ltd Image processing apparatus and method for controlling image processing apparatus
TWI438632B (en) * 2011-04-14 2014-05-21 Mstar Semiconductor Inc Controlling method and controller for memory
US8806438B2 (en) 2011-04-20 2014-08-12 International Business Machines Corporation Collaborative software debugging in a distributed system with variable-specific messages
US8656360B2 (en) 2011-04-20 2014-02-18 International Business Machines Corporation Collaborative software debugging in a distributed system with execution resumption on consensus
US8739127B2 (en) * 2011-04-20 2014-05-27 International Business Machines Corporation Collaborative software debugging in a distributed system with symbol locking
WO2011113377A2 (en) * 2011-04-26 2011-09-22 华为技术有限公司 Method and apparatus for calibrating low frequency clock
US8719957B2 (en) 2011-04-29 2014-05-06 Altera Corporation Systems and methods for detecting and mitigating programmable logic device tampering
US8379454B2 (en) 2011-05-05 2013-02-19 Sandisk Technologies Inc. Detection of broken word-lines in memory arrays
US9063862B2 (en) 2011-05-17 2015-06-23 Sandisk Technologies Inc. Expandable data cache
US20120302212A1 (en) * 2011-05-25 2012-11-29 Critical Medical Solutions, Inc. Secure mobile radiology communication system
US8977930B1 (en) * 2011-06-02 2015-03-10 Drc Computer Corporation Memory architecture optimized for random access
US9077499B2 (en) * 2011-06-15 2015-07-07 Metanoia Communications Inc. Automatic power saving for communication systems
US8817976B2 (en) * 2011-06-24 2014-08-26 Gregory Scott Callen Reversible cipher
US8756577B2 (en) 2011-06-28 2014-06-17 International Business Machines Corporation Collaborative software debugging in a distributed system with private debug sessions
US20130002315A1 (en) * 2011-07-01 2013-01-03 Philippe Boucard Asynchronous clock adapter
US8929961B2 (en) 2011-07-15 2015-01-06 Blackbird Technology Holdings, Inc. Protective case for adding wireless functionality to a handheld electronic device
TWI446160B (en) * 2011-07-21 2014-07-21 Silicon Motion Inc Flash memory controller and data read method
US8984298B2 (en) 2011-07-27 2015-03-17 Hewlett-Packard Development Company, L.P. Managing access to a secure content-part of a PPCD using a key reset point
US8601276B2 (en) 2011-07-27 2013-12-03 Hewlett-Packard Development Company, L.P. Managing access to a secure content-part of a PPCD following introduction of the PPCD into a workflow
US8750042B2 (en) 2011-07-28 2014-06-10 Sandisk Technologies Inc. Combined simultaneous sensing of multiple wordlines in a post-write read (PWR) and detection of NAND failures
US8726104B2 (en) 2011-07-28 2014-05-13 Sandisk Technologies Inc. Non-volatile memory and method with accelerated post-write read using combined verification of multiple pages
US8775901B2 (en) 2011-07-28 2014-07-08 SanDisk Technologies, Inc. Data recovery for defective word lines during programming of non-volatile memory arrays
US8880713B2 (en) * 2011-07-29 2014-11-04 General Electric Company System and methods for use in communicating with an energy management device in an energy device network
JP2013031961A (en) * 2011-08-02 2013-02-14 Ricoh Co Ltd Power supply control device and image forming apparatus
US9021146B2 (en) 2011-08-30 2015-04-28 Apple Inc. High priority command queue for peripheral component
US8821012B2 (en) 2011-08-31 2014-09-02 Semiconductor Components Industries, Llc Combined device identification and temperature measurement
US8810267B2 (en) 2011-08-31 2014-08-19 Truesense Imaging, Inc. Device identification and temperature sensor circuit
US9231926B2 (en) 2011-09-08 2016-01-05 Lexmark International, Inc. System and method for secured host-slave communication
US8872635B2 (en) * 2011-10-25 2014-10-28 Static Control Components, Inc. Systems and methods for verifying a chip
US8334705B1 (en) 2011-10-27 2012-12-18 Certicom Corp. Analog circuitry to conceal activity of logic circuitry
US8635467B2 (en) 2011-10-27 2014-01-21 Certicom Corp. Integrated circuit with logic circuitry and multiple concealing circuits
US9069494B2 (en) * 2011-10-31 2015-06-30 Xerox Corporation Evaluating and managing image quality performance and improving service effectiveness of groups of production printers
US8793543B2 (en) 2011-11-07 2014-07-29 Sandisk Enterprise Ip Llc Adaptive read comparison signal generation for memory systems
US9288161B2 (en) * 2011-12-05 2016-03-15 International Business Machines Corporation Verifying the functionality of an integrated circuit
US9330031B2 (en) 2011-12-09 2016-05-03 Nvidia Corporation System and method for calibration of serial links using a serial-to-parallel loopback
US9703680B1 (en) 2011-12-12 2017-07-11 Google Inc. System and method for automatic software development kit configuration and distribution
US9262250B2 (en) 2011-12-12 2016-02-16 Crashlytics, Inc. System and method for data collection and analysis of information relating to mobile applications
US9087154B1 (en) 2011-12-12 2015-07-21 Crashlytics, Inc. System and method for providing additional functionality to developer side application in an integrated development environment
WO2013088506A1 (en) * 2011-12-13 2013-06-20 キヤノン株式会社 Method for manufacturing nozzle tips
US9274937B2 (en) 2011-12-22 2016-03-01 Longitude Enterprise Flash S.A.R.L. Systems, methods, and interfaces for vector input/output operations
US20130246334A1 (en) 2011-12-27 2013-09-19 Mcafee, Inc. System and method for providing data protection workflows in a network environment
US20130163034A1 (en) * 2011-12-27 2013-06-27 Xerox Corporation Vendor selection method and system for wide format printing
US8458804B1 (en) 2011-12-29 2013-06-04 Elwha Llc Systems and methods for preventing data remanence in memory
US9213645B2 (en) 2011-12-29 2015-12-15 Sandisk Technologies Inc. Command aware partial page programming
US9191203B2 (en) 2013-08-06 2015-11-17 Bedrock Automation Platforms Inc. Secure industrial control system
US10834820B2 (en) 2013-08-06 2020-11-10 Bedrock Automation Platforms Inc. Industrial control system cable
US8971072B2 (en) 2011-12-30 2015-03-03 Bedrock Automation Platforms Inc. Electromagnetic connector for an industrial control system
US11144630B2 (en) 2011-12-30 2021-10-12 Bedrock Automation Platforms Inc. Image capture devices for a secure industrial control system
US9467297B2 (en) 2013-08-06 2016-10-11 Bedrock Automation Platforms Inc. Industrial control system redundant communications/control modules authentication
US9600434B1 (en) 2011-12-30 2017-03-21 Bedrock Automation Platforms, Inc. Switch fabric having a serial communications interface and a parallel communications interface
US8868813B2 (en) 2011-12-30 2014-10-21 Bedrock Automation Platforms Inc. Communications control system with a serial communications interface and a parallel communications interface
US9727511B2 (en) 2011-12-30 2017-08-08 Bedrock Automation Platforms Inc. Input/output module with multi-channel switching capability
US9437967B2 (en) 2011-12-30 2016-09-06 Bedrock Automation Platforms, Inc. Electromagnetic connector for an industrial control system
US11314854B2 (en) 2011-12-30 2022-04-26 Bedrock Automation Platforms Inc. Image capture devices for a secure industrial control system
US10834094B2 (en) 2013-08-06 2020-11-10 Bedrock Automation Platforms Inc. Operator action authentication in an industrial control system
EP3121013B1 (en) 2012-01-05 2019-09-04 Zebra Technologies Corporation Method and apparatus for printhead control
US9370939B2 (en) 2012-01-05 2016-06-21 Zih Corp. Method and apparatus for printer control
US20130179614A1 (en) * 2012-01-10 2013-07-11 Diarmuid P. Ross Command Abort to Reduce Latency in Flash Memory Access
US9570124B2 (en) * 2012-01-11 2017-02-14 Viavi Solutions Inc. High speed logging system
US10102117B2 (en) 2012-01-12 2018-10-16 Sandisk Technologies Llc Systems and methods for cache and storage device coordination
US9251052B2 (en) 2012-01-12 2016-02-02 Intelligent Intellectual Property Holdings 2 Llc Systems and methods for profiling a non-volatile cache having a logical-to-physical translation layer
US9767032B2 (en) 2012-01-12 2017-09-19 Sandisk Technologies Llc Systems and methods for cache endurance
US9299451B2 (en) 2012-01-20 2016-03-29 International Business Machines Corporation Tamper resistant electronic system utilizing acceptable tamper threshold count
US8918680B2 (en) 2012-01-23 2014-12-23 Apple Inc. Trace queue for peripheral component
US9251086B2 (en) 2012-01-24 2016-02-02 SanDisk Technologies, Inc. Apparatus, system, and method for managing a cache
US9116812B2 (en) 2012-01-27 2015-08-25 Intelligent Intellectual Property Holdings 2 Llc Systems and methods for a de-duplication cache
US9059168B2 (en) 2012-02-02 2015-06-16 Taiwan Semiconductor Manufacturing Company, Ltd. Adjustable meander line resistor
US8890222B2 (en) 2012-02-03 2014-11-18 Taiwan Semiconductor Manufacturing Company, Ltd. Meander line resistor structure
US9418247B2 (en) * 2012-02-07 2016-08-16 MCube Inc. Security system and methods for integrated devices
US10078112B2 (en) 2012-02-07 2018-09-18 Mcube, Inc. Security system and methods for integrated devices
US8918885B2 (en) * 2012-02-09 2014-12-23 International Business Machines Corporation Automatic discovery of system integrity exposures in system code
US8812466B2 (en) * 2012-02-10 2014-08-19 International Business Machines Corporation Detecting and combating attack in protection system of an industrial control system
AU2013226430A1 (en) 2012-02-29 2014-09-04 Altnet, Inc. Stream recognition and filtering
TWI475866B (en) * 2012-03-02 2015-03-01 Univ Nat Cheng Kung An authentication method of a chain structure
US10019353B2 (en) 2012-03-02 2018-07-10 Longitude Enterprise Flash S.A.R.L. Systems and methods for referencing data on a storage medium
US8914767B2 (en) * 2012-03-12 2014-12-16 Symantec Corporation Systems and methods for using quick response codes to activate software applications
US8699715B1 (en) * 2012-03-27 2014-04-15 Emc Corporation On-demand proactive epoch control for cryptographic devices
US8776195B1 (en) * 2012-03-30 2014-07-08 Emc Corporation Common data format in knowledge-based authentication
US9764561B2 (en) 2012-04-04 2017-09-19 Xerox Corporation System and method for clearing weak and missing inkjets in an inkjet printer
US9218477B2 (en) 2012-04-13 2015-12-22 Lewis Innovative Technologies Electronic physical unclonable functions
US8985723B2 (en) 2012-04-20 2015-03-24 Xerox Corporation System and method of compensating for defective inkjets
DE102012103466B4 (en) * 2012-04-20 2015-08-27 Océ Printing Systems GmbH & Co. KG Printing process and printing device
US9131376B2 (en) 2012-04-20 2015-09-08 Bank Of America Corporation Proximity-based dynamic vehicle navigation
JP5918004B2 (en) * 2012-04-27 2016-05-18 株式会社東海理化電機製作所 Electronic key registration system
AU2013265020B2 (en) * 2012-05-23 2017-10-12 University Of Leeds Secure communication
US8854413B2 (en) 2012-06-01 2014-10-07 Cisco Technology, Inc. Communicating with an endpoint using matrix barcodes
WO2013186889A1 (en) * 2012-06-14 2013-12-19 三菱電機株式会社 I/o device, programmable logic controller, and arithmetic processing method
FR2992083B1 (en) * 2012-06-19 2014-07-04 Alstom Transport Sa COMPUTER, COMMUNICATION ASSEMBLY COMPRISING SUCH A COMPUTER, RAIL MANAGEMENT SYSTEM COMPRISING SUCH A SET, AND METHOD FOR RELIABILITY OF DATA IN A COMPUTER
US8804415B2 (en) 2012-06-19 2014-08-12 Fusion-Io, Inc. Adaptive voltage range management in non-volatile memory
US8575560B1 (en) 2012-06-21 2013-11-05 Honeywell International Inc. Integrated circuit cumulative dose radiation sensor
US8933412B2 (en) 2012-06-21 2015-01-13 Honeywell International Inc. Integrated comparative radiation sensitive circuit
US9618635B2 (en) 2012-06-21 2017-04-11 Honeywell International Inc. Integrated radiation sensitive circuit
US9612966B2 (en) 2012-07-03 2017-04-04 Sandisk Technologies Llc Systems, methods and apparatus for a virtual machine cache
US8667141B2 (en) * 2012-07-03 2014-03-04 Xerox Corporation Method and system for handling load on a service component in a network
US10339056B2 (en) 2012-07-03 2019-07-02 Sandisk Technologies Llc Systems, methods and apparatus for cache transfers
US9563891B2 (en) * 2012-07-09 2017-02-07 Google Inc. Systems, methods, and computer program products for integrating third party services with a mobile wallet
US8955937B2 (en) 2012-07-23 2015-02-17 Xerox Corporation System and method for inoperable inkjet compensation
US9258907B2 (en) 2012-08-09 2016-02-09 Lockheed Martin Corporation Conformal 3D non-planar multi-layer circuitry
US9699263B1 (en) 2012-08-17 2017-07-04 Sandisk Technologies Llc. Automatic read and write acceleration of data accessed by virtual machines
JP5750414B2 (en) * 2012-08-27 2015-07-22 東芝テック株式会社 Inkjet head drive device
US8928929B2 (en) * 2012-08-29 2015-01-06 Eastman Kodak Company System for generating tag layouts
US8786889B2 (en) * 2012-08-29 2014-07-22 Eastman Kodak Company Method for computing scale for tag insertion
US10346095B2 (en) 2012-08-31 2019-07-09 Sandisk Technologies, Llc Systems, methods, and interfaces for adaptive cache persistence
US10158927B1 (en) * 2012-09-05 2018-12-18 Google Llc Systems and methods for detecting audio-video synchronization using timestamps
US9319878B2 (en) 2012-09-14 2016-04-19 Qualcomm Incorporated Streaming alignment of key stream to unaligned data stream
US8938796B2 (en) 2012-09-20 2015-01-20 Paul Case, SR. Case secure computer architecture
US10509776B2 (en) 2012-09-24 2019-12-17 Sandisk Technologies Llc Time sequence data management
US10318495B2 (en) 2012-09-24 2019-06-11 Sandisk Technologies Llc Snapshots for a non-volatile device
US9979960B2 (en) 2012-10-01 2018-05-22 Microsoft Technology Licensing, Llc Frame packing and unpacking between frames of chroma sampling formats with different chroma resolutions
US20200322364A1 (en) * 2012-10-02 2020-10-08 Mordecai Barkan Program verification and malware detection
KR102017828B1 (en) * 2012-10-19 2019-09-03 삼성전자 주식회사 Security management unit, host controller interface including the same, method for operating the host controller interface, and devices including the host controller interface
KR102031661B1 (en) * 2012-10-23 2019-10-14 삼성전자주식회사 Data storage device and controller, and operation method of data storage device
CN102929674B (en) * 2012-11-02 2016-02-10 威盛电子股份有限公司 Electronic installation and starting-up method
US9595350B2 (en) * 2012-11-05 2017-03-14 Nxp Usa, Inc. Hardware-based memory initialization
US9098709B2 (en) * 2012-11-13 2015-08-04 International Business Machines Corporation Protection of user data in hosted application environments
US8714692B1 (en) 2012-12-04 2014-05-06 Xerox Corporation System and method of compensating for defective inkjets with context dependent image data
GB2508631A (en) * 2012-12-06 2014-06-11 Ibm Propagating a query in a network by applying a delay at a node
KR20140076840A (en) * 2012-12-13 2014-06-23 에스케이하이닉스 주식회사 Integrated circuit and semiconductor device using the same
US9501398B2 (en) 2012-12-26 2016-11-22 Sandisk Technologies Llc Persistent storage device with NVRAM for staging writes
US9612948B2 (en) 2012-12-27 2017-04-04 Sandisk Technologies Llc Reads and writes between a contiguous data block and noncontiguous sets of logical address blocks in a persistent storage device
US9239751B1 (en) 2012-12-27 2016-01-19 Sandisk Enterprise Ip Llc Compressing data from multiple reads for error control management in memory systems
US10032659B2 (en) * 2012-12-28 2018-07-24 Sunedison Semiconductor Limited (Uen201334164H) Methods and systems for preventing unsafe operations
US9454420B1 (en) 2012-12-31 2016-09-27 Sandisk Technologies Llc Method and system of reading threshold voltage equalization
JP6071565B2 (en) * 2013-01-11 2017-02-01 キヤノン株式会社 Method for manufacturing liquid discharge head
US20140197865A1 (en) 2013-01-11 2014-07-17 International Business Machines Corporation On-chip randomness generation
EP2759405B1 (en) * 2013-01-25 2018-09-19 Müller Martini Holding AG Method for the capture and transmission of process control data prior to and/or within a print process for the production of printed products in a printing machine
WO2014124271A1 (en) 2013-02-08 2014-08-14 Everspin Technologies, Inc. Tamper detection and response in a memory device
US9218509B2 (en) 2013-02-08 2015-12-22 Everspin Technologies, Inc. Response to tamper detection in a memory device
US8824014B1 (en) 2013-02-11 2014-09-02 Xerox Corporation System and method for adjustment of coverage parameters for different colors in image data
US9065632B2 (en) * 2013-02-20 2015-06-23 Qualcomm Incorporated Message authentication using a universal hash function computed with carryless multiplication
US9088459B1 (en) * 2013-02-22 2015-07-21 Jpmorgan Chase Bank, N.A. Breadth-first resource allocation system and methods
US9870830B1 (en) 2013-03-14 2018-01-16 Sandisk Technologies Llc Optimal multilevel sensing for reading data from a storage medium
US8772745B1 (en) 2013-03-14 2014-07-08 Lockheed Martin Corporation X-ray obscuration film and related techniques
US9753487B2 (en) 2013-03-14 2017-09-05 Micron Technology, Inc. Serial peripheral interface and methods of operating same
US9059742B1 (en) 2013-03-15 2015-06-16 Western Digital Technologies, Inc. System and method for dynamic scaling of LDPC decoder in a solid state drive
US9842053B2 (en) 2013-03-15 2017-12-12 Sandisk Technologies Llc Systems and methods for persistent cache logging
US9215075B1 (en) 2013-03-15 2015-12-15 Poltorak Technologies Llc System and method for secure relayed communications from an implantable medical device
US9367246B2 (en) 2013-03-15 2016-06-14 Sandisk Technologies Inc. Performance optimization of data transfer for soft information generation
US9136877B1 (en) 2013-03-15 2015-09-15 Sandisk Enterprise Ip Llc Syndrome layered decoding for LDPC codes
US9236886B1 (en) 2013-03-15 2016-01-12 Sandisk Enterprise Ip Llc Universal and reconfigurable QC-LDPC encoder
US9244763B1 (en) 2013-03-15 2016-01-26 Sandisk Enterprise Ip Llc System and method for updating a reading threshold voltage based on symbol transition information
CA3099685C (en) 2013-03-29 2022-09-20 Ologn Technologies Ag Systems, methods and apparatuses for secure storage of data using a security-enhancing chip
US9235468B2 (en) * 2013-04-12 2016-01-12 Qualcomm Incorporated Systems and methods to improve the reliability and lifespan of flash memory
US10558561B2 (en) 2013-04-16 2020-02-11 Sandisk Technologies Llc Systems and methods for storage metadata management
US10102144B2 (en) 2013-04-16 2018-10-16 Sandisk Technologies Llc Systems, methods and interfaces for data virtualization
RU2518950C9 (en) * 2013-05-06 2014-09-10 Федеральное государственное бюджетное образовательное учреждение высшего профессионального образования "Санкт-Петербургский государственный электротехнический университет "ЛЭТИ" им. В.И. Ульянова (Ленина)" Method of encrypting n-bit unit m
US10977052B2 (en) 2013-05-06 2021-04-13 Convida Wireless, Llc Machine-to-machine bootstrapping
US8896086B1 (en) * 2013-05-30 2014-11-25 Freescale Semiconductor, Inc. System for preventing tampering with integrated circuit
US10181124B2 (en) * 2013-05-30 2019-01-15 Dell Products, L.P. Verifying OEM components within an information handling system using original equipment manufacturer (OEM) identifier
US9230137B2 (en) * 2013-05-30 2016-01-05 Dell Products, L.P. Secure original equipment manufacturer (OEM) identifier for OEM devices
US9159437B2 (en) 2013-06-11 2015-10-13 Sandisk Enterprise IP LLC. Device and method for resolving an LM flag issue
DE102013212525A1 (en) * 2013-06-27 2014-12-31 Siemens Aktiengesellschaft Data storage device for protected data exchange between different security zones
US10269009B1 (en) 2013-06-28 2019-04-23 Winklevoss Ip, Llc Systems, methods, and program products for a digital math-based asset exchange
US10068228B1 (en) 2013-06-28 2018-09-04 Winklevoss Ip, Llc Systems and methods for storing digital math-based assets using a secure portal
US9898782B1 (en) 2013-06-28 2018-02-20 Winklevoss Ip, Llc Systems, methods, and program products for operating exchange traded products holding digital math-based assets
US9397500B2 (en) * 2013-06-28 2016-07-19 Solantro Semiconductor Corp. Inverter with extended endurance memory
US11282139B1 (en) 2013-06-28 2022-03-22 Gemini Ip, Llc Systems, methods, and program products for verifying digital assets held in a custodial digital asset wallet
US10354325B1 (en) 2013-06-28 2019-07-16 Winklevoss Ip, Llc Computer-generated graphical user interface
JP6217751B2 (en) * 2013-07-04 2017-10-25 富士通株式会社 Data network management system, data network management device, data processing device, and data network management method
CN103915119B (en) 2013-07-11 2017-02-15 威盛电子股份有限公司 Data storage device and flash memory control method
US9179527B2 (en) * 2013-07-16 2015-11-03 General Electric Company Programmable light emitting diode (LED) driver technique based upon a prefix signal
US9194914B2 (en) * 2013-07-16 2015-11-24 Advanced Micro Devices, Inc. Power supply monitor for detecting faults during scan testing
US9131578B2 (en) 2013-07-16 2015-09-08 General Electric Company Programmable light emitting diode (LED) driver technique based upon an input voltage signal
US9384126B1 (en) 2013-07-25 2016-07-05 Sandisk Technologies Inc. Methods and systems to avoid false negative results in bloom filters implemented in non-volatile data storage systems
US9524235B1 (en) 2013-07-25 2016-12-20 Sandisk Technologies Llc Local hash value generation in non-volatile data storage systems
US9842128B2 (en) 2013-08-01 2017-12-12 Sandisk Technologies Llc Systems and methods for atomic storage operations
US10613567B2 (en) 2013-08-06 2020-04-07 Bedrock Automation Platforms Inc. Secure power supply for an industrial control system
US9361221B1 (en) 2013-08-26 2016-06-07 Sandisk Technologies Inc. Write amplification reduction through reliable writes during garbage collection
US9639463B1 (en) 2013-08-26 2017-05-02 Sandisk Technologies Llc Heuristic aware garbage collection scheme in storage systems
US9466236B2 (en) * 2013-09-03 2016-10-11 Synaptics Incorporated Dithering to avoid pixel value conversion errors
EP3014468A4 (en) 2013-09-06 2017-06-21 Huawei Technologies Co., Ltd. Method and apparatus for asynchronous processor with auxiliary asynchronous vector processor
US9569385B2 (en) 2013-09-09 2017-02-14 Nvidia Corporation Memory transaction ordering
EP2849024A1 (en) 2013-09-16 2015-03-18 ST-Ericsson SA Power consumption management system and method
JP6146570B2 (en) * 2013-09-20 2017-06-14 東芝ライテック株式会社 Dimming control system
US9189617B2 (en) * 2013-09-27 2015-11-17 Intel Corporation Apparatus and method for implementing zero-knowledge proof security techniques on a computing platform
US9195857B2 (en) * 2013-09-30 2015-11-24 Infineon Technologies Ag Computational system
US20150095222A1 (en) * 2013-10-02 2015-04-02 Tyfone, Inc. Dynamic identity representation in mobile devices
US20150097839A1 (en) * 2013-10-07 2015-04-09 Tektronix, Inc. Stochastic rasterization of waveform trace displays
US10305900B2 (en) * 2013-10-15 2019-05-28 Telefonaktiebolaget Lm Ericsson (Publ) Establishing a secure connection between a master device and a slave device
US9442662B2 (en) 2013-10-18 2016-09-13 Sandisk Technologies Llc Device and method for managing die groups
US10019352B2 (en) 2013-10-18 2018-07-10 Sandisk Technologies Llc Systems and methods for adaptive reserve storage
US9298608B2 (en) 2013-10-18 2016-03-29 Sandisk Enterprise Ip Llc Biasing for wear leveling in storage systems
US10019320B2 (en) 2013-10-18 2018-07-10 Sandisk Technologies Llc Systems and methods for distributed atomic storage operations
US10264290B2 (en) * 2013-10-25 2019-04-16 Microsoft Technology Licensing, Llc Hash-based block matching in video and image coding
US11076171B2 (en) * 2013-10-25 2021-07-27 Microsoft Technology Licensing, Llc Representing blocks with hash values in video and image coding and decoding
US9436831B2 (en) * 2013-10-30 2016-09-06 Sandisk Technologies Llc Secure erase in a memory device
US9263156B2 (en) 2013-11-07 2016-02-16 Sandisk Enterprise Ip Llc System and method for adjusting trip points within a storage device
US10073630B2 (en) 2013-11-08 2018-09-11 Sandisk Technologies Llc Systems and methods for log coordination
JP6499651B2 (en) 2013-11-12 2019-04-10 プリントリリーフ, インク.Printreleaf, Inc. Automatic computer control system for printer resource measurement and environmental offset trading.
US9244785B2 (en) 2013-11-13 2016-01-26 Sandisk Enterprise Ip Llc Simulated power failure and data hardening
US9703816B2 (en) 2013-11-19 2017-07-11 Sandisk Technologies Llc Method and system for forward reference logging in a persistent datastore
US9520197B2 (en) 2013-11-22 2016-12-13 Sandisk Technologies Llc Adaptive erase of a storage device
US20150149024A1 (en) * 2013-11-22 2015-05-28 Sikorsky Aircraft Corporation Latency tolerant fault isolation
US9520162B2 (en) 2013-11-27 2016-12-13 Sandisk Technologies Llc DIMM device controller supervisor
US9582058B2 (en) 2013-11-29 2017-02-28 Sandisk Technologies Llc Power inrush management of storage devices
US9235245B2 (en) 2013-12-04 2016-01-12 Sandisk Enterprise Ip Llc Startup performance and power isolation
US9223965B2 (en) 2013-12-10 2015-12-29 International Business Machines Corporation Secure generation and management of a virtual card on a mobile device
US9235692B2 (en) 2013-12-13 2016-01-12 International Business Machines Corporation Secure application debugging
US9497178B2 (en) 2013-12-31 2016-11-15 International Business Machines Corporation Generating challenge response sets utilizing semantic web technology
US9659137B2 (en) * 2014-02-18 2017-05-23 Samsung Electronics Co., Ltd. Method of verifying layout of mask ROM
US9703314B2 (en) * 2014-02-26 2017-07-11 Telefonaktiebolaget Lm Ericsson (Publ) Method and apparatus for a variable frequency and phase clock generation circuit
RU2564243C1 (en) * 2014-02-28 2015-09-27 Открытое Акционерное Общество "Информационные Технологии И Коммуникационные Системы" Cryptographic transformation method
US9703636B2 (en) 2014-03-01 2017-07-11 Sandisk Technologies Llc Firmware reversion trigger and control
WO2015131325A1 (en) * 2014-03-04 2015-09-11 Microsoft Technology Licensing, Llc Hash table construction and availability checking for hash-based block matching
CN105556971B (en) * 2014-03-04 2019-07-30 微软技术许可有限责任公司 It stirs for the block in intra block duplication prediction and determines with the coder side of dancing mode
US9542558B2 (en) 2014-03-12 2017-01-10 Apple Inc. Secure factory data generation and restoration
US9390814B2 (en) 2014-03-19 2016-07-12 Sandisk Technologies Llc Fault detection and prediction for data storage elements
US9454448B2 (en) 2014-03-19 2016-09-27 Sandisk Technologies Llc Fault testing in storage devices
US9448876B2 (en) 2014-03-19 2016-09-20 Sandisk Technologies Llc Fault detection and prediction in storage devices
US9324448B2 (en) 2014-03-25 2016-04-26 Semiconductor Components Industries, Llc Fuse element programming circuit and method
US9641809B2 (en) * 2014-03-25 2017-05-02 Nxp Usa, Inc. Circuit arrangement and method for processing a digital video stream and for detecting a fault in a digital video stream, digital video system and computer readable program product
US9626399B2 (en) 2014-03-31 2017-04-18 Sandisk Technologies Llc Conditional updates for reducing frequency of data modification operations
US9626400B2 (en) 2014-03-31 2017-04-18 Sandisk Technologies Llc Compaction of information in tiered data structure
US9390021B2 (en) 2014-03-31 2016-07-12 Sandisk Technologies Llc Efficient cache utilization in a tiered data structure
RU2542880C1 (en) * 2014-03-31 2015-02-27 Федеральное государственное бюджетное образовательное учреждение высшего профессионального образования "Санкт-Петербургский государственный электротехнический университет"ЛЭТИ" им. В.И. Ульянова (Ленина)" Method of encrypting binary data unit
TWI553484B (en) * 2014-04-01 2016-10-11 Nat Univ Chung Cheng Prospective measurement processing device and processing method thereof
US9697267B2 (en) 2014-04-03 2017-07-04 Sandisk Technologies Llc Methods and systems for performing efficient snapshots in tiered data structures
RU2542926C1 (en) * 2014-04-14 2015-02-27 Федеральное государственное бюджетное образовательное учреждение высшего профессионального образования "Санкт-Петербургский государственный электротехнический университет "ЛЭТИ" им. В.И. Ульянова (Ленина)" Method to code message represented as multidigit binary number
RU2542929C1 (en) * 2014-04-14 2015-02-27 Федеральное государственное бюджетное образовательное учреждение высшего профессионального образования "Санкт-Петербургский государственный электротехнический университет "ЛЭТИ" им. В.И. Ульянова (Ленина)" Method to code data unit represented as bit string
DE102014207479A1 (en) * 2014-04-17 2015-10-22 Robert Bosch Gmbh Method for classifying a data segment with regard to its further processing
US9768957B2 (en) * 2014-04-23 2017-09-19 Cryptography Research, Inc. Generation and management of multiple base keys based on a device generated key
US9246501B2 (en) 2014-04-29 2016-01-26 Honeywell International Inc. Converter for analog inputs
EP2940869B1 (en) 2014-04-30 2017-09-06 Nxp B.V. Synchronised logic circuit
WO2015174979A1 (en) * 2014-05-15 2015-11-19 Ge Intelligent Platforms, Inc. Intrinsically safe universal i/o device using programmable asic
US9343116B2 (en) 2014-05-28 2016-05-17 Micron Technology, Inc. Providing power availability information to memory
US10060973B1 (en) 2014-05-29 2018-08-28 National Technology & Engineering Solutions Of Sandia, Llc Test circuits for integrated circuit counterfeit detection
US10656840B2 (en) 2014-05-30 2020-05-19 Sandisk Technologies Llc Real-time I/O pattern recognition to enhance performance and endurance of a storage device
US9703491B2 (en) 2014-05-30 2017-07-11 Sandisk Technologies Llc Using history of unaligned writes to cache data and avoid read-modify-writes in a non-volatile storage device
US10114557B2 (en) 2014-05-30 2018-10-30 Sandisk Technologies Llc Identification of hot regions to enhance performance and endurance of a non-volatile storage device
US10372613B2 (en) 2014-05-30 2019-08-06 Sandisk Technologies Llc Using sub-region I/O history to cache repeatedly accessed sub-regions in a non-volatile storage device
US10656842B2 (en) 2014-05-30 2020-05-19 Sandisk Technologies Llc Using history of I/O sizes and I/O sequences to trigger coalesced writes in a non-volatile storage device
US10146448B2 (en) 2014-05-30 2018-12-04 Sandisk Technologies Llc Using history of I/O sequences to trigger cached read ahead in a non-volatile storage device
US10162748B2 (en) 2014-05-30 2018-12-25 Sandisk Technologies Llc Prioritizing garbage collection and block allocation based on I/O history for logical address regions
US9652381B2 (en) 2014-06-19 2017-05-16 Sandisk Technologies Llc Sub-block garbage collection
WO2015196322A1 (en) * 2014-06-23 2015-12-30 Microsoft Technology Licensing, Llc Encoder decisions based on results of hash-based block matching
US9258117B1 (en) 2014-06-26 2016-02-09 Amazon Technologies, Inc. Mutual authentication with symmetric secrets and signatures
US9819488B2 (en) * 2014-07-10 2017-11-14 Ohio State Innovation Foundation Generation of encryption keys based on location
US9826252B2 (en) 2014-07-29 2017-11-21 Nxp Usa, Inc. Method and video system for freeze-frame detection
US9434165B2 (en) 2014-08-28 2016-09-06 Funai Electric Co., Ltd. Chip layout to enable multiple heater chip vertical resolutions
US9443601B2 (en) 2014-09-08 2016-09-13 Sandisk Technologies Llc Holdup capacitor energy harvesting
KR20160030701A (en) * 2014-09-11 2016-03-21 삼성전자주식회사 Host divice transmitting print data to printer and method for rendering print data by host device
JP6388155B2 (en) * 2014-09-18 2018-09-12 富士ゼロックス株式会社 Image forming apparatus and image data processing apparatus
MX2017004210A (en) 2014-09-30 2017-11-15 Microsoft Technology Licensing Llc Hash-based encoder decisions for video coding.
US20160098162A1 (en) * 2014-10-06 2016-04-07 Lenovo (Singapore) Pte. Ltd. Pen based locking mechanism
US10180340B2 (en) * 2014-10-09 2019-01-15 Invensense, Inc. System and method for MEMS sensor system synchronization
US10123410B2 (en) 2014-10-10 2018-11-06 Lockheed Martin Corporation Fine line 3D non-planar conforming circuit
WO2016068884A1 (en) 2014-10-28 2016-05-06 Hewlett-Packard Development Company, L.P. Printhead with microelectromechanical die and application specific integrated circuit
US9552192B2 (en) * 2014-11-05 2017-01-24 Oracle International Corporation Context-based generation of memory layouts in software programs
US10353793B2 (en) 2014-11-05 2019-07-16 Oracle International Corporation Identifying improvements to memory usage of software programs
US10275154B2 (en) 2014-11-05 2019-04-30 Oracle International Corporation Building memory layouts in software programs
TWI556249B (en) * 2014-11-07 2016-11-01 群聯電子股份有限公司 Data reading method, memory storage device and memory controlling circuit unit
US10779147B2 (en) 2014-11-18 2020-09-15 Micron Technology, Inc. Wireless memory interface
KR101582168B1 (en) * 2014-11-19 2016-01-05 서울대학교산학협력단 Clock Recovery Scheme at DisplayPort Receiver
US10298404B1 (en) 2014-12-12 2019-05-21 Amazon Technologies, Inc. Certificate echoing for session security
US9780952B1 (en) * 2014-12-12 2017-10-03 Amazon Technologies, Inc. Binding digitally signed requests to sessions
CA2970195A1 (en) * 2014-12-16 2016-06-23 Kyndi, Inc. Method and apparatus for randomizing computer instruction sets, memory registers and pointers
US10303891B2 (en) 2014-12-30 2019-05-28 Data I/O Corporation Automated manufacturing system with job packaging mechanism and method of operation thereof
US9639425B1 (en) * 2015-01-13 2017-05-02 Marvell International Ltd. Signature-based sleep recovery operation flow
CN105891651B (en) 2015-01-16 2019-12-10 恩智浦美国有限公司 Low power open circuit detection system
US9853977B1 (en) 2015-01-26 2017-12-26 Winklevoss Ip, Llc System, method, and program product for processing secure transactions within a cloud computing system
CN112162461A (en) * 2015-01-26 2021-01-01 株式会社尼康 Reticle pod, storage apparatus and method, transfer apparatus and method, and exposure apparatus
EP3872666A1 (en) * 2015-01-30 2021-09-01 Enrico Maim Systems and methods for managing networked commitments of secure entities
US9606851B2 (en) 2015-02-02 2017-03-28 International Business Machines Corporation Error monitoring of a memory device containing embedded error correction
US9940457B2 (en) * 2015-02-13 2018-04-10 International Business Machines Corporation Detecting a cryogenic attack on a memory device with embedded error correction
JP6418971B2 (en) * 2015-02-05 2018-11-07 キヤノン株式会社 Information processing apparatus and control method thereof
US9946677B2 (en) * 2015-02-12 2018-04-17 Atmel Corporation Managing single-wire communications
CN105988774A (en) * 2015-02-20 2016-10-05 上海芯豪微电子有限公司 Multi-issue processor system and method
US9946607B2 (en) 2015-03-04 2018-04-17 Sandisk Technologies Llc Systems and methods for storage error management
US10915891B1 (en) 2015-03-16 2021-02-09 Winklevoss Ip, Llc Autonomous devices
US10158480B1 (en) 2015-03-16 2018-12-18 Winklevoss Ip, Llc Autonomous devices
US9361972B1 (en) * 2015-03-20 2016-06-07 Intel Corporation Charge level maintenance in a memory
US9979782B2 (en) 2015-03-24 2018-05-22 Qualcomm Incorporated Low-power and low-latency device enumeration with cartesian addressing
JP6498019B2 (en) 2015-04-10 2019-04-10 キヤノン株式会社 Image recording apparatus and control method thereof
RU2580060C1 (en) * 2015-05-20 2016-04-10 Федеральное государственное автономное образовательное учреждение высшего образования "Санкт-Петербургский государственный электротехнический университет "ЛЭТИ" им. В.И. Ульнова (Ленина)" Method to encrypt messages, represented as a multi-bit binary number
CN106257879B (en) * 2015-06-16 2020-02-14 阿里巴巴集团控股有限公司 Method and device for downloading application
GB2539460A (en) * 2015-06-16 2016-12-21 Nordic Semiconductor Asa Integrated circuit inputs and outputs
US10122689B2 (en) 2015-06-16 2018-11-06 Amazon Technologies, Inc. Load balancing with handshake offload
US10122692B2 (en) 2015-06-16 2018-11-06 Amazon Technologies, Inc. Handshake offload
US10108557B2 (en) * 2015-06-25 2018-10-23 Intel Corporation Technologies for memory confidentiality, integrity, and replay protection
US9434176B1 (en) * 2015-06-29 2016-09-06 Xerox Corporation Vector compensation for inoperative ink-jets in composite colors
US10432196B2 (en) 2015-07-22 2019-10-01 Nuvoton Technology Corporation Communication device, communication system and operation method thereof
JP6473674B2 (en) * 2015-07-28 2019-02-20 ルネサスエレクトロニクス株式会社 Communication terminal and program
US9921962B2 (en) 2015-09-24 2018-03-20 Qualcomm Incorporated Maintaining cache coherency using conditional intervention among multiple master devices
WO2017058203A1 (en) * 2015-09-30 2017-04-06 Hewlett-Packard Development Company, L.P. Printer power management
US20170109526A1 (en) * 2015-10-20 2017-04-20 Intel Corporation Systems and methods for providing anti-malware protection and malware forensics on storage devices
EP3159824B8 (en) * 2015-10-22 2020-10-21 IDEMIA Germany GmbH Method for processing an encrypted print job
US10084758B2 (en) 2015-10-28 2018-09-25 International Business Machines Corporation System, method, and recording medium for communication and message comparison with encrypted light signals
US9684506B2 (en) * 2015-11-06 2017-06-20 International Business Machines Corporation Work-item expiration in software configuration management environment
DE102015222622A1 (en) * 2015-11-17 2017-05-18 Koenig & Bauer Ag Printing unit and a method for operating a printing unit
US9455233B1 (en) 2015-12-02 2016-09-27 Freescale Semiconductor, Inc. System for preventing tampering with integrated circuit
TWI597666B (en) * 2015-12-28 2017-09-01 緯創資通股份有限公司 Method for using shared device and resource sharing system
US20170192688A1 (en) * 2015-12-30 2017-07-06 International Business Machines Corporation Lazy deletion of vaults in packed slice storage (pss) and zone slice storage (zss)
TWI595248B (en) * 2016-01-20 2017-08-11 新特系統股份有限公司 Test Device Using Switch Switching Connections between Single Signal Channel and Multiple Pads
US10554519B2 (en) 2016-02-08 2020-02-04 Cray Inc. System and method for dampening power swings in distributed computer environments
KR20170094815A (en) * 2016-02-11 2017-08-22 삼성전자주식회사 Nonvolatile memory capabling of outputting data using wrap around scheme, computing system having the same, and read method thereof
US10176096B2 (en) 2016-02-22 2019-01-08 Qualcomm Incorporated Providing scalable dynamic random access memory (DRAM) cache management using DRAM cache indicator caches
US20170251835A1 (en) * 2016-03-02 2017-09-07 Dci Marketing, Inc. Multi-facing merchandiser and methods relating to same
US9573382B1 (en) 2016-03-02 2017-02-21 Xerox Corporation System and method for missing inkjet compensation in a multi-level inkjet printer
US20170263141A1 (en) * 2016-03-09 2017-09-14 Arnold Possick Cheating and fraud prevention method and system
JP6542148B2 (en) * 2016-03-18 2019-07-10 株式会社東芝 INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING METHOD, AND PROGRAM
US20170288866A1 (en) * 2016-03-30 2017-10-05 AVAST Software s.r.o. Systems and methods of creating a distributed ring of trust
US10118696B1 (en) 2016-03-31 2018-11-06 Steven M. Hoffberg Steerable rotating projectile
US11249970B2 (en) * 2016-05-05 2022-02-15 Mastercard International Incorporated Method and system for distributed data storage with eternal integrity guarantees
US10126960B2 (en) * 2016-05-10 2018-11-13 Qualcomm Incorporated Fuse-based anti-replay mechanism
JP6755706B2 (en) * 2016-05-11 2020-09-16 キヤノン株式会社 Information processing device, its control method, and program
US10432685B2 (en) * 2016-05-31 2019-10-01 Brightcove, Inc. Limiting key request rates for streaming media
US10271209B2 (en) * 2016-06-12 2019-04-23 Apple Inc. Session protocol for backward security between paired devices
TWI609378B (en) * 2016-06-15 2017-12-21 慧榮科技股份有限公司 Data storage device and operating method
US10943250B2 (en) 2016-06-17 2021-03-09 International Business Machines Corporation Technology for user engagement
US10268601B2 (en) 2016-06-17 2019-04-23 Massachusetts Institute Of Technology Timely randomized memory protection
BR112017005752B1 (en) * 2016-06-17 2023-02-14 Hewlett - Packard Development Company, L.P. NON-TRANSITORY COMPUTER READABLE DATA STORAGE MEDIA, PRINT SUBSTANCE CARTRIDGE FOR A PRINT DEVICE, AND PRINT SUPPLY CARTRIDGE
US10056890B2 (en) * 2016-06-24 2018-08-21 Exar Corporation Digital controlled oscillator based clock generator for multi-channel design
US10204011B1 (en) * 2016-06-30 2019-02-12 EMC IP Holding Company LLC Techniques for partially restarting a computing device in response to a configuration change
CN105988404B (en) * 2016-06-30 2018-12-04 深圳市优必选科技有限公司 A kind of servomechanism control system
US10411833B2 (en) * 2016-07-29 2019-09-10 Qualcomm Incorporated Early termination techniques for successive decoding processes
FR3054763B1 (en) * 2016-07-29 2019-08-30 Dover Europe Sarl SYSTEM FOR ADVANCED PROTECTION OF CONSUMABLE OR DETACHABLE ELEMENTS OF INDUSTRIAL PRINTER
US10310991B2 (en) * 2016-08-11 2019-06-04 Massachusetts Institute Of Technology Timely address space randomization
US10569542B2 (en) 2016-08-16 2020-02-25 Zebra Technologies Corporation Printhead pin configurations
US10122392B2 (en) * 2016-08-18 2018-11-06 Advanced Micro Devices, Inc. Active equalizing negative resistance amplifier for bi-directional bandwidth extension
US10390039B2 (en) 2016-08-31 2019-08-20 Microsoft Technology Licensing, Llc Motion estimation for screen remoting scenarios
CN109689369B (en) 2016-09-12 2021-01-12 惠普发展公司,有限责任合伙企业 Printing system and printing method
US10243990B1 (en) 2016-09-23 2019-03-26 Apple Inc. Systems and methods for detecting replay attacks on security space
US10498532B2 (en) * 2016-10-01 2019-12-03 Intel Corporation Parallel computation techniques for accelerated cryptographic capabilities
US10169140B2 (en) * 2016-10-18 2019-01-01 International Business Machines Corporation Loading a phase-locked loop (PLL) configuration using flash memory
KR20180043626A (en) * 2016-10-20 2018-04-30 삼성전자주식회사 System and method for routing a bus including buffer
US10595422B2 (en) 2016-10-20 2020-03-17 International Business Machines Corporation Tamper resistant electronic devices
US9858780B1 (en) 2016-10-20 2018-01-02 International Business Machines Corporation Tamper resistant electronic devices
US10368080B2 (en) 2016-10-21 2019-07-30 Microsoft Technology Licensing, Llc Selective upsampling or refresh of chroma sample values
US10685710B2 (en) * 2016-11-17 2020-06-16 Toshiba Memory Corporation Memory controller
US10693725B1 (en) * 2016-11-28 2020-06-23 Barefoot Networks, Inc. Dynamically reconfiguring data plane of forwarding element to account for operating temperature
US11095877B2 (en) 2016-11-30 2021-08-17 Microsoft Technology Licensing, Llc Local hash-based motion estimation for screen remoting scenarios
JP6829063B2 (en) * 2016-12-08 2021-02-10 パナソニック デバイスSunx株式会社 Laser processing equipment
JP6789789B2 (en) * 2016-12-12 2020-11-25 キヤノン株式会社 Recording element substrate, recording head, and image forming apparatus
US10452877B2 (en) 2016-12-16 2019-10-22 Assa Abloy Ab Methods to combine and auto-configure wiegand and RS485
US10394784B2 (en) * 2016-12-22 2019-08-27 Intel Corporation Technologies for management of lookup tables
TWI609185B (en) * 2016-12-23 2017-12-21 英業達股份有限公司 Expansion circuit board for expanding jtag interface
US10671378B2 (en) * 2016-12-30 2020-06-02 Paypal, Inc. Updating particular features in an application
CN106626794B (en) * 2016-12-30 2020-07-28 珠海艾派克微电子有限公司 Ink box indicator lamp control method and device, ink box chip and ink box
US10432730B1 (en) 2017-01-25 2019-10-01 United States Of America As Represented By The Secretary Of The Air Force Apparatus and method for bus protection
KR102615775B1 (en) * 2017-01-31 2023-12-20 에스케이하이닉스 주식회사 Semiconductor device
CN108418776B (en) * 2017-02-09 2021-08-20 上海诺基亚贝尔股份有限公司 Method and apparatus for providing secure services
JP2018136866A (en) * 2017-02-23 2018-08-30 富士ゼロックス株式会社 Information processing apparatus and information processing program
JP6249119B1 (en) * 2017-03-15 2017-12-20 日本電気株式会社 Control device, control method, program, information processing device
CN106991340B (en) * 2017-03-17 2018-05-15 广州小微电子技术有限公司 Chip encryption method
US10296477B2 (en) 2017-03-30 2019-05-21 United States of America as represented by the Secretary of the AirForce Data bus logger
JP6885151B2 (en) * 2017-03-30 2021-06-09 ブラザー工業株式会社 Image processing device
US10990707B1 (en) * 2017-03-30 2021-04-27 Comodo Security Solutions, Inc. Device for safe data signing
US10579499B2 (en) * 2017-04-04 2020-03-03 International Business Machines Corporation Task latency debugging in symmetric multiprocessing computer systems
DE102017108219A1 (en) 2017-04-18 2018-10-18 Infineon Technologies Ag Control system and method of memory access
DE102017108216A1 (en) 2017-04-18 2018-10-18 Infineon Technologies Ag Control system and method of memory access
CN107038125B (en) * 2017-04-25 2020-11-24 上海兆芯集成电路有限公司 Processor cache with independent pipeline to speed prefetch requests
US10511615B2 (en) * 2017-05-05 2019-12-17 Microsoft Technology Licensing, Llc Non-protocol specific system and method for classifying suspect IP addresses as sources of non-targeted attacks on cloud based machines
US10696899B2 (en) 2017-05-09 2020-06-30 International Business Machines Corporation Light emitting shell in multi-compartment microcapsules
US20180329837A1 (en) * 2017-05-10 2018-11-15 Qualcomm Incorporated Input/output direction decoding in mixed vgpio state exchange
CN108881120B (en) 2017-05-12 2020-12-04 创新先进技术有限公司 Data processing method and device based on block chain
JP6834771B2 (en) * 2017-05-19 2021-02-24 富士通株式会社 Communication device and communication method
TWI793045B (en) * 2017-05-23 2023-02-11 李明信 Multifunction printer control device and multifunction printer
US10900908B2 (en) 2017-05-24 2021-01-26 International Business Machines Corporation Chemiluminescence for tamper event detection
US10357921B2 (en) 2017-05-24 2019-07-23 International Business Machines Corporation Light generating microcapsules for photo-curing
TWI647551B (en) * 2017-05-26 2019-01-11 新唐科技股份有限公司 Communication device, communication system and operation method thereof
US10534546B2 (en) * 2017-06-13 2020-01-14 Western Digital Technologies, Inc. Storage system having an adaptive workload-based command processing clock
CN110770029B (en) * 2017-06-23 2021-08-03 惠普发展公司,有限责任合伙企业 Partial print fluid short detection system and method
US10392452B2 (en) 2017-06-23 2019-08-27 International Business Machines Corporation Light generating microcapsules for self-healing polymer applications
US10445500B2 (en) * 2017-06-28 2019-10-15 Arm Limited Reset attack detection
WO2019013760A1 (en) 2017-07-11 2019-01-17 Hewlett-Packard Development Company, L.P. Fluidic die with primitive size greater than or equal to evaluator subset
CN107484207B (en) * 2017-07-13 2020-06-30 燕山大学 Combined topology control and channel distribution load balancing method in wireless sensor network
US10268572B2 (en) * 2017-08-03 2019-04-23 Fujitsu Limited Interactive software program repair
US10362055B2 (en) * 2017-08-10 2019-07-23 Blue Jeans Network, Inc. System and methods for active brute force attack protection
RU2652450C1 (en) * 2017-08-18 2018-04-26 федеральное государственное автономное образовательное учреждение высшего образования "Северо-Кавказский федеральный университет" Device for calculation montgomery modular product
JP6992323B2 (en) * 2017-08-24 2022-01-13 コニカミノルタ株式会社 Image forming device and correction control program
CN107704730B (en) * 2017-09-15 2021-08-10 成都驰通数码系统有限公司 Self-encryption method for embedded software of electronic equipment
CN107491659B (en) * 2017-09-20 2022-03-15 上海联影医疗科技股份有限公司 Medical equipment system upgrading method and device
US10315419B2 (en) * 2017-09-22 2019-06-11 Eastman Kodak Company Method for assigning communication addresses
US10545844B2 (en) 2017-09-29 2020-01-28 Ricoh Company, Ltd. Print verification system that reports defective printheads
KR102366972B1 (en) * 2017-12-05 2022-02-24 삼성전자주식회사 Clock and data recovery device and method using current-controlled oscillator
JP6584487B2 (en) * 2017-12-20 2019-10-02 キヤノン株式会社 Information processing apparatus, control method thereof, and program
US10649656B2 (en) 2017-12-28 2020-05-12 Micron Technology, Inc. Techniques to update a trim parameter in non-volatile memory
CN108556483B (en) * 2018-01-17 2019-08-09 森大(深圳)技术有限公司 Modify method, apparatus, equipment and the medium of pre-press data compensation abnormal nozzle
CN108537344B (en) * 2018-02-01 2021-09-14 贵州电网有限责任公司 Secondary equipment intelligent operation and maintenance method based on closed-loop knowledge management
US11909860B1 (en) 2018-02-12 2024-02-20 Gemini Ip, Llc Systems, methods, and program products for loaning digital assets and for depositing, holding and/or distributing collateral as a token in the form of digital assets on an underlying blockchain
US11308487B1 (en) 2018-02-12 2022-04-19 Gemini Ip, Llc System, method and program product for obtaining digital assets
US10540654B1 (en) 2018-02-12 2020-01-21 Winklevoss Ip, Llc System, method and program product for generating and utilizing stable value digital assets
US10373129B1 (en) 2018-03-05 2019-08-06 Winklevoss Ip, Llc System, method and program product for generating and utilizing stable value digital assets
US10438290B1 (en) 2018-03-05 2019-10-08 Winklevoss Ip, Llc System, method and program product for generating and utilizing stable value digital assets
US10929842B1 (en) 2018-03-05 2021-02-23 Winklevoss Ip, Llc System, method and program product for depositing and withdrawing stable value digital assets in exchange for fiat
US11139955B1 (en) 2018-02-12 2021-10-05 Winklevoss Ip, Llc Systems, methods, and program products for loaning digital assets and for depositing, holding and/or distributing collateral as a token in the form of digital assets on an underlying blockchain
US11200569B1 (en) 2018-02-12 2021-12-14 Winklevoss Ip, Llc System, method and program product for making payments using fiat-backed digital assets
US11475442B1 (en) 2018-02-12 2022-10-18 Gemini Ip, Llc System, method and program product for modifying a supply of stable value digital asset tokens
US10373158B1 (en) 2018-02-12 2019-08-06 Winklevoss Ip, Llc System, method and program product for modifying a supply of stable value digital asset tokens
US11522700B1 (en) 2018-02-12 2022-12-06 Gemini Ip, Llc Systems, methods, and program products for depositing, holding and/or distributing collateral as a token in the form of digital assets on an underlying blockchain
CN108399075A (en) * 2018-02-28 2018-08-14 郑州云海信息技术有限公司 A kind of method and system of update management engine
US11334883B1 (en) 2018-03-05 2022-05-17 Gemini Ip, Llc Systems, methods, and program products for modifying the supply, depositing, holding and/or distributing collateral as a stable value token in the form of digital assets
US20210114388A1 (en) * 2018-03-05 2021-04-22 Hewlett-Packard Development Company, L.P. Actuator fault indication via wires along busses
WO2019172872A1 (en) * 2018-03-05 2019-09-12 Hewlett-Packard Development Company, L.P. Zonal actuator fault detection
US10642951B1 (en) * 2018-03-07 2020-05-05 Xilinx, Inc. Register pull-out for sequential circuit blocks in circuit designs
CN108681458A (en) * 2018-03-23 2018-10-19 天津清智科技有限公司 A kind of hand-held programmer and its control method
US11712637B1 (en) 2018-03-23 2023-08-01 Steven M. Hoffberg Steerable disk or ball
JP7183559B2 (en) * 2018-03-30 2022-12-06 ブラザー工業株式会社 Printers and computer programs for printers
US11096243B2 (en) 2018-04-13 2021-08-17 Kwesst Inc. Programmable multi-waveform RF generator for use as battlefield decoy
US10969467B1 (en) 2018-04-13 2021-04-06 Kwesst Inc. Programmable multi-waveform RF generator for use as battlefield decoy
US10965444B2 (en) 2018-04-24 2021-03-30 Microsoft Technology Licensing, Llc Mitigating timing attacks via dynamically triggered time dilation
US10785017B2 (en) 2018-04-24 2020-09-22 Microsoft Technology Licensing, Llc Mitigating timing attacks via dynamically scaled time dilation
US11017078B2 (en) * 2018-04-24 2021-05-25 Microsoft Technology Licensing, Llc Environmentally-trained time dilation
DE112018007296B4 (en) 2018-04-25 2022-01-27 Mitsubishi Electric Corporation Information processing device, information processing method and information processing program
US10700709B1 (en) * 2018-04-27 2020-06-30 Xilinx, Inc. Linear block code decoding
CN108874371B (en) * 2018-05-24 2022-02-22 武汉斗鱼网络科技有限公司 Method and system for extending style of live broadcast room, server and storage medium
CN108804102B (en) * 2018-05-24 2022-02-22 武汉斗鱼网络科技有限公司 Method and system for expanding interface style of live broadcast room, server and storage medium
US10892903B2 (en) * 2018-05-29 2021-01-12 Ememory Technology Inc. Communication system capable of preserving a chip-to-chip integrity
WO2019236079A1 (en) * 2018-06-06 2019-12-12 Hewlett-Packard Development Company, L.P. Extendable width adjustors
JP7137379B2 (en) * 2018-07-05 2022-09-14 Juki株式会社 Production system, management device, program
CN108985016A (en) * 2018-07-12 2018-12-11 江苏慧学堂系统工程有限公司 A kind of computer data information protective device
CN110719250B (en) * 2018-07-13 2021-07-06 中国科学院沈阳自动化研究所 Powerlink industrial control protocol anomaly detection method based on PSO-SVDD
TW202010325A (en) * 2018-08-10 2020-03-01 華創車電技術中心股份有限公司 System and method for data processing of on-board-unit
US10838621B2 (en) 2018-08-14 2020-11-17 Silicon Motion, Inc. Method and flash memory controller capable of avoiding inefficient memory block swap or inefficient garbage collection
WO2020036598A1 (en) * 2018-08-16 2020-02-20 Pqsecure Technologies, Llc An efficient architecture and method for arithmetic computations in post-quantum cryptography
CN109191340A (en) * 2018-08-27 2019-01-11 芜湖新使命教育科技有限公司 A kind of Examinee identity verification system and verification method based on mobile terminal
US10942909B2 (en) * 2018-09-25 2021-03-09 Salesforce.Com, Inc. Efficient production and consumption for data changes in a database under high concurrency
EP3824382A4 (en) * 2018-09-26 2022-03-16 Hewlett-Packard Development Company, L.P. Color pipeline
TWI668704B (en) * 2018-10-01 2019-08-11 大陸商深圳大心電子科技有限公司 Data management method and storage controller using the same
WO2020086087A1 (en) * 2018-10-25 2020-04-30 Hewlett-Packard Development Company, L.P. Integrated circuit(s) with anti-glitch canary circuit(s)
US11068598B2 (en) * 2018-11-01 2021-07-20 Dell Products L.P. Chassis internal device security
CN110764797A (en) * 2018-11-19 2020-02-07 哈尔滨安天科技集团股份有限公司 Method, device and system for upgrading file in chip and server
CN109542059B (en) * 2018-11-19 2022-04-01 国核自仪系统工程有限公司 Historical data compression device and method
CN109615423B (en) 2018-11-29 2020-06-16 阿里巴巴集团控股有限公司 Service processing method and device
CA3121147C (en) 2018-12-03 2023-08-22 Hewlett-Packard Development Company, L.P. Logic circuitry
CN113168442B (en) 2018-12-03 2023-12-22 惠普发展公司,有限责任合伙企业 logic circuit system
EP3688645A1 (en) 2018-12-03 2020-08-05 Hewlett-Packard Development Company, L.P. Logic circuitry package
US20210221122A1 (en) 2018-12-03 2021-07-22 Hewlett-Packard Development Company, L.P. Logic circuitry package
CN113165398B (en) 2018-12-03 2022-12-09 惠普发展公司,有限责任合伙企业 Logic circuit system
CA3121183A1 (en) 2018-12-03 2020-06-11 Hewlett-Packard Development Company, L.P. Logic circuitry
JP6995252B1 (en) 2018-12-03 2022-02-09 ヒューレット-パッカード デベロップメント カンパニー エル.ピー. Logic circuit
US11338586B2 (en) 2018-12-03 2022-05-24 Hewlett-Packard Development Company, L.P. Logic circuitry
US10894423B2 (en) 2018-12-03 2021-01-19 Hewlett-Packard Development Company, L.P. Logic circuitry
AU2018451721B2 (en) 2018-12-03 2023-05-18 Hewlett-Packard Development Company, L.P. Logic circuitry
CN109379195B (en) * 2018-12-18 2021-04-30 深圳前海微众银行股份有限公司 Zero-knowledge proof circuit optimization method, device, equipment and readable storage medium
CN109697033B (en) * 2018-12-19 2022-01-07 中国人民解放军国防科技大学 Tile record disk sensing storage caching method and system
US11057240B2 (en) 2018-12-20 2021-07-06 Rolls-Royce North American Technologies Inc. Method and process for securing an executable image
US10585650B1 (en) * 2018-12-21 2020-03-10 Dspace Digital Signal Processing And Control Engineering Gmbh Method and system for generating program code
CN109710198B (en) * 2018-12-29 2020-12-25 森大(深圳)技术有限公司 Printing method, device and equipment for local dynamic variable image
WO2020141524A1 (en) 2018-12-31 2020-07-09 Stratasys Ltd. Method and system for improving color uniformity in inkjet printing
CN109885351B (en) * 2019-01-22 2021-09-28 飞天诚信科技股份有限公司 Multi-application smart card and method for establishing master-slave application relationship thereof
US11366689B2 (en) * 2019-02-26 2022-06-21 Nxp Usa, Inc. Hardware for supporting OS driven observation and anticipation based on more granular, variable sized observation units
US11144705B2 (en) 2019-03-21 2021-10-12 International Business Machines Corporation Cognitive multiple-level highlight contrasting for entities
CN110202940A (en) * 2019-05-06 2019-09-06 珠海艾派克微电子有限公司 Printing consumables, print cartridge and control method
US11356283B2 (en) * 2019-05-08 2022-06-07 Seagate Technology Llc Data storage using an encryption key with a time expiration associated therewith
US11036406B2 (en) * 2019-05-21 2021-06-15 International Business Machines Corporation Thermally aware memory management
EP3742295A1 (en) * 2019-05-23 2020-11-25 NXP USA, Inc. Automatic firmware rollback
CN110162052A (en) * 2019-05-27 2019-08-23 北京新能源汽车股份有限公司 Code generating method, system and the vehicle of automatic Pilot decision
US11210280B2 (en) * 2019-06-04 2021-12-28 Alibaba Group Holding Limited Systems and methods for fast bloom filter operations
CN110224789B (en) * 2019-06-10 2021-09-07 哈尔滨工业大学 Multi-mode HDLC controller based on FPGA
US20220091841A1 (en) * 2019-06-10 2022-03-24 Hewlett-Packard Development Company, L.P. Replacement-triggered software updates
US11182486B2 (en) * 2019-06-11 2021-11-23 Sophos Limited Early boot driver for start-up detection of malicious code
US11501370B1 (en) 2019-06-17 2022-11-15 Gemini Ip, Llc Systems, methods, and program products for non-custodial trading of digital assets on a digital asset exchange
US11456877B2 (en) * 2019-06-28 2022-09-27 Intel Corporation Unified accelerator for classical and post-quantum digital signature schemes in computing environments
US11269999B2 (en) * 2019-07-01 2022-03-08 At&T Intellectual Property I, L.P. Protecting computing devices from malicious tampering
CN110362501B (en) * 2019-07-05 2021-09-24 北京大学 Apparatus and method for performing saturated addressing load and store operations
CN110347555B (en) * 2019-07-09 2021-10-01 英业达科技有限公司 Hard disk operation state determination method
TWI689736B (en) * 2019-07-11 2020-04-01 瑞昱半導體股份有限公司 Method of detecting correlation of pins of circuit and computer program product thereof
US11037613B2 (en) * 2019-07-17 2021-06-15 Micron Technology, Inc. Implementations to store fuse data in memory devices
CN112311718B (en) * 2019-07-24 2023-08-22 华为技术有限公司 Method, device, equipment and storage medium for detecting hardware
CN110413272B (en) * 2019-07-30 2023-10-13 广州市百果园信息技术有限公司 Front-end project construction method, device, storage medium and equipment
CN110610077B (en) * 2019-08-12 2021-05-11 深圳市国科亿道科技有限公司 Encryption and decryption method based on chip
US10957381B1 (en) * 2019-08-28 2021-03-23 Micron Technology, Inc. Metadata grouping for un-map techniques
CN110492964B (en) * 2019-08-29 2020-10-02 广东博智林机器人有限公司 CLOCK source synchronization device and method based on CLOCK BUFF
US11416435B2 (en) * 2019-09-03 2022-08-16 Pensando Systems Inc. Flexible datapath offload chaining
US10998075B2 (en) * 2019-09-11 2021-05-04 International Business Machines Corporation Built-in self-test for bit-write enabled memory arrays
US10971242B2 (en) 2019-09-11 2021-04-06 International Business Machines Corporation Sequential error capture during memory test
CN110531307B (en) * 2019-09-12 2021-09-21 宁波三星医疗电气股份有限公司 Debugging method and device of power acquisition terminal and power acquisition terminal
US11321457B2 (en) * 2019-09-16 2022-05-03 Nuvoton Technology Corporation Data-sampling integrity check by sampling using flip-flops with relative delay
US10642979B1 (en) * 2019-09-19 2020-05-05 Capital One Services, Llc System and method for application tamper discovery
CN110693486B (en) * 2019-09-27 2022-06-14 武汉中旗生物医疗电子有限公司 Electrocardiogram abnormity labeling method and device
CN110752977B (en) * 2019-10-11 2021-07-27 中国海洋大学 Abnormal intrusion detection method and device for CAN bus of Internet of vehicles
CN112671690B (en) * 2019-10-16 2022-08-30 中国电信股份有限公司 Streaming media communication method, device, system and storage medium
EP3844000B1 (en) 2019-10-25 2023-04-12 Hewlett-Packard Development Company, L.P. Logic circuitry package
US10831954B1 (en) * 2019-10-29 2020-11-10 International Business Machines Corporation Technology lookup table-based default assertion generation and consumption for timing closure of VLSI designs
WO2021086384A1 (en) * 2019-10-31 2021-05-06 Hewlett-Packard Development Company, L.P. Fluid delivery fault detection
US11288406B1 (en) * 2019-11-15 2022-03-29 The Charles Stark Draper Laboratory, Inc. Fast XOR interface with processor and memory
CN110753221B (en) * 2019-11-18 2021-04-27 中国科学院长春光学精密机械与物理研究所 Real-time correction system for serial image data training of CMOS image sensor
WO2021101539A1 (en) * 2019-11-20 2021-05-27 Hewlett-Packard Development Company, L.P. Electronic component having extra functionality mode
EP4021731A1 (en) * 2019-11-22 2022-07-06 Hewlett-Packard Development Company, L.P. Determining printing fluid amounts
CN111147158A (en) * 2019-12-04 2020-05-12 杭州恒生数字设备科技有限公司 Method for shielding multi-frequency WIFI signal
US11775378B2 (en) * 2019-12-16 2023-10-03 Micron Technology, Inc. Memory health status reporting
CN111049604B (en) * 2019-12-16 2021-10-15 深圳市烽云技术有限公司 Wireless ad hoc network method and device based on auxiliary receiving channel
CN111221755B (en) * 2019-12-28 2020-11-10 重庆秦嵩科技有限公司 Io interrupt control method for FPGA2 submodule
TWI734326B (en) * 2019-12-30 2021-07-21 新唐科技股份有限公司 Audio synchronization processing circuit and method thereof
CN111338984B (en) * 2020-02-25 2022-05-17 大唐半导体科技有限公司 Cache RAM and Retention RAM data high-speed exchange architecture and method thereof
CN111339001B (en) * 2020-03-09 2021-07-30 厦门润积集成电路技术有限公司 Low-power-consumption single bus communication method and system
US11080059B1 (en) * 2020-03-30 2021-08-03 Sandisk Technologies Llc Reducing firmware size and increasing firmware performance
KR20210133799A (en) 2020-04-29 2021-11-08 삼성전자주식회사 Data transceiving system including clock and data recovery device and operating method thereof
US11282558B2 (en) * 2020-05-21 2022-03-22 Wuxi Petabyte Technologies Co., Ltd. Ferroelectric random-access memory with ROMFUSE area having redundant configuration wordlines
CN111722581B (en) * 2020-05-28 2021-10-22 国电南瑞科技股份有限公司 Method for improving communication transmission and data processing efficiency of PLC and upper computer
US11202085B1 (en) 2020-06-12 2021-12-14 Microsoft Technology Licensing, Llc Low-cost hash table construction and hash-based block matching for variable-size blocks
CN111693757A (en) * 2020-06-22 2020-09-22 索尔思光电(成都)有限公司 LD bias current detection method and circuit, and optical module
CN111787320B (en) * 2020-07-03 2022-02-08 北京博雅慧视智能技术研究院有限公司 Transform coding system and method
US11509473B2 (en) * 2020-07-20 2022-11-22 Pqsecure Technologies, Llc Architecture and method for hybrid isogeny-based cryptosystems
CN111857307B (en) * 2020-07-30 2022-04-01 南京英锐创电子科技有限公司 Control device, control system and control method of power reset circuit
CN112002495B (en) * 2020-08-14 2022-08-19 李洪恩 Cable core shaping device
US11843667B2 (en) 2020-08-17 2023-12-12 Toyota Motor North America, Inc. Real time boot for secure distributed systems
WO2022055490A1 (en) * 2020-09-11 2022-03-17 Google Llc Hardware-based save-and-restore controller
JP7362583B2 (en) * 2020-09-23 2023-10-17 株式会社東芝 information processing equipment
US20220100428A1 (en) * 2020-09-25 2022-03-31 Micron Technology, Inc. Frequency monitoring for memory devices
US11600362B2 (en) 2020-09-30 2023-03-07 International Business Machines Corporation Visually representing concepts and relationships on an electronic interface for delivered content
CN112291066B (en) * 2020-10-29 2022-02-01 中国科学院信息工程研究所 Data sending method, data receiving method, terminal equipment and electronic equipment
CN112463672A (en) * 2020-11-04 2021-03-09 贵州电网有限责任公司 Data transmission method, device and medium
US11783026B2 (en) * 2021-01-05 2023-10-10 Nuvoton Technology Corporation Processor with in-band fault-injection detection
CN112748791B (en) * 2021-01-19 2022-07-01 中国科学院微小卫星创新研究院 Satellite comprehensive electronic computer autonomous switching method
CN112995330B (en) * 2021-03-19 2021-10-01 北京北航天宇长鹰无人机科技有限公司 Transparent information extraction method and device for data
EP4323878A1 (en) * 2021-04-16 2024-02-21 Brookhaven Science Associates LLC Event-driven readout system with non-priority arbitration for multichannel data sources
TWI805069B (en) * 2021-04-26 2023-06-11 財團法人工業技術研究院 High-frequency component test device and method thereof
WO2022245373A1 (en) * 2021-05-21 2022-11-24 Hewlett-Packard Development Company, L.P. Page wide array print job interruptions
CN113296705B (en) * 2021-05-27 2022-09-27 浙江萤火虫区块链科技有限公司 Framework system for parallel computing Poseido Hash in Filecin
CN113553103B (en) * 2021-06-03 2022-09-23 中国人民解放军战略支援部队信息工程大学 Multi-core parallel scheduling method based on CPU + GPU heterogeneous processing platform
CN113255296A (en) * 2021-06-08 2021-08-13 北京翔东智能科技有限公司 Electronic contract classified storage safety management system
US20220004398A1 (en) * 2021-09-22 2022-01-06 Intel Corporation Integrated circuit package reconfiguration mechanism
CN113946313B (en) * 2021-10-12 2023-05-05 哲库科技(北京)有限公司 Processing circuit, chip and terminal of LOOKUP3 hash algorithm
US20230229336A1 (en) * 2022-01-20 2023-07-20 Dell Products L.P. Read-disturb-based read temperature time-based attenuation system
US11928354B2 (en) 2022-01-21 2024-03-12 Dell Products L.P. Read-disturb-based read temperature determination system
US11922035B2 (en) 2022-01-21 2024-03-05 Dell Products L.P. Read-disturb-based read temperature adjustment system
CN114565069A (en) * 2022-01-25 2022-05-31 国创移动能源创新中心(江苏)有限公司 Data transmission system of contact card and control method thereof
CN115080473B (en) * 2022-06-29 2023-11-21 海光信息技术股份有限公司 Multi-chip interconnection system and safe starting method based on same
CN116684221B (en) * 2023-08-02 2023-10-17 佛山冠湾智能科技有限公司 Time-sharing IO bus of integrative hardware modularization is driven in accuse

Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5581198A (en) * 1995-02-24 1996-12-03 Xilinx, Inc. Shadow DRAM for programmable logic devices
US5621698A (en) * 1994-12-31 1997-04-15 Hyundai Electronics Industries Co., Ltd. Data signal distribution circuit for synchronous memory device
US5673316A (en) * 1996-03-29 1997-09-30 International Business Machines Corporation Creation and distribution of cryptographic envelope
US5835424A (en) * 1994-09-09 1998-11-10 Matsushita Electric Industrial Co., Ltd. Semiconductor memory
US6246970B1 (en) * 1998-07-10 2001-06-12 Silverbrook Research Pty Ltd Method for making a chip tamper-resistant
US6327199B1 (en) * 1998-10-09 2001-12-04 Micron Technology, Inc. Method for testing memory devices
US6354689B1 (en) * 1998-12-22 2002-03-12 Eastman Kodak Company Method of compensating for malperforming nozzles in a multitone inkjet printer
US20020060707A1 (en) * 2000-02-15 2002-05-23 Chia-Lei Yu Ink jet printer with a compensation function for malfunctioning nozzles
US6651149B1 (en) * 1998-12-10 2003-11-18 Kabushiki Kaisha Toshiba Data storage medium with certification data
US20050286287A1 (en) * 2004-06-17 2005-12-29 Samsung Electronics Co., Ltd. Complementary nonvolatile memory device, methods of operating and manufacturing the same, logic device and semiconductor device including the same, and reading circuit for the same
US7124170B1 (en) * 1999-08-20 2006-10-17 Intertrust Technologies Corp. Secure processing unit systems and methods
US7192114B2 (en) * 2003-09-24 2007-03-20 Canon Kabushiki Kaisha Printing apparatus and printing method
US7194629B2 (en) * 1997-07-15 2007-03-20 Silverbrook Research Pty Ltd Apparatus for authenticating memory space of an authorized accessory
US7200759B2 (en) * 2001-06-08 2007-04-03 Safenet B.V. Method and device for making information contents of a volatile semiconductor memory irretrievable

Family Cites Families (249)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US583542A (en) * 1897-06-01 Corn-sheller
US554828A (en) * 1896-02-18 maldura
US635689A (en) * 1899-01-06 1899-10-24 Joseph D King Adjustable handle-bar.
US3654689A (en) * 1970-06-03 1972-04-11 Eis Automotive Corp Method and apparatus of assembling and disassembling hydraulic disc brake calipers
US4247913A (en) * 1979-05-10 1981-01-27 Hiniker Company Protection circuit for storage of volatile data
US4309602A (en) * 1979-11-01 1982-01-05 Eikonix Corportation Wavefront sensing by phase retrieval
JPS573164A (en) * 1980-06-04 1982-01-08 Nippon Denso Co Ltd Microcomputer control device
JPS58500820A (en) * 1981-05-27 1983-05-19 マステク、コ−パレイシヤン Integrated circuit operating method and integrated circuit operating power control circuit
FR2542540B1 (en) * 1983-03-08 1989-02-10 Canon Kk IMAGE PROCESSING SYSTEM
DE3401610A1 (en) * 1984-01-18 1985-07-18 Siemens AG, 1000 Berlin und 8000 München INTEGRATED SEMICONDUCTOR CIRCUIT WITH A RINGOSCILLATOR
US4644494A (en) * 1984-02-06 1987-02-17 Sundstrand Data Control, Inc. Solid state memory for aircraft flight data recorder systems
EP0165386B1 (en) * 1984-04-26 1989-11-29 Heidelberger Druckmaschinen Aktiengesellschaft Method and storage system for the storage of control data for press actuators
US4593384A (en) * 1984-12-21 1986-06-03 Ncr Corporation Security device for the secure storage of sensitive data
US4685056A (en) * 1985-06-11 1987-08-04 Pueblo Technologies, Inc. Computer security device
US4692903A (en) * 1985-07-15 1987-09-08 Zenith Electronics Corporation Memory loss protection circuit
US4683496A (en) * 1985-08-23 1987-07-28 The Analytic Sciences Corporation System for and method of enhancing images using multiband information
US4690555A (en) * 1985-11-01 1987-09-01 Hughes Aircraft Company Solid-state wavefront slope determination
EP0277247B1 (en) * 1986-07-31 1994-05-04 Kabushiki Kaisya Advance System for generating a shared cryptographic key and a communication system using the shared cryptographic key
JPH0612616B2 (en) * 1986-08-13 1994-02-16 日本テキサス・インスツルメンツ株式会社 Semiconductor memory device
US4882686A (en) * 1987-06-22 1989-11-21 Eastman Kodak Company Printing apparatus with improved data formatting circuitry
US5138438A (en) * 1987-06-24 1992-08-11 Akita Electronics Co. Ltd. Lead connections means for stacked tab packaged IC chips
EP0304289A3 (en) * 1987-08-18 1991-03-13 Kabushiki Kaisha Toshiba Half-tone image reproduction method and apparatus
US4992827A (en) * 1987-12-28 1991-02-12 Canon Kabushiki Kaisha Image forming apparatus
JP2710943B2 (en) * 1988-02-26 1998-02-10 キヤノン株式会社 Inkjet printer
US4932232A (en) * 1988-05-20 1990-06-12 Alcan Aluminum Corporation Methods of detecting and correcting spray header malfunctions
CH678663A5 (en) * 1988-06-09 1991-10-15 Zeiss Carl Fa
US5031034A (en) * 1988-06-20 1991-07-09 Canon Kabushiki Kaisha Image forming and processing apparatus with identification of character portions of images
US5185717A (en) * 1988-08-05 1993-02-09 Ryoichi Mori Tamper resistant module having logical elements arranged in multiple layers on the outer surface of a substrate to protect stored information
US4924301A (en) * 1988-11-08 1990-05-08 Seecolor Corporation Apparatus and methods for digital halftoning
JP2563134B2 (en) * 1989-01-25 1996-12-11 日本電子株式会社 Scanning transmission type phase contrast electron microscope
US5172134A (en) * 1989-03-31 1992-12-15 Canon Kabushiki Kaisha Ink jet recording head, driving method for same and ink jet recording apparatus
US5212664A (en) * 1989-04-05 1993-05-18 Mitsubishi Denki Kabushiki Kaisha Information card with dual power detection signals to memory decoder
JPH02296410A (en) * 1989-05-11 1990-12-07 Mitsubishi Electric Corp Delay circuit
US4999575A (en) * 1989-09-25 1991-03-12 General Electric Company Power supply and monitor for controlling an electrical load following a power outage
US5305436A (en) * 1990-04-02 1994-04-19 Hewlett-Packard Company Hose bus video interface in personal computers
JPH0461096A (en) * 1990-06-29 1992-02-27 Matsushita Electric Ind Co Ltd Memory control device
US5091938B1 (en) * 1990-08-06 1997-02-04 Nippon Denki Home Electronics Digital data cryptographic system
US5327404A (en) * 1990-11-27 1994-07-05 Vlsi Technology, Inc. On-chip frequency trimming method for real-time clock
JP3039563B2 (en) * 1990-11-29 2000-05-08 株式会社日立製作所 Scanning electron microscope and scanning electron microscope method
US5309516A (en) * 1990-12-07 1994-05-03 Hitachi, Ltd. Group cipher communication method and group cipher communication system
US5193012A (en) * 1991-04-29 1993-03-09 Snap-Fax Corporation Real-time conversion of still-video to half-tone for hard copy output (such as on a facsimile machine)
JPH0548446A (en) 1991-08-09 1993-02-26 Sony Corp Semiconductor integrated circuit
US5198054A (en) * 1991-08-12 1993-03-30 Xerox Corporation Method of making compensated collinear reading or writing bar arrays assembled from subunits
JPH05217834A (en) * 1992-01-31 1993-08-27 Sharp Corp Layout method of lsi chip on mask
US5367375A (en) * 1992-02-07 1994-11-22 Hughes Aircraft Company Spatial wavefront evaluation by intensity relationship
EP0907142B1 (en) * 1992-04-02 2007-06-13 Kabushiki Kaisha Toshiba Memory card apparatus
JP3180494B2 (en) * 1992-04-17 2001-06-25 セイコーエプソン株式会社 Logic device
JPH06291994A (en) * 1992-08-10 1994-10-18 Ricoh Co Ltd Method and unit for processing picture
JP3221085B2 (en) * 1992-09-14 2001-10-22 富士ゼロックス株式会社 Parallel processing unit
US5315635A (en) * 1992-09-30 1994-05-24 Motorola, Inc. Reliable message communication system
KR950011655B1 (en) * 1992-10-31 1995-10-07 삼성전자주식회사 Channel & broadcasting station marked apparatus
US5457748A (en) * 1992-11-30 1995-10-10 Motorola, Inc. Method and apparatus for improved security within encrypted communication devices
US5440632A (en) * 1992-12-02 1995-08-08 Scientific-Atlanta, Inc. Reprogrammable subscriber terminal
US5363447A (en) * 1993-03-26 1994-11-08 Motorola, Inc. Method for loading encryption keys into secure transmission devices
US5784642A (en) * 1993-04-05 1998-07-21 Packard Bell Nec System for establishing a transfer mode between system controller and peripheral device
EP0626643B1 (en) 1993-05-24 2000-05-03 Hewlett-Packard Company Processor responsive to environmental conditions to enable or disable a delay in a processing action
JP3254913B2 (en) * 1993-07-21 2002-02-12 セイコーエプソン株式会社 Control method of print head
US5511202A (en) * 1993-07-26 1996-04-23 International Business Machines Corporation Desktop computer system having zero-volt system suspend and control unit for ascertaining interrupt controller base address
US5420798A (en) * 1993-09-30 1995-05-30 Macronix International Co., Ltd. Supply voltage detection circuit
US5375089A (en) * 1993-10-05 1994-12-20 Advanced Micro Devices, Inc. Plural port memory system utilizing a memory having a read port and a write port
US5467327A (en) * 1993-12-22 1995-11-14 Jamail; Randall Method of masking data on a storage medium
US20020013898A1 (en) * 1997-06-04 2002-01-31 Sudia Frank W. Method and apparatus for roaming use of cryptographic values
JPH07210472A (en) * 1994-01-25 1995-08-11 Fujitsu Ltd I/o interface control method and computer system
EP0665673A3 (en) * 1994-02-01 1996-06-12 Dainippon Screen Mfg Method and apparatus for producing a halftone image using a threshold matrix.
US5603063A (en) * 1994-06-27 1997-02-11 Quantum Corporation Disk drive command queuing method using two memory devices for storing two types of commands separately first before queuing commands in the second memory device
US5587730A (en) * 1994-09-30 1996-12-24 Xerox Corporation Redundant full width array thermal ink jet printing for improved reliability
US5594839A (en) * 1994-10-17 1997-01-14 Seiko Epson Corporation Apparatus and method for improving black and color separation in halftoned images by printing black dots in a different screen phase
DE69533937T2 (en) * 1994-11-17 2005-06-30 Canon K.K. Transfer of shifted data to a color printer
KR960019415A (en) * 1994-11-23 1996-06-17 윤종용 Plasma display panel
US5581284A (en) * 1994-11-25 1996-12-03 Xerox Corporation Method of extending the life of a printbar of a color ink jet printer
JP3302847B2 (en) * 1994-12-02 2002-07-15 富士通株式会社 Storage device
US5633714A (en) * 1994-12-19 1997-05-27 International Business Machines Corporation Preprocessing of image amplitude and phase data for CD and OL measurement
US5719602A (en) * 1995-01-20 1998-02-17 Hewlett-Packard Company Controlling PWA inkjet nozzle timing as a function of media speed
US5796416A (en) * 1995-04-12 1998-08-18 Eastman Kodak Company Nozzle placement in monolithic drop-on-demand print heads
JP2887836B2 (en) * 1995-04-27 1999-05-10 富士ゼロックス株式会社 Ink jet print head and image recording device
US5689565A (en) * 1995-06-29 1997-11-18 Microsoft Corporation Cryptography system and method for providing cryptographic services for a computer application
JPH09123437A (en) * 1995-08-28 1997-05-13 Seiko Epson Corp Ink jet printer and ink jet recording ink
US5675365A (en) * 1995-09-13 1997-10-07 Xerox Corporation Ejector activation scheduling system for an ink-jet printhead
US5606703A (en) * 1995-12-06 1997-02-25 International Business Machines Corporation Interrupt protocol system and method using priority-arranged queues of interrupt status block control data structures
US5619456A (en) * 1996-01-19 1997-04-08 Sgs-Thomson Microelectronics, Inc. Synchronous output circuit
JPH09212254A (en) * 1996-02-06 1997-08-15 Toshiba Corp Clock margin control device
US5805403A (en) * 1996-03-28 1998-09-08 3Com Ltd. Integrated circuit temperature monitoring and protection system
US6371590B1 (en) * 1996-04-09 2002-04-16 Samsung Electronics Co., Ltd. Method for testing nozzles of an inkjet printer
US5661428A (en) * 1996-04-15 1997-08-26 Micron Technology, Inc. Frequency adjustable, zero temperature coefficient referencing ring oscillator circuit
US5915226A (en) * 1996-04-19 1999-06-22 Gemplus Card International Prepaid smart card in a GSM based wireless telephone network and method for operating prepaid cards
US5796313A (en) * 1996-04-25 1998-08-18 Waferscale Integration Inc. Low power programmable ring oscillator
EP0805050B1 (en) * 1996-05-02 2003-04-16 Ricoh Company, Ltd Image forming method and apparatus for rapidly fixing ink on a recording medium
US6113208A (en) * 1996-05-22 2000-09-05 Hewlett-Packard Company Replaceable cartridge for a printer including resident memory with stored message triggering data
US5796312A (en) * 1996-05-24 1998-08-18 Microchip Technology Incorporated Microcontroller with firmware selectable oscillator trimming
US6320782B1 (en) * 1996-06-10 2001-11-20 Kabushiki Kaisha Toshiba Semiconductor memory device and various systems mounting them
US5870267A (en) * 1996-07-25 1999-02-09 Konami Co., Ltd. Semiconductor integrated circuit device with overheating protector and method of protecting semiconductor integrated circuit against overheating
JP3411159B2 (en) * 1996-08-02 2003-05-26 株式会社日立製作所 Mobile computer support system
US5822758A (en) 1996-09-09 1998-10-13 International Business Machines Corporation Method and system for high performance dynamic and user programmable cache arbitration
US5935259A (en) * 1996-09-24 1999-08-10 Apple Computer, Inc. System and method for preventing damage to media files within a digital camera device
US5754567A (en) * 1996-10-15 1998-05-19 Micron Quantum Devices, Inc. Write reduction in flash memory systems through ECC usage
US6027195A (en) * 1996-11-12 2000-02-22 Varis Corporation System and method for synchronizing the piezoelectric clock sources of a plurality of ink jet printheads
JPH10163867A (en) * 1996-11-29 1998-06-19 Ricoh Co Ltd Clock generator and its production
US6168251B1 (en) * 1996-12-18 2001-01-02 Canon Kabushiki Kaisha Recording apparatus and method for correcting offset of recorded pixels
EP0849660B1 (en) * 1996-12-19 2004-10-27 Koninklijke Philips Electronics N.V. Portable electronic apparatus with a device for detecting a variation in the supply voltage
FR2757653B1 (en) * 1996-12-20 1999-03-12 Sextant Avionique SELF-CONTAINED INPUT AND OUTPUT CONTROLLER
US5754762A (en) * 1997-01-13 1998-05-19 Kuo; Chih-Cheng Secure multiple application IC card using interrupt instruction issued by operating system or application program to control operation flag that determines the operational mode of bi-modal CPU
US5920630A (en) * 1997-02-25 1999-07-06 United States Of America Method of public key cryptography that includes key escrow
US5987576A (en) * 1997-02-27 1999-11-16 Hewlett-Packard Company Method and apparatus for generating and distributing clock signals with minimal skew
US6283572B1 (en) * 1997-03-04 2001-09-04 Hewlett-Packard Company Dynamic multi-pass print mode corrections to compensate for malfunctioning inkjet nozzles
US6065113A (en) * 1997-03-07 2000-05-16 Texas Instruments Incorporated Circuits, systems, and methods for uniquely identifying a microprocessor at the instruction set level employing one-time programmable register
US6010205A (en) 1997-03-12 2000-01-04 Raster Graphics Inc. Method and apparatus for improved printing
AUPO799197A0 (en) * 1997-07-15 1997-08-07 Silverbrook Research Pty Ltd Image processing method and apparatus (ART01)
US6112265A (en) * 1997-04-07 2000-08-29 Intel Corportion System for issuing a command to a memory having a reorder module for priority commands and an arbiter tracking address of recently issued command
JPH10326493A (en) * 1997-05-23 1998-12-08 Ricoh Co Ltd Compounded flash memory device
US6064989A (en) * 1997-05-29 2000-05-16 Pitney Bowes Inc. Synchronization of cryptographic keys between two modules of a distributed system
US5841125A (en) * 1997-06-06 1998-11-24 Trw Inc. High energy laser focal sensor (HELFS)
US5896263A (en) * 1997-06-27 1999-04-20 Allen-Bradley Company, Llc Output circuit having electronic overload protection activated by voltage drop across output transistor
US6702417B2 (en) * 1997-07-12 2004-03-09 Silverbrook Research Pty Ltd Printing cartridge with capacitive sensor identification
US6803989B2 (en) * 1997-07-15 2004-10-12 Silverbrook Research Pty Ltd Image printing apparatus including a microcontroller
AUPO794797A0 (en) * 1997-07-15 1997-08-07 Silverbrook Research Pty Ltd A device (MEMS07)
US7743262B2 (en) * 1997-07-15 2010-06-22 Silverbrook Research Pty Ltd Integrated circuit incorporating protection from power supply attacks
US6857724B2 (en) * 1997-07-15 2005-02-22 Silverbrook Research Pty Ltd Print assembly for a wide format pagewidth printer
US6217165B1 (en) * 1997-07-15 2001-04-17 Silverbrook Research Pty. Ltd. Ink and media cartridge with axial ink chambers
DE69819510T2 (en) * 1997-08-01 2004-09-23 Encad, Inc., San Diego Inkjet printer, method and system with the possibility of compensation for non-functioning printing elements
US5942949A (en) * 1997-10-14 1999-08-24 Lucent Technologies Inc. Self-calibrating phase-lock loop with auto-trim operations for selecting an appropriate oscillator operating curve
US6219142B1 (en) * 1997-10-17 2001-04-17 Southwest Sciences Incorporated Method and apparatus for determining wave characteristics from wave phenomena
US6026492A (en) * 1997-11-06 2000-02-15 International Business Machines Corporation Computer system and method to disable same when network cable is removed
US6385728B1 (en) * 1997-11-26 2002-05-07 International Business Machines Corporation System, method, and program for providing will-call certificates for guaranteeing authorization for a printer to retrieve a file directly from a file server upon request from a client in a network computer system environment
US6314521B1 (en) * 1997-11-26 2001-11-06 International Business Machines Corporation Secure configuration of a digital certificate for a printer or other network device
JP3065053B2 (en) * 1998-01-06 2000-07-12 セイコーエプソン株式会社 Device monitoring system, local monitoring device, integrated monitoring device, device monitoring method, and computer-readable medium storing program
FI108827B (en) * 1998-01-08 2002-03-28 Nokia Corp A method for implementing connection security in a wireless network
US6145054A (en) * 1998-01-21 2000-11-07 Sun Microsystems, Inc. Apparatus and method for handling multiple mergeable misses in a non-blocking cache
US5983225A (en) * 1998-01-26 1999-11-09 Telenor As Parameterized lock management system and method for conditional conflict serializability of transactions
US6378072B1 (en) * 1998-02-03 2002-04-23 Compaq Computer Corporation Cryptographic system
JP3847970B2 (en) * 1998-04-14 2006-11-22 キヤノン株式会社 Print data processing apparatus, print data processing method, and recording medium
US5973968A (en) * 1998-04-30 1999-10-26 Medtronic, Inc. Apparatus and method for write protecting a programmable memory
US6297888B1 (en) * 1998-05-04 2001-10-02 Canon Kabushiki Kaisha Automatic alignment of print heads
US6154195A (en) * 1998-05-14 2000-11-28 S3 Incorporated System and method for performing dithering with a graphics unit having an oversampling buffer
US6481820B1 (en) 1998-05-25 2002-11-19 Konica Corporation Ink jet printer which can carry out high speed image formation and which can avoid image failure due to a defective nozzle
US6226098B1 (en) * 1998-06-11 2001-05-01 Nuworld Marketing, Ltd Printer appliance for use in a wireless system for broadcasting packets of information
US20020008723A1 (en) 1998-07-21 2002-01-24 Xin Wen Printer and method of compensating for malperforming and inoperative ink nozzles in a print head
JP3611177B2 (en) 1998-07-22 2005-01-19 セイコーエプソン株式会社 Inkjet recording apparatus and recording method
US6350004B1 (en) * 1998-07-29 2002-02-26 Lexmark International, Inc. Method and system for compensating for skew in an ink jet printer
US6241338B1 (en) * 1998-08-06 2001-06-05 Seiko Epson Corporation Dot printing using partial overlap scheme
US6915375B2 (en) * 1998-08-31 2005-07-05 Sony Corporation Memory apparatus and a data-processing apparatus, and method for using the memory apparatus
EP0983855A3 (en) 1998-08-31 2000-08-02 Hewlett-Packard Company Dot substitution to compensate for failed ink jet nozzles
US6192349B1 (en) * 1998-09-28 2001-02-20 International Business Machines Corporation Smart card mechanism and method for obtaining electronic tickets for goods services over an open communications link
US6202101B1 (en) * 1998-09-30 2001-03-13 Compaq Computer Corporation System and method for concurrently requesting input/output and memory address space while maintaining order of data sent and returned therefrom
WO2000023279A1 (en) * 1998-10-16 2000-04-27 Silverbrook Research Pty. Limited Improvements relating to inkjet printers
AU760436B2 (en) * 1998-10-16 2003-05-15 Matsushita Electric Industrial Co., Ltd. Production protection system dealing with contents that are digital production
US6526484B1 (en) * 1998-11-16 2003-02-25 Infineon Technologies Ag Methods and apparatus for reordering of the memory requests to achieve higher average utilization of the command and data bus
JP4395943B2 (en) * 1998-11-26 2010-01-13 セイコーエプソン株式会社 Printing apparatus and information management method thereof
AUPP752398A0 (en) * 1998-12-04 1999-01-07 Collins, Lyal Sidney Secure multi-point data transfer system
US6294962B1 (en) * 1998-12-09 2001-09-25 Cypress Semiconductor Corp. Circuit(s), architecture and method(s) for operating and/or tuning a ring oscillator
US6418472B1 (en) * 1999-01-19 2002-07-09 Intel Corporation System and method for using internet based caller ID for controlling access to an object stored in a computer
US6601151B1 (en) * 1999-02-08 2003-07-29 Sun Microsystems, Inc. Apparatus and method for handling memory access requests in a data processing system
US6771385B1 (en) * 1999-03-03 2004-08-03 Konica Corporation Method of using a server connected with a network and a server system
US6191660B1 (en) * 1999-03-24 2001-02-20 Cypress Semiconductor Corp. Programmable oscillator scheme
US6753739B1 (en) * 1999-03-24 2004-06-22 Cypress Semiconductor Corp. Programmable oscillator scheme
JP2000286737A (en) * 1999-03-30 2000-10-13 Kokusai Electric Co Ltd Amplifier
US6587947B1 (en) * 1999-04-01 2003-07-01 Intel Corporation System and method for verification of off-chip processor code
US7002702B1 (en) * 1999-04-09 2006-02-21 Canon Kabushiki Kaisha Data processing apparatus and data processing method for controlling plural peripheral devices to provide function
US6775022B2 (en) * 1999-04-14 2004-08-10 Canon Kabushiki Kaisha Printer control based on head alignment
US6390579B1 (en) * 1999-04-15 2002-05-21 Hewlett-Packard Company Pulse width modulator using delay-line technology with automatic calibration of delays to desired operating frequency
AUPP996099A0 (en) * 1999-04-23 1999-05-20 Silverbrook Research Pty Ltd A method and apparatus(sprint01)
JP3389186B2 (en) * 1999-04-27 2003-03-24 松下電器産業株式会社 Semiconductor memory card and reading device
US6312074B1 (en) * 1999-04-30 2001-11-06 Hewlett-Packard Company Method and apparatus for detecting fluid level in a fluid container
US6269164B1 (en) * 1999-05-17 2001-07-31 Paul Pires Method of and system for encrypting messages
US7035812B2 (en) * 1999-05-28 2006-04-25 Overture Services, Inc. System and method for enabling multi-element bidding for influencing a position on a search result list generated by a computer network search engine
US6711677B1 (en) * 1999-07-12 2004-03-23 Hewlett-Packard Development Company, L.P. Secure printing method
US6947903B1 (en) * 1999-08-06 2005-09-20 Elcommerce.Com.Inc. Method and system for monitoring a supply-chain
US6757831B1 (en) * 1999-08-18 2004-06-29 Sun Microsystems, Inc. Logic block used to check instruction buffer configuration
US7093137B1 (en) * 1999-09-30 2006-08-15 Casio Computer Co., Ltd. Database management apparatus and encrypting/decrypting system
JP4497689B2 (en) * 1999-10-01 2010-07-07 キヤノン株式会社 Printing device, exchange unit, and memory unit
US6655768B1 (en) * 1999-10-04 2003-12-02 Seiko Epson Corporation Semiconductor integrated circuit, ink cartridge, and inkjet recording device
JP2001162841A (en) * 1999-12-07 2001-06-19 Seiko Epson Corp Printing of parallel bidirectional printing or unidirectional printing for every type of ink
JP2001211154A (en) * 2000-01-25 2001-08-03 Murata Mach Ltd Secret key generating method, ciphering method, and cipher communication method
JP3587751B2 (en) * 2000-01-25 2004-11-10 村田機械株式会社 Common key generator, encryption communication method, encryption communication system, and recording medium
US6850337B1 (en) * 2000-01-31 2005-02-01 Hewlett-Packard Development Company, L.P. Methods and arrangement for providing and using printer configuration status information
US6757832B1 (en) * 2000-02-15 2004-06-29 Silverbrook Research Pty Ltd Unauthorized modification of values in flash memory
AUPQ595900A0 (en) * 2000-03-02 2000-03-23 Silverbrook Research Pty Ltd Modular printhead
FR2807245B1 (en) * 2000-03-30 2002-05-24 France Telecom METHOD FOR PROTECTING A CHIP FROM FRAUD
CN1293482C (en) * 2000-04-06 2007-01-03 索尼公司 Storage area dividing method for portable device
WO2001077837A1 (en) * 2000-04-11 2001-10-18 Mathis Richard M Method and apparatus for computer memory protection and verification
US7016898B1 (en) * 2000-04-14 2006-03-21 International Business Machines Corporation Extension of browser web page content labels and password checking to communications protocols
JP4387553B2 (en) * 2000-04-27 2009-12-16 キヤノン株式会社 Printing control apparatus and method and information processing apparatus and method
JP4681751B2 (en) * 2000-05-01 2011-05-11 キヤノン株式会社 Recording apparatus and recording method
JP2002033271A (en) * 2000-05-12 2002-01-31 Nikon Corp Projection exposure method, device manufacturing method using it, and projection aligner
US6545950B1 (en) * 2000-05-16 2003-04-08 Ericsson Inc. Methods, systems, wireless terminals, and computer program products for calibrating an electronic clock using a base reference signal and a non-continuous calibration reference signal having greater accuracy than the base reference signal
AUPQ766300A0 (en) 2000-05-22 2000-06-15 Canon Kabushiki Kaisha Defective nozzle compensation
US6859289B1 (en) * 2000-05-23 2005-02-22 Silverbrook Research Pty Ltd Print engine/controller with color mask
DE60124202T8 (en) * 2000-05-30 2008-03-20 Seiko Epson Corp. ADJUSTING THE POINT POSITIONING SHIFTING OF A PRINTER
US6807225B1 (en) * 2000-05-31 2004-10-19 Conexant Systems, Inc. Circuit and method for self trimming frequency acquisition
US6581111B1 (en) * 2000-06-02 2003-06-17 Advanced Micro Devices, Inc. Out-of-order probing in an in-order system
FR2810139B1 (en) * 2000-06-08 2002-08-23 Bull Cp8 METHOD FOR SECURING THE PRE-INITIALIZATION PHASE OF AN ON-BOARD ELECTRONIC CHIP SYSTEM, ESPECIALLY A CHIP CARD, AND ON-BOARD SYSTEM IMPLEMENTING THE METHOD
US6816750B1 (en) * 2000-06-09 2004-11-09 Cirrus Logic, Inc. System-on-a-chip
US6515304B1 (en) 2000-06-23 2003-02-04 International Business Machines Corporation Device for defeating reverse engineering of integrated circuits by optical means
AU5374100A (en) * 2000-06-30 2002-01-14 Silverbrook Res Pty Ltd Ink jet fault tolerance using extra ink dots
US6467870B2 (en) * 2000-07-21 2002-10-22 Fuji Photo Film Co., Ltd. Recording head
US6816923B1 (en) * 2000-07-31 2004-11-09 Webtv Networks, Inc. Arbitrating and servicing polychronous data requests in direct memory access
US6453196B1 (en) * 2000-08-07 2002-09-17 Cardiac Pacemakers, Inc. High frequency oscillator for implantable medical devices
US6445232B1 (en) * 2000-08-31 2002-09-03 Xilinx, Inc. Digital clock multiplier and divider with output waveform shaping
US6252471B1 (en) * 2000-09-29 2001-06-26 Motorola Inc. Programmable oscillator using magnetoresistive memory technology
US7273483B2 (en) * 2000-10-20 2007-09-25 Ethicon Endo-Surgery, Inc. Apparatus and method for alerting generator functions in an ultrasonic surgical system
US7360080B2 (en) * 2000-11-03 2008-04-15 International Business Machines Corporation Non-transferable anonymous credential system with optional anonymity revocation
KR100358919B1 (en) * 2000-11-18 2002-10-31 주식회사 메모리앤테스팅 Semiconductor testing using Master-slave technique
EP1211516B1 (en) * 2000-11-30 2007-06-06 STMicroelectronics S.r.l. Circuit architecture for performing a trimming operation on integrated circuits
US6561627B2 (en) * 2000-11-30 2003-05-13 Eastman Kodak Company Thermal actuator
US6565174B2 (en) * 2000-12-15 2003-05-20 Hitachi Koki Co., Ltd. Ink jet recording device
JP2002215258A (en) * 2001-01-23 2002-07-31 Mitsubishi Electric Corp Semiconductor integrated circuit device
US6877833B2 (en) * 2001-01-31 2005-04-12 Canon Kabushiki Kaisha Printing data producing method for printing apparatus
JP2002254611A (en) * 2001-02-28 2002-09-11 Canon Inc Recording device and selection method for recording head performance data
ATE508533T1 (en) * 2001-03-03 2011-05-15 Optimum Power Technology Lp ARRANGEMENT AND METHOD FOR SAMPLING FREQUENCY-DEPENDENT SETTING OF A FILTER FREQUENCY
JP3578097B2 (en) * 2001-03-16 2004-10-20 日立プリンティングソリューションズ株式会社 Charge deflecting device and ink jet printer using the same
US7203837B2 (en) * 2001-04-12 2007-04-10 Microsoft Corporation Methods and systems for unilateral authentication of messages
US6734538B1 (en) * 2001-04-12 2004-05-11 Bae Systems Information & Electronic Systems Integration, Inc. Article comprising a multi-layer electronic package and method therefor
JP4065492B2 (en) * 2001-05-15 2008-03-26 キヤノン株式会社 Inkjet printing apparatus, inkjet printing method, program, and computer-readable storage medium storing the program
US7051332B2 (en) * 2001-05-21 2006-05-23 Cyberscan Technology, Inc. Controller having a restart engine configured to initiate a controller restart cycle upon receipt of a timeout signal from a watchdog timer
DE10125164C1 (en) * 2001-05-23 2003-01-16 Infineon Technologies Ag Semiconductor chip with trimmable oscillator
US6672697B2 (en) * 2001-05-30 2004-01-06 Eastman Kodak Company Compensation method for overlapping print heads of an ink jet printer
FI114416B (en) * 2001-06-15 2004-10-15 Nokia Corp Method for securing the electronic device, the backup system and the electronic device
US6604808B2 (en) * 2001-07-03 2003-08-12 Lexmark International, Inc. Method for determining the skew of a printhead of a printer
US6559629B1 (en) * 2001-07-09 2003-05-06 Cygnal Integrated Products, Inc. Supply voltage monitor using bandgap device without feedback
US7313824B1 (en) * 2001-07-13 2007-12-25 Liquid Machines, Inc. Method for protecting digital content from unauthorized use by automatically and dynamically integrating a content-protection agent
US20030011040A1 (en) * 2001-07-13 2003-01-16 Motorola, Inc. Active feedback circuit for gain linearization
US7137000B2 (en) * 2001-08-24 2006-11-14 Zih Corp. Method and apparatus for article authentication
EP1293856A1 (en) * 2001-09-18 2003-03-19 EM Microelectronic-Marin SA Secure integrated circuit having confidential parts and a method for activating the circuit
TW532025B (en) * 2001-09-25 2003-05-11 Admtek Inc Data encryption and decryption method and apparatus therefor
US6741253B2 (en) * 2001-10-09 2004-05-25 Micron Technology, Inc. Embedded memory system and method including data error correction
US6595619B2 (en) * 2001-10-30 2003-07-22 Hewlett-Packard Development Company, L.P. Printing mechanism service station for a printbar assembly
US6650589B2 (en) * 2001-11-29 2003-11-18 Intel Corporation Low voltage operation of static random access memory
KR100454123B1 (en) * 2001-12-06 2004-10-26 삼성전자주식회사 Semiconductor integrated circuit devices and modules with the same
US6969149B2 (en) * 2001-12-18 2005-11-29 Sony Corporation Print head
US6925539B2 (en) * 2002-02-06 2005-08-02 Seagate Technology Llc Data transfer performance through resource allocation
US6829689B1 (en) * 2002-02-12 2004-12-07 Nvidia Corporation Method and system for memory access arbitration for minimizing read/write turnaround penalties
JP3967935B2 (en) * 2002-02-25 2007-08-29 株式会社日立製作所 Alignment accuracy measuring apparatus and method
US6820972B2 (en) * 2002-03-29 2004-11-23 Hewlett-Packard Development Company, L.P. Printing cartridge pigment replenishment apparatus and method
NL1020312C2 (en) * 2002-04-05 2003-10-07 Otb Groep B V Method and device for manufacturing a display, such as for example a polymeric OLED display, a display and a substrate for use in the method.
US6738788B1 (en) * 2002-04-17 2004-05-18 Icid, Llc Database system using a record key having some randomly positioned, non-deterministic bits
US6809606B2 (en) 2002-05-02 2004-10-26 Intel Corporation Voltage ID based frequency control for clock generating circuit
US6637860B1 (en) * 2002-05-13 2003-10-28 Creo Srl High throughput inkjet printer with provision for spot color printing
US7149857B2 (en) * 2002-05-14 2006-12-12 Micron Technology, Inc. Out of order DRAM sequencer
US6767073B2 (en) * 2002-05-14 2004-07-27 Wellspring Trust High-speed, high-resolution color printing apparatus and method
JP3707558B2 (en) * 2002-08-26 2005-10-19 セイコーエプソン株式会社 Liquid jet head
US6764155B2 (en) * 2002-09-09 2004-07-20 Hewlett-Packard Development Company, L.P. System and method for compensating for non-functional ink cartridge ink jet nozzles
US6895475B2 (en) 2002-09-30 2005-05-17 Analog Devices, Inc. Prefetch buffer method and apparatus
US6778024B2 (en) * 2002-11-14 2004-08-17 Gennum Corporation Dynamically trimmed voltage controlled oscillator
US20040201647A1 (en) * 2002-12-02 2004-10-14 Mark Jackson Pulver Stitching of integrated circuit components
US6819195B1 (en) * 2003-03-07 2004-11-16 Ami Semiconductor, Inc. Stimulated quick start oscillator
US7206928B2 (en) * 2003-06-03 2007-04-17 Digi International Inc. System boot method
JP2005049970A (en) * 2003-07-30 2005-02-24 Renesas Technology Corp Semiconductor integrated circuit
US6900675B2 (en) * 2003-09-02 2005-05-31 Standard Microsystems Corporation All digital PLL trimming circuit
US7444564B2 (en) 2003-11-19 2008-10-28 International Business Machines Corporation Automatic bit fail mapping for embedded memories with clock multipliers
US7071751B1 (en) * 2004-12-17 2006-07-04 Xilinx, Inc. Counter-controlled delay line

Patent Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5835424A (en) * 1994-09-09 1998-11-10 Matsushita Electric Industrial Co., Ltd. Semiconductor memory
US5621698A (en) * 1994-12-31 1997-04-15 Hyundai Electronics Industries Co., Ltd. Data signal distribution circuit for synchronous memory device
US5581198A (en) * 1995-02-24 1996-12-03 Xilinx, Inc. Shadow DRAM for programmable logic devices
US5673316A (en) * 1996-03-29 1997-09-30 International Business Machines Corporation Creation and distribution of cryptographic envelope
US7194629B2 (en) * 1997-07-15 2007-03-20 Silverbrook Research Pty Ltd Apparatus for authenticating memory space of an authorized accessory
US6246970B1 (en) * 1998-07-10 2001-06-12 Silverbrook Research Pty Ltd Method for making a chip tamper-resistant
US6327199B1 (en) * 1998-10-09 2001-12-04 Micron Technology, Inc. Method for testing memory devices
US6651149B1 (en) * 1998-12-10 2003-11-18 Kabushiki Kaisha Toshiba Data storage medium with certification data
US6354689B1 (en) * 1998-12-22 2002-03-12 Eastman Kodak Company Method of compensating for malperforming nozzles in a multitone inkjet printer
US7124170B1 (en) * 1999-08-20 2006-10-17 Intertrust Technologies Corp. Secure processing unit systems and methods
US20020060707A1 (en) * 2000-02-15 2002-05-23 Chia-Lei Yu Ink jet printer with a compensation function for malfunctioning nozzles
US7200759B2 (en) * 2001-06-08 2007-04-03 Safenet B.V. Method and device for making information contents of a volatile semiconductor memory irretrievable
US7192114B2 (en) * 2003-09-24 2007-03-20 Canon Kabushiki Kaisha Printing apparatus and printing method
US20050286287A1 (en) * 2004-06-17 2005-12-29 Samsung Electronics Co., Ltd. Complementary nonvolatile memory device, methods of operating and manufacturing the same, logic device and semiconductor device including the same, and reading circuit for the same

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9767271B2 (en) 2010-07-15 2017-09-19 The Research Foundation For The State University Of New York System and method for validating program execution at run-time
US9767284B2 (en) 2012-09-14 2017-09-19 The Research Foundation For The State University Of New York Continuous run-time validation of program execution: a practical approach

Also Published As

Publication number Publication date
US7770008B2 (en) 2010-08-03
US20080155826A1 (en) 2008-07-03
US20100039467A1 (en) 2010-02-18
US7747646B2 (en) 2010-06-29
US20090125720A1 (en) 2009-05-14
US20100238213A1 (en) 2010-09-23
US20060052962A1 (en) 2006-03-09
US7611215B2 (en) 2009-11-03
US20090073196A1 (en) 2009-03-19
US7805626B2 (en) 2010-09-28
US7278034B2 (en) 2007-10-02
US20090058903A1 (en) 2009-03-05
US20070211285A1 (en) 2007-09-13
US7783886B2 (en) 2010-08-24
DK1572463T3 (en) 2011-07-25
US20050160316A1 (en) 2005-07-21
US7165824B2 (en) 2007-01-23
US7278697B2 (en) 2007-10-09
US7399043B2 (en) 2008-07-15
US20090273389A1 (en) 2009-11-05
US20040199786A1 (en) 2004-10-07
US20040196320A1 (en) 2004-10-07
US20040225881A1 (en) 2004-11-11
US20040201647A1 (en) 2004-10-14
EP1572463B1 (en) 2011-04-06
US20040181303A1 (en) 2004-09-16
US7592829B2 (en) 2009-09-22
US7152942B2 (en) 2006-12-26
US7096137B2 (en) 2006-08-22
US20040223010A1 (en) 2004-11-11
US20080170093A1 (en) 2008-07-17
US20100223453A1 (en) 2010-09-02
US20050166040A1 (en) 2005-07-28
US7722146B2 (en) 2010-05-25
US20040143710A1 (en) 2004-07-22
US20040183843A1 (en) 2004-09-23
US20060214977A1 (en) 2006-09-28
US20070006150A9 (en) 2007-01-04
US20040201939A1 (en) 2004-10-14
US7465005B2 (en) 2008-12-16
US20080150997A1 (en) 2008-06-26
US20060242496A1 (en) 2006-10-26
US7302592B2 (en) 2007-11-27
US20060071951A1 (en) 2006-04-06
US7610163B2 (en) 2009-10-27
US20080117243A1 (en) 2008-05-22
US7540579B2 (en) 2009-06-02
US7747887B2 (en) 2010-06-29
US7523111B2 (en) 2009-04-21
US20050152596A1 (en) 2005-07-14
US20040221287A1 (en) 2004-11-04
CA2508141C (en) 2009-11-03
US7377608B2 (en) 2008-05-27
US20090251502A1 (en) 2009-10-08
CA2508141A1 (en) 2004-06-17
US20050182985A1 (en) 2005-08-18
US20060259258A1 (en) 2006-11-16
WO2004050369A9 (en) 2005-05-12
US20050177633A1 (en) 2005-08-11
US20060071981A1 (en) 2006-04-06
US7996880B2 (en) 2011-08-09
US20040193880A1 (en) 2004-09-30
ATE504446T1 (en) 2011-04-15
US8038239B2 (en) 2011-10-18
US7181572B2 (en) 2007-02-20
US8005636B2 (en) 2011-08-23
EP1572463A4 (en) 2008-07-02
US7171323B2 (en) 2007-01-30
US20080086655A1 (en) 2008-04-10
EP1572463A1 (en) 2005-09-14
US7976116B2 (en) 2011-07-12
US7831827B2 (en) 2010-11-09
US7818519B2 (en) 2010-10-19
US7188282B2 (en) 2007-03-06
US20100010767A1 (en) 2010-01-14
US7800410B2 (en) 2010-09-21
WO2004050369A1 (en) 2004-06-17
US7328115B2 (en) 2008-02-05
US7467839B2 (en) 2008-12-23
US20040249757A1 (en) 2004-12-09
US7707621B2 (en) 2010-04-27
US20110074850A1 (en) 2011-03-31
US20040189731A1 (en) 2004-09-30
US20080259711A1 (en) 2008-10-23
US7121639B2 (en) 2006-10-17
DE60336677D1 (en) 2011-05-19
US20060082609A1 (en) 2006-04-20
US20040227205A1 (en) 2004-11-18
US7360131B2 (en) 2008-04-15
US20050188218A1 (en) 2005-08-25
US20050213761A1 (en) 2005-09-29
US20040189355A1 (en) 2004-09-30
US7573301B2 (en) 2009-08-11
US20040243978A1 (en) 2004-12-02
US7660998B2 (en) 2010-02-09
US20100134541A1 (en) 2010-06-03

Similar Documents

Publication Publication Date Title
US7805626B2 (en) Print engine having authentication device for disabling memory writing upon power drop
US20090319802A1 (en) Key Genaration In An Integrated Circuit
US20050210179A1 (en) Integrated circuit having random clock or random delay
US20040174570A1 (en) Variable size dither matrix usage
AU2003302611A1 (en) Dead nozzle compensation

Legal Events

Date Code Title Description
AS Assignment

Owner name: SILVERBROOK RESEARCH PTY LTD, AUSTRALIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:WALMSLEY, SIMON ROBERT;PLUNKETT, RICHARD THOMAS;REEL/FRAME:022974/0801

Effective date: 20031128

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION