PCI/PCIe-non-compliance-vulnerability detection apparatus and method

US 10,642,678 B1
Filed: 01/21/2019
Issued: 05/05/2020
Est. Priority Date: 06/06/2013
Status: Active Grant

First Claim

Patent Images

1. A method of semi-automated detection of vulnerability of a computing system, consequent to specification non-compliance of the computing system with respect to at least one of PCI and PCI Express (PCIe) features thereof, the method comprising:

identifying a target component, addressable in the computing system and comprising at least one of a PCI component and a PCI Express component;

obtaining a set of first addresses corresponding to the target component and controlling at least one of control and configuration of the target component;

selecting second addresses constituting a subset of the first addresses; and

performing, for each second address of the subset, steps comprisingselecting, the each second address as a target address,accessing the target address,determining a system failure, of at least one of the computing system, the processor, and the target component, resulting from the accessing, anddocumenting consequences of the accessing.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Identifying and selecting a specific component of a computing system, typically by accessing its PCI and PCI Express (PCIe) configuration address space, an apparatus and method discover actual control or configuration addresses and characterize each as documented, partially documented, reserved, partially reserved, documented reserved test, partially documented reserved test, or undocumented. A filtered subset is tested by accessing each address contained in the subset, and verifying either continuity or failure of operation of the tested component or the system in response to that access. Attempting to read from or write to (or both) subset addresses proves the component and system to be compliant or non-compliant with the specification.

Citations

17 Claims

1. A method of semi-automated detection of vulnerability of a computing system, consequent to specification non-compliance of the computing system with respect to at least one of PCI and PCI Express (PCIe) features thereof, the method comprising:
- identifying a target component, addressable in the computing system and comprising at least one of a PCI component and a PCI Express component;
  
  obtaining a set of first addresses corresponding to the target component and controlling at least one of control and configuration of the target component;
  
  selecting second addresses constituting a subset of the first addresses; and
  
  performing, for each second address of the subset, steps comprisingselecting, the each second address as a target address,accessing the target address,determining a system failure, of at least one of the computing system, the processor, and the target component, resulting from the accessing, anddocumenting consequences of the accessing.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, wherein the selecting second addresses is based on a representation thereof as comprising at least one of a documented reserved address, documented reserved test address, partially documented reserved address, partially documented reserved test address;
    - and undocumented address.
  - 3. The method of claim 2, wherein the representation comprises a specification of the target component authorized by a manufacturer thereof.
  - 4. The method of claim 1, wherein a condition exists, including at least one of:
    - a correspondence existing between the target address and one of a register address, a memory address, and an input/output address; and
      
      the component being one of a physical component, a virtual component, a simulated component, and an emulated component.
  - 5. The method of claim 1, wherein accessing constitutes at least one of reading from the target address;
    - writing to the target address;
      
      writing to, followed by reading from, the target address;
      
      reading from, followed by writing to, the target address; and
      
      both reading from and writing to the target address, each thereof being performed at least once.
  - 6. The method of claim 1, wherein determining the system failure comprises:
    - identifying existing devices constituting at least one of PCI and PCI Express devices by issuing a PCI configuration read command for such devices possible in the computing system;
      
      comparing a first list of actual devices so identified, to a second list of PCI and PCI Express devices documented in a component datasheet provided from a manufacturer thereof; and
      
      reporting as a system failure a detection of specification-non-compliant operation between the first list and the second list.
  - 7. The method of claim 1, wherein determining the system failure comprises:
    - identifying any PCI and PCI Express devices documented by a component datasheet provided from a manufacturer thereof;
      
      comparing a first list of the documented devices identified against a second list of actual devices existing and constituting PCI and PCI Express devices detected by issuing a PCI configuration read command for such devices possible in the computing system; and
      
      reporting as a system failure a detection of specification-non-compliant operation constituted by inconsistency between the first list and the second list.
  - 8. The method of claim 7 comprising reporting by:
    - identifying the first list before creating the second list; and
      
      reporting upon occurrence, a first inconsistency between the first list and the second list during creation of the second list.
  - 9. The method of claim 1, wherein determining the system failure comprises:
    - setting a BIOS of the computing system to a configuration corresponding to at least one of a PCI configuration and a PCI Express configuration;
      
      creating a first list of any PCI and PCI Express device addresses from a component datasheet provided by a manufacturer thereof;
      
      selecting a target address from the first list;
      
      determining existence of the target device by issuing a PCI configuration read command directed to the target address;
      
      detecting a specification-non-compliant operation in response to the PCI configuration read command; and
      
      reporting as the system failure the detecting.
  - 10. The method of claim 9, wherein the specification-non-compliant operation comprises failing to determine existence of at least one of a PCI device and a PCI Express device corresponding to the target address.
  - 11. The method of claim 9, wherein the reporting comprises reporting a failure to find at least one of a PCI device and a PCI Express device corresponding to the target address.
  - 12. The method of claim 1 wherein the consequences include an absence of at least one of a PCI device and a PCI Express device corresponding to the target address.

13. An apparatus operable as a detector of PCI-Specification-non-compliant components interconnected in a computer system, the apparatus comprising:
- a processor implemented in a first chip capable of operably connecting in the computer system;
  
  a component, operably connected to a bus identified as at least one of PCI and PCI Express compliant based on compliance with at least one of a PCI specification and a PCI Express specification;
  
  the component, having a configuration address space including at least one of register addresses, memory addresses, and input/output addresses corresponding to the component;
  
  a memory comprising a computer-readable, non-transitory medium, operably connected to the processor and storing executables capable of being executed by the processor and accessing at least one of documented reserved addresses, documented reserved test addresses, partially documented reserved addresses, partially documented reserved test addresses, and undocumented addresses in the configuration address space by access methods specific to the component; and
  
  the processor, further programmed to determine a failure to function by at least one of the component and the computing system consequent to the accessing.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The apparatus of claim 13, wherein accessing comprises at least one of 1) reading from, 2) writing to 3) writing to, followed by reading from, 4) reading from, followed by writing to, and 5) both reading from and writing to (each performed at least once) the configuration access space.
  - 15. The apparatus of claim 13, wherein the processor is one of external to and embedded in the component, and the component comprises at least one of another processor, an embedded other processor, a System on Chip (SoC), a Super I/O, an embedded Super I/O, a bridge chipset, an embedded bridge chipset, a Northbridge chip, an embedded Northbridge chip, a Southbridge chip, an embedded Southbridge chip, and a device connected to the processor through one or more of the foregoing.
  - 16. The apparatus of claim 13, comprising a north bridge operably connected to the processor, south bridge operably connected to the north bridge, Super I/O operably connected to the south bridge, and individual device operably connected to at least one of the north bridge, the south bridge, and the Super I/O.
  - 17. The apparatus of claim 13, wherein the memory contains data structures comprising executables, each constituting one or more computer instructions capable of programming functionality in the processor, and operational data, processable by the processor as programmed by the executables, thereby implementing a semi-automated determining of vulnerability of a computing system, consequent to specification non-compliance of the computing system with respect to at least one of PCI and PCI Express features thereof, the data structures comprising:
    - a first executable capable of identifying a target component comprising at least one of a PCI component and PCI Express component, addressable in the computing system;
      
      a second executable capable of obtaining a set of first addresses corresponding to the target component and controlling at least one of control and configuration of the target component;
      
      a third executable capable of selecting second addresses constituting a subset of the first addresses; and
      
      a fourth executable capable of performing for each of the second addresses, steps comprisingselecting, the each of the second addresses as a target address,accessing the target address,determining whether the accessing causes a system failure of the one of the processor, the component, and the computing system, anddocumenting consequences of the accessing.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Phillip M. Adams
Original Assignee
Phillip M. Adams
Inventors
Adams, Phillip M.
Primary Examiner(s)
Pearson, David J

Application Number

US16/253,017
Time in Patent Office

470 Days
Field of Search
US Class Current
CPC Class Codes

G06F 11/0706   the processing taking place...

G06F 11/0751   Error or fault detection no...

G06F 11/079   Root cause analysis, i.e. e...

G06F 21/577   Assessing vulnerabilities a...

G06F 2221/034   Test or assess a computer o...

PCI/PCIe-non-compliance-vulnerability detection apparatus and method

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

PCI/PCIe-non-compliance-vulnerability detection apparatus and method

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links