PCI/PCIe-non-compliance-vulnerability detection apparatus and method
First Claim
1. A method of semi-automated detection of vulnerability of a computing system, consequent to specification non-compliance of the computing system with respect to at least one of PCI and PCI Express (PCIe) features thereof, the method comprising:
- identifying a target component, addressable in the computing system and comprising at least one of a PCI component and a PCI Express component;
obtaining a set of first addresses corresponding to the target component and controlling at least one of control and configuration of the target component;
selecting second addresses constituting a subset of the first addresses; and
performing, for each second address of the subset, steps comprisingselecting, the each second address as a target address,accessing the target address,determining a system failure, of at least one of the computing system, the processor, and the target component, resulting from the accessing, anddocumenting consequences of the accessing.
0 Assignments
0 Petitions
Accused Products
Abstract
Identifying and selecting a specific component of a computing system, typically by accessing its PCI and PCI Express (PCIe) configuration address space, an apparatus and method discover actual control or configuration addresses and characterize each as documented, partially documented, reserved, partially reserved, documented reserved test, partially documented reserved test, or undocumented. A filtered subset is tested by accessing each address contained in the subset, and verifying either continuity or failure of operation of the tested component or the system in response to that access. Attempting to read from or write to (or both) subset addresses proves the component and system to be compliant or non-compliant with the specification.
-
Citations
17 Claims
-
1. A method of semi-automated detection of vulnerability of a computing system, consequent to specification non-compliance of the computing system with respect to at least one of PCI and PCI Express (PCIe) features thereof, the method comprising:
-
identifying a target component, addressable in the computing system and comprising at least one of a PCI component and a PCI Express component; obtaining a set of first addresses corresponding to the target component and controlling at least one of control and configuration of the target component; selecting second addresses constituting a subset of the first addresses; and performing, for each second address of the subset, steps comprising selecting, the each second address as a target address, accessing the target address, determining a system failure, of at least one of the computing system, the processor, and the target component, resulting from the accessing, and documenting consequences of the accessing. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. An apparatus operable as a detector of PCI-Specification-non-compliant components interconnected in a computer system, the apparatus comprising:
-
a processor implemented in a first chip capable of operably connecting in the computer system; a component, operably connected to a bus identified as at least one of PCI and PCI Express compliant based on compliance with at least one of a PCI specification and a PCI Express specification; the component, having a configuration address space including at least one of register addresses, memory addresses, and input/output addresses corresponding to the component; a memory comprising a computer-readable, non-transitory medium, operably connected to the processor and storing executables capable of being executed by the processor and accessing at least one of documented reserved addresses, documented reserved test addresses, partially documented reserved addresses, partially documented reserved test addresses, and undocumented addresses in the configuration address space by access methods specific to the component; and the processor, further programmed to determine a failure to function by at least one of the component and the computing system consequent to the accessing. - View Dependent Claims (14, 15, 16, 17)
-
Specification