Hardware-aided software code measurement

US 20070107056A1
Filed: 05/05/2006
Published: 05/10/2007
Est. Priority Date: 11/09/2005
Status: Active Grant

First Claim

Patent Images

1. In a computing environment, a system comprising:

an independent computation environment contained at least in part in a set of one or more hardware components; and

hosted logic of the independent computation environment that measures the health of at least one set of software code that is in memory to cause an action if the set of software code is measured to be unhealthy according to policy data.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Described is an independent computation environment that is built into one or more hardware components of a computer system, wherein the independent computation environment hosts a logic that measures the health of other software code that executes in memory. Examples of ways to measure health include performing a mathematical computation such as a computing a hash/digital signature on the software code in the memory, and/or evaluating statistical information related to the execution of the code and/or the code'"'"'s being loaded into memory. By executing the logic in an independent computation environment, the health of software code may be measured against policy/metadata in a tamper-proof or tamper-resistant environment. When the software code measurement does not comply with the policy, some action may be taken action to penalize the computer system.

62 Citations

View as Search Results

23 Claims

1. In a computing environment, a system comprising:
- an independent computation environment contained at least in part in a set of one or more hardware components; and
  
  hosted logic of the independent computation environment that measures the health of at least one set of software code that is in memory to cause an action if the set of software code is measured to be unhealthy according to policy data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The system of claim 1 wherein the independent computation environment is incorporated at least in part in a separate hardware component.
  - 3. The system of claim 1 wherein the independent computation environment is incorporated at least in part in a hardware component that performs at least one other computing function.
  - 4. The system of claim 3 wherein the independent computation environment is incorporated at least in part into a central processing unit.
  - 5. The system of claim 1 further comprising a memory watch component that watches at least one location in the memory corresponding to the measured set of code and alerts the hosted logic of any change at a watched location.
  - 6. The system of claim 5 wherein the memory watch component alerts the hosted logic of any change at a watched location including while the hosted logic is currently measuring the health of the at least one set of software code.
  - 7. The system of claim 1 wherein the independent computation environment includes at least one interface for communication with an operating system.
  - 8. The system of claim 1 further comprising a set of one or more registers that maintain information regarding the operation of at least one set of software code, the information being accessible to the hosted logic to evaluate against policy data.

9. In a computer system, a method comprising:
- executing logic in an independent computation environment that is incorporated in hardware coupled to the computer system; and
  
  measuring, via the logic, the health of software code that is loaded into memory based on policy associated with the software code.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17)
- - 10. The method of claim 9 wherein measuring the health comprises validating the integrity and/or authenticity of the software code.
  - 11. The method of claim 9 wherein measuring the health comprises performing a mathematical computation on the software code in the memory to obtain a result and evaluating the result against a value in metadata associated with the policy.
  - 12. The method of claim 9 wherein measuring the health comprises evaluating statistical information gathered during operation of the software code against metadata associated with the policy.
  - 13. The method of claim 9 wherein measuring the health comprises evaluating metadata associated with the software code.
  - 14. The method of claim 13 wherein evaluating the metadata comprises evaluating at least one of:
    - a digital signature, a certificate, and/or statistics associated with the software code.
  - 15. The method of claim 9 wherein measuring the health determines that the software code is not healthy, and further comprising, taking action that will result in penalizing the computer system'"'"'s state.
  - 16. The method of claim 9 wherein taking action includes at least one of halting the computer system, rebooting the computer system, locking the computer system, slowing down the computer system, limiting memory usage, slowing input/output operations, affecting a process via trap instructions, and affecting a process by overwriting process code.
  - 17. The method of claim 9 wherein measuring the health determines that the software code is not healthy, and further comprising changing at least temporarily a technique for further measurement of the health of the software code.

18. At least one computer-readable medium having computer-executable instructions, which when executed perform steps, comprising:
- (a) executing logic in an independent computation environment that exists in hardware coupled to the computer system;
  
  (b) measuring via the logic whether a set of software code complies with policy data, and, (1) when the set of software code complies, returning to step (a) according to other policy data, and (2) when the set of software code does not comply, taking action that will result in penalizing the computer system'"'"'s state.
- View Dependent Claims (19, 20, 21, 22, 23)
- - 19. The computer-readable medium of claim 18 wherein the set of software code complies, and wherein the other policy data causes a return to step (a) after a delay.
  - 20. The computer-readable medium of claim 19 wherein the logic communicates information to the operating system informing the operating system that memory corresponding to the code may be repurposed during the delay.
  - 21. The computer-readable medium of claim 18 wherein measuring whether the set of software code complies with the policy data comprises evaluating statistical information gathered during operation of the software code against the policy data.
  - 22. The computer-readable medium of claim 21 wherein evaluating the statistical information comprises performing at least one action of a set of possible actions, the set containing:
    - determining how an instruction pointer gets into and out of specified a memory range of interest, determining how often the software code is in memory, determining how often at least one instruction of the software code is executed, determining an expected value of a register at a certain instruction, and determining a relationship between the expected values of a plurality of registers and memory addresses.
  - 23. The computer-readable medium of claim 18 wherein measuring whether the set of software code complies with the policy data comprises performing a mathematical computation on the software code in the memory to obtain a result.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Zhigu Holdings Limited
Original Assignee
Microsoft Corporation
Inventors
Xu, Zhangwei, Frank, Alexander, Steeb, Curt

Granted Patent

US 8,112,798 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/22
CPC Class Codes

G06F 11/0706 the processing taking place...

G06F 11/0751 Error or fault detection no...

Hardware-aided software code measurement

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

62 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Hardware-aided software code measurement

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

62 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links