Apparatus and methods for stabilization of processors, operating systems and other hardware and/or software configurations

US 20080098205A1
Filed: 09/24/2007
Published: 04/24/2008
Est. Priority Date: 10/24/2006
Status: Active Grant

First Claim

Patent Images

1. A method for converting a processor, having a plurality of states and being operative to execute software operations stored in a memory device, into a self-stabilizing processor, the method comprising:

providing self-stabilizing watchdog hardware that, with given timing, interacts with the processor, in accordance with an interaction sequence that includes at least one trigger that sets the processor to a known state from among a set of at least one known states.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Apparatus and methods for converting a processor, having a plurality of states and being operative to execute software operations stored in a memory device, into a self-stabilizing processor, comprising providing self-stabilizing watchdog hardware that, with given timing, interacts with the processor, in accordance with an interaction sequence that includes at least one trigger that sets the processor to a known state from among a set of at least one known states. Also described are applications for stabilization of operating systems and other hardware or software configurations, apparatus and methods for ensuring eventual invariance of software executed by a processor, and apparatus and methods for enforcing fixed software configurations.

38 Citations

View as Search Results

25 Claims

1. A method for converting a processor, having a plurality of states and being operative to execute software operations stored in a memory device, into a self-stabilizing processor, the method comprising:
- providing self-stabilizing watchdog hardware that, with given timing, interacts with the processor, in accordance with an interaction sequence that includes at least one trigger that sets the processor to a known state from among a set of at least one known states.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 14, 18, 19, 20, 21, 22, 23, 24, 25)
- - 2. A method according to claim 1 and also comprising resetting the processor at intervals, using said self-stabilizing watchdog hardware.
  - 3. A method according to claim 2 wherein said resetting occurs responsive to a software request.
  - 4. A method according to claim 3 wherein said resetting is repeated if a predetermined time interval has elapsed without software requests.
  - 5. A method according to claim 1 wherein the interaction sequence comprises provision of notification to the processor that said trigger is about to become operative.
  - 6. A method according to claim 1 and also comprising providing a set of at least one software segments operative to store information which is to survive reset for continued use after reset.
  - 7. A method according to claim 1 and also comprising providing software segments for execution by said processor after said trigger, said software segments being operative to check whether the current state of the system comprising said processor and said memory device is consistent and if not, to convert said current state into a consistent state.
  - 14. A method according to claim 5 and also comprising providing a set of at least one software segments operative to store information which is to survive reset for continued use after reset.
  - 18. A method according to claim 1 and also comprising:
    - providing a processor utilizing system which utilizes said processor;
      
      providing at least one design software segment operative to perform a check determining whether a current state of said processor utilizing system is consistent; and
      
      ensuring periodic execution of said check by at least one design software segment.
  - 19. A method according to claim 18 wherein said processor utilizing system comprises an operating system.
  - 20. A method according to claim 18 wherein said processor utilizing system comprises a virtual machine monitor executing a plurality of virtual systems which all share said processor.
  - 21. A method according to claim 20 wherein at least one of the virtual systems executed by the virtualization system comprises a monitoring virtual system which monitors the remaining ones of the virtual systems executed by the virtualization system.
  - 22. A method according to claim 21 wherein the monitoring virtual system has access to all variables accessed by the virtualization system.
  - 23. A method according to claim 20 wherein said processor is operative to serve an element of a communication network having a communication protocol and a bandwidth and wherein said plurality of virtual systems executed by said virtual machine monitor comprises:
    - an operating system of said communication network element; and
      
      a communication protocol manager which manages the communication protocol,thereby to generate a plurality of separate and separately stabilizing virtual communication layers each having a communication capacity, and each secured from influence of the others'"'"' activity.
  - 24. A method according to claim 23 wherein said element of a communication network comprises a router.
  - 25. A method according to claim 23 and also comprising configuring said monitoring virtual system to allot at least a constant minimal share of said bandwidth to said communication protocol manager.

8. A method for ensuring eventual invariance of execution of software by a processor in that the software will only branch to an address which satisfies a sanity check, the method comprising:
- adding a sanity check code segment prior to at least one control branch in the software; and
  
  at bounded intervals, during run-time, if the processor is found to be within a pre-branch segment comprising the sanity check segment and terminating at the next branch, ensuring that the processor has executed the sanity check in its entirety.
- View Dependent Claims (9, 10, 17)
- - 9. A method according to claim 8 wherein said ensuring step comprises forcing the processor to repeat said sanity check if the processor is found to be within said pre-branch segment.
  - 10. A method according to claim 9 and also comprising:
    - providing self-stabilizing watchdog hardware that, with given timing, interacts with the processor, in accordance with an interaction sequence that includes at least one trigger that sets the processor to a known state from among a set of at least one known states, andproviding software segments for execution by said processor after said trigger, said software segments being operative to check whether the current state of the system comprising said processor and said memory device is within a pre-branch segment having a starting point and if so, returning the system to said starting point.
  - 17. A method according to claim 8 which is additionally operative to execute a sanity check before executing at least one non-branch command which is not a branch command, including adding sanity check segments prior to at least one non-branch command, thereby to ensure that once said adding and ensuring steps have been performed, any sanity check segment which is executed prior to a sanity checked command and which is designed to start in any possible software state, is executed entirely.

11. A method for enforcing a fixed software configuration notwithstanding occurrence of transient errors, the method comprising:
- in the course of generating software which assigns values to a plurality of variables, defining at least one variable as a configurational variable;
  
  hard-wiring the values of said at least one configurational variable; and
  
  redirecting at least one subsequent access attempt of at least one individual configurational variable, to the hard-wired value of said individual configurational variable.
- View Dependent Claims (12, 13)
- - 12. A method according to claim 11 and wherein said hard-wiring step is performed when the values of all configuration variables defined in said defining step, are final according to a finality determination criterion.
  - 13. A method according to claim 12 wherein said finality determination criterion comprises an input by a human operator.

15. Apparatus for converting a processor, having a plurality of states and being operative to execute software operations stored in a memory device, into a self-stabilizing processor, the apparatus comprising:
- self-stabilizing watchdog hardware that, with given timing, interacts with the processor, in accordance with an interaction sequence that includes at least one trigger that sets the processor to a known state from among a set of at least one known states.

16. A system for ensuring eventual invariance of execution of software by a processor in that the software will only branch to an address which satisfies a sanity check, the system comprising:
- a sanity check completion check functionality operative at bounded intervals, during run-time, each time that the processor is found to be within a pre-branch segment comprising a sanity check segment and terminating at the next of at least one control branches in said software, to ensure that the processor has executed the sanity check in its entirety.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Avraham Yinnon Haviv, Shlomi Dolve
Original Assignee
Avraham Yinnon Haviv, Shlomi Dolve
Inventors
Dolve, Shlomi, Haviv, Avraham Yinnon

Granted Patent

US 7,971,104 B2
Time in Patent Office

Days
Field of Search
US Class Current

712/220
CPC Class Codes

G06F 11/0721   within a central processing...

G06F 11/0757   by exceeding a time limit, ...

G06F 11/0793   Remedial or corrective acti...

Apparatus and methods for stabilization of processors, operating systems and other hardware and/or software configurations

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

38 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus and methods for stabilization of processors, operating systems and other hardware and/or software configurations

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

38 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links