Computing infrastructure

US 8,706,914 B2
Filed: 11/13/2008
Issued: 04/22/2014
Est. Priority Date: 04/23/2007
Status: Expired due to Fees

First Claim

Patent Images

1. A dynamically reconfigurable computing infrastructure comprising:

at least three facilities at respective different geographical locations, each of said facilities being expendable so long as at least two others of said facilities survive, each facility having at least one grouping of computing nodes, the computing nodes further comprising;

(a) a memory;

(b) at least one processor;

(c) a first component configured to perform secure communications, computing, and data storage, retrieval, and processing functions;

(d) a second component configured to recognize and differentiate between computing nodes by their cryptographic identities and actual behaviors and determine whether at least one of an object, a subject, and an interaction is authorized or unauthorized;

(e) a third component configured to establish and maintain roles and trust relationships between computing nodes based on their locations, cryptographic identities, and actual behaviors, and to collaborate with other computing nodes to establish teams of nodes, at least one said team having members that are geographically distributed;

(f) a fourth component configured to use error-correcting codes to achieve Byzantine agreement and distributed decision-making;

(g) a fifth component configured to mutually associate nodes contained within the teams of nodes, wherein each such team of nodes is accountable for a portion of the aggregate responsibilities of the computing infrastructure; and

(h) a sixth component configured to timely publish selected aggregated resource information to the teams of nodes;

wherein the memory and at least one processor are configured with one or more integral hardware devices that collectively further comprise;

a seventh component configured to originate, intercept, monitor, translate, terminate, or respond to (“

intermediate”

) bus transactions for any system buses, memory buses, or I/O buses said component shares with said at least one processor, and at least one of;

an eighth component configured to present a dynamically reconfigurable boot environment to any processor or peripheral for which said eighth component may intermediate bus transactions;

a ninth component configured to present dynamically reconfigurable peripheral devices, further comprising any subset of emulated, locally attached, or remotely accessible devices, to any processor or peripheral for which said ninth component may intermediate bus transactions;

a tenth component configured to complement conventional IOMMU capabilities by presenting, to any processor or peripheral for which said tenth component may intermediate bus transactions, dedicated per-process registers and FIFO hardware devices that enable user-space input/output without system call overhead, within reconfigurable security constraints, said registers and FIFO devices further comprising system clocks, timers, hardware accelerators, and dedicated “

phantom”

peripheral devices emulated, projected, or otherwise presented by said component;

an eleventh component configured to perform or accelerate, on behalf of any processor or peripheral for which said eleventh component may intermediate bus transactions, predefined or programmable adjunct memory-processing or I/O processing tasks (“

adjunct processing tasks”

) with or without processor intervention, said adjunct processing tasks further comprising at least one of data storage, retrieval, search, initialization, randomization, erasure, modification, transcoding, transfer, compression, decompression, encryption, decryption, and error-correction encoding/decoding, which may further comprise forward error-correction encoding/decoding;

a twelfth component configured to present, to any processor or peripheral for which said twelfth component may intermediate bus transactions, a dynamically reconfigurable persistent or non-persistent memory space, further comprising any subset, aggregation, or arrangement of emulated, locally attached, or remotely accessible memory or data storage devices;

a thirteenth component configured to present, to any processor or peripheral for which said thirteenth component may intermediate bus transactions, the aforesaid dynamically reconfigurable persistent or non-persistent memory space wherein the subset, aggregation, or arrangement of emulated, locally attached, or remotely accessible memory or data storage devices further comprises scatter/gather communications functions, which further comprise aforesaid adjunct processing tasks that transfer FEC-encoded data to slower or more remote hierarchical memory levels or transfer FEC-decoded data to faster or more local hierarchical memory levels;

a fourteenth component configured to present, to any processor or peripheral for which said fourteenth component may intermediate bus transactions, an associative memory access mechanism further comprising persistent or non-persistent storage, retrieval, search, and modification of associative key pairs, wherein said storage and retrieval functions further comprise the aforesaid adjunct processing tasks;

a fifteenth component configured to establish and maintain, on behalf of any processor or peripheral for which said fifteenth component may intermediate bus transactions, complementary states in memory as a protection mechanism, wherein memory locations are invisibly toggled to and from their complementary values such that the state of each memory bit so protected has a duty cycle of approximately 50%;

a sixteenth component configured to implement intrusion-resistant trusted timely computing base (“

TTCB”

) control channels to TTCB peers and TTCB distributed security kernel services which can only fail by crashing, said services further comprising secure, synchronous, and timely execution, duration measurement, timing failure detection, absolute timestamping, local and distributed authentication, random number generation, block agreement (further comprising Byzantine agreement with error-correcting codes), and cryptographic identity (further comprising a plurality of long-term asymmetric key pairs and associated conventional cryptographic services); and

a seventeenth component configured to interface with point-of-load (POL) power supplies and other external circuits so that it may thus directly monitor and control a processor'"'"'s electrical environment including at least one of power on/off, power redundancy, voltage and current levels, external clocks, and clock multipliers.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An affordable, highly trustworthy, survivable and available, operationally efficient distributed supercomputing infrastructure for processing, sharing and protecting both structured and unstructured information. A primary objective of the SHADOWS infrastructure is to establish a highly survivable, essentially maintenance-free shared platform for extremely high-performance computing (i.e., supercomputing)—with “high performance” defined both in terms of total throughput, but also in terms of very low-latency (although not every problem or customer necessarily requires very low latency)—while achieving unprecedented levels of affordability at its simplest, the idea is to use distributed “teams” of nodes in a self-healing network as the basis for managing and coordinating both the work to be accomplished and the resources available to do the work. The SHADOWS concept of “teams” is responsible for its ability to “self-heal” and “adapt” its distributed resources in an “organic” manner. Furthermore, the “teams” themselves are at the heart of decision-making, processing, and storage in the SHADOWS infrastructure. Everything that'"'"'s important is handled under the auspices and stewardship of a team.

467 Citations

14 Claims

1. A dynamically reconfigurable computing infrastructure comprising:
- at least three facilities at respective different geographical locations, each of said facilities being expendable so long as at least two others of said facilities survive, each facility having at least one grouping of computing nodes, the computing nodes further comprising;
  
  (a) a memory;
  
  (b) at least one processor;
  
  (c) a first component configured to perform secure communications, computing, and data storage, retrieval, and processing functions;
  
  (d) a second component configured to recognize and differentiate between computing nodes by their cryptographic identities and actual behaviors and determine whether at least one of an object, a subject, and an interaction is authorized or unauthorized;
  
  (e) a third component configured to establish and maintain roles and trust relationships between computing nodes based on their locations, cryptographic identities, and actual behaviors, and to collaborate with other computing nodes to establish teams of nodes, at least one said team having members that are geographically distributed;
  
  (f) a fourth component configured to use error-correcting codes to achieve Byzantine agreement and distributed decision-making;
  
  (g) a fifth component configured to mutually associate nodes contained within the teams of nodes, wherein each such team of nodes is accountable for a portion of the aggregate responsibilities of the computing infrastructure; and
  
  (h) a sixth component configured to timely publish selected aggregated resource information to the teams of nodes;
  
  wherein the memory and at least one processor are configured with one or more integral hardware devices that collectively further comprise;
  
  a seventh component configured to originate, intercept, monitor, translate, terminate, or respond to (“
  
  intermediate”
  
  ) bus transactions for any system buses, memory buses, or I/O buses said component shares with said at least one processor, and at least one of;
  
  an eighth component configured to present a dynamically reconfigurable boot environment to any processor or peripheral for which said eighth component may intermediate bus transactions;
  
  a ninth component configured to present dynamically reconfigurable peripheral devices, further comprising any subset of emulated, locally attached, or remotely accessible devices, to any processor or peripheral for which said ninth component may intermediate bus transactions;
  
  a tenth component configured to complement conventional IOMMU capabilities by presenting, to any processor or peripheral for which said tenth component may intermediate bus transactions, dedicated per-process registers and FIFO hardware devices that enable user-space input/output without system call overhead, within reconfigurable security constraints, said registers and FIFO devices further comprising system clocks, timers, hardware accelerators, and dedicated “
  
  phantom”
  
  peripheral devices emulated, projected, or otherwise presented by said component;
  
  an eleventh component configured to perform or accelerate, on behalf of any processor or peripheral for which said eleventh component may intermediate bus transactions, predefined or programmable adjunct memory-processing or I/O processing tasks (“
  
  adjunct processing tasks”
  
  ) with or without processor intervention, said adjunct processing tasks further comprising at least one of data storage, retrieval, search, initialization, randomization, erasure, modification, transcoding, transfer, compression, decompression, encryption, decryption, and error-correction encoding/decoding, which may further comprise forward error-correction encoding/decoding;
  
  a twelfth component configured to present, to any processor or peripheral for which said twelfth component may intermediate bus transactions, a dynamically reconfigurable persistent or non-persistent memory space, further comprising any subset, aggregation, or arrangement of emulated, locally attached, or remotely accessible memory or data storage devices;
  
  a thirteenth component configured to present, to any processor or peripheral for which said thirteenth component may intermediate bus transactions, the aforesaid dynamically reconfigurable persistent or non-persistent memory space wherein the subset, aggregation, or arrangement of emulated, locally attached, or remotely accessible memory or data storage devices further comprises scatter/gather communications functions, which further comprise aforesaid adjunct processing tasks that transfer FEC-encoded data to slower or more remote hierarchical memory levels or transfer FEC-decoded data to faster or more local hierarchical memory levels;
  
  a fourteenth component configured to present, to any processor or peripheral for which said fourteenth component may intermediate bus transactions, an associative memory access mechanism further comprising persistent or non-persistent storage, retrieval, search, and modification of associative key pairs, wherein said storage and retrieval functions further comprise the aforesaid adjunct processing tasks;
  
  a fifteenth component configured to establish and maintain, on behalf of any processor or peripheral for which said fifteenth component may intermediate bus transactions, complementary states in memory as a protection mechanism, wherein memory locations are invisibly toggled to and from their complementary values such that the state of each memory bit so protected has a duty cycle of approximately 50%;
  
  a sixteenth component configured to implement intrusion-resistant trusted timely computing base (“
  
  TTCB”
  
  ) control channels to TTCB peers and TTCB distributed security kernel services which can only fail by crashing, said services further comprising secure, synchronous, and timely execution, duration measurement, timing failure detection, absolute timestamping, local and distributed authentication, random number generation, block agreement (further comprising Byzantine agreement with error-correcting codes), and cryptographic identity (further comprising a plurality of long-term asymmetric key pairs and associated conventional cryptographic services); and
  
  a seventeenth component configured to interface with point-of-load (POL) power supplies and other external circuits so that it may thus directly monitor and control a processor'"'"'s electrical environment including at least one of power on/off, power redundancy, voltage and current levels, external clocks, and clock multipliers.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The computing infrastructure of claim 1 further comprising a seventh component configured to determine readiness or relative workload capacity of a computing node relative to its viewpoint of the at least three facilities based on its own local statistics and a non-local statistical summary of the at least three facilities, further comprising at least one of its operational profile and survivability factors.
  - 3. The computing infrastructure of claim 2 further comprising an eighth component configured to dynamically adapt to system-wide load-balancing needs, said adaptation further comprising choosing, based on relative workload capacity, to volunteer to take on additional load or to delegate responsibilities to nodes with a readiness sufficient to meet service level agreements and other operational goals.
  - 4. The computing infrastructure of claim 1, wherein the groupings of computer nodes are dynamically selected and are distributed geographically.
  - 5. The computing infrastructure of claim 1 further comprising an associative memory that provides associative access to its content, said associative memory further comprising data index structures and methods integrating ternary search trees and digital search tries, said structures and methods further comprising self-referential index pages, local page-relative references to index nodes, and a mechanism for distinguishing non-local off-page references.
  - 6. The computing infrastructure of claim 5 wherein the associative memory further comprises at least one of content compression, persistent content retention and non-persistent content retention.
  - 7. The computing infrastructure of claim 5 wherein the associative memory is configured for mandatory access control.
  - 8. The computing infrastructure of claim 1 wherein dynamic reconfigurability comprises emergent behavior which further comprises an ability to grow, self-heal, and adapt distributed resources, all in an organic manner.
  - 9. The computing infrastructure of claim 1 wherein geographically distributed teams of computing nodes in a self-healing network are the basis for managing and coordinating at least one of the work to be accomplished and the resources available to do the work.
  - 10. The computing infrastructure of claim 1 wherein each geographically distributed team comprises computing nodes that share no common regional threat.
  - 11. The computing infrastructure of claim 1 wherein the use of error-correcting codes to achieve Byzantine agreement and distributed decision-making among a quorum of surviving and communicating trustworthy computing nodes enables making correct local decisions and achieving correct results despite Byzantine failures further comprising hardware or software failures, overt or covert attack, collusion, or corruption of the non-quorum nodes.
  - 12. The computing infrastructure of claim 1 wherein the use of error-correcting codes to achieve Byzantine agreement and distributed decision-making enables increased parallelization or reduced latency of processing tasks whose results must be verifiably correct.
  - 13. The computing infrastructure of claim 1 wherein said error-correcting codes further comprise lossless FEC codes.
  - 14. The computing infrastructure of claim 12 wherein the integral use of associative memory and Byzantine agreement comprises incorporating previously vetted results to enable faster results validation or reduced latency of repeatable deterministic processing tasks whose computational results must be verifiably correct.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
David D. Duchesneau
Original Assignee
David D. Duchesneau
Inventors
Duchesneau, David D.
Primary Examiner(s)
ALGIBHAH, HAMZA N

Application Number

US12/270,793
Publication Number

US 20090216910A1
Time in Patent Office

1,986 Days
Field of Search

709/250
US Class Current

709/250
CPC Class Codes

F25D 17/02   for circulating liquids, e....

F28D 15/0266   with separate evaporating a...

F28D 15/06   Control arrangements therefor

F28F 1/00   Tubular elements; Assemblie...

F28F 2250/08   Fluid driving means, e.g. p...

G06F 9/5072   Grid computing

H01B 3/24   containing halogen in the m...

H04L 2463/141   Denial of service attacks a...

H04L 41/00   Arrangements for maintenanc...

H04L 41/04   Network management architec...

H04L 41/0816   the condition being an adap...

H04L 63/20   for managing network securi...

Y04S 40/20   Information technology spec...

Computing infrastructure

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

467 Citations

14 Claims

Specification

Use Cases

Quick Links

Others

Computing infrastructure

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

467 Citations

14 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others