公开(公告)号：US20190213359A1

公开(公告)日：2019-07-11

申请号：US15866798

申请日：2018-01-10

Applicant: General Electric Company

Inventor： Krzysztof Michal KEPA ,  Willard Monten WISEMAN ,  David SAFFORD ,  Wesley Michael SKEFFINGTON ,  William David SMITH II

IPC: G06F21/72 ,  G06F21/73 ,  G06F21/57 ,  H04L9/08 ,  H04L9/32

Abstract: The example embodiments are directed to a system and method for secure provisioning of secrets into MPSoC devices using untrusted third-party systems. In one example, the method includes generating a random number sequence from a true random number generator to produce secret information, storing the secret information in an on-chip secure storage, encrypting, in a device and using public key encryption, the secret information to generate an encrypted message, and transmitting the encrypted message to a third-party system.

公开(公告)号：US20180287780A1

公开(公告)日：2018-10-04

申请号：US15471432

申请日：2017-03-28

Applicant: General Electric Company

Inventor： David SAFFORD ,  Atul KSHIRSAGAR ,  William David SMITH, II ,  Richard Paul MESSMER

IPC: H04L9/06 ,  H04L29/06 ,  H04L9/30 ,  G06F21/64 ,  G06F21/57

Abstract: According to some embodiments, a system may include a communication port to exchange information with a client device associated with an industrial control system. A network security server coupled to the communication port may include a computer processor adapted to provide a network security service for the client device. The computer processor may further be adapted to record security information about the client device via a blockchain verification process (e.g., by registering a validation result within a distributed ledger). The network security service might comprise, for example, an integrity attestation service providing software verification for the client device.

公开(公告)号：US20210160285A1

公开(公告)日：2021-05-27

申请号：US16695797

申请日：2019-11-26

Applicant: GENERAL ELECTRIC COMPANY

Inventor： William David SMITH, II ,  Krzysztof KEPA ,  David SAFFORD

IPC: H04L29/06 ,  G06F21/60

Abstract: A secure communication path device includes a first secure communication validator providing a one-way communication path from a security domain by implementing a secure protocol parser, a second secure communication validator providing a one-way communication path from a second security domain by implementing a secure second protocol parser. Each validator including respective serial/de-serializer units providing a unidirectional communication path from their respective security domain. The device hardware segregating respective communications of the security domains within the secure communication path device.