Awarded U.S. Patents

InZero Technologies are protected by the following U.S. Patents.  Where two Patents are listed together,
the second represents an awarded Continuation.

Reliable and secure firmware update with a dynamic validation for internet of things (IoT) devices

Patent No. 10,097,563
Awarded October 9, 2018
Patent No. 10,701,084
Awarded June 30, 2020

ABSTRACT

“A computing system for a secure and reliable firmware update through a verification process, dynamic validation and continuous monitoring for error or failure and speedy correction of Internet of Things (IoT) device operability. The invention uses a Trusted Execution Environment (TEE) for hardware-based isolation of the firmware update, validation and continuous monitoring services. The isolation is performed by hardware System on a Chip (SoC) Security Extensions such as ARM TrustZone or similar technologies on other hardware platforms. The invention therefore comprises Firmware Update Service (FUS), System Validation Service (SMS) and Continuous Monitoring Service (CMS) running in the TEE with dedicated memory and storage, thus providing a trusted configuration management functionality for the operating system (OS) code and applications on IoT devices.”

ARM processor-based hardware enforcement of providing separate operating system environments for mobile devices with capability to employ different switching methods

Patent No. 10,108,800
Awarded October 23, 2018

Patent No. 10,360,386
Awarded July 23, 2019

ABSTRACT

“Using an ARM processor, a method is provided for endpoint computing systems such as mobile devices or laptops to provide a hardware isolated runtime environment for multiple operating systems (OS’s). OS isolation is performed by hardware ARM Security Extensions added to ARMv6 processors (or higher) and controlled by a software Secure Monitor Module (SMM). The invention therefore comprises hardware enforcement mechanisms configured by the SMM to confine each OS to its own respective resources (kernel, RAM, drivers, storage). The invention is applicable to systems with different OS switching mechanisms, such as full computer system reboot to switch OS’s, suspension of one OS and resuming another, or using a virtual machine hypervisor to execute several OS’s in parallel.”

Multiple hardware-separated computer operating systems within a single processor computer system to prevent cross-contamination between systems

Patent No. 10,146,940
Awarded December 4, 2018

ABSTRACT

“Using a single processor, separate and independent hardware-enforced operating systems (OS’s) are created in a computer, each OS inaccessible by another OS so that malware introduced in one OS cannot access and contaminate another. With a trusted switching mechanism, only one OS is active at any time yet switching between OS’s occurs quickly by user action, without need to save open data and/or close the active OS, and/or reboot the inactive OS, yet on activation, the previously inactive OS resumes back where it was left off and no OS rebooting is required.”

Embedded trusted network security perimeter in computing systems based on ARM processors

Patent No. 10,250,595
Awarded April 2, 2019

ABSTRACT

“The invention relates to a method for computer systems based on the ARM processor, for example mobile devices, wherein the ARM processor provides fully hardware isolated runtime environments for an operating system (OS) and Trusted Execution Environment (TEE) including an embedded trusted network security perimeter. The isolation is performed by hardware ARM Security Extensions added to ARMv6 processors and greater and controlled by TrustWall software. The invention therefore comprises an embedded network security perimeter running in TEE on one or more processor cores with dedicated memory and storage and used to secure all external network communications of the host device. The invention addresses network communications control and protection for Rich OS Execution Environments and describes minimal necessary and sufficient actions to prevent unauthorized access to or from external networks.”

TwinBoard mobile
computing system

Patent No. 11,615,186
Awarded October 9, 2018
Patent No. 10,417,423
Awarded September 17, 2019

ABSTRACT

The invention comprises a mobile device with two circuit boards and certain shared resources, in order to provide the security of physically separate devices, yet do so in a single device using shared resources that do not affect security. Specifically, the invention has two boards connected via input/output switch, each having its own System-on-a-Chip (SoC), Memory (RAM), Storage and Radio Module (SIM(s)/Bluetooth/Wi-Fi) and may include one or more SIM cards. Touchscreen, battery, physical buttons and other peripherals are shared between boards. Each shared peripheral hardware module will be used by a single board only (the active in-use board being the “Foreground Board”); another board (the inactive “Background Board”) uses an emulated version of the same hardware module. At any moment, a user can switch between Boards and the Background Board becomes the active Foreground Board and vice versa.”

Mobile device virtualization solution based on bare-metal hypervisor with optimal resource usage and power consumption

Patent No. 10,503,237
Awarded December 10, 2019

Patent No. 10,948,967
Awarded March 16, 2021

ABSTRACT

“The invention provides multiple secure virtualized environments operating in parallel with optimal resource usage, power consumption and performance. The invention provides a method whereby virtual machines (VMs) have direct access to the computing system’s hardware without adding traditional virtualization layers while the hypervisor maintains hardware-enforced isolation between VMs, preventing risks of cross-contamination. Additionally, some of the VMs can be deactivated and reactivated dynamically when needed, which saves the computing system resources. As a result, the invention provides bare-metal hypervisor use and security but without the limitations that make such hypervisors impractical, inefficient and inconvenient for use in mobile devices due to the device’s limited CPU and battery power capacity.”

Secure and reliable content disarm and reconstruction cloud service

Patent No. 10,949,531
Awarded March 16, 2021

ABSTRACT

The present teachings disclose a file Content Disarm and Reconstruction (CDR) system and method. The system includes: a disarm environment comprising disarm sandboxes to transform a file; a separate reconstruct environment; and a controller to classify a file content of a file as a filetype, to provide the file and the filetype to a selected disarm sandbox of the disarm sandboxes for transformation, to receive one or more disarmed files from the selected disarm sandbox, to provide the one or more disarmed files to the reconstruct environment, and to receive a reconstructed file from the reconstruct environment, wherein the disarm environment, the reconstruct environment, and the controller are isolated and separated from one another by hardware. Isolated and separate Virtual Machines (VMs) may host the controller, the disarm environment and the reconstruct environment. The VMs may be disposable VMs that include an application sandbox environment. The VMs may be provided by a cloud service.”