A trusted execution environment migration method for a device comprising a multicore processor, the processor operable to execute a rich execution environment (REE) and a trusted execution environment (TEE), the method comprising: executing a TEE scheduler in the REE on a first core of the multicore processor; subsequent to a migration of the TEE scheduler from the first core to a second core, issuing a request, by the TEE scheduler and to a transition submodule in the TEE, to execute an operations submodule in the TEE, wherein the transition submodule is operable to manage the transition of a core of the processor between execution of the REE and execution of the operations submodule in the TEE, and wherein the transition submodule is executed on the same core as the TEE scheduler; upon execution of the operations submodule, determining if the core on which the operations submodule is executing has changed since the previous execution of the operations submodule.

A device and method for intrusion detection in a computer network. A data packet is received at an input of a hardware switch unit, an output of the hardware switch unit is selected for sending the data packet or a copy as a function of security layer information from the data packet and of a hardware address, context information for the data packet being determined, an actual value from a field being compared in a comparison by a hardware filter with a setpoint value for values from this field, the field including security layer data or mediation layer data, and an interrupt for a computing device being triggered as a function of a result of the comparison, an analysis for detecting an intrusion pattern in a network traffic in the computer network, triggered by the interrupt, being carried out as a function of the context information for the data packet.

An integrated circuit includes a primary initiator domain (ID) circuit including having a processor core, a responder domain (RD) control circuit, and a reset controller. Secondary ID circuits, each include a processor core and a reset controller. RD circuitry is coupled to communicate with the primary ID circuit and the secondary ID circuits and includes RD resource circuits. The RD control circuit is configured to allocate each of the RD resource circuits to a first initiator domain consisting of the primary ID circuit or one of the secondary ID circuits, and when one of the secondary ID circuits enters a reset mode of operation, the RD resource circuit allocated to the one of the secondary ID circuits enters a reset while the remaining RD resource circuits are not affected by the reset.

Techniques for task processing in a parallel processing architecture for atomic operations are disclosed. A two-dimensional array of compute elements is accessed, where each compute element within the array of compute elements is known to a compiler and is coupled to its neighboring compute elements within the array of compute elements. Control for the array of compute elements is provided on a cycle-by-cycle basis. The control is enabled by a stream of wide control words generated by the compiler. At least one of the control words involves an operation requiring at least one additional operation. A bit of the control word is set, where the bit indicates a multicycle operation. The control word is executed, on at least one compute element within the array of compute elements, based on the bit. The multicycle operation comprises a read-modify-write operation.

A firewall host uses a shared memory to pass arguments to, and receive results from, a remote procedure executing on a locally coupled network processing unit that offloads processing for the firewall.

Systems and methods for scheduling tasks using sliding time windows are provided. In certain embodiments, a system for scheduling the execution of tasks includes at least one processing unit configured to execute multiple tasks, wherein each task in the multiple tasks is scheduled to execute within a scheduler instance in multiple scheduler instances, each scheduler instance in the multiple scheduler instances being associated with a set of time windows in multiple time windows and with a set of processing units in the at least one processing unit in each time window, time windows in the plurality of time windows having a start time and an allotted duration and the scheduler instance associated with the time windows begins executing associated tasks no earlier than the start time and executes for no longer than the allotted duration, and wherein the start time is slidable to earlier moments in time.

There is provided a data processing apparatus that includes processing circuitry for executing instructions relating to an active virtual processor in a plurality of virtual processors. Exception control circuitry receives an external exception associated with a target virtual processor in the plurality of virtual processors and when the target virtual processor is other than the active virtual processor, it issues a doorbell exception to cause a scheduling operation to schedule the target virtual processor to be the active virtual processor. Storage circuitry stores an indication of a set of masked virtual processors and the scheduling operation is adapted to disregard doorbell exceptions in respect of the set of masked virtual processors.

An interrupt signal is provided to an operating system executed using one or more processors of a plurality of processors. A bus attachment device receives an interrupt signal with an interrupt target ID identifying a processor assigned for use as a target processor for handling the interrupt signal. The bus attachment device translates the received interrupt target ID to a processor ID using an interrupt table entry and forwards the interrupt signal to the target processor for handling. The processor ID is used to address the target processor directly.

A tracking method, an apparatus, a device, and a machine-readable medium are provided. The method specifically includes: writing a tracking result of an activity of an operating system and/or a running activity of a program into a buffer when an interrupt is disabled; and reading and sending the tracking result from the buffer when the interrupt is enabled. The embodiments of the present disclosure can effectively shorten the maximum time during which interrupts are disabled for an operating system, and thereby can effectively improve the performance of the operating system and/or a program.

The disclosed embodiments provide a system for performing A/B testing of service-level metrics. During operation, the system obtains service-level metrics for service calls made during an A/B test, wherein the service-level metrics are aggregated by user identifiers of multiple users. Next, the system matches the service-level metrics to treatment assignments of the users to a treatment group and a control group in the A/B test. The system then applies the A/B test to a first grouping of the service-level metrics for the treatment group and a second grouping of the service-level metrics for the control group. Finally, the system outputs a result of the A/B test for use in assessing an effect of a treatment variant in the A/B test on the service-level metrics.