What is claimed is:
1. A polishing apparatus having a multi-head, comprising:
a polishing table having a polishing surface;
a plurality of top rings for holding workpieces and pressing the workpieces against said polishing surface;
a carousel for supporting said top rings and indexing said top rings;
a rotary transporter disposed in a position which can be accessed by said top rings and having a plurality of portions positioned on a predetermined circumference from a center of rotation of said rotary transporter for holding the workpieces, said rotary transporter having an indexing function for indexing said plurality of portions; and
a pusher for transferring the workpieces between said rotary transporter and said top rings.
2. A polishing apparatus according to claim 1, wherein each of said top rings is connected to a carousel through a swing arm, and is angularly movable by said swing arm to a polishing position on said polishing table and a loading and unloading position on said rotary transporter.
3. A polishing apparatus according to claim 1, further comprising a second polishing table provided adjacent to said polishing table;
wherein when each of said top rings is located at a predetermined position, said each of said top rings can access said second polishing table.
4. A polishing apparatus according to claim 3, wherein said each of said top rings is connected to said carousel through a swing arm, and is angularly movable by said swing arm to access said second polishing table.
5. A polishing apparatus according to claim 1, wherein each of said top rings is connected to said carousel through a swing arm, and is angularly movable by said swing arm to an overhanging position in which the workpiece which has been polished projects from said polishing surface to cause a part of a polished surface of the workpiece to be exposed.
6. A polishing apparatus according to claim 1, further comprising a reversing device for transferring the workpieces to and from said rotary transporter and reversing the workpieces.
7. A polishing apparatus according to claim 6, wherein said reversing device is positioned above or below said rotary transporter, and transfer of the workpiece between said reversing device and said rotary transporter is conducted by a lifter which holds the workpiece and is vertically movable.
8. A polishing apparatus having a multi-head, comprising:
a polishing table having a polishing surface;
a plurality of top rings for holding workpieces and pressing the workpieces against said polishing surface;
a carousel for supporting said top rings and indexing said top rings;
a plurality of cleaning apparatuses for cleaning the workpieces which have been polished;
a transfer mechanism for transferring said polished workpieces between said cleaning apparatuses; and
a workpiece station having workpiece trays for holding the workpieces in a standby state while the workpieces are cleaned in a plurality of stages through said cleaning apparatuses or before the workpieces are cleaned.
9. A polishing apparatus according to claim 8, further comprising a cassette for housing a plurality of workpieces, said workpiece station being disposed between said polishing table and said cassette for holding the workpieces to be polished in a standby state before the workpieces to be polished are transferred to said polishing table.
10. A polishing apparatus according to claim 8, wherein said workpiece station has a workpiece tray for holding at least one dummy workpiece used for running in the polishing apparatus before polishing regular workpieces.
11. A polishing apparatus comprising:
a pair of polishing units, the polishing unit comprising:
a polishing table having a polishing surface;
a plurality of top rings for holding workpieces and pressing the workpieces against said polishing surface; and
a carousel for supporting said top rings and indexing said top rings;
a pair of rotary transporters, the rotary transporter being disposed in a position which can be accessed by said top rings and having a plurality of portions positioned on a predetermined circumference from a center of rotation of said rotary transporter for holding the workpieces, said rotary transporter having an indexing function for indexing said plurality of portions; and
a pair of pushers, the pusher being adapted for transferring the workpieces between said rotary transporter and said top rings.
12. A polishing apparatus according to claim 11, wherein each of said top rings is connected to a carousel through a swing arm, and is angularly movable by said swing arm to a polishing position on said polishing table and a loading and unloading position on said rotary transporter.
13. A polishing apparatus according to claim 11, further comprising a second polishing table provided adjacent to said polishing table;
wherein when each of said top rings is located at a predetermined position, said each of said top rings can access said second polishing table.
14. A polishing apparatus according to claim 13, wherein said each of said top rings is connected to said carousel through a swing arm, and is angularly movable by said swing arm to access said second polishing table.
15. A polishing apparatus according to claim 11, wherein each of said top rings is connected to said carousel through a swing arm, and is angularly movable by said swing arm to an overhanging position in which the workpiece which has been polished projects from said polishing surface to cause a part of a polished surface of the workpiece to be exposed.
16. A polishing apparatus according to claim 11, further comprising a reversing device for transferring the workpieces to and from said rotary transporter and reversing the workpieces.
17. A polishing apparatus according to claim 16, wherein said reversing device is positioned above or below said rotary transporter, and transfer of the workpiece between said reversing device and said rotary transporter is conducted by a lifter which holds the workpiece and is vertically movable.
The claims below are in addition to those above.
All refrences to claim(s) which appear below refer to the numbering after this setence.
What is claimed is:
1. A method for converting a software program or a software system including
multiple programs or application, to a form in which it is resistant to automated attacks, said software program or software system consisting of lines of code, said method comprising the steps of:
identifying communications within said software program or software system; and
applying tamper-resistant encoding techniques on said lines of code which effect said identified communications;
said tamper-resistant encoding techniques varying from one instance of said software program or software system to another.
2. The method of claim 1 in which the software program or system is a distributed program or system executing on multiple computers or computational devices communicating according to communication protocols over a communications network.
3. The method of claim 1 wherein said step of applying comprises the step of substantially altering the representations used to communicate information between software components in said software program or software system, with corresponding changes to the code manipulating the data in said data representations.
4. The method of claim 1 wherein the vulnerability of the various code sites in the code of the software program or software system, and the nature of the attacks against them, is assessed, and the vulnerability and nature of the anticipated attacks are used to determine the intensity of the encoding to be applied, and hence the effect of the encoding on execution speed of the software program or system at said code site.
5. The method of claim 4 wherein said step of applying comprises the step of fully encoding points of known vulnerability in said software program or software system.
6. The method of claim 4 wherein said step of applying comprises the step of partially encoding points of potential vulnerability in said software program or software system.
7. The method of claim 4 wherein said step of identifying comprises the step of:
identifying internal software communications which are desirable targets for tamper resistant encoding, in that their encodings will have a large impact on security, but are appropriate for low-overhead encoding techniques.
8. The method of claim 4 wherein said step of identifying comprises the step of:
reviewing said software program or software system and developing a co-ordinated plan for applying tamper-resistant encoding techniques on said lines of code.
9. The method of claim 1 wherein said step of applying tamper-resistant encoding techniques comprises the step of applying tamper resistant encodings involving a minimal number of machine operators, thereby minimizing execution time and memory overhead.
10. The method of claim 1 comprising the prior step of compiling said software program or software system into intermediate form.
11. The method of claim 4 wherein said step of applying comprises the steps of:
generating a coordinated system of encodings, and
effecting such encodings in said lines of code.
12. The method of claim 1 wherein said tamper resistant encoding techniques are applied on a number of related, but independent software applications, in an integrated manner.
13. The method of claim 1 wherein said internal software communications comprise at least one of the following:
communications via data passed in registers or memory;
communications between routines via parameters or data passed in mutually accessible variables;
communications between threads of control via light-weight message transmission, including signals, semaphores and mutually accessible variables;
communications between heavier-weight processes consisting of groups of threads, said processes having distinct address spaces and communicating via heavier-weight messages;
communications between executing programs which are collections of processes, said executing programs communicating via program invocations and files, and being partitioned among various privilege levels; and
communications between nodes in a network, said nodes executing many processes and communicating with one another via network communication protocols such as TCPIP.
14. The method of claim 4 wherein said step of applying tamper resistant encoding techniques comprises the step of applying data-flow encoding.
15. The method of claim 14 wherein said step of applying tamper resistant encoding techniques comprises the step of:
applying data-flow encoding at the instruction and routine levels of said software program or software system.
16. The method of claim 15 wherein said step of applying data-flow encoding comprises the step of:
applying linear encoding at the instruction and routine levels of said software program or software system.
17. The method of claim 14 wherein said step of encoding comprises the step of:
transforming the data-flow in said targeted software to dissociate its observable operation from the intent of the original software code or software system.
18. The method of claim 14 wherein said step of encoding comprises the step of:
combining data values in said software program or software system such that they cannot be easily disassembled or disaggregated.
19. The method of claim 14 wherein said step of applying data-flow encoding comprises the step of:
applying linear encoding to code with low execution frequency, thereby minimizing overhead.
20. The method of claim 14 wherein said step of applying data-flow encoding comprises the step of applying linear encoding with an additive constant.
21. The method of claim 14 wherein said step of applying comprises the step of applying one’s complement encoding.
22. The method of claim 14 wherein said step of applying comprises the step of employing low computationally expensive operations such as additions, subtraction and bit-conversions, rather than multiplication and division operations.
23. The method of claim 4 wherein said step of applying tamper resistant encoding techniques comprises the step of applying mass-data encoding.
24. The method of claim 24 wherein said step of applying tamper resistant encoding techniques comprises the step of:
applying mass-data encoding at the instruction and routine levels of said software program or software system.
25. The method of claim 24 wherein said step of applying mass-data encoding comprises the step of:
mapping storage addresses onto randomly generated new addresses.
26. The method of claim 24 wherein said step of applying mass-data encoding comprises the step of: mapping storage addresses onto pseudo-randomly generated new addresses.
27. The method of claim 24 wherein said step of applying comprises the step of encoding data in a code-location dependent manner.
28. The method of claim 24 wherein said step of applying tamper resistant encoding techniques comprises the step of:
applying mass-data encoding at the instruction and routine levels of said software program or software system.
29. A method of protecting computer programs, applications, software aggregations, or systems, as in claim 1, where said protection is provided against malware attacks, and is achieved by substantially altering the data representations used to communicate information among its components, with corresponding changes to the code manipulating the data in said data representations, so that different instances of a protected system are created such that the chosen representations differ among instances.
30. A method of protection as in claim 1, in which: communications which are known to constitute points of attack are fully encoded, with or without encodedunencoded splitting; communications not known to constitute points of attack, but which might be potential points of attack, are partially encoded, with or without encodedunencoded splitting; and communications known to either be safe from attack or where an attack is innocuous, are left unencoded.