Abstract: This document relates to creating and/or updating a chatbot using a graphical user interface. For example, training dialogs for a chatbot can be displayed in a tree form on a graphical user interface. Based at least on interactions between a developer and the graphical user interface, the training dialogs can be modified in the tree form, and training dialogs can be updated based on the modifications provided on the tree form via the graphical user interface.

Abstract: Methods, systems, and devices for a memory device with an error correction memory device with fast data access are described. For example, during a read operation, a memory device may be configured to output the data indicated by the read operation concurrent with performing an error correction operation. If the memory device detects an error, the memory device may indicate the error to a host device and, in some cases, output the corrected data to the host device. During a write operation, the memory device may store error detection or correction information associated with data to be stored at the memory device. The memory device may, in some cases, store error detection or correction information generated by the host device.

Abstract: The invention discloses a code testing method. The method includes the following steps of: acquiring a code set to be tested; loading the code set to a corresponding operating chip, and executing the code set by using the operating chip; judging whether a target code subset which is not successfully executed exists in the code set; and if yes, performing an audit testing operation on the code set. The code testing method provided by the invention is simple and feasible to apply, which improves a testing reliability and reduces a testing cost. The invention also discloses a code testing apparatus and device, and a storage medium, which have corresponding technical effects.

Abstract: An electronic device receives an interface calling request for a target interface in an application program. The interface calling request includes interface calling information of the target interface. The device performs an interface query in a simulated interface set that simulates real interfaces in the application program. In accordance with a determination, based on the interface query, that a target simulation interface corresponding to the target interface exists in the simulated interface set, the device intercepts the interface calling request. The device compares the intercepted interface calling information with interface configuration information of the target simulated interface. In accordance with a determination that the interface calling information matches the interface configuration information, the device obtains simulated response data corresponding to the target simulation interface. The device outputs calling response data of the interface calling request.

Abstract: Container images are fetched in a clustered container host system with a shared storage device. Fetching a first container image in a first virtual machine includes creating a first virtual disk in the shared storage device, storing an image of the first container in the first virtual disk, mounting the first virtual disk to the first virtual machine, and updating a metadata cache to associate the image of the first container to the first virtual disk. Fetching a second container image in a second virtual machine includes checking the metadata cache to determine that a portion of the image of the second container is stored in the first virtual disk, creating a second virtual disk in the shared storage device, adding a reference to the first virtual disk in a metadata of the second virtual disk, and mounting the second virtual disk to the second virtual machine.

Abstract: A method includes storing a golden copy of a device tree binary of a system in a trusted execution environment, identifying whether one or more parameters of a running copy of a device tree binary of the system are different from corresponding parameters of the golden copy by comparing the running copy with the golden copy, and performing a corrective action responsive to an indication that at least one of the one or more parameters of the running copy are different from the corresponding parameters of the golden copy.

Abstract: Disclosed herein are systems and method for selectively restoring a computer system to an operational state. In an exemplary aspect, the method may create a backup image of the computer system comprising a set of data blocks, and create and start a virtual machine based on the backup image. The method may identify a subset of the data blocks accessed from the backup image during startup of the virtual machine. In response to determining that the computer system should be restored, the method may restore the subset of the data blocks such that the computer system is operational during startup, and restore a remaining set of the data blocks from the backup image after the startup of the computer system.

Abstract: A system for detecting malware is described. The system features a traffic analysis device and a network device. The traffic analysis device is configured to receive data over a communication network, selectively filter the data, and output a first portion of the data to the network device. The network device is communicatively coupled with and remotely located from the traffic analysis device. The network device features software that, upon execution, (i) monitors behaviors of one or more virtual machines processing the first portion of the data received as output from the traffic analysis device, and (ii) detects, based on the monitored behaviors, a presence of malware in the first virtual machine.

Abstract: The systems, methods and apparatuses described herein provide a computing device that is configured to attest itself to a communication partner. In one aspect, the computing device may comprise a communication port configured to receive an attestation request from the communication partner, and an application-specific integrated circuit (ASIC). The ASIC may be configured to receive the attestation request from the communication port. The attestation request may include a nonce generated at the communication partner. The ASIC may be further generate a verification value and send the verification value to the communication port to be transmitted back to the communication partner. The verification value may be a computation result of a predefined function taking the nonce as an initial value. In another aspect, the communication partner is configured to attest the computing device using speed of computation attestation.

Abstract: A test coverage rate improvement system for pins of tested circuit board and a method thereof are disclosed. In the system, partial pins of a circuit board connector in a tested circuit board are not electrically connected to the boundary scan chip, test pins of the test pin board are pressed with the partial pins by a fixture of a boundary scan interconnect testing workstation to electrically connect the test pins to the partial pins. A test access port controller receives a detection signal for detecting the partial pins, which are not electrically connected to the boundary scan chip, of the circuit board connector through the test pin board from the test adapter card, and determines whether conduction is formed based on the detection signal, thereby achieving the technical effect of improving a test coverage rate for the pins of the tested circuit board.

Abstract: The disclosed system and method for software testing provide a strategy for testing new software functionalities in a sequence that detects defects according to a testing strategy designed to accomplish a predetermined objective. Providing a pre-testing stage generates test execution results for test cases designed to find defects related to new functionalities. Using machine learning clustering techniques to identify which test cases are similar to one another facilitates organizing test cases in a sequence appropriate for accomplishing a predetermined objective.

Abstract: A system and method is provided that facilitates threat impact characterization. The system may include a replica programmable logic controller (PLC) that corresponds to a production PLC in a production system and that may be configured to operate at an accelerated processing speed that is at least two times faster than a processing speed of the production PLC. The system may also include a data processing system configured to communicate with the replica PLC when executing malware infected PLC firmware and generate a simulation of the production system based on a virtual model of the production system operating at an accelerated processing speed that is at least two times faster than a processing speed of the physical production system. The simulation may include accelerated simulation of the production PLC based on communication with the replica PLC using the malware infected PLC firmware.

Abstract: A system and method for enhancing security for a high security embedded system. The system on chip device including at least one central processing unit (CPU) component, input and output component blocks, an independent hard or soft core dedicated to the input and output blocks, and a built-in, on die interposer, wherein the interposer consists of a field programmable gate array (FPGA) fabric, the FPGA fabric surrounding the components of the system on chip. The method for includes separating system components using a FPGA fabric, redirecting or changing the appearance of system components unknown to other system components, separating system code from security and recovery code, and providing proactive security problem detection and resolutions.

Abstract: An EtherCAT master-slave station integrated bridge controller, a control method, a control system and a readable storage medium are provided. Therein, an FPGA-based EtherCAT master-slave station integrated bridge controller is constructed. Because of the hardware parallel computing capability of FPGA, the master station of the EtherCAT master-slave station integrated bridge controller has a hard real-time characteristic so as to ensure real-time sending and receiving of EtherCAT network data and reduce the dependence on CPU performance and operating system real-time performance. The EtherCAT master-slave station integrated bridge controller can serve as a slave device relative to a third-party master station device and meanwhile serve as a master device relative to a third-party slave station device, thus reducing the load of EtherCAT bus network and improving the flexibility of network topology.

Abstract: According to one embodiment, a malware detection software being loaded into non-transitory computer readable medium for execution by a processor. The malware detection software comprises exploit detection logic, rule-matching logic, reporting logic and user interface logic. The exploit detection logic is configured to execute certain event logic with respect to a loaded module. The rule-matching logic includes detection logic that is configured to determine whether an access source is attempting to access a protected region and determine whether the access source is from a dynamically allocated memory. The reporting logic includes alert generating logic that is configured to generate an alert while the user interface logic is configured to notify a user or a network administrator of a potential cybersecurity attack.

Abstract: A security test can be performed on an ECU by using random test signals without changing the ECU. A security test system for a control device for an on-vehicle network, includes a security test unit that includes a test signal transmission portion transmitting random test signals including an illegal signal, for diagnosing security of a control device for an on-vehicle network, and a diagnosis portion specifying the illegal signal on the basis of a process result in the control device using the test signals, and a function evaluation unit that includes a process information acquisition portion acquiring information regarding the process result in the control device, an abnormality detection portion detecting abnormality in the process result in the control device based on the test signal, and an abnormality information output portion outputting information regarding the detected abnormality.

Abstract: In some embodiments, apparatuses and methods are provided herein useful to testing retail financial system transactions. In some embodiments, a system comprises an automated robotic testing device configured to retrieve a selected card from a physical media library, interact, via the selected card, with a point-of-sale terminal, the point-of-sale terminal configured to receive from the selected card, information associated with the selected card, and transmit, to an external banking institution, the information, and a control circuit configured to determine the selected card, transmit, to the automated robotic testing device, the indication of the selected card, receive one of an authorization and a lack of authorization, in response to receipt of 1) authorization, cause the transaction to be completed, and 2) the lack of authorization, cause the transaction to be voided, determine whether a test associated with the transaction was successful, and log an indication of whether the test was successful.

Abstract: A log acquirer acquires a communication log to be analyzed obtained from communications in a predetermined network. A log analyzer detects a terminal conforming to an analysis rule using a signature generated based on the characteristics of a communication log generated by a terminal infected with malware. A primary scorer and a secondary scorer calculate a score indicating the degree of threat for a detection result including the information on the terminal detected by the log analyzer and an analysis rule to which the terminal conforms using the information on the analysis rule and the information on the detection result. A detection result display unit outputs the detection result and the score calculated by the primary scorer and the secondary scorer.

Abstract: In an embodiment, automatic verification of a system backup operation is provided. This verification is achieved by copying executable files to a writeable file system representing a backup recovery point and configuring an operating system within the writeable file system to execute a particular service upon startup of the operating system. Moreover, a validation virtual machine (VM) associated with a backup recovery point is launched from the writeable file system and a first and second validation operation are performed by the validation VM. Results of the first validation operation are used to select the second validation operation, and the validation VM is determined to have completed successfully based on the results of the second validation operation. In one embodiment, a repair operation may be performed, based on the first set of results, to repair the operating system of the computing device and/or backup data of the computing device.

Abstract: A protecting method and system for malicious code, and a monitor apparatus are provided. The monitor apparatus circulates a monitor module obtained from a combination of a plurality of antivirus systems in a communication system, so as to monitor a plurality of electronic apparatuses in the communication system. When the monitor module is circulated to one of the electronic apparatuses and the malicious code is detected, a protection result is decided and one or more corresponding process actions are executed based on the protection result by the monitor module.

Abstract: The present invention relates to a method for authenticating software. The method comprises defining a set of parameters to use for trace mapping the software, wherein the set of parameters represents the software functionality when executed. The method further comprises: a) creating a trusted fingerprint that is created by trace mapping the software using the set of parameters when executed in a trusted environment; b) creating an operating fingerprint that is created by trace mapping the software using the set of parameters when executed in an operating environment; c) comparing the operating fingerprint with the trusted fingerprint, and identifying any difference between the trusted fingerprint and the operating fingerprint; and d) when said operating fingerprint is non-identical with the trusted fingerprint, initiating predefined action(s) in response to the identified differences between the trusted fingerprint and the operating fingerprint.

Abstract: A processor includes an execution pipeline that includes a plurality of execution stages, execution pipeline control logic, and a debug system. The execution pipeline control logic is configured to control flow of an instruction through the execution stages. The debug system includes a debug pipeline and debug pipeline control logic. The debug pipeline includes a plurality of debug stages. Each debug pipeline stage corresponds to an execution pipeline stage, and the total number of debug stages corresponds to the total number of execution stages. The debug pipeline control logic is coupled to the execution pipeline control logic. The debug pipeline control logic is configured to control flow through the debug stages of debug information associated with the instruction, and to advance the debug information into a next of the debug stages in correspondence with the execution pipeline control logic advancing the instruction into a corresponding stage of the execution pipeline.

Abstract: Techniques to restore data from backup are disclosed. In various embodiments, an indication of a subcomponent to be restored from backup is received. View information associated with the backup is used to determine a set of physical components required to be retrieved from the backup to restore the requested subcomponent. The determined set of physical components is retrieved from the backup. The retrieved physical components are used to restore the subcomponent. In various embodiments, the view information includes data that identifies each of a plurality of separately-recoverable subcomponents of the backup and for each one or more physical components comprising the backup which would be required to restore that subcomponent.

Abstract: Provided is a method of tracing a common cause failure in an integrated drawing. The method includes: synthesizing entities assigned attributes in at least one design drawing in units of a system where a common cause is to be traced; generating an integrated drawing with a hierarchical structure by horizontally or vertically interconnecting the entities assigned the same attribute in the at least one design drawing; and displaying a fault propagation path in the integrated drawing by using an internal tracer, wherein the displaying illustrates state information of the entities on the fault propagation path.

Abstract: Provided is an integrated drawing producing method for common cause tracing. The integrated drawing producing method includes: distinguishing shapes of entities in at least one design drawing and assigning an attribute to each of distinguished entities; synthesizing the entities assigned the attributes in the at least one design drawing in units of a system where a common cause is to be traced; and generating an integrated drawing with a hierarchical structure by horizontally or vertically interconnecting the entities assigned the same attribute in the at least one design drawing.

Abstract: A version management system includes a storage device that retains information on version histories of services each providing a predetermined function in a predetermined system, and an arithmetic device that executes a process of generating, based on the information on the version histories, a list of combination patterns of versions of the respective services as system configurations of the system, a process of excluding, from the patterns in the list, the pattern having a function fallback rate equal to or above a predetermined level, the function fallback rate being based on predefined necessary functions, and a process of identifying, in the patterns remaining in the list after the exclusion, the pattern with the highest similarity to a system configuration having a predetermined past operational track record, as a system configuration to which the system is to be restored upon occurrence of a problem.

Abstract: A method for protecting an electronic device executing a program against fault injection and type confusion attacks likely to affect a variable (Z) intended to be used by the program. The method includes calculating integrity check data (X, Y) of variable (Z), dependent on a type (T) of the variable (Z), and a value (V) of the variable (Z) stored in an execution stack (P1) and/or of a first addressing datum (A) stored in a first index register (ind1). The first addressing datum (A) adapted to locate the value (V) stored in the execution stack (storing the integrity check data (X, Y) on the variable (Z) in at least one control stack (P2, P3) different to the execution stack (P1). Storing in a second index register (ind2), a unique second addressing datum (A2) adapted to locate the integrity check data (X, Y) in the or each control stack (P2, P3).

Abstract: A computer implemented method of passive verification of an electronic design, comprising receiving an electronic design file of said electronic design comprised at least in part of a mixed signal or analog system including a plurality of subsystems. At least one analog subsystem of the plurality of subsystems has at least two design representations within the electronic design file that are intended to be equivalent for the at least one analog subsystem being simulated. First and second input subsystem data is collected for a first and second subsystem design representation of the at least two design representations from an analog stimulus to at least one input of the first and second subsystem design representation which is analog.

Abstract: Provided herein are systems and methods for generating policies for a new application using a virtualized environment. Prior to allowing a new application to operate on a host system, the new application may be installed in a virtual environment. A first program execution restrictor of the virtualized environment may determine a set of policies for the new application. The set of policies may allow the new application to add specific program elements during installation and execution in the virtualized environment. The first program execution restrictor may verify an absence of malicious behavior from the new application while the new application executes in the virtualized environment. The new application may be executed on the host system responsive to the verification. The host system may have a second program execution restrictor that applies the set of policies when the new application is allowed to execute on the host system.

Abstract: A circuit arrangement, method, and design structure for controlling access to master secret data disposed in at least a portion of at least one persistent region of an integrated circuit device is disclosed. The circuit arrangement includes a clock circuit responsive to an external clock signal, a security state machine configured to control a security state of the integrated circuit device, and a master secret circuit in communication with the security state machine and configured to control access to the master secret data. The security state machine and master secret circuit are isolated from the clock circuit, and the master secret circuit is responsive to the security state machine to selectively erase at least a portion of the master secret data. The master secret circuit may be configured to erase the portion of the master secret data in response to a null or triggered security state.

Abstract: Techniques, an apparatus and computer program product for generating test cases for covering enterprise rules and predicates are disclosed by receiving data associated with at least one of a business requirement and a business scenario as input, wherein the data comprise at least one of a set of predefined rules; based on the data, generating at least one or more test cases as output without any human intervention, wherein the output comprises a test script for the business requirement or the business scenario, and wherein the data associated with the at least one of a business requirement and a business scenario comprise at least one of a business rule, business requirement and predicate, the data associated with the at least one of business requirement and business scenario are stored as a linked graph in a repository, and wherein each node of the linked graph is mapped to previously stored data in the repository, wherein the repository comprises either one of a structured or unstructured data, and the data

Abstract: A computer implemented method of passive verification of an electronic design, comprising receiving an electronic design file of said electronic design comprised at least in part of a mixed signal or analog system including a plurality of subsystems. At least one analog subsystem of the plurality of subsystems has at least two design representations within the electronic design file that are intended to be equivalent for the at least one analog subsystem being simulated. First and second input subsystem data is collected for a first and second subsystem design representation of the at least two design representations from an analog stimulus to at least one input of the first and second subsystem design representation which is analog.

Abstract: The information processing apparatus includes a processor and components connected to the processor. In this processor, a failure occurring in any one of the processor and the components connected to the processor itself is recorded in a system space accessible in a system management mode, and an interrupt handler is notified of the occurrence of the failure by an interrupt. The program causes a management computer managing the information processing apparatus to execute shifting the processor to the system management mode, setting information indicating a pseudo failure in the system space, shifting the processor to a non system management mode from the system management mode after setting, and causing the processor to generate the interrupt corresponding to the pseudo failure.

Abstract: Debugging operations may utilize a dedicated debug port associated with a baseboard management controller. The baseboard management controller executes software programming that eliminates any need for a debugging cable. The baseboard management controller also permits debugging between virtual machines.

Abstract: An approach for debugging a circuit implementation of a software specification includes translating a high-level language debugging command into a hardware debugging command that specifies the value(s) of a condition in the circuit implementation, and a storage element(s) at which the value(s) of the condition is stored. The hardware debugging command is transmitted to a debug controller circuit that generates a single clock pulse to the circuit implementation. The debug controller circuit reads a value(s) from the storage element(s) specified by the hardware debugging command and determines whether or not the value(s) satisfies the condition. The debug controller circuit generates another single clock pulse in response to the value(s) read from the storage element(s) not satisfying the condition. Generation of pulses of the clock signal is suspended and data indicative of a breakpoint is output in response to the value(s) read from the storage element(s) satisfying the condition.

Abstract: The present disclosure provides methods and circuits for managing failing sectors in a non-volatile memory. A record address and a read control signal are received, where the record address identifies a location in the non-volatile memory. The record address is compared with a plurality of dead sector addresses, where the dead sector addresses correspond to a subset of sectors located in the non-volatile memory. Data located at the record address is determined to be invalid in response to a combination of a first detection that the record address matches one of the dead sector addresses and a second detection that the read control signal indicates a read operation is requested to be performed on the non-volatile memory.

Abstract: Techniques are presented for managing a deployment pipeline using an inheritable and extensible source code template—generally referred to as a live pipeline template (LPT). As described, live pipeline templates may be used to manage deployment pipelines which, in turn, are used to launch, maintain, and update the services and systems used to host and provide computing services.

Abstract: A data backup application checks validity of data being backed up during an incremental or a full backup. In case of the file backup, the full backup checks the validity of data during the backup, because in case of data corruption the user will not have any original data since no data has been backed up yet. In case of the incremental backup, only the new files or the files that have changed compared to the last backup are now backed up. All new and modified files can be checked for validity by comparing internal format of the user files against a corresponding file format standard. If corrupted files are detected among the modified files, the user is notified.

Abstract: An example energy management unit (EMU) with diagnostic capabilities is provided. The EMU with diagnostic capabilities can identify a potential failure or end-of-life condition by detecting a higher power consumption, an abnormal power waveform or by receiving a signal from an appliance or piece of equipment itself generated by the appliance's or piece of equipment's self diagnostic system. The EMU can be incorporated into a system that permits various power consumption and time-current information to be transmitted to a variety of devices and parties via a communication.

Abstract: Passive verification, comprising, receiving a representation of an electronic design comprised at least in part of at least system having at least one subsystem which is analog, collecting at least one input subsystem level data, having at least one input subsystem signal marker, collecting at least one output subsystem level data, having at least one output subsystem signal marker and analyzing at least one measure of at least one of the at least one input subsystem signal marker and at least one output subsystem signal marker.

Abstract: A method for debugging program code is performed at an apparatus having one or more processors and memory for storing programs to be executed by the one or more processors. The method includes the following steps: for each program code segment from a set of program code segments, assigning a unique value to a detection variable of a state machine when the respective program code segment operates the state machine. The unique value is based on a value of an identification variable associated with the respective program code segment. The method also includes determining a current value of the detection variable corresponding to an abnormal program exit, and determining a suspicious program code segment based on a comparison of the current value of the detection variable with the unique values of the respective identification variables. The method further includes outputting debug information based on the suspicious program code segment.

Abstract: Disclosed are a browser and a method for domain name resolution by the same. The method comprises: starting the browser and calling DNS acceleration data information, wherein the DNS acceleration data information comprises several domain names obtained in advance and IP address information corresponding to each domain name; receiving an access request for a certain URL initiated by a user, parsing the access request and extracting the domain name corresponding to the URL; and detecting whether the domain name corresponding to the URL is contained in the DNS acceleration data information, and if yes, obtaining the IP address information corresponding to the domain name, and utilizing the IP address information for access processing. By conducting statistics on some primary domain names in advance to form DNS acceleration data information, the disclosure may implement webpage browsing acceleration when the DNS acceleration data information is called by a user-side browser.

Abstract: A computer-implemented method for identifying malware may include (1) determining, for multiple commands within bytecode associated with a malware program, whether each command constitutes an invocation command, (2) filtering, based on the determination, invocation commands from the bytecode, (3) adding, for each invocation command filtered from the bytecode, an opcode, a format code, and a function prototype to a collection of opcodes, format codes, and function prototypes, (4) generating a digital fingerprint of the collection including the opcode, the format code, and the function prototype for each invocation command filtered from the bytecode, and (5) performing, by a computer security system, a remedial action to protect a user in response to detecting the presence of a variant of the malware program by determining that the digital fingerprint matches a candidate instance of bytecode under evaluation. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: According to one aspect, the disclosed subject matter describes herein a method for emulating computer processing usage patterns on a virtual machine that includes generating a usage pattern specification based on a plurality of computer processing usage patterns provided by a user and receiving, by a virtual machine hosted by a device under test (DUT), the usage pattern specification containing the plurality of computer processing usage patterns. The method also includes generating a plurality of pattern instruction sequences using execution parameters included in each of the plurality of computer processing usage patterns and distributing each of the plurality of pattern instruction sequences among a plurality of virtual processing cores of the virtual machine. The method further includes emulating the operation of the application on the virtual machine by executing the pattern instruction sequences on the virtual processing cores in a manner specified by the execution parameters.

Abstract: In some examples, a memory device may be configured to store data in either an original or an inverted state based at least in part on a state associated with one or more shorted bit cells. For instance, the memory device may be configured to identify a shorted bit cell within a memory array and to store the data in the memory array, such that a state of the data bit stored in the shorted bit cell matches the state associated with the shorted bit cell.

Abstract: An electronic circuit 120 includes a more-secure processor (600) having hardware based security (138) for storing data. A less-secure processor (200) eventually utilizes the data. By a data transfer request-response arrangement (2010, 2050, 2070, 2090) between the more-secure processor (600) and the less-secure processor (200), the more-secure processor (600) confers greater security of the data on the less-secure processor (200). A manufacturing process makes a handheld device (110) having a storage space (222), a less-secure processor (200) for executing modem software and a more-secure processor (600) having a protected application (2090) and a secure storage (2210).

Abstract: Functional diagnostic testing of an electronic circuit board assembly with one or more embedded channels to be tested includes steps of: (a) connecting a channel under test; (b) imposing a known digital or analog voltage, as appropriate for a channel under test, that is generated by a digital or analog output of the electronic circuit board assembly; and (c) comparing data read by the channel under test with the stored value of the imposed voltage and required tolerance to determine whether the channel under test is within specifications. Diagnostic test implemented by digital logic and software residing onboard the electronic circuit board assembly. Execution of software or firmware code segment controls the diagnostic test sequence. Signal switching is facilitated by digital and analog multiplexers.

Abstract: A processor executes a procedure including performing a repair process including first detecting whether there is any abnormality in data read out from a first storage, repairing abnormal data that is the data in which abnormality is detected as a result of the first detection, and storing the repaired data in a second storage area, second detecting when an address of data changed in the repair process and an address of a read-out source of the abnormal data in the first storage area match, whether there is any abnormality in data read out from an area indicated by the address of data changed in the repair process and the address of the read-out source of the abnormal data in the first storage area, repairing and storing, in the second storage area, the data in which abnormality is found as a result of the second detection.

Abstract: Circuits and methods for detecting, identifying and/or removing undesired content are provided. According to one embodiment, a virus processing system includes a virus co-processor, a first memory, a general purpose processor (GPP) and a second memory. The first memory is communicably coupled to the co-processor via a first memory interface. The first memory includes a first signature compiled for execution on the co-processor. The GPP is communicably coupled to the co-processor. The second memory is communicably coupled to the co-processor via a second memory interface and to the GPP. The second memory includes a second signature compiled for execution on the GPP. The co-processor is operable to retrieve the first signature stored within the first memory through an instruction cache. The co-processor is operable to retrieve a data segment to be scanned from second memory through a data cache that is separate from the instruction cache.

Abstract: A processor device executes program code in one or more threads. The processor device detects a call of a function in one of the threads and executes the function in a further thread. Further, the processor device performs a selection between saving a state of the processor device when starting execution of the function in the further thread and not saving the state of the processor device when starting execution of the function in the further thread. In response to a conflict related to the execution of the function in the further thread, the processor device may perform a rollback to a last saved state of the processor device and execute the function in the thread in which it was called.