Abstract: A user-space virtualization (USV) program to allow legacy applications in embedded systems to share resources without modification without compromising security is provided. A computer-implemented USV program may be characterized by a method in a user-space including retrieving a native code of an application, and identifying an instruction sequence. Further, identifying the instruction sequence includes, first, determining if executing the instruction sequence to perform processing is a possible security risk. If it is a possible security risk, then confirming that there is an execute authority for an active application. Execute authority may be confirmed by a security manager or a processor. If it is confirmed by the security manager that the active application has the execute authority for processing, then executing the instruction sequence with a processor. If the active application has no execute authority for processing, then not executing the instruction sequence.

Abstract: A user-space virtualization (USV) program to allow legacy applications in embedded systems to share resources without modification without compromising security is provided. A computer-implemented USV program may be characterized by a method in a user-space including retrieving a native code of an application, and identifying an instruction sequence. Further, identifying the instruction sequence includes, first, determining if executing the instruction sequence to perform processing is a possible security risk. If it is a possible security risk, then confirming that there is an execute authority for an active application. Execute authority may be confirmed by a security manager or a processor. If it is confirmed by the security manager that the active application has the execute authority for processing, then executing the instruction sequence with a processor. If the active application has no execute authority for processing, then not executing the instruction sequence.

Abstract: This intermediate code execution system has a first subsystem having a first interpreter which corresponds to an instruction set generated during compilation and sequentially interprets and executes instructions included in an intermediate code, a second subsystem having a preprocessing section which applies to the intermediate code preprocessing to substitute an instruction pattern consisting of a plurality of instructions with an alternative instruction, and a second interpreter which corresponds to an instruction set including the alternative instruction and sequentially interprets and executes an instruction code included in the preprocessed intermediate code, and a method analysis section which selects either processing to execute the intermediate code by the first interpreter or processing to apply preprocessing to the intermediate code by the preprocessing section and then execute the intermediate code by the second interpreter.