Abstract: A software package is received and unpacked into a plurality of components. Features are extracted from each component which are indicative (i.e., useful, etc.) in determining whether such component presents a software supply chain risk. The extracted features are consumed by one or more machine learning models to determine a level of supply chain risk associated with the component. This determined level of supply chain risk can be provided to a consuming application or process. Component identities can also be identified using machine learning or other similarity analyses. In some cases, embeddings are used to characterize risk and/or provide component identities. Related apparatus, systems, techniques and articles are also described.

Abstract: A software package is received and unpacked into a plurality of components. Features are extracted from each component which are indicative (i.e., useful, etc.) in determining whether such component presents a software supply chain risk. The extracted features are consumed by one or more machine learning models to determine a level of supply chain risk associated with the component. This determined level of supply chain risk can be provided to a consuming application or process. Component identities can also be identified using machine learning or other similarity analyses. In some cases, embeddings are used to characterize risk and/or provide component identities. Related apparatus, systems, techniques and articles are also described.

Abstract: A software package is received and unpacked into multiple components comprising plural functions. Each function is lifted from machine code into static single-assignment intermediate representation and tokenized to produce semantics-preserving embeddings. Intermediate-representation data-flow features are extracted, including detection of constant static variables on a stack, stack reaching definitions, uninitialized variables, and intra-procedural aliases. For each component, the embeddings and features are input to a machine-learning model trained on semantic properties derived from a corpus of software packages to generate a software supply chain risk level. Data characterizing the risk level is provided to a consuming application.

Abstract: A software package is received so that functions within the software package that implement or use cryptographic primitives can be identified. Further, a set of calls with each of the identified functions are determined. A call site analysis is performed based on the set of calls to determine cryptographic algorithm parameters. Thereafter, based on the set of calls and the call site analysis, a cryptography bill of materials (CBOM) detailing cryptographic primitives within the software package is generated. This CBOM can be provided to a consuming application or process. Related apparatus, systems, techniques and articles are also described.

Abstract: A code analyzer implements machine learning to detect vulnerabilities in computer code. The code analyzer trains a machine learning model using training vectors that characterize vulnerable programming patterns. The code analyzer evaluates a topological representation of the computer code using the machine learning model to identify a potential vulnerability. The potential vulnerability corresponds to a portion of the computer code where an attack can be used to bypass a security procedure. The code analyzer tests the potential vulnerability by emulating a fault injection during execution of the portion of the computer code. Upon confirming that the potential vulnerability can be exploited via a fault injection, the code analyzer generates a training vector that characterizes a vulnerable programming pattern associated with the portion of the computer code. The training vector can be used to further train the machine learning model.

Abstract: A software package is received and unpacked into a plurality of components. Features are extracted from each component which are indicative (i.e., useful, etc.) in determining whether such component presents a software supply chain risk. The extracted features are consumed by one or more machine learning models to determine a level of supply chain risk associated with the component. This determined level of supply chain risk can be provided to a consuming application or process. Component identities can also be identified using machine learning or other similarity analyses. In some cases, embeddings are used to characterize risk and/or provide component identities. Related apparatus, systems, techniques and articles are also described.

Abstract: A software package is received and unpacked into a plurality of components. Features are extracted from each component which are indicative (i.e., useful, etc.) in determining whether such component presents a software supply chain risk. The extracted features are consumed by one or more machine learning models to determine a level of supply chain risk associated with the component. This determined level of supply chain risk can be provided to a consuming application or process. Component identities can also be identified using machine learning or other similarity analyses. In some cases, embeddings are used to characterize risk and/or provide component identities. Related apparatus, systems, techniques and articles are also described.

Abstract: Described herein is a seismic node, comprising: at least one seismic sensor; a pressure resistant structure having a first wall, a second wall, and one or more supporting elements extending between the first and second walls to define one or more cavities for containing pressure sensitive components; and a separate waterproof sealing skin surrounding the pressure resistant structure and the at least one seismic sensor. Also described herein is a method for producing a seismic node.

Abstract: In the context of software security, reachability analysis provides a mechanism to assess the ease of exploitability of a particular vulnerability or whether a vulnerability is exploitable at all. The present techniques provide a mechanism to compute reachability for one or more binary executables within the context of an execution environment. These reachability analyses can be used to determine whether the executables or components therein present any potential vulnerabilities which, in turn, can cause a computing system executing such binary executable to exhibit undesired behavior. The analyses include determining reachability metrics for each of a plurality of program locations. These metrics are used to determine an environment-aware reachability metric reflecting the runtime properties of a computing environment specified by artefacts associated with the software.

Abstract: Features are extracted and/or derived from a software package (e.g., a binary executable, etc.) which are input into a machine learning model to determine an estimated peak memory usage required to analyze the software package. A number of memory resource units required for the determined peak memory usage is then determined. If the number of available memory resource units is less than the determined number of required memory resource units, then the software package can be queue in a backoff queue. The determined number of required memory units to analyze the software package can be allocated when a number of available memory resource units equals or exceeds the determined number of required memory resource units (whether or not the software package has been queued). The software package can then be analyzed using the allocated memory units. Information characterizing this analysis can be provided to a consuming application or process.

Abstract: A software package is received so that functions within the software package that implement or use cryptographic primitives can be identified. Further, a set of calls with each of the identified functions are determined. A call site analysis is performed based on the set of calls to determine cryptographic algorithm parameters. Thereafter, based on the set of calls and the call site analysis, a cryptography bill of materials (CBOM) detailing cryptographic primitives within the software package is generated. This CBOM can be provided to a consuming application or process. Related apparatus, systems, techniques and articles are also described.

Abstract: A software package is received so that functions within the software package that implement or use cryptographic primitives can be identified. Further, a set of calls with each of the identified functions are determined. A call site analysis is performed based on the set of calls to determine cryptographic algorithm parameters. Thereafter, based on the set of calls and the call site analysis, a cryptography bill of materials (CBOM) detailing cryptographic primitives within the software package is generated. This CBOM can be provided to a consuming application or process. Related apparatus, systems, techniques and articles are also described.

Abstract: A code analyzer implements machine learning to detect vulnerabilities in computer code. The code analyzer trains a machine learning model using training vectors that characterize vulnerable programming patterns. The code analyzer evaluates a topological representation of the computer code using the machine learning model to identify a potential vulnerability. The potential vulnerability corresponds to a portion of the computer code where an attack can be used to bypass a security procedure. The code analyzer tests the potential vulnerability by emulating a fault injection during execution of the portion of the computer code. Upon confirming that the potential vulnerability can be exploited via a fault injection, the code analyzer generates a training vector that characterizes a vulnerable programming pattern associated with the portion of the computer code. The training vector can be used to further train the machine learning model.