Abstract: Disclosed herein are systems and methods for performing live migration from a source host to a target host. In one example, a processor of the system is configured to determine workload data for active workloads utilizing the source host and available live migration candidate hosts and select the target host from the live migration candidate hosts based on the workload requirement information and configuration data of the live migration candidate hosts. Once selected, the system will determine and execute a migration routine for migrating the active workloads from the source host to the target host.

Abstract: Systems and methods for dynamically updating firewall rules for a vehicle network are disclosed herein. In one example, a system includes a processor and a memory in communication with the processor having a cyber health engine module. The cyber health engine module includes instructions that, when executed by the processor, cause the processor to receive health status information from one or more nodes of the vehicle network, calculate a risk factor for the one or more nodes of the vehicle network based on the health status information, and in response to determining that the risk factor for the one or more nodes of the vehicle network indicates increased risk, update the firewall rules to address the increased risk.

Abstract: Systems, methods, and other embodiments described herein relate to validating programs of a computing system in a vehicle by tracking a boot sequence. In one embodiment, a method includes, responsive to detecting initiation of a boot sequence in a computing system, tracking characteristics of programs executing as part of the boot sequence. The method includes determining whether the programs correspond with a program execution graph (PEG) by comparing the characteristics of the programs as the programs boot with the PEG. The method includes providing a response to thwart a malicious program when the boot sequence does not match the PEG.

Abstract: Systems, methods, and other embodiments described herein relate to validating programs of a computing system in a vehicle by tracking a boot sequence. In one embodiment, a method includes, responsive to detecting initiation of a boot sequence in a computing system, tracking characteristics of programs executing as part of the boot sequence. The method includes determining whether the programs correspond with a program execution graph (PEG) by comparing the characteristics of the programs as the programs boot with the PEG. The method includes providing a response to thwart a malicious program when the boot sequence does not match the PEG.

Abstract: Systems, methods, and other embodiments described herein relate to adaptable canary values. In one embodiment, a method includes acquiring state information about a program executing within a vehicle. The state information specifies at least a security level of segments of the program. The method includes, responsive to the program satisfying a generating threshold, generating a canary value according to the state information. The method includes inserting the canary value into a memory address associated with the program.

Abstract: Systems, methods, and other embodiments described herein relate to securing software composition information in a software management environment. In one embodiment, a method includes acquiring, in a managing device, identifying information about a software package installed on a remote device, including a unique identifier of an entity associated with the software package, and a secure identifier that combines the unique identifier with a package identifier of the software package. The method includes, responsive to identifying a vulnerability, generating a vulnerability identifier using the unique identifier of the entity and a vulnerability label that identifies a vulnerable package that includes the vulnerability. The method includes comparing the vulnerability identifier with the secure identifier to determine whether the software package includes the vulnerability. The method includes providing a response about the vulnerability when the vulnerability identifier matches the secure identifier.

Abstract: Systems, methods, and other embodiments described herein relate to monitoring for unauthorized access to an electronic device. In one embodiment, a method includes acquiring a fault status about observed anomalies within a device. The observed anomalies relating to unauthorized access to the device. The method includes analyzing the fault status to identify whether the fault status satisfies a fault threshold. The method includes activating a response when the fault status satisfies the fault threshold indicating the presence of the unauthorized access.

Abstract: Systems, methods, and other embodiments described herein relate to improving incident response within a vehicle environment. In one embodiment, a method includes, responsive to detecting an attack on a threatened component of a computing system, gathering information about the threatened component, including at least a dependency list that specifies related components to the threatened component. The method includes determining a risk score for the attack according to a risk level associated with the attack, a risk type of the threatened component, and combined risks associated with compromising the related components. The method includes providing a report specifying information about the attack, including at least the risk score.

Abstract: A system in a vehicle includes one or more sensors configured to obtain occupant information from an occupant utilizing at least facial information of the occupant. The system also includes a controller in communication with the one or more sensors. The controller is configured to determine an application policy associated with one or more applications of the vehicle and execute the one or more applications in response to facial information exceeding a first authentication layer or second authentication layer associated with the application policy.

Abstract: A binary patch system for a vehicle may include a memory and a controller in communication with the memory and programmed to receive original source code, identify vulnerabilities in original source code, generate binary patch based on the identified vulnerabilities, insert binary patch into original source code, receive feedback of the inserted binary patch, and update the binary patch based on the feedback.

Abstract: A computer device includes a memory. The computer device also includes at least one processor configured to execute a process and manage the memory for the process. The processor is further configured to execute one or more program instructions associated with an application, reach control flow transfer for the one or more program instructions, unwind a call stack associated with the one or more program instructions in response to a failure to meet a target control flow, identify an offending function call, and rewrite the offending function call. The rewritten function call includes a memory operation boundary check.

Abstract: System, methods, and other embodiments described herein relate to improving control flow in a program for safety-related functions. In one embodiment, a method includes identifying a safety-related function of the program. The safety-related function is associated with functionality performed by the program that effects whether an associated device operates according to a functional safety standard. The method includes integrating a fault tree for the safety-related function into associated portions of a control flow graph of the program. The control flow graph identifies at least procedural control flows within the program, and the fault tree indicates combinations of conditions in the program that produce faults by the program. The method includes providing the control flow graph as an electronic output to improve the control flow of the program.

Abstract: A system in a vehicle includes one or more sensors configured to obtain occupant information from an occupant utilizing at least facial information of the occupant. The system also includes a controller in communication with the one or more sensors. The controller is configured to determine an application policy associated with one or more applications of the vehicle and execute the one or more applications in response to facial information exceeding a first authentication layer or second authentication layer associated with the application policy.

Abstract: A computer device includes a memory. The computer device also includes at least one processor configured to execute a process and manage the memory for the process. The processor is further configured to execute one or more program instructions associated with an application, reach control flow transfer for the one or more program instructions, unwind a call stack associated with the one or more program instructions in response to a failure to meet a target control flow, identify an offending function call, and rewrite the offending function call. The rewritten function call includes a memory operation boundary check.

Abstract: A binary patch system for a vehicle may include a memory and a controller in communication with the memory and programmed to receive original source code, identify vulnerabilities in original source code, generate binary patch based on the identified vulnerabilities, insert binary patch into original source code, receive feedback of the inserted binary patch, and update the binary patch based on the feedback.

Abstract: A microphone controller includes a processor programmed to receive voice input from one or more microphones to be utilized in a voice recognition session initiated by the microphone controller. Further the microphone controller includes a key store including one or more keys configured to encrypt the received voice input to an encrypted voice data.

Abstract: Systems and methods are disclosed and include receiving, using an electronic control module of a vehicle, image data from a camera system. The method includes identifying, using the electronic control module, a traffic sign based on the image data and information from a training database. The method includes determining, using the electronic control module, whether the traffic sign is correct based on a matching of the traffic sign and an entry of at least one of (i) a traffic rules database, (ii) a traffic customs database, (iii) a map information database, and (iv) a global positioning system (GPS) information database. The method includes identifying, in response to determining that the traffic sign is correct, a vehicle action from a vehicle action database corresponding to the traffic sign. The method includes outputting, in response to validating the vehicle action, a signal to a vehicle control module corresponding to the vehicle action.

Abstract: System, methods, and other embodiments described herein relate to determining performance overhead for instrumentation within a program. In one embodiment, a method includes, in response to compiling the program from source code into machine code, analyzing the program to generate overhead scores associated with segments of instrumentation within separate functions of the program. The instrumentation is combined with the source code to provide functionality in addition to a base functionality of the program. The method includes selectively modifying the segments in the source code for the separate functions according to whether the overhead scores for respective ones of the segments satisfies an instrumentation threshold associated with respective ones of the separate functions.

Abstract: System, methods, and other embodiments described herein relate to validating data arguments in a program. In one embodiment, a method includes, in response to an electronic request, identifying a data argument within a code segment of source code of the program. The data argument is non-control data passed between one or more functions of the program. The method includes storing data characteristics about the data argument within a control flow graph derived from the source code. The control flow graph represents execution paths within the program. The data characteristics indicate a state of the data argument and at least one relationship associated with the data argument. The method includes providing the control flow graph as an electronic output to facilitate adjustments in the source code.

Abstract: System, methods, and other embodiments described herein relate to validating data arguments in a program. In one embodiment, a method includes, in response to an electronic request, identifying a data argument within a code segment of source code of the program. The data argument is non-control data passed between one or more functions of the program. The method includes storing data characteristics about the data argument within a control flow graph derived from the source code. The control flow graph represents execution paths within the program. The data characteristics indicate a state of the data argument and at least one relationship associated with the data argument. The method includes providing the control flow graph as an electronic output to facilitate adjustments in the source code.