Patents by Inventor Antonino Sabetta
Antonino Sabetta has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11972258Abstract: Systems and methods are provided for training a machine learning model to generate a score indicating a level of discrepancy between a commit message and a corresponding code change. The computing system receives a commit comprising a given commit message and a given corresponding code change and analyzes, using the trained machine learning model, the given commit message and given corresponding code change to generate a score indicating the level of discrepancy between the given commit message and the given corresponding code change of the received commit.Type: GrantFiled: June 27, 2022Date of Patent: April 30, 2024Assignee: SAP SEInventors: Rocio Cabrera Lozoya, Antonino Sabetta, Michele Bezzi
-
Publication number: 20240111522Abstract: Systems and methods are provided for analyzing a commit comprising an updated version of software code against a previous version of software code to determine a plurality of methods in the commit that have been changed, identifying a previous version and an updated version for each method that has been changed, and generating graphical representations of each previous version and each updated version of each method that has been changed. The systems and methods further provide for extracting path contexts from each graphical representation for each previous version and each updated version of each method, determining path contexts that are different by comparing each path context for each previous version with an associated updated version of each method, and encoding each path context that is different to generate at least one commit vector representation of the commit.Type: ApplicationFiled: September 29, 2022Publication date: April 4, 2024Inventors: Niccolo Togni, Antonino Sabetta, Rocio Cabrera Lozoya
-
Publication number: 20230418599Abstract: Systems and methods are provided for training a machine learning model to generate a score indicating a level of discrepancy between a commit message and a corresponding code change. The computing system receives a commit comprising a given commit message and a given corresponding code change and analyzes, using the trained machine learning model, the given commit message and given corresponding code change to generate a score indicating the level of discrepancy between the given commit message and the given corresponding code change of the received commit.Type: ApplicationFiled: June 27, 2022Publication date: December 28, 2023Inventors: Rocio Cabrera Lozoya, Antonino Sabetta, Michele Bezzi
-
Patent number: 11392370Abstract: Distributed vector representations of source code commits, are generated to become part of a data corpus for machine learning (ML) for analyzing source code. The code commit is received, and time information is referenced to split the source code into pre-change source code and post-change source code. The pre-change source code is converted into a first code representation (e.g., based on a graph model), and the post-change source code into a second code representation. A first particle is generated from the first code representation, and a second particle is generated from the second code representation. The first particle and the second particle are compared to create a delta. The delta is transformed into a first commit vector by referencing an embedding matrix to numerically encode the first particle and the second particle. Following classification, the commit vector is stored in a data corpus for performing ML analysis upon source code.Type: GrantFiled: October 26, 2020Date of Patent: July 19, 2022Assignee: SAP SEInventors: Rocio Cabrera Lozoya, Antonino Sabetta, Michele Bezzi, Arnaud Baumann
-
Publication number: 20220129261Abstract: Distributed vector representations of source code commits, are generated to become part of a data corpus for machine learning (ML) for analyzing source code. The code commit is received, and time information is referenced to split the source code into pre-change source code and post-change source code. The pre-change source code is converted into a first code representation (e.g., based on a graph model), and the post-change source code into a second code representation. A first particle is generated from the first code representation, and a second particle is generated from the second code representation. The first particle and the second particle are compared to create a delta. The delta is transformed into a first commit vector by referencing an embedding matrix to numerically encode the first particle and the second particle. Following classification, the commit vector is stored in a data corpus for performing ML analysis upon source code.Type: ApplicationFiled: October 26, 2020Publication date: April 28, 2022Inventors: Rocio Cabrera Lozoya, Antonino Sabetta, Michele Bezzi, Arnaud Baumann
-
Patent number: 10831899Abstract: Systems and methods are provided for retrieving a set of code changes to source code from a source code repository, analyzing the set of code changes to generate a vector representation of each code change of the set of code changes, analyzing the vector representation of each code change of the set of code changes using a trained security-relevant code detection machine learning model, receiving a prediction from the security-relevant code detection machine learning model representing a probability that each code change of the set of code changes contains security-relevant changes, analyzing the prediction to determine whether the prediction is below or above a predetermined threshold, and generating results based on determining whether the prediction is below or above a predetermined threshold.Type: GrantFiled: May 14, 2018Date of Patent: November 10, 2020Assignee: SAP SEInventors: Michele Bezzi, Antonino Sabetta, Henrik Plate, Serena Ponta
-
Publication number: 20200175174Abstract: Data is received that characterizes source code requiring a security vulnerability assessment. Using this received data, an input node of a vulnerability context graph is generated. Subsequently, at least one node is resolved from the input node using at least one of a plurality of resolvers that collectively access each of a knowledge base, a source code commit database, and at least one online resource. Additionally nodes are later iteratively resolved at different depth levels until a pre-defined threshold is met. The vulnerability context graph is then caused to be displayed in a graphical user interface such that each node has a corresponding graphical user interface element which, when activated, causes complementary information for such node to be displayed.Type: ApplicationFiled: December 4, 2018Publication date: June 4, 2020Inventors: Jamarber Bakalli, Michele Bezzi, Cedric Dangremont, Sule Kahraman, Henrik Plate, Serena Ponta, Antonino Sabetta
-
Publication number: 20190347424Abstract: Systems and methods are provided for retrieving a set of code changes to source code from a source code repository, analyzing the set of code changes to generate a vector representation of each code change of the set of code changes, analyzing the vector representation of each code change of the set of code changes using a trained security-relevant code detection machine learning model, receiving a prediction from the security-relevant code detection machine learning model representing a probability that each code change of the set of code changes contains security-relevant changes, analyzing the prediction to determine whether the prediction is below or above a predetermined threshold, and generating results based on determining whether the prediction is below or above a predetermined threshold.Type: ApplicationFiled: May 14, 2018Publication date: November 14, 2019Inventors: Michele Bezzi, Antonino Sabetta, Henrik Plate, Serena Ponta
-
Patent number: 10474456Abstract: Systems and methods are provided for accessing a source code repository comprising a plurality of versions of code, analyzing the plurality of versions of code of the component to compute metrics to identify each version of code, analyzing the metrics to determine a subset of the metrics to use to as a fingerprint definition to identify each version of the code, generating a fingerprint for each version of code using the fingerprint definition, generating a fingerprint matrix with the fingerprint for each version of code for the software component and storing the fingerprint definition and the fingerprint matrixType: GrantFiled: May 17, 2019Date of Patent: November 12, 2019Assignee: SAP SEInventors: Michele Bezzi, Antonino Sabetta, Henrik Plate, Serena Ponta, Francesco Di Cerbo
-
Publication number: 20190272170Abstract: Systems and methods are provided for accessing a source code repository comprising a plurality of versions of code, analyzing the plurality of versions of code of the component to compute metrics to identify each version of code, analyzing the metrics to determine a subset of the metrics to use to as a fingerprint definition to identify each version of the code, generating a fingerprint for each version of code using the fingerprint definition, generating a fingerprint matrix with the fingerprint for each version of code for the software component and storing the fingerprint definition and the fingerprint matrixType: ApplicationFiled: May 17, 2019Publication date: September 5, 2019Inventors: Michele Bezzi, Antonino Sabetta, Henrik Plate, Serena Ponta, Francesco Di Cerbo
-
Patent number: 10338916Abstract: Systems and methods are provided for accessing a source code repository comprising a plurality of versions of code, analyzing the plurality of versions of code of the component to compute metrics to identify each version of code, analyzing the metrics to determine a subset of the metrics to use to as a fingerprint definition to identify each version of the code, generating a fingerprint for each version of code using the fingerprint definition, generating a fingerprint matrix with the fingerprint for each version of code for the software component and storing the fingerprint definition and the fingerprint matrix.Type: GrantFiled: December 7, 2016Date of Patent: July 2, 2019Assignee: SAP SEInventors: Michele Bezzi, Antonino Sabetta, Henrik Plate, Serena Ponta, Francesco Di Cerbo
-
Patent number: 10031841Abstract: The method includes capturing an execution scenario associated with a real-time execution of an application, determining at least one scenario variable based on the execution scenario, generating a test case based on a code template, the execution scenario and the at least one scenario variable, and updating a test suite using the test case, the test suite configured to define a quality test of the application.Type: GrantFiled: June 26, 2013Date of Patent: July 24, 2018Assignee: SAP SEInventor: Antonino Sabetta
-
Publication number: 20180157486Abstract: Systems and methods are provided for accessing a source code repository comprising a plurality of versions of code, analyzing the plurality of versions of code of the component to compute metrics to identify each version of code, analyzing the metrics to determine a subset of the metrics to use to as a fingerprint definition to identify each version of the code, generating a fingerprint for each version of code using the fingerprint definition, generating a fingerprint matrix with the fingerprint for each version of code for the software component and storing the fingerprint definition and the fingerprint matrixType: ApplicationFiled: December 7, 2016Publication date: June 7, 2018Inventors: Michele Bezzi, Antonino Sabetta, Henrik Plate, Serena Ponta, Francesco Di Cerbo
-
Patent number: 9959111Abstract: Various embodiments of systems, computer program products, and methods for prioritizing software patches are described herein. In an aspect, the software patches are retrieved by querying software repositories. Further, code changes associated with the software patches are determined. One or more instances of bug fix patterns are identified in determined code changes. The software patches are classified based on the identified bug fix patterns. Priorities of the software patches corresponding to the identified instances of the bug fix patterns are determined based on the classification and a pre-defined policy. Upon determining priorities, the software patches are installed based on the priorities.Type: GrantFiled: July 11, 2016Date of Patent: May 1, 2018Assignee: SAP SEInventors: Henrik Plate, Serena Ponta, Antonino Sabetta
-
Patent number: 9880832Abstract: Automated systems and methods for assessing the urgency of installing a patch for a component of a software application are described. The systems and methods involve identifying a set of defective programming constructs of the component that are altered by the patch, collecting execution traces of programming constructs of the software application and programming constructs of the component in a context of application use, and evaluating the execution traces to determine whether one or more defective programming constructs of the component are invoked in the context of application use.Type: GrantFiled: March 6, 2015Date of Patent: January 30, 2018Assignee: SAP SEInventors: Henrik Plate, Serena Ponta, Antonino Sabetta
-
Publication number: 20180011700Abstract: Various embodiments of systems, computer program products, and methods for prioritizing software patches are described herein. In an aspect, the software patches are retrieved by querying software repositories. Further, code changes associated with the software patches are determined. One or more instances of bug fix patterns are identified in determined code changes. The software patches are classified based on the identified bug fix patterns. Priorities of the software patches corresponding to the identified instances of the bug fix patterns are determined based on the classification and a pre-defined policy. Upon determining priorities, the software patches are installed based on the priorities.Type: ApplicationFiled: July 11, 2016Publication date: January 11, 2018Inventors: HENRIK PLATE, Serena Ponta, Antonino Sabetta
-
Patent number: 9811668Abstract: An input handler receives an exploit test request specifying at least one exploit to be tested against at least one application in at least one execution environment. A deployment engine deploys the at least one execution environment including instantiating a container providing a virtual machine image and configured based on the exploit test request, the instantiated container including the at least one application. A scheduler schedules execution of the at least one execution environment within at least one execution engine, including scheduling an injection of the at least one exploit as specified in the exploit test request. A report generator generates an exploit test report characterizing a result of the at least one exploit being injected into the at least one execution environment of the at least one execution engine.Type: GrantFiled: April 21, 2015Date of Patent: November 7, 2017Assignee: SAP SEInventors: Antonino Sabetta, Luca Compagna, Serena Ponta, Stanislav Dashevskyi, Daniel Dos Santos, Fabio Massacci
-
Patent number: 9792200Abstract: Implementations are directed to enhancing assessment of one or more known vulnerabilities inside one or more third-party libraries used within an application program that interacts with the one or more third-party libraries. In some examples, actions include receiving a complete call graph that is provided by static source code analysis (SSCA) of the application program and any third-party libraries used by the application, receiving one or more stack traces that are provided based on dynamic source code analysis (DSCA) during execution of the application program, processing the complete call graph, the one or more stack traces, and vulnerable function data to provide one or more combined call graphs, the vulnerable function data identifying one or more vulnerable functions included in the one or more third-party libraries, each combined call graph being specific to a respective vulnerable function, and providing a graphical representation of each combined call graph.Type: GrantFiled: March 1, 2016Date of Patent: October 17, 2017Assignee: SAP SEInventors: Henrik Plate, Serena Ponta, Antonino Sabetta
-
Publication number: 20170255544Abstract: Implementations are directed to enhancing assessment of one or more known vulnerabilities inside one or more third-party libraries used within an application program that interacts with the one or more third-party libraries. In some examples, actions include receiving a complete call graph that is provided by static source code analysis (SSCA) of the application program and any third-party libraries used by the application, receiving one or more stack traces that are provided based on dynamic source code analysis (DSCA) during execution of the application program, processing the complete call graph, the one or more stack traces, and vulnerable function data to provide one or more combined call graphs, the vulnerable function data identifying one or more vulnerable functions included in the one or more third-party libraries, each combined call graph being specific to a respective vulnerable function, and providing a graphical representation of each combined call graph.Type: ApplicationFiled: March 1, 2016Publication date: September 7, 2017Applicant: SAP SEInventors: Henrik Plate, Serena Ponta, Antonino Sabetta
-
Publication number: 20160314302Abstract: An input handler receives an exploit test request specifying at least one exploit to be tested against at least one application in at least one execution environment. A deployment engine deploys the at least one execution environment including instantiating a container providing a virtual machine image and configured based on the exploit test request, the instantiated container including the at least one application. A scheduler schedules execution of the at least one execution environment within at least one execution engine, including scheduling an injection of the at least one exploit as specified in the exploit test request. A report generator generates an exploit test report characterizing a result of the at least one exploit being injected into the at least one execution environment of the at least one execution engine.Type: ApplicationFiled: April 21, 2015Publication date: October 27, 2016Inventors: Antonino Sabetta, Luca Compagna, Serena Ponta, Stanislav Dashevskyi, Daniel Dos Santos, Fabio Massacci