Abstract: A computer-implemented method for mitigating anomalous activity in an embedded computer system including a plurality of communicably coupled embedded processing elements. The method includes: detecting a transmission of an anomalous message in the embedded computer system; transmitting at least one notification to a plurality of embedded processing elements in the embedded computer system, wherein the notification is encrypted using a cryptographic key; in at least one embedded processing element of the plurality of processing elements: receiving the at least one notification; identifying, at the at least one embedded processing element, that the at least one notification has been encrypted using the cryptographic key; and reconfiguring the at least one processing element from a first mode into a second mode, wherein the at least one processing element presents a reduced functionality to the embedded computer system in the second mode.

Abstract: An apparatus and computer-implemented method for allocating computing resources in a method for protecting a computer-aided development environment in a distributed development process from damage and threats. In the method for protecting, multiple methods for identifying damage and/or a threat in the computer-aided development environment are carried out, wherein a metric which quantifies a quality and/or informative value of the method is determined for each method, wherein a respective offer for allocating computing resources for the execution of the respective method is determined for the methods depending on said metric, wherein the computing resources are allocated to the methods depending on the respective offer.

Abstract: A method for checking the dynamic behavior of code generated using a language model. Th method includes: providing a first executable file from a program code generated using a language model; providing a second executable file, wherein the second executable file is a previous first executable file or is an original source code of the program code; executing differential fuzzing using a fuzzer, wherein the fuzzer injects identical inputs into the first executable file and into the second executable file; monitoring the behavior and the output of the first executable file and the second executable file; outputting the program code if the fuzzing found no inconsistencies, no errors and/or no worse runtime behavior of the first executable file compared to the second executable file.

Abstract: A method for improving the memory allocation of code generated using a language model. The method includes: providing a program code generated using a language model, if a new version of the program code is available; generating an executable file using compilation and instrumentation, wherein a memory sanitizer inserts instructions into the program code and/or the executable file; execution of fuzzing by a fuzzer, wherein the fuzzer injects inputs into the executable file; monitoring the memory performance and optionally runtime information, the behavior and/or the output of the executable file; storing metadata generated from the allocated and freed memory in a memory metadata database, wherein the metadata are based on the instructions and are stored when the executable file is generated and/or when the fuzzing is executed; outputting the program code if no memory performance degradation or other errors are found.

Abstract: A method for verifying static warnings of code generated by a language model includes (i) providing an executable file from a program code generated by a language model, (ii) providing warning points in the program code originating from static testing, (iii) performing directed fuzzing by a fuzzer, wherein the fuzzer injects inputs into the executable file to reach a warning point, (iv) monitoring the behavior and output of the executable file, and (v) rating the warning point based on the behavior and the output.

Abstract: A method for obtaining coverage-guided fuzzing of software on a hardware target. The hardware target includes a breakpoint register, and is designed to stop an execution of the software prior to execution of an instruction of the software if the instruction is reached during the execution of the software; a memory address of the instruction is set in the breakpoint register. The method includes setting a first breakpoint prior to a first instruction of the software; executing or continuing a fuzzing iteration of the software; first checking whether the first breakpoint is reached while executing or continuing the fuzzing iteration; storing a piece of log information that includes that the first instruction in the fuzzing iteration has been reached, and optionally deleting the first breakpoint if the first check is positive. The coverage-guided fuzzing of the software includes the piece of log information.

Abstract: A method for creating a honeypot. The method includes sending requests to a target system; observing the responses of the target system to the requests; in accordance with the observed responses of the target system, creating a state machine model for the behavior of a network protocol according to which the target system responds to requests; and creating a honeypot that responds to requests in accordance with the state machine model.

Abstract: A method for generating a honeypot for a target system. The method includes training a large language model to respond to operating system command line interface commands like a command line interface of the target system, and generating a honeypot that uses the trained large language model to respond to operating system command line interface commands it receives.

Abstract: A method for testing a computer program. The method includes setting breakpoints on one or more memory access instructions in the computer program; executing the computer program; when one of the set breakpoints is triggered, ascertaining whether the memory access instruction is for accessing a data element that has a size that requires an alignment to the memory address to which it is written or from which it is read, and ascertaining the required alignment; if the memory access instruction is for accessing a data element that has a size that requires an alignment to the memory address to which it is written or from which it is read, ascertaining whether the memory address which the memory access instruction accesses meets the required alignment; in response to ascertaining that the memory address does not meet the required alignment, triggering a display that the computer program has an error.

Abstract: A method for testing a computer program. The method includes setting one or more breakpoints on one or more memory deallocation instructions in the computer program; executing the computer program; and, when one of the set breakpoints is triggered, setting a pointer that the memory deallocation instruction obtains as a specification of the memory area to be deallocated, to a value that triggers an exception when the pointer is subsequently used in the computer program.

Abstract: A method for testing a computer program. The method includes setting one or more breakpoints on one or more string output instructions in the computer program; executing the computer program; when one of the set breakpoints is triggered, ascertaining whether the string provided, for outputting, to a string output function called by the particular string output instruction contains one or more format specifications for the computer program for more values than provided as arguments to the particular string output function; and, in response to ascertaining that the string provided to the string output function for outputting contains one or more format specifications for the computer program for more values than provided as arguments to the particular string output function, triggering a display that the computer program has an error.

Abstract: A method for testing a computer program. The method includes setting one or more breakpoints on one or more arithmetic or bit-shifting operations in the computer program; executing the computer program; when one of the set breakpoints is triggered, ascertaining whether an overflow flag is set by executing the respective arithmetic or bit-shifting operation; and triggering a display that the computer program has an error, in response to ascertaining that the overflow flag is set as a result of the respective arithmetic or bit-shifting operation.

Abstract: A method for testing a computer program. The method includes executing the computer program until a memory share command for a memory area previously allocated by a memory allocation command of the computer program is called; setting, for each one or more memory locations of the memory area shared by the memory share command, a respective watchpoint for the memory location of the memory area and executing the memory share command; displaying, for each set watchpoint, that the computer program has an error, if the set watchpoint is triggered, and removing the watchpoint for each of the set watchpoints if the memory location for which it is set is reallocated by a further memory allocation command in the computer program.

Abstract: A method for testing a computer program. The method includes executing the computer program until a memory enable command is called for a memory region previously allocated by a memory allocation command of the computer program; skipping the memory enable command, and setting, for each of one or more memory locations of the memory region that is to be enabled by the memory enable command, a relevant watchpoint to the memory location of the memory region; and displaying, for each set watchpoint, that the computer program has a bug if the set watchpoint is triggered.

Abstract: A method for testing a computer program. The method includes ascertaining uninitialized variables of the test program, setting watchpoints to memory locations reserved for the uninitialized variables, and executing the computer program. The method also includes, for each set watchpoint: removing the watchpoint if the memory location to which the watchpoint is set is written to; and indicating that the computer program has an error if the watchpoint is triggered by a read access.

Abstract: A computer-implemented method for performing a test for a program code. The method includes the following steps: providing a modified program code, which includes the program code to be tested and at least one code segment, the at least one code segment monitoring an execution sequence of execution segments, and the code segment being developed to induce a program termination when an impermissible execution sequence is detected; performing a fuzz test for the modified program code; signaling a program termination when an impermissible execution sequence is detected.

Abstract: A method for treating uncertainty estimates for non-deterministic fuzz executions in a fuzzing system including: initializing the fuzzing system by setting observations of the fuzzer blank or to one or more initial test cases that are executed on a target program; executing test cases; creating an output report for the test case which includes information about a code coverage of the target program; repeating the execution of the test case to determine whether the test case leads to jitter or non-deterministic behavior in the target program; deciding how often the test case is to be executed to obtain an optimized estimate of the code path distribution; deciding whether and how test cases are mutated to minimize overall uncertainty and to investigate more areas in the target program; and adding, to the corpus of the test cases, the new test cases which cause a new behavior of the target program.

Abstract: A computer-implemented method for fuzzing a target software running on a computer. In the method: a target program is carried using first input data, memory context information of the target program's run is captured, a machine learning model is trained using the first input data and the memory context information as model input, a fuzzing input is generated based on an output of the machine learning model, the target program is tested using the fuzzing input.

Abstract: A method for testing a computer program. The method includes: executing the computer program until a memory allocation command is activated for allocating a memory region; expanding the memory region by a protection zone having at least one memory location; allocating the expanded memory region; setting a watchpoint on each of one or more memory locations of the protection zone; continuing the execution of the computer program; and displaying, for each set watchpoint, that the computer program has a bug if the set watchpoint is triggered.

Abstract: A method for testing a computer program. The method includes executing the computer program until a subprogram is called, ascertaining a memory location of the call stack in which the return address or the stack base pointer of the called subprogram is stored, setting a watchpoint on the ascertained memory location, setting breakpoints on return instructions of the called subprogram, continuing the execution of the computer program and indicating that the computer program has an error if the set watchpoint has been triggered before one of the set breakpoints due to a write to the memory location.