Abstract: An automated fault injection testing and analysis approach drives fault injection into a processor driven instruction sequence to quantify and define susceptibility to external fault injections for manipulating instruction execution and control flow of a set of computer instructions. A fault injection such as a voltage or electromagnetic pulse directed at predetermined locations on a processor (Central Processing Unit, or CPU) alters a result of a processor instruction to change values or execution paths. One or more quantified injections define an injection chain that causes a predictable or repeatable deviant result from an expected execution path through the code executed by the processor. Based on accumulation of fault injections and results, a repeatable injection chain and probability identifies an external action taken on a processing device to cause unexpected results that differ from an expected execution of a program or set of computer instructions.

Abstract: Systems and methods for cybersecurity operations threat modeling are disclosed. In one embodiment, a method may include: (1) receiving threat actor data and threat actor group data; (2) processing the threat actor data and the threat actor group data; (3) for each threat actor group, generating a threat actor group profile; (4) collecting operational data from an organizational system; (5) generating a threat model by applying the threat actor group profile to the operational data; and (6) deploying at least one countermeasure to the organizational system in response to the threat model.

Abstract: An automated fault injection testing and analysis approach drives fault injection into a processor driven instruction sequence to quantify and define susceptibility to external fault injections for manipulating instruction execution and control flow of a set of computer instructions. A fault injection such as a voltage or electromagnetic pulse directed at predetermined locations on a processor (Central Processing Unit, or CPU) alters a result of a processor instruction to change values or execution paths. One or more quantified injections define an injection chain that causes a predictable or repeatable deviant result from an expected execution path through the code executed by the processor. Based on accumulation of fault injections and results, a repeatable injection chain and probability identifies an external action taken on a processing device to cause unexpected results that differ from an expected execution of a program or set of computer instructions.

Abstract: Systems and methods for cybersecurity operations threat modeling are disclosed. In one embodiment, a method may include: (1) receiving threat actor data and threat actor group data; (2) processing the threat actor data and the threat actor group data; (3) for each threat actor group, generating a threat actor group profile; (4) collecting operational data from an organizational system; (5) generating a threat model by applying the threat actor group profile to the operational data; and (6) deploying at least one countermeasure to the organizational system in response to the threat model.