Abstract: In one embodiment, a service receives signal characteristic data indicative of characteristics of wireless signals received by one or more antennas located in a particular area. The service identifies an object in the particular area, based on the received signal characteristic data. The service associates the identified object with an object kinematics model. The service updates the object kinematics model over time by applying Bayesian inference to changes in the signal characteristic data.

Abstract: In one embodiment, a service receives signal data indicative of phases and gains associated with wireless signals received by one or more antennas located in a particular area. The service determines, from the received signal data, changes in the phases and gains associated with the wireless signals. The service estimates a direction of motion of one or more objects located in the particular area, based on the determined changes in the gains associated with the wireless signals. The service estimates a total mass of the one or more objects located in the particular area based on a ratio of the determined changes in the gains associated with the wireless signals over the determined changes in the phases associated with the wireless signals.

Abstract: In one embodiment, a service receives signal characteristic data indicative of characteristics of wireless signals received by one or more antennas located in a particular area. The service uses the received signal characteristic data as input to a Bayesian inference model to predict physical states of an object located in the particular area. A physical state of the object is indicative of at least one of: a mass, a velocity, an acceleration, a surface area, or a location of the object. The service updates the Bayesian inference model based in part on the predicted state of the object and a change in the received signal characteristic data and based in part by enforcing Newtonian motion dynamics on the predicted physical states.

Abstract: In one example embodiment, a network-connected device provides or obtains one or more computer network communications protected by a key. The network-connected device determines a count of the one or more computer network communications according to one or more properties of the one or more computer network communications. Based on the count of the one or more computer network communications, the network-connected device computes an information entropy of the key. Based on the information entropy of the key, the network-connected device dynamically generates a predicted threat level of the key.

Abstract: In one embodiment, a device in a serial network determines that a suspicious event has occurred in the network. The suspicious event is identified based on timing information for one or more frames in the serial network. The device assesses whether the suspicious event is malicious by evaluating a sequence of events in the network that precede the suspicious event. The device causes a mitigation action to be performed in the network when the suspicious event is deemed malicious.

Abstract: In one embodiment, a fog computing-based fueling kiosk forms a fueling connection with a vehicle and a direct network connection between the kiosk and a gateway for a network of the vehicle. The fueling kiosk provides energy to the vehicle via the fueling connection and receives, via the network connection with the gateway for the network of the vehicle, operational data from the network of the vehicle, while providing the energy to the vehicle via the fueling connection. The fueling kiosk performs an analysis of the received operational data from the vehicle and provides a result of the performed analysis to a remote device.

Abstract: In one embodiment, a processor of a vehicle predicts a state of the vehicle using a behavioral model. The model is configured to predict the state based in part on one or more state variables that are available from one or more sub-systems of the vehicle and indicative of one or more physical characteristics of the vehicle. The processor computes a representation of a difference between the predicted state of the vehicle and a measured state of the vehicle indicated by one or more state variables available from the one or more sub-systems of the vehicle. The processor detects a malicious intrusion of the vehicle based on the computed representation of the difference between the predicted and measured states of the vehicle exceeding a defined threshold. The processor initiates performance of a mitigation action for the detected intrusion, in response to detecting the malicious intrusion of the vehicle.

Abstract: In one embodiment, a processor of a vehicle receives a plurality of variables indicative of physical characteristics of the vehicle. The processor uses a machine learning-based model to predict physical states of the vehicle from the plurality of variables indicative of physical characteristics of the vehicle. The model predicts a current physical state of the vehicle from at least two or more prior physical states of the vehicle, and is based on a physical relationship between the physical characteristics. The processor sends synthetic data indicative of the predicted current physical state of the vehicle for use by a receiver application. The processor provides an update to the receiver based on a comparison between the predicted current physical state of the vehicle and the plurality of received variables.

Abstract: In one embodiment, a processor of a vehicle detects a difference between a physical characteristic of the vehicle predicted by a first machine learning-based model and a physical characteristic of the vehicle indicated by telemetry data generated by a sub-system of the vehicle. The processor forms a packet payload of an update packet indicative of the detected difference, based in part on a relevancy of the physical characteristic to the first machine learning-based model. The processor applies a synchronization strategy to the update packet, to synchronize the update packet with a second machine learning-based model executed by a receiver. The processor sends the update packet to the receiver via a network, to update the second machine learning-based model.

Abstract: In one embodiment, a processor of a vehicle maintains a machine learning-based behavioral model for the vehicle that is configured to predict a current state of the vehicle based on a plurality of state variables that are available from a plurality of sub-systems of the vehicle and are indicative of physical characteristics of the vehicle. The processor receives, from a first one of the sub-systems, a particular subset of the state variables associated with the first sub-system. The processor performs an index lookup of the state variables in the particular subset within an index of the state variables on which the behavioral model is based. The processor updates a portion of the machine learning-based behavioral model using the received subset of state variables and based on the index lookup.

Abstract: Information describing a rule to be applied to a traffic stream is received at an edge network device. The traffic stream is received at the edge network device. A schema is applied to the traffic stream at the edge network device. It is determined that a rule triggering condition has been met. The rule is applied to the traffic stream, at the edge network device, in response to the rule triggering condition having been met. At least one of determining that the rule triggering event has taken place or applying the rule is performed based on the applied schema.

Abstract: In one embodiment, a network device connected to an Internet Protocol (IP) network and a serial network scans an infrastructure of the serial network. Based on the scanning, the network device can determine one or more serial endpoints within the serial network infrastructure, and may then allocate an IP address to each of the one or more serial endpoints. The network device may then map received IP network traffic into serial protocol commands on the serial network for a destination serial endpoint having an allocated IP address corresponding to a destination IP address of the received IP network traffic, and may also bridge data present on the serial network from a sourcing serial endpoint into an IP message on the IP network with an indication of a corresponding allocated IP address of the sourcing serial endpoint, accordingly.

Abstract: In one example embodiment, a network-connected device provides or obtains one or more computer network communications protected by a key. The network-connected device determines a count of the one or more computer network communications according to one or more properties of the one or more computer network communications. Based on the count of the one or more computer network communications, the network-connected device computes an information entropy of the key. Based on the information entropy of the key, the network-connected device dynamically generates a predicted threat level of the key.

Abstract: According to one or more embodiments of the disclosure, thing discovery and configuration for an Internet of Things (IoT) integrated developer environment (IDE) is shown and described. In particular, in one embodiment, a computer operates an IoT IDE that discovers real-world physical devices within a computer network that are available to participate with the IoT IDE. The IoT IDE may then determine a respective functionality of each of the real-world physical devices, and virtually represents the real-world physical devices as selectable options within the IoT IDE for an IoT application, where a respective virtual representation of each of the real-world physical devices is configured within the IoT IDE with the corresponding respective functionality of that real-world physical device. Simulating the IoT application within the IoT IDE then relays input and/or output (I/O) between the IoT IDE and a selected set of real-world physical devices according to their corresponding respective functionality.

Abstract: A method provided in a network including edge devices to collect data from data producers connected to the edge devices and to communicate with cloud-based prosumers connected with the edge devices. Data analytics tasks are identified. The data analytics tasks are used to process data collected from a data producer among the data producers to produce a result for consumption by one or more of the cloud-based prosumers. For each data analytics task it is determined whether a computational complexity of the data analytics task is less than or equal to a predetermined computational complexity. Each data analytics task determined to have a computational complexity less than or equal to the predetermined computational complexity is assigned to an edge device among the edge devices. Each data analytics task determined to have a computational complexity that exceeds the predetermined computational complexity is assigned to a prosumer among the prosumers.

Abstract: In one embodiment, a fog computing-based fueling kiosk forms a fueling connection with a vehicle and a direct network connection between the kiosk and a gateway for a network of the vehicle. The fueling kiosk provides energy to the vehicle via the fueling connection and receives, via the network connection with the gateway for the network of the vehicle, operational data from the network of the vehicle, while providing the energy to the vehicle via the fueling connection. The fueling kiosk performs an analysis of the received operational data from the vehicle and provides a result of the performed analysis to a remote device.

Abstract: In one embodiment, a device in a serial network determines that a suspicious event has occurred in the network. The suspicious event is identified based on timing information for one or more frames in the serial network. The device assesses whether the suspicious event is malicious by evaluating a sequence of events in the network that precede the suspicious event. The device causes a mitigation action to be performed in the network when the suspicious event is deemed malicious.

Abstract: In one embodiment, a device in a serial network de-multiplexes a stream of traffic in the serial network into a plurality of data streams. A particular one of the data streams is associated with a particular endpoint in the serial network. The device determines that data from the particular data stream associated with the particular endpoint should be reported to an entity external to the serial network based on an event indicated by the data from the particular data stream. The device quantizes the data from the particular data stream. The device applies compression to the quantized data to form a compressed representation of the particular data stream. The applied compression is selected based on a data type associated with the data. The device sends a compressed representation of the particular data stream to the external entity as Internet Protocol (IP) traffic.

Abstract: Information describing a rule to be applied to a traffic stream is received at an edge network device. The traffic stream is received at the edge network device. A schema is applied to the traffic stream at the edge network device. It is determined that a rule triggering condition has been met. The rule is applied to the traffic stream, at the edge network device, in response to the rule triggering condition having been met. At least one of determining that the rule triggering event has taken place or applying the rule is performed based on the applied schema.

Abstract: In one embodiment, a network device connected to an Internet Protocol (IP) network and a serial network scans an infrastructure of the serial network. Based on the scanning, the network device can determine one or more serial endpoints within the serial network infrastructure, and may then allocate an IP address to each of the one or more serial endpoints. The network device may then map received IP network traffic into serial protocol commands on the serial network for a destination serial endpoint having an allocated IP address corresponding to a destination IP address of the received IP network traffic, and may also bridge data present on the serial network from a sourcing serial endpoint into an IP message on the IP network with an indication of a corresponding allocated IP address of the sourcing serial endpoint, accordingly.