Abstract: Described are methods, systems, and computer-program product embodiments for deriving a model of computation of a cyber-physical system (CPS). In some embodiments, a method includes receiving, from the CPS network, network-events data corresponding to a process performed by the CPS and including network events and associated group IDs. A plurality of events logs for a plurality of selections of group IDs are generated with each events log including a sequence of network events selected from the network events based on the selection of group IDs for that events log. A plurality of directed graphs for the plurality of events logs are generated with each directed graph generated based on the sequence of network events in the events log. A plurality of group IDs can be determined based on a directed graph selected from the plurality of directed graphs based on a complexity score calculated for each directed graph.

Abstract: A system and method for implementing a software emulation environment is provided. In one example, a mobile application can interface with an emulation environment that can be used to test whether the mobile application includes malware that can compromise the security and integrity of an enterprise's computing infrastructure. When the mobile application issues a call for data, a device mimic module can intercept the call and determine if the call includes a call for one or more checkable artifacts that can reveal the existence of the emulation environment. If such a call for data occurs, the device mimic module can provide one or more spoofed checkable artifacts that have been recorded from a real-world mobile device. In this way, the existence of the emulation environment can be concealed so as to allow for a more thorough analysis of a mobile application for potential hidden malware.

Abstract: Described are methods, systems, and computer-program product embodiments for deriving a model of computation of a cyber-physical system (CPS). In some embodiments, a method includes receiving, from the CPS network, network-events data corresponding to a process performed by the CPS and including network events and associated group IDs. A plurality of events logs for a plurality of selections of group IDs are generated with each events log including a sequence of network events selected from the network events based on the selection of group IDs for that events log. A plurality of directed graphs for the plurality of events logs are generated with each directed graph generated based on the sequence of network events in the events log. A plurality of group IDs can be determined based on a directed graph selected from the plurality of directed graphs based on a complexity score calculated for each directed graph.

Abstract: Described are methods, systems, and computer-program product embodiments for deriving a model of computation of a cyber-physical system (CPS). In some embodiments, a method includes receiving, from the CPS network, network-events data corresponding to a process performed by the CPS and including network events and associated group IDs. A plurality of events logs for a plurality of selections of group IDs are generated with each events log including a sequence of network events selected from the network events based on the selection of group IDs for that events log. A plurality of directed graphs for the plurality of events logs are generated with each directed graph generated based on the sequence of network events in the events log. A plurality of group IDs can be determined based on a directed graph selected from the plurality of directed graphs based on a complexity score calculated for each directed graph.

Abstract: A system and method for implementing a software emulation environment is provided. In one example, a mobile application can interface with an emulation environment that can be used to test whether the mobile application includes malware that can compromise the security and integrity of an enterprise's computing infrastructure. When the mobile application issues a call for data, a device mimic module can intercept the call and determine if the call includes a call for one or more checkable artifacts that can reveal the existence of the emulation environment. If such a call for data occurs, the device mimic module can provide one or more spoofed checkable artifacts that have been recorded from a real-world mobile device. In this way, the existence of the emulation environment can be concealed so as to allow for a more thorough analysis of a mobile application for potential hidden malware.

Abstract: Described are methods, systems, and computer-program product embodiments for deriving a model of computation of a cyber-physical system (CPS). In some embodiments, a method includes receiving, from the CPS network, network-events data corresponding to a process performed by the CPS and including network events and associated group IDs. A plurality of events logs for a plurality of selections of group IDs are generated with each events log including a sequence of network events selected from the network events based on the selection of group IDs for that events log. A plurality of directed graphs for the plurality of events logs are generated with each directed graph generated based on the sequence of network events in the events log. A plurality of group IDs can be determined based on a directed graph selected from the plurality of directed graphs based on a complexity score calculated for each directed graph.

Abstract: A system and method for implementing a software emulation environment is provided. In one example, a mobile application can interface with an emulation environment that can be used to test whether the mobile application includes malware that can compromise the security and integrity of an enterprise's computing infrastructure. When the mobile application issues a call for data, a device mimic module can intercept the call and determine if the call includes a call for one or more checkable artifacts that can reveal the existence of the emulation environment. If such a call for data occurs, the device mimic module can provide one or more spoofed checkable artifacts that have been recorded from a real-world mobile device. In this way, the existence of the emulation environment can be concealed so as to allow for a more thorough analysis of a mobile application for potential hidden malware.

Abstract: A system and method for implementing a software emulation environment is provided. In one example, a mobile application can interface with an emulation environment that can be used to test whether the mobile application includes malware that can compromise the security and integrity of an enterprise's computing infrastructure. When the mobile application issues a call for data, a device mimic module can intercept the call and determine if the call includes a call for one or more checkable artifacts that can reveal the existence of the emulation environment. If such a call for data occurs, the device mimic module can provide one or more spoofed checkable artifacts that have been recorded from a real-world mobile device. In this way, the existence of the emulation environment can be concealed so as to allow for a more thorough analysis of a mobile application for potential hidden malware.

Abstract: A mobile device charging station configured to analyze, measure and respond to/correct the state of a mobile device. The charging station can employ an embedded cryptographic subsystem that can make use of anti-tamper/tamper evident techniques to protect stored firmware images/cryptographic material.

Abstract: A mobile device charging station configured to analyze, measure and respond to/correct the state of a mobile device. The charging station can employ an embedded cryptographic subsystem that can make use of anti-tamper/tamper evident techniques to protect stored firmware images/cryptographic material.

Abstract: Apparatus and method for providing a data interface to a plurality of radio transceivers such as between a personal computer or other information processing device to one or more radio transmitter/receiver systems having a serial data interface in a manner that provides control of the radio and means to send and receive data via the radio without regard to the characteristics of the radio or its serial interface. A common control protocol is employed that exposes the functionality necessary to control the radio transmitter/receiver device in a generic manner. The invention may communicate with the data terminal equipment via a widely-available data interface or network protocol, such as an asynchronous serial interface, the Universal Serial Bus (USB), or an Internet Protocol (IP) network. The invention also provides a means of implementing synchronous serial framing formats through software implementation, allowing compatibility with future data systems to be achieved without requiring hardware modifications.

Abstract: Apparatus and method for providing a data interface to a plurality of radio transceivers such as between a personal computer or other information processing device to one or more radio transmitter/receiver systems having a serial data interface in a manner that provides control of the radio and means to send and receive data via the radio without regard to the characteristics of the radio or its serial interface. A common control protocol is employed that exposes the functionality necessary to control the radio transmitter/receiver device in a generic manner. The invention may communicate with the data terminal equipment via a widely-available data interface or network protocol, such as an asynchronous serial interface, the Universal Serial Bus (USB), or an Internet Protocol (IP) network. The invention also provides a means of implementing synchronous serial framing formats through software implementation, allowing compatibility with future data systems to be achieved without requiring hardware modifications.

Abstract: A half duplex digital communications system and control means providing a data interface to a plurality of radio transceivers such as between a personal computer or other information processing device to one or more radio transmitter/receiver systems having a serial data interface in a manner that provides control of the radio and means to send and receive data via the radio without regard to the characteristics of the radio or its serial interface. A common control protocol is employed to control the radio transmitter/receiver device in a generic manner through software implementation, allowing compatibility with future data systems.

Abstract: Apparatus and method for providing a data interface to a plurality of radio transceivers such as between a personal computer or other information processing device to one or more radio transmitter/receiver systems having a serial data interface in a manner that provides control of the radio and means to send and receive data via the radio without regard to the characteristics of the radio or its serial interface. A common control protocol is employed that exposes the functionality necessary to control the radio transmitter/receiver device in a generic manner. The invention may communicate with the data terminal equipment via a widely-available data interface or network protocol, such as an asynchronous serial interface, the Universal Serial Bus (USB), or an Internet Protocol (IP) network. The invention also provides a means of implementing synchronous serial framing formats through software implementation, allowing compatibility with future data systems to be achieved without requiring hardware modifications.

Abstract: Apparatus and method for providing a data interface to a plurality of radio transceivers such as between a personal computer or other information processing device to one or more radio transmitter/receiver systems having a serial data interface in a manner that provides control of the radio and means to send and receive data via the radio without regard to the characteristics of the radio or its serial interface. A common control protocol is employed that exposes the functionality necessary to control the radio transmitter/receiver device in a generic manner. The invention may communicate with the data terminal equipment via a widely-available data interface or network protocol, such as an asynchronous serial interface, the Universal Serial Bus (USB), or an Internet Protocol (IP) network. The invention also provides a means of implementing synchronous serial framing formats through software implementation, allowing compatibility with future data systems to be achieved without requiring hardware modifications.