Abstract: A method for processing an interrupt request includes: receiving a first interrupt request, where operations that the first interrupt request requests to execute include a first operation, execution of the first operation needs to occupy a critical resource, and the critical resource cannot be simultaneously occupied by a plurality of operations; determining, based on at least the received first interrupt request, that the first operation is an operation that does not need to be executed immediately; and storing the first operation into a temporary storage area.

Abstract: A device may include a vehicle comprising a plurality of network zones, each network zone comprising a plurality of end points. A device may include a controller, comprising: a log monitoring component configured to interpret a log corpus associated with at least one of the plurality of end points, a log analysis component configured to detect a risk event in response to the log corpus, and a risk response component configured to perform a risk response operation in response to the detected risk event.

Abstract: Embodiments of the present invention provide a method and a system for detecting a malicious code. The method includes obtaining first system information and second system information, and detecting the malicious code by identifying difference between the first system information and the second system information, which thus can detect an unknown malicious code, improve the system security, and can be easily implemented.