Abstract: A system, article of manufacture and method is provided for transferring secret information from a first location to a second location. The secret information is encoded and stalls in executable code are located. The executable code is configured to perform a predetermined function when executed on a pipeline processor. The encoded information is inserted into a plurality of instructions and the instructions are inserted into the executable code at the stalls. There is no net effect of all of the inserted instructions on the predetermined function of the executable code. The executable code is transferred to the second location. The location of the stalls in the transferred code is identified. The encoded information is extracted from the instructions located at the stalls. The encoded information may then be decoding information to generate the information at the second location.

Abstract: According to one embodiment of the present invention, a method for evaluating a software system includes defining a rating of the tamper resistance of a software system and breaking down the rating into a plurality of metrics relevant to the tamper resistance of the software system. A score may then be calculated for each metric and the scores may be combined into a composite score for the rating.

Abstract: A system, article of manufacture and method is provided for transferring secret information from a first location to a second location. The secret information is encoded and stalls in executable code are located. The executable code is configured to perform a predetermined function when executed on a pipeline processor. The encoded information is inserted into a plurality of instructions and the instructions are inserted into the executable code at the stalls. There is no net effect of all of the inserted instructions on the predetermined function of the executable code. The executable code is transferred to the second location. The location of the stalls in the transferred code is identified. The encoded information is extracted from the instructions located at the stalls. The encoded information may then be decoding information to generate the information at the second location.

Abstract: According to one embodiment of the present invention, a method for evaluating a software system includes defining a rating of the tamper resistance of a software system and breaking down the rating into a plurality of metrics relevant to the tamper resistance of the software system. A score may then be calculated for each metric and the scores may be combined into a composite score for the rating.

Abstract: A system, article of manufacture and method is provided for determining the vulnerability to attack of a software system by generating a hybrid graph, the hybrid graph including an attack graph portion describing at least one potential attack goal on the software system and describing sub-attacks required to achieve the potential attack goal. The hybrid graph also includes a defense graph describing ways to defend against the potential sub-attacks. The hybrid attack-defense graph may be evaluated and a score may be calculated based on the evaluation.

Abstract: A system, article of manufacture and method is provided for transferring secret information from a first location to a second location. The secret information is encoded and stalls in executable code are located. The executable code is configured to perform a predetermined function when executed on a pipeline processor. The encoded information is inserted into a plurality of instructions and the instructions are inserted into the executable code at the stalls. There is no net effect of all of the inserted instructions on the predetermined function of the executable code. The executable code is transferred to the second location. The location of the stalls in the transferred code is identified. The encoded information is extracted from the instructions located at the stalls. The encoded information may then be decoding information to generate the information at the second location.

Abstract: A system, article of manufacture and method is provided for transferring secret information from a first location to a second location. The secret information is encoded and stalls in executable code are located. The executable code is configured to perform a predetermined function when executed on a pipeline processor. The encoded information is inserted into a plurality of instructions and the instructions are inserted into the executable code at the stalls. There is no net effect of all of the inserted instructions on the predetermined function of the executable code. The executable code is transferred to the second location. The location of the stalls in the transferred code is identified. The encoded information is extracted from the instructions located at the stalls. The encoded information may then be decoding information to generate the information at the second location.

Abstract: A system, article of manufacture and method is provided for determining the vulnerability to attack of a software system by generating a hybrid graph, the hybrid graph including an attack graph portion describing at least one potential attack goal on the software system and describing sub-attacks required to achieve the potential attack goal. The hybrid graph also includes a defense graph describing ways to defend against the potential sub-attacks. The hybrid attack-defense graph may be evaluated and a score may be calculated based on the evaluation.