Abstract: A first device may provide, via a global digital twin of the first device, a communication mode assignment, of a communication mode, to a local digital twin of a second device. The communication mode assignment is to cause the local digital twin to communicate with the global digital twin via the communication mode. The first device may generate, via the global digital twin, a task assignment, and may provide, via the global digital, the task assignment to the local digital twin. The first device may update, via the global digital twin, a model based on the task assignment, and may receive, via the global digital twin and from the local digital twin, a model update associated with the local digital twin. The first device may update, via the global digital twin, the model based on the model update.

Abstract: A device may generate a knowledge model based on a knowledge model schema, data residency constraints, and a data classification ontology associated with a cloud application, and may perform a dynamic flow analysis of the cloud application data and the data source identifiers to generate a data flow graph. The device may process the data flow graph, with the knowledge model, to determine sensitive attributes in the data flow graph, and may identify sensitive data sources that include the sensitive attributes and sensitive assets based on the data flow graph and the sensitive data sources. The device may process the sensitive data sources and the sensitive assets, with a machine learning model, to determine methods for identifying misconfigurations, and may utilize the methods to identify misconfigurations and severities of the misconfigurations. The device may generate remediation actions for correcting the cloud application based on the severities of the misconfigurations.

Abstract: The present disclosure provides systems and methods supporting dynamic migration of jobs (e.g., workloads, containers, service requests, etc.) between execution environments. The disclosed systems and methods may utilize monitoring techniques to determine when a migration should occur and/or forecasting techniques to predict optimal times when a migration should occur. Upon determining a migration should occur, a target execution environment for a job may be identified and a migration process may be initiated. In some aspects, the migration may be performed partway through processing of the job and the migration may resume processing the job after the migration is completed in a manner that enables the processing to resume at the point where processing stopped prior to the migration.

Abstract: Systems and methods supporting discovery and quantification of vulnerabilities in software code are disclosed. The systems and methods provide functionality for using software code analysis and other types of tools to analyze the software code and determine whether it can be trusted. The software code tools may be able to discover various hidden issues in the software code and the outputs of such tools may be normalized to quantify the risk associated with vulnerabilities identified by the different tools. A labeling strategy is provided to label the software code to enable users to identify the best software among various available software options based on the label(s) and a set of criteria.

Abstract: Aspects of the present disclosure provide methods, devices, and computer-readable storage media that support detection, effect monitoring, and recovery from failure modes in cloud computing application using a failure mode effect analysis (FMEA) engine. Historical metadata related to operation of a hierarchy of devices may be used as training data to train the FMEA engine to identify failure modes experienced by the hierarchy of devices. After training the FMEA engine, metadata from the hierarchy of devices may be input to the FMEA engine to identify a failure mode that may have occurred, and the FMEA engine may select a recovery process to recommend for addressing or mitigating the identified failure mode. In some implementations, the FMEA engine may output an indication of the recommended recovery process and/or initiate performance of one or more operations at the hierarchy of devices to recover from the failure event.

Abstract: A device may receive application data identifying an application to be executed by a hybrid cloud computing environment and constraint data identifying constraints associated with the hybrid cloud computing environment. The device may select objectives based on the application data and the constraint data, and may identify factors associated with the objectives. The device may correlate the factors with potential data centers, and may apply weights to the correlated factors to generate correlated factor scores. The device may identify a list of data centers based on the correlated factor scores, and may determine a reduced list of data centers. The device may apply a preference technique to the reduced list of data centers to generate a ranked list of data centers, and may determine the hybrid cloud computing environment based on the ranked list of data centers. The device may perform actions based on the hybrid cloud computing environment.

Abstract: In some examples, collective application portfolio migration control may include determining, for a plurality of applications that are to be clustered for migration to a cloud environment, a coupling coefficient that represents a type of coupling between pairs of applications from the plurality of applications, a proximity coefficient that represents application proximities, and a connectedness coefficient that represents application connections. A combined application relatedness coefficient may be determined based on the coupling coefficient, the proximity coefficient, and the connectedness coefficient. A portfolio graph may be generated based on the combined application relatedness coefficient to generate migration application clusters to duster the plurality of applications. Migration of the plurality of applications to the cloud environment may be controlled based on the migration application clusters.

Abstract: In some examples, policy-based application architecture generation may include generating, based on a knowledge model schema, data residency policies, and a data classification ontology, a knowledge model, and determining, based on the knowledge model, whether an application includes regulated data. Based on an analysis of application data and user data, user location and regulated data insights may be generated to determine location specific data residency policies. Location specific regulated data in-flow and data source hosted location insights may be analyzed to determine a location compliance assessment that includes an indication of whether a location associated with the application is compliant or not compliant with the location specific data residency policies.

Abstract: In some examples, data classification and modelling based application compliance analysis may include generating, for application data for an application, and based on data laws, a knowledge graph schema that is used to generate an instantiated knowledge graph. Based on a plurality of data sources, domain knowledge and patterns, and the instantiated knowledge graph, classified data may be generated to generate an annotated knowledge graph. Based on the annotated knowledge graph, an indication of applicable sovereign laws and compliance related to the application data for the application may be generated. Based on the annotated knowledge graph and the applicable sovereign laws and compliance related to the application data for the application, a sovereign cloud strategy related to the application data for the application may be generated. Further, the sovereign cloud strategy may be applied to the application data for the application.

Abstract: In some possible implementations, a device may include one or more memories and one or more processors, communicatively coupled to the one or more memories, to: receive a document that includes a plurality of clauses relating to two or more entities; identify a selected clause, of the plurality of clauses, based on a characteristic of the selected clause; determine a domain-specific language (DSL) unit based on the selected clause, the DSL unit identifying the two or more entities and values associated with the selected clause, identified by the selected clause, associated with the two or more entities; automatically generate a smart contract based on the DSL unit, the smart contract being configured to enforce a condition or action, of the values, between the two or more entities; and perform an action based on the smart contract.

Abstract: In some examples, temporal variation identification of regulatory compliance based robotic agent control may include ascertaining a temporal sequence of compliance specification text, where the temporal sequence may include time points and versions of the compliance specification text at the time points. For each time point of the temporal sequence of the compliance specification text, a compliance specification graph may be generated. Based on an analysis of each of the generated compliance specification graphs, changes in the temporal sequence of the compliance specification text may be determined. Further, an operation associated with a robotic agent may be controlled by the robotic agent and based on the determined changes in the temporal sequence of the compliance specification text.

Abstract: System and methods for cryptologic digital twin segregation with blockchain for development operations are provided. By way of introductory example, a system may receive a first development object from a first devops tool and a second development object from a second devops tool. The system may identify, in a segregation model graph, a first node and a second node, the first node corresponding to the first development object and the second node corresponding to the second development object. The system may determine the first node is mapped to an off-chain storage classification and the second node is mapped to an on-chain storage classification. The system may store the first development object in an off-chain storage, generate a hash value of the first development object, and store the hash value of the first development object on a blockchain. The system may store the second development object on the blockchain.

Abstract: In some examples, data classification and modelling based application compliance analysis may include generating, for application data for an application, and based on data laws, a knowledge graph schema that is used to generate an instantiated knowledge graph. Based on a plurality of data sources, domain knowledge and patterns, and the instantiated knowledge graph, classified data may be generated to generate an annotated knowledge graph. Based on the annotated knowledge graph, an indication of applicable sovereign laws and compliance related to the application data for the application may be generated. Based on the annotated knowledge graph and the applicable sovereign laws and compliance related to the application data for the application, a sovereign cloud strategy related to the application data for the application may be generated. Further, the sovereign cloud strategy may be applied to the application data for the application.

Abstract: A device may obtain information identifying a base application. The device may extract a set of sub-application artifacts associated with the base application based on structural information associated with the base application. The device may define a set of metadata attributes associated with the set of sub-application artifacts associated with the base application. The device may generate a set of hash tuples for the set of metadata attributes associated with the set of sub-application artifacts associated with the base application. The device may generate a base composite identity of the base application based on the set of hash tuples. The device may store the base composite identity in a blockchain and in connection with storage of the base application in the blockchain to enable subsequent identification and verification of the base application.

Abstract: A device may receive information regarding a software environment and/or one or more modules associated with the software environment; receive information regarding one or more compliance requirements; determine one or more smart contracts based on the information regarding the one or more compliance requirements and the information regarding the software environment and/or the one or more modules associated with the software environment; obtain data regarding the software environment and/or the one or more modules; determine, using the one or more smart contracts, whether the data satisfies the one or more compliance requirements; and add at least part of a block, to a blockchain, to indicate whether the data satisfies the one or more compliance requirements, for realization of a reward or penalty associated with the one or more compliance requirements.

Abstract: According to an example, partitioning based migration of systems to container and micro-service based-platforms may include determining, based on an analysis of source code for an application that is to be partitioned, an entity model corresponding to the application, identifying resources associated with the application, and determining a mapping of the identified resources to entities of the entity model. Further, partitioning based migration of systems to container and micro-service based-platforms may include identifying dependencies for each of the mapped resources, generating dependency and control flow metrics for the application, generating affinity values between the mapped resources, generating a resource affinity graph, determining an affinity score between each of the mapped resources, and generating resource clusters that correspond to partitions of the application.

Abstract: System and methods for cryptologic digital twin segregation with blockchain for development operations are provided. By way of introductory example, a system may receive a first development object from a first devops tool and a second development object from a second devops tool. The system may identify, in a segregation model graph, a first node and a second node, the first node corresponding to the first development object and the second node corresponding to the second development object. The system may determine the first node is mapped to an off-chain storage classification and the second node is mapped to an on-chain storage classification. The system may store the first development object in an off-chain storage, generate a hash value of the first development object, and store the hash value of the first development object on a blockchain. The system may store the second development object on the blockchain.

Abstract: A device may obtain information identifying a base application. The device may extract a set of sub-application artifacts associated with the base application based on structural information associated with the base application. The device may define a set of metadata attributes associated with the set of sub-application artifacts associated with the base application. The device may generate a set of hash tuples for the set of metadata attributes associated with the set of sub-application artifacts associated with the base application. The device may generate a base composite identity of the base application based on the set of hash tuples. The device may store the base composite identity in a blockchain and in connection with storage of the base application in the blockchain to enable subsequent identification and verification of the base application.

Abstract: In some examples, temporal variation identification of regulatory compliance based robotic agent control may include ascertaining a temporal sequence of compliance specification text, where the temporal sequence may include time points and versions of the compliance specification text at the time points. For each time point of the temporal sequence of the compliance specification text, a compliance specification graph may be generated. Based on an analysis of each of the generated compliance specification graphs, changes in the temporal sequence of the compliance specification text may be determined. Further, an operation associated with a robotic agent may be controlled by the robotic agent and based on the determined changes in the temporal sequence of the compliance specification text.

Abstract: A method and system generate test cases for applications that include User Graphical Interfaces (GUIs). The system may extract GUI information from prototype requirements (e.g., interactive wireframes), generate a screen model for each screen of the GUI by using a subset of extracted GUI information, generate an application model representing the prototype requirements by combining the screen model for each screen, and generate test cases by using the sequence of the GUICs and the event types included in the test path and a semantic knowledge base. The semantic knowledge base is generated by using the relationships between GUICs and the GUIC events.