Abstract: The disclosure relates to a method for analyzing target software with respect to potential vulnerabilities, using a machine learning model, in particular a large language model, including: providing first instruction information for the machine learning model, including: an instruction, based on information about the target software and information about the vulnerability, specifying how the vulnerability can be exploited; determining, based on the first instruction information, a first set of possibilities for how the vulnerability can be exploited; determining, based on reference information, for each of the first set of possibilities, a respective probability that the respective possibility is used; providing second instruction information, including: an instruction specifying how the first selected possibility can be implemented; determining, based on the second instruction information, a second set of possibilities for how the first selected possibility can be implemented; determining, based on one or mo

Abstract: A computer-implemented method for preventing loss of function in a local instance when there is a disturbance of a connection to a backend in a communication system that has a local instance having a local agent and a backend acting in part as a global agent, an agent designating a unit that is designed to achieve defined goals through autonomous behavior. The method includes, when there is a connection to the backend, the providing of the function by the global agent, which receives backend information from the backend during the providing of the function, and, if a connection to the backend is disturbed, the providing of the function by the local agent.

Abstract: A method for generating training data for use in training a machine learning model used to detect malware, in particular in operating software for a technical system. The method includes: providing malware data, which include a plurality of decompositions, wherein each decomposition comprises function blocks that are or have been obtained by decomposing an attack vector; providing good software data, which comprise a plurality of decompositions, wherein each decomposition comprises function blocks that are or have been obtained by decomposing a good software sample; generating the training data, on the basis of the malware data and the good software data, wherein the training data comprise adapted good software samples, which are each based on function blocks of a corresponding good software sample that are supplemented with one or more function blocks of the malware data; and providing the training data for use in training the machine learning model.

Abstract: A method for determining correctness and/or for generating an assessment of the risk of cyber attacks on a particular system. The method includes receiving a request to carry out cyber attack(s) on the system and invoking a machine learning agent. The machine learning agent accesses a generative machine learning model. The method further includes carrying out one or more cyber attacks on the system using the machine learning agent in response to the request, evaluating the results of the one or more carried out cyber attacks and determining, based on a finding of the step of evaluating the result, whether a predetermined assessment of the risk of cyber attacks on the particular system is correct or generating, based on a finding of the step of evaluating the result, an assessment of the risk of cyber attacks on the particular system.

Abstract: A method for detecting attacks on a computer system. The method includes, for each of one or more security vulnerabilities, extracting at least one exploit string assigned to the security vulnerability from code of a program that exploits the security vulnerability, wherein each of the extracted exploit strings is a string sent by the particular program to exploit the security vulnerability to which the exploit string is assigned, receiving messages by a computer system, searching for the extracted exploit strings in payload data of the received messages, and in response to one of the extracted exploit strings being found in one of the received messages, issuing an alarm indicating that an attack to exploit the security vulnerability to which the found exploit string is assigned has occurred, and alarm information indicating the message and the security vulnerability.

Abstract: A computer-implemented method for automatically generating a patch of software or of a part of the software designed to control, regulate and/or monitor a technical system or a part thereof. The method includes generating, via a machine learning model, at least one patch for a vulnerability of the software or the part thereof based on a prompt and a binary code of the software or the part thereof. A computer-implemented method for further training a machine learning model is also described, the machine learning model being designed to generate at least one patch for a vulnerability of software or a part of the software based on a prompt and a binary code of the software or the part thereof. The method includes adapting the machine learning model based on at least one generated patch and at least one evaluation result resulting from evaluating the at least one patch.

Abstract: A computer-implemented method for maintaining a function of a local entity upon connection disruption to a backend in a communication system including a backend and a plurality of local entities. The backend provides backend information for the function. The method includes reception of local behavior models from a plurality of local entities by the backend, wherein the local behavior models provide the function in the local entities if particular backend information is not available; creation of a behavior model based on the received local behavior models; and transmission of the behavior model to a local entity of the plurality of the local entities by the backend.

Abstract: A method for generating fuzz drivers for a fuzz setup. The method includes: inputting documentation of a fuzz target into a language understanding Artificial Intelligence (AI); generating, by the language understanding AI, Application Programming Interface (API) calls and their arguments from the documentation; generating at least one fuzz driver from the API calls and their arguments.

Abstract: A method for automatically analyzing a computer program. The method includes generating intermediate representation code including a sequence of intermediate representation instructions by decompiling binary code of the computer program, generating one or more intermediate representation code strings from the sequence of intermediate representation instructions, searching for reference intermediate representation code strings of a plurality of reference intermediate representation code strings in the one or more intermediate representation code strings by means of a string kernel search, wherein each reference intermediate representation code string belongs to a program component, and ascertaining the program components to which the reference intermediate representation code strings found in the one or more intermediate representation code strings by means of the string kernel comparison belong as the program components present in the computer program.

Abstract: A computer-implemented method for automated detection of known vulnerabilities in a static test of software. The method includes extracting a data structure of a code of the software; identifying software component(s) on which the software depends based on the code, the extracted data structure and/or the software bill of materials of the software; evaluating, for identified software components, whether the software component is associated with a known vulnerability, potentially vulnerable software component{s) resulting; applying, for potentially vulnerable software component(s), a machine learning model to a description associated with the known vulnerability, wherein the machine learning model is trained and configured to determine at least one root cause from at least the description and a prompt; and evaluating the at least one potentially vulnerable software component as vulnerable or as not vulnerable or, optionally, as unevaluable based on the at least one root cause and the extracted data structure.

Abstract: A method for testing a computer program. The method includes setting breakpoints on one or more memory access instructions in the computer program; executing the computer program; when one of the set breakpoints is triggered, ascertaining whether the memory access instruction is for accessing a data element that has a size that requires an alignment to the memory address to which it is written or from which it is read, and ascertaining the required alignment; if the memory access instruction is for accessing a data element that has a size that requires an alignment to the memory address to which it is written or from which it is read, ascertaining whether the memory address which the memory access instruction accesses meets the required alignment; in response to ascertaining that the memory address does not meet the required alignment, triggering a display that the computer program has an error.

Abstract: A method for generating at least one new test case for a fuzzing software test. The method includes: providing at least one existing test case for the fuzzing software test, wherein the fuzzing software test is provided for testing at least one of a plurality of different forms of a test target; generating representation information on the basis of the at least one existing test case and on the basis of an effect of training test cases on a plurality of the different forms of the test target; generating the at least one new test case for the fuzzing software test on the basis of the representation information.

Abstract: A computer-implemented method for preventing loss of function in a local instance when there is a disturbance of a connection to a backend in a communication system that has a local instance having a local agent and a backend acting in part as a global agent, an agent designating a unit that is designed to achieve defined goals through autonomous behavior. The method includes, when there is a connection to the backend, the providing of the function by the global agent, which receives backend information from the backend during the providing of the function, and, if a connection to the backend is disturbed, the providing of the function by the local agent.

Abstract: A computer-implemented method for maintaining a function of a local entity upon connection disruption to a backend in a communication system including a backend and a plurality of local entities. The backend provides backend information for the function. The method includes reception of local behavior models from a plurality of local entities by the backend, wherein the local behavior models provide the function in the local entities if particular backend information is not available; creation of a behavior model based on the received local behavior models; and transmission of the behavior model to a local entity of the plurality of the local entities by the backend.

Abstract: A method and device for handling an anomaly at a unit. The device is integrated into the unit. A variable is detected for handling attacks on the unit that defines an operation of the unit. A piece of information is determined depending on the variable that characterizes surroundings in which the unit is operated. It is checked depending on a comparison of the piece of information about the surroundings to a piece information about the setpoint surroundings for the operation of the unit, whether or not an anomaly is present in the operation of the unit. The unit is operated in a first operating mode having a first functional range, if no anomaly is detected. The unit is operated in a second operating mode having a second functional range, which is reduced or changed with regard to the first functional range, if an anomaly is detected.

Abstract: A method for communicating data requests to one or more data sources. The method includes receiving a data request, with which data of one or more data types are requested, from an application, and checking the availability of one or more data sources that are able to provide the one or more requested data types. The method further comprises: if at least one of the one or more data sources is available, sending a request to the available data source for the requested associated data type that the data source can provide; and, if no data source is available for at least one of the requested data types, sending a request for this data type to a placeholder module.

Abstract: A method for communicating data requests to one or more data sources. The method includes receiving a data request, with which data of one or more data types are requested, from an application, and checking the availability of one or more data sources that are able to provide the one or more requested data types. The method further comprises: if at least one of the one or more data sources is available, sending a request to the available data source for the requested associated data type that the data source can provide; and, if no data source is available for at least one of the requested data types, sending a request for this data type to a placeholder module.

Abstract: A method and device for handling an anomaly at a unit. The device is integrated into the unit. A variable is detected for handling attacks on the unit that defines an operation of the unit. A piece of information is determined depending on the variable that characterizes surroundings in which the unit is operated. It is checked depending on a comparison of the piece of information about the surroundings to a piece information about the setpoint surroundings for the operation of the unit, whether or not an anomaly is present in the operation of the unit. The unit is operated in a first operating mode having a first functional range, if no anomaly is detected. The unit is operated in a second operating mode having a second functional range, which is reduced or changed with regard to the first functional range, if an anomaly is detected.

Abstract: The present invention relates to electric appliances for personal care, in particular electric shavers, comprising a magnetic linear drive unit having first and second drive components supported for linear displacement relative to each other and adapted to magnetically interact with each other, wherein a drive support is provided for supporting the drive unit onto a mounting structure. The drive support supporting the drive unit onto a mounting structure of the installation environment is adapted to provide for at least one axis of rotation for at least one of the drive components of the drive unit allowing said at least one drive component to rotate relative to the mounting structure.

Abstract: An active noise reduction earphone includes a speaker, a plurality of microphones and a feedback system. Each microphone is displaced from the speaker and the other microphones, and each microphone generates a microphone signal responsive to received acoustic noise. The feedback system receives a combination of the microphone signals and generates an inverse noise signal that is applied to the speaker. The speaker generates an inverse acoustic noise signal that substantially cancels the acoustic noise signal at a predetermined location relative to the speaker and the microphones. The feedback system can include a microphone signal combiner in communication with the microphones. The microphone signal combiner generates a signal that may be a sum or weighted sum of the microphone signals and can be used to generate the inverse noise signal. The earphone has an increased noise reduction bandwidth and improved cancellation capability relative to conventional earphones.