Abstract: Systems and methods for analyzing memory architectures and for mapping data structures in software programs to appropriate memory to take advantage of the different memory architectures. A computer architecture having a processor connected to one or more first memories and one or more second memories is defined, wherein the first memories and the second memories are characterized by different performance profiles. An executable of a software program is instrumented to capture, during runtime, patterns of access to selected data structures of the executable. Based on an analysis of the patterns of access, allocation of the selected data structures between the first and second memories is determined.

Abstract: Systems, methods, and products may comprise an analytic server, which improves security of a unified system of distributed network infrastructure comprising a plurality of cyber-physical systems. The analytic server may instantiate a sub attack tree for each cyber-physical system within the unified system. The analytic server may determine how the interconnection of the plurality of cyber-physical systems may affect the unified system security. The analytic server may monitor systems and receive electronic notifications of alerts in real-time from devices in the plurality of cyber-physical systems. The analytic server may follow the logic of the attack tree model by traversing the attack tree from bottom up and determine how the alerts from the cyber-physical systems may affect the distributed network infrastructure as a whole. The analytic server may generate reports comprising a list of the prioritized attacks and recommendation actions to mitigate the attacks.

Abstract: A method and system for determining predictably feasible model designs. The method includes defining a plurality of model designs, wherein the plurality of model designs include a plurality of infeasible model designs, wherein one or more of the infeasible model designs are infeasible due to limits in technology; storing information representing a plurality of technological trends; and classifying one or more of the infeasible model designs as predictably feasible model designs, wherein the predictable feasible model designs are those infeasible model designs expected to become feasible model designs if one or more of the plurality of technological trends continues as anticipated.

Abstract: An example method includes initializing, by an obfuscation computing system, communications with nodes in a distributed computing platform, the nodes including one or more compute nodes and a controller node, and performing at least one of: (a) code-level obfuscation for the distributed computing platform to obfuscate interactions between an external user computing system and the nodes, wherein performing the code-level obfuscation comprises obfuscating data associated with one or more commands provided by the user computing system and sending one or more obfuscated commands to at least one of the nodes in the distributed computing platform; or (b) system-level obfuscation for the distributed computing platform, wherein performing the system-level obfuscation comprises at least one of obfuscating system management tasks that are performed to manage the nodes or obfuscating network traffic data that is exchanged between the nodes.

Abstract: Systems, methods, and products comprise an analytic server, which improves security of a unified system of distributed network infrastructure comprising a plurality of cyber-physical systems. The analytic server may instantiate a sub attack tree for each cyber-physical system within the unified system. The analytic server may determine how the interconnection of the plurality of cyber-physical systems may affect the unified system security. The analytic server may monitor systems and receive electronic notifications of alerts in real-time from devices in the plurality of cyber-physical systems. The analytic server may follow the logic of the attack tree model by traversing the attack tree from bottom up and determine how the alerts from the cyber-physical systems may affect the distributed network infrastructure as a whole. The analytic server may generate reports comprising a list of the prioritized attacks and recommendation actions to mitigate the attacks.

Abstract: In general, this disclosure describes media stream transmission techniques for a computing device. The computing device captures a first media item and identifies a primary portion of the first media item and a secondary portion of the first media item different than the primary portion. The computing device applies a first compression algorithm to the primary portion of the first media item to generate a compressed primary portion. The computing device applies a second compression algorithm to the secondary portion of the first media item to generate a compressed secondary portion, where a data compression ratio of the second compression algorithm is greater than a data compression ratio of the first compression algorithm. The computing device transmits, to a central computing device, the compressed primary portion of the first media item and the compressed secondary portion of the first media item.

Abstract: In general, this disclosure describes media stream transmission techniques for a computing device. The computing device may capture an image of a local background environment. The computing device may record a first media stream that includes at least a portion of the image of the background environment and at least one movement of at least one object through the background environment. The computing device may remove the image of the background environment from the first media stream to create a second media stream that includes the movement of the object without the image of the background environment. The computing device may determine a bandwidth of a network over which the second media stream will be transmitted and perform further alterations to the second media stream if the current bandwidth is less than a bandwidth threshold level in order to reduce the bandwidth needed to transmit the second media stream.

Abstract: An example technique includes initializing, by an obfuscation computing system, communications with nodes in a distributed computing platform. The nodes include compute nodes that provide resources in the distributed computing platform and a controller node that performs resource management of the resources. The obfuscation computing system serves as an intermediary between the controller node and the compute nodes. The technique further includes outputting an interactive user interface (UI) providing a selection between a first privilege level and a second privilege level, and performing one of: based on the selection being for the first privilege level, a first obfuscation mechanism for the distributed computing platform to obfuscate digital traffic between a user computing system and the nodes, or based on the selection being for the second privilege level, a second obfuscation mechanism for the distributed computing platform to obfuscate digital traffic between the user computing system and the nodes.

Abstract: In general, this disclosure describes media stream transmission techniques for a computing device. The computing device captures a first media item and identifies a primary portion of the first media item and a secondary portion of the first media item different than the primary portion. The computing device applies a first compression algorithm to the primary portion of the first media item to generate a compressed primary portion. The computing device applies a second compression algorithm to the secondary portion of the first media item to generate a compressed secondary portion, where a data compression ratio of the second compression algorithm is greater than a data compression ratio of the first compression algorithm. The computing device transmits, to a central computing device, the compressed primary portion of the first media item and the compressed secondary portion of the first media item.

Abstract: In general, this disclosure describes media stream transmission techniques for a computing device. The computing device may capture an image of a local background environment. The computing device may record a first media stream that includes at least a portion of the image of the background environment and at least one movement of at least one object through the background environment. The computing device may remove the image of the background environment from the first media stream to create a second media stream that includes the movement of the object without the image of the background environment. The computing device may determine a bandwidth of a network over which the second media stream will be transmitted and perform further alterations to the second media stream if the current bandwidth is less than a bandwidth threshold level in order to reduce the bandwidth needed to transmit the second media stream.

Abstract: An example method includes initializing, by an obfuscation computing system, communications with nodes in a distributed computing platform, the nodes including one or more compute nodes and a controller node, and performing at least one of: (a) code-level obfuscation for the distributed computing platform to obfuscate interactions between an external user computing system and the nodes, wherein performing the code-level obfuscation comprises obfuscating data associated with one or more commands provided by the user computing system and sending one or more obfuscated commands to at least one of the nodes in the distributed computing platform; or (b) system-level obfuscation for the distributed computing platform, wherein performing the system-level obfuscation comprises at least one of obfuscating system management tasks that are performed to manage the nodes or obfuscating network traffic data that is exchanged between the nodes.

Abstract: An example method includes receiving, by a computing device comprising one or more processors, from a plurality of sources, data associated with an aircraft that is in an operation, wherein the plurality of sources comprises one or more sources of historical data and one or more sources of real-time data that is generated while the aircraft is in the operation. The example method further includes performing, by the computing device, a risk analysis of the data using a Bayesian network model that models risks associated with the aircraft in the operation. The example method further includes generating, by the computing device, an output based at least in part on the risk analysis.

Abstract: Techniques are described for controlling transfer of information in a secure manner across multiple network security domains. As described herein, cross-domain sharing may be facilitated by use of a common model that is shared by participants from the different network security domains. An example system is described in which a plurality of network domains comprises a respective set of client computing devices. A cross-domain object model specification specifies object classes for cross-domain objects accessible to the client computing devices. For each of the object classes, the cross-domain object model specification defines a plurality of data fields and specifies which of the data fields of the respective object class can be exposed to each of the respective network domains. A protected object repository positioned within each of the network domains stores an authorized portion of each of the cross-domain objects in accordance with the cross-domain object model specification.

Abstract: This disclosure is directed to techniques for providing version control functionality for web services of one or more service oriented architecture (SOA) systems. According to these techniques, a version control service (VCS) may receive an indication of a version update for a first web service. In response to the received request, the VCS determines whether the version update, if executed within the SOA system, will cause a change in operation of a second web service. If the version update will cause a change, VCS provides an indication of the determined change to a user.

Abstract: This disclosure is directed to techniques for providing comparing first and second XML files to one another. According to these techniques, a computing device (e.g., a version control service executing on the computing device), may be configured generate at least two edit transcripts that each include one or more operational changes that may be applied to data elements of the first XML file to arrive at data elements of the second XML file (or vice versa). The computing device may select at least one optimal edit transcript based on which of the number of operational changes of the at least two edit transcripts.

Abstract: This disclosure is directed to techniques for providing version control functionality for web services of one or more service oriented architecture (SOA) systems. According to these techniques, a version control service (VCS) may receive an indication of a version update for a first web service. In response to the received request, the VCS determines whether the version update, if executed within the SOA system, will cause a change in operation of a second web service. If the version update will cause a change, VCS provides an indication of the determined change to a user.

Abstract: In general, techniques are described for an RDF (Resource Description Framework) database system which can scale to huge size for realistic data sets of practical interest. In some examples, a database system includes a Resource Description Framework (RDF) database that stores a plurality of data chunks to one or more storage drives, wherein each of the plurality of data chunks includes a plurality of triples of the RDF database. The database system also includes a working memory, a query interface that receives a query for the RDF database, a SPARQL engine that identifies a subset of the data chunks relevant to the query, and an index interface that includes one or more bulk loaders that load the subset of the data chunks to the working memory. The SPARQL engine executes the query only against triples included within the loaded subset of the data chunks to obtain a query result.

Abstract: In general, techniques are described for an RDF (Resource Description Framework) database system which can scale to huge size for realistic data sets of practical interest. In some examples, a database system includes a Resource Description Framework (RDF) database that stores a plurality of data chunks to one or more storage drives, wherein each of the plurality of data chunks includes a plurality of triples of the RDF database. The database system also includes a working memory, a query interface that receives a query for the RDF database, a SPARQL engine that identifies a subset of the data chunks relevant to the query, and an index interface that includes one or more bulk loaders that load the subset of the data chunks to the working memory. The SPARQL engine executes the query only against triples included within the loaded subset of the data chunks to obtain a query result.

Abstract: The invention is directed to techniques for allowing a user to remotely interrogate a target computing device in order to collect and analyze computer evidence that may be stored on the target computing device. A forensic device receives input from a remote user that identifies computer evidence to acquire from the target computing device. The forensic device acquires the computer evidence from the target computing device and presents a user interface for the forensic device through which the remote user views the computer evidence acquired from the target computing device. In this manner, forensic device allows the user to interrogate the target computing device to acquire the computer evidence without seizing or otherwise “shutting down” the target device.

Abstract: The invention is directed to techniques for allowing a user to remotely interrogate a target computing device in order to collect and analyze computer evidence that may be stored on the target computing device. A forensic device receives input from a remote user that identifies computer evidence to acquire from the target computing device. The forensic device acquires the computer evidence from the target computing device and presents a user interface for the forensic device through which the remote user views the computer evidence acquired from the target computing device. In this manner, forensic device allows the user to interrogate the target computing device to acquire the computer evidence without seizing or otherwise “shutting down” the target device.