Abstract: An apparatus and computer-implemented method for allocating computing resources in a method for protecting a computer-aided development environment in a distributed development process from damage and threats. In the method for protecting, multiple methods for identifying damage and/or a threat in the computer-aided development environment are carried out, wherein a metric which quantifies a quality and/or informative value of the method is determined for each method, wherein a respective offer for allocating computing resources for the execution of the respective method is determined for the methods depending on said metric, wherein the computing resources are allocated to the methods depending on the respective offer.

Abstract: A method for obtaining coverage-guided fuzzing of software on a hardware target. The hardware target includes a breakpoint register, and is designed to stop an execution of the software prior to execution of an instruction of the software if the instruction is reached during the execution of the software; a memory address of the instruction is set in the breakpoint register. The method includes setting a first breakpoint prior to a first instruction of the software; executing or continuing a fuzzing iteration of the software; first checking whether the first breakpoint is reached while executing or continuing the fuzzing iteration; storing a piece of log information that includes that the first instruction in the fuzzing iteration has been reached, and optionally deleting the first breakpoint if the first check is positive. The coverage-guided fuzzing of the software includes the piece of log information.

Abstract: A method for testing a computer program. The method includes training a machine learning model to predict, for each test input supplied thereto, a coverage of the computer program that is achieved when the computer program is executed with the test inputs as inputs, testing the computer program in a plurality of iterations, wherein in each iteration a test input is generated, the trained machine learning model is used to predict a coverage of the computer program that is achieved when the computer program is executed with the generated test input as input, it is ascertained whether the predicted coverage increases an overall coverage previously achieved by testing the computer program, and, in response to ascertaining that the predicted coverage increases the overall coverage previously achieved by testing the computer program, the computer program is executed with the generated test input.

Abstract: A method for testing a computer program. The method includes setting breakpoints on one or more memory access instructions in the computer program; executing the computer program; when one of the set breakpoints is triggered, ascertaining whether the memory access instruction is for accessing a data element that has a size that requires an alignment to the memory address to which it is written or from which it is read, and ascertaining the required alignment; if the memory access instruction is for accessing a data element that has a size that requires an alignment to the memory address to which it is written or from which it is read, ascertaining whether the memory address which the memory access instruction accesses meets the required alignment; in response to ascertaining that the memory address does not meet the required alignment, triggering a display that the computer program has an error.

Abstract: A method for testing a computer program. The method includes setting one or more breakpoints on one or more memory deallocation instructions in the computer program; executing the computer program; and, when one of the set breakpoints is triggered, setting a pointer that the memory deallocation instruction obtains as a specification of the memory area to be deallocated, to a value that triggers an exception when the pointer is subsequently used in the computer program.

Abstract: A method for testing a computer program. The method includes setting one or more breakpoints on one or more arithmetic or bit-shifting operations in the computer program; executing the computer program; when one of the set breakpoints is triggered, ascertaining whether an overflow flag is set by executing the respective arithmetic or bit-shifting operation; and triggering a display that the computer program has an error, in response to ascertaining that the overflow flag is set as a result of the respective arithmetic or bit-shifting operation.

Abstract: A method for testing a computer program. The method includes setting one or more breakpoints on one or more string output instructions in the computer program; executing the computer program; when one of the set breakpoints is triggered, ascertaining whether the string provided, for outputting, to a string output function called by the particular string output instruction contains one or more format specifications for the computer program for more values than provided as arguments to the particular string output function; and, in response to ascertaining that the string provided to the string output function for outputting contains one or more format specifications for the computer program for more values than provided as arguments to the particular string output function, triggering a display that the computer program has an error.

Abstract: A method for testing a computer program. The method includes executing the computer program until a memory share command for a memory area previously allocated by a memory allocation command of the computer program is called; setting, for each one or more memory locations of the memory area shared by the memory share command, a respective watchpoint for the memory location of the memory area and executing the memory share command; displaying, for each set watchpoint, that the computer program has an error, if the set watchpoint is triggered, and removing the watchpoint for each of the set watchpoints if the memory location for which it is set is reallocated by a further memory allocation command in the computer program.

Abstract: A method for testing a computer program. The method includes executing the computer program until a memory enable command is called for a memory region previously allocated by a memory allocation command of the computer program; skipping the memory enable command, and setting, for each of one or more memory locations of the memory region that is to be enabled by the memory enable command, a relevant watchpoint to the memory location of the memory region; and displaying, for each set watchpoint, that the computer program has a bug if the set watchpoint is triggered.

Abstract: A method for testing a computer program. The method includes ascertaining uninitialized variables of the test program, setting watchpoints to memory locations reserved for the uninitialized variables, and executing the computer program. The method also includes, for each set watchpoint: removing the watchpoint if the memory location to which the watchpoint is set is written to; and indicating that the computer program has an error if the watchpoint is triggered by a read access.

Abstract: A computer-implemented method for fuzzing a target software running on a computer. In the method: a target program is carried using first input data, memory context information of the target program's run is captured, a machine learning model is trained using the first input data and the memory context information as model input, a fuzzing input is generated based on an output of the machine learning model, the target program is tested using the fuzzing input.

Abstract: A method for testing a computer program. The method includes: executing the computer program until a memory allocation command is activated for allocating a memory region; expanding the memory region by a protection zone having at least one memory location; allocating the expanded memory region; setting a watchpoint on each of one or more memory locations of the protection zone; continuing the execution of the computer program; and displaying, for each set watchpoint, that the computer program has a bug if the set watchpoint is triggered.

Abstract: A method for testing a computer program. The method includes executing the computer program until a subprogram is called, ascertaining a memory location of the call stack in which the return address or the stack base pointer of the called subprogram is stored, setting a watchpoint on the ascertained memory location, setting breakpoints on return instructions of the called subprogram, continuing the execution of the computer program and indicating that the computer program has an error if the set watchpoint has been triggered before one of the set breakpoints due to a write to the memory location.

Abstract: A method for the automated performance of software tests for a program to be tested in an embedded system. The method includes: ascertaining, using an emulation-based fuzzer, a program behavior of the program to be tested, wherein at least one emulation-based result is derived on this basis; ascertaining, using a hardware-based fuzzer, the program behavior of the program to be tested, wherein at least one hardware-based result is derived on this basis; providing, using a monitoring component, the derived results, wherein the emulation-based result is provided to the hardware-based fuzzer, and/or the hardware-based result is provided to the emulation-based fuzzer.

Abstract: A method for communicating data requests to one or more data sources. The method includes receiving a data request, with which data of one or more data types are requested, from an application, and checking the availability of one or more data sources that are able to provide the one or more requested data types. The method further comprises: if at least one of the one or more data sources is available, sending a request to the available data source for the requested associated data type that the data source can provide; and, if no data source is available for at least one of the requested data types, sending a request for this data type to a placeholder module.

Abstract: A computer-implemented method for fuzzing a target software running on a computer. In the method: a target program is carried using first input data, memory context information of the target program's run is captured, a machine learning model is trained using the first input data and the memory context information as model input, a fuzzing input is generated based on an output of the machine learning model, the target program is tested using the fuzzing input.

Abstract: A method for obtaining coverage-guided fuzzing of software on a hardware target. The hardware target includes a breakpoint register, and is designed to stop an execution of the software prior to execution of an instruction of the software if the instruction is reached during the execution of the software; a memory address of the instruction is set in the breakpoint register. The method includes setting a first breakpoint prior to a first instruction of the software; executing or continuing a fuzzing iteration of the software; first checking whether the first breakpoint is reached while executing or continuing the fuzzing iteration; storing a piece of log information that includes that the first instruction in the fuzzing iteration has been reached, and optionally deleting the first breakpoint if the first check is positive. The coverage-guided fuzzing of the software includes the piece of log information.

Abstract: A method for communicating data requests to one or more data sources. The method includes receiving a data request, with which data of one or more data types are requested, from an application, and checking the availability of one or more data sources that are able to provide the one or more requested data types. The method further comprises: if at least one of the one or more data sources is available, sending a request to the available data source for the requested associated data type that the data source can provide; and, if no data source is available for at least one of the requested data types, sending a request for this data type to a placeholder module.