Abstract: A method for location attestation for a device connected to a network. The method includes: ascertaining at least one initial fingerprint, wherein the at least one initial fingerprint is specific to an initial network environment of the device in the network; storing the at least one ascertained initial fingerprint as a reference; ascertaining at least one current fingerprint, wherein the at least one current fingerprint is specific to a current network environment of the device on the network; comparing the at least one ascertained current fingerprint with the reference; verifying a geographic location of the device at least partially based on the comparison.

Abstract: A method for identifying potential data exfiltration attacks in at least one software package. The method includes: tracking at least one change to the software package; and detecting a manipulation suitable for data exfiltration on the changed software package.

Abstract: A method for processing sensor data representing one or more objects. The method includes semantically segmenting the sensor data so that the sensor data are divided into sensor data portions so that, for each of the one or more objects, a respective sensor data portion contains that part of the sensor data that represents the object; ascertaining, for a processing task through which the sensor data are to be processed, a division of the processing task into subtasks comprising at least one subtask to be outsourced, wherein it is ensured that each subtask to be outsourced processes respective sub-data of the sensor data, which sub-data contain, for each sensor data portion, at most a part of the sensor data portion; and outsourcing the at least one subtask to be outsourced.

Abstract: A method for remediating vulnerabilities of a data processing system. The method includes: storing a vulnerability response rule set which specifies responses of the data processing system in the data processing system, wherein each response is associated with one or more conditions and one or more functions of the data processing system, for each condition, it depends on the data processing system and a vulnerability or both, whether the condition is met; receiving a notification about a vulnerability of the data processing system; ascertaining one or more responses from the vulnerability response rule set, such that, for each ascertained response, the one or more conditions with which the ascertained response is associated are met for the vulnerability and the data processing system and the ascertained response is associated with at least one function to which the vulnerability relates and carrying out the one or more ascertained responses.

Abstract: A method for location-dependent verification of a teleoperator for remote control of a vehicle. At its current location, the vehicle repeatedly and automatedly performs the following: receiving, from the teleoperator, during remote control by the teleoperator, a response message requested via a network, ascertaining a current value of at least one network-dependent property of the received response message, determining a target value of the at least one network-dependent property, verifying the teleoperator by means of a verification of the current value of the at least one network-dependent property and of the determined target value based on a test condition, wherein in the case of a positive test result of the check, the teleoperator is authorized to perform the remote control of the vehicle, and in the case of a negative test result of the check, the vehicle terminates the remote control and/or sends a safety warning.

Abstract: A computer implemented method for intrusion detection performed at a first computing node. The method includes: obtaining, at the first computing node, at least one monitored characteristic of the first computing node during an operation of the first computing node associated with a state iteration of the first computing node, wherein the first monitored characteristic is indicative of an intrusion; and communicating, from the first computing node to a second computing node, the at least one monitored characteristic of the first computing node.

Abstract: A method for communicating data requests to one or more data sources. The method includes receiving a data request, with which data of one or more data types are requested, from an application, and checking the availability of one or more data sources that are able to provide the one or more requested data types. The method further comprises: if at least one of the one or more data sources is available, sending a request to the available data source for the requested associated data type that the data source can provide; and, if no data source is available for at least one of the requested data types, sending a request for this data type to a placeholder module.

Abstract: A method, in particular a computer-implemented method, for processing data of a technical system. The method includes the following steps: ascertaining first pieces of information which are associated with a data traffic of the system, and ascertaining metadata associated with the data traffic of the system based on the first pieces of information.

Abstract: A computer-implemented method for planning an allocation of at least one computational task from a computational resource comprised in at least one vehicle to one or more of a plurality of external computational resources in a vehicular communications network. The method comprises obtaining a spatial representation of a region characterising at least one route of a vehicle from a first location to a second location, and data characterising an availability of external computational resources at a plurality of locations in the region, providing at least one computational requirement indication of at least one atomic computational task required by the vehicle during a prospective movement of the vehicle from the first location to the second location, comparing the at least one computational requirement indication to the data characterising the availability of external computational resources at the plurality of locations in the region.

Abstract: A method for providing a function via a network of processing units using multiple computing instances. Each computing instance implements the function and is configured, when it is executed, to determine at least one result in response to a call-up of the function. The method includes validating the computing instances, each being checked as to whether the computing instance corresponds to a respective predetermined state; determining a respective level of reliability for each of the processing units; starting execution of successfully validated computing instances in the processing units, which have a level of reliability that is equal/greater than a predetermined minimum level of reliability; receiving a function request from a user; calling up the function in at least a portion of the executed computing instances corresponding to the function request, in order to determine multiple results; determining a response based on the results; and sending the response to the user.

Abstract: A method for providing a function by a group of computing units in which computation instances are executed, each computation instance implementing the function using at least one algorithm and being set up to determine at least one result in response to a call of the function. The method includes: determining an integrity level for each of the computation instances; receiving a function request from a subscriber, the function request including a quality requirement that includes an integrity requirement; selecting a plurality of the computation instances corresponding to the quality requirement, so that the integrity level of the selected computation instances corresponds to the integrity requirement; calling the function in the selected computation instances corresponding to the function request in order to determine a plurality of results; determining a response based on the results, taking into account the quality requirement; and sending the response to the subscriber.

Abstract: A computer-implemented method for continuously monitoring configurations of software for a system. The method includes providing input data to a plurality of digital twins for the system, wherein the digital twins have different configurations of the software for the system; monitoring at least one digital twin, of the plurality of digital twins, which is executed at least on the basis of the input data, wherein the monitoring is designed to recognize an abnormal state of the at least one digital twin; and evaluating the configuration of the software of the at least one digital twin as ineligible for provisioning if at least one abnormal state was recognized during the monitoring of the at least one digital twin. A computer-implemented method for continuously provisioning software for a system is also provided.

Abstract: A computer-implemented method for detecting anomalous communications in a service oriented communication system. The method includes providing at least one decoy service, hosted by a decoy server communicably coupled to the service oriented communication system, wherein the at least one decoy service is addressable using a corresponding decoy service identifier; detecting, at the decoy server, a request to consume at least one instance of the at least one decoy service, wherein the request originates from a client communicably coupled to the decoy server via the service oriented communication system; and performing, at the decoy server, a response to the request to consume the at least one instance of the at least one decoy service.

Abstract: A computer-implemented method for verifying messages in a service-oriented communication system of a vehicle, including receiving a message and a signature in a first entity of the service-oriented communication system, the message and the signature being received via the service-oriented communication system; checking if the message corresponds to a dedicated message and the signature corresponds to a signature belonging to the dedicated message; and verifying the message, if the checking turns out positive. A computer-implemented method for generating predetermined messages in a first entity of a service-oriented communication system of a vehicle, and a service-oriented communication system in a vehicle, which is configured, are also described.

Abstract: A computer-implemented method for recognizing and/or preventing an intrusion into a service-oriented communication system of a vehicle, including registering a process originating from an instance in the service-oriented communication system, and checking, at least based on a predetermined negative list, whether the process in the service-oriented communication system is impermissible. A service-oriented communication system in a vehicle, which is designed to apply the method for recognizing and/or preventing an intrusion into the service-oriented communication system, optionally the communication system being safeguarded via the method for recognizing and/or preventing an intrusion into the service-oriented communication system.

Abstract: A method for communicating data requests to one or more data sources. The method includes receiving a data request, with which data of one or more data types are requested, from an application, and checking the availability of one or more data sources that are able to provide the one or more requested data types. The method further comprises: if at least one of the one or more data sources is available, sending a request to the available data source for the requested associated data type that the data source can provide; and, if no data source is available for at least one of the requested data types, sending a request for this data type to a placeholder module.

Abstract: A method for protecting a computer-based classifier. The method includes determining a first similarity of a plurality of input data sets of a computer-based classifier, comparing the determined first similarity of the plurality of input data sets and a second similarity of a comparison corpus of input data sets and recognizing the possibility of an attack on the computer-based classifier when the first similarity of the plurality of input data sets and the second similarity of the comparison corpus deviate from one another in a predetermined manner.

Abstract: A computer implemented method for remote intrusion monitoring of a networked device. The method includes: receiving, by an intrusion detection engine connected to a network, a network communication to a first networked device; transmitting, via the intrusion detection engine, a duplicate of the network communication to a second networked device, wherein the second networked device hosts at least one virtual model of the first networked device; applying the duplicated network communication to the at least one virtual model of the first network device hosted by the second networked device; and monitoring, using a monitoring engine, the at least one virtual model of the first networked device upon reception of the duplicated network communication by the at least one virtual model.

Abstract: A computer implemented method for persistent security configuration monitoring of a persistent configuration record defining a configurable software and/or hardware system over a plurality of lifecycle stages of the system. The method includes during a first lifecycle phase of the system, automatically performing a first security task using a first automation engine according to a first configuration of the automation engine, wherein the first configuration defines a target action to be performed by the first automation engine, and an event detectable by the first automation engine that triggers the target action, detecting, using the first automation engine, the event, updating, using the first automation engine, a portion of the persistent configuration record relating to the first lifecycle phase, and triggering, via the first automation engine, at least one security task in response to the detection of the event.

Abstract: A computer-implemented method for detecting and/or assessing an intrusion into an electronic data system of a vehicle, including receiving data from each node of a set of nodes of the electronic data system of the vehicle, calculating a vehicle condition on the basis of the data, and detecting and/or assessing the intrusion into the electronic data system of the vehicle at least on the basis of the vehicle condition. A server in a network, which is designed to carry out the computer-implemented method for detecting and/or assessing an intrusion into an electronic system of the vehicle, the electronic data system of the vehicle and, optionally, each electronic data system of each further vehicle of the set of the further vehicles being connected to the network. A vehicle which includes an electronic data system which is secured according to the computer-implemented method.