Abstract: A contact module for a circuit breaker is disclosed, comprising: a base, a cover, an operation mechanism, at least three kinds of asymmetrical single-pole switches and a release mechanism. The cover is mounted on the base to form a space, where the mechanisms and the switches are disposed. The operation mechanism is connected to one switch; the release mechanism to the at least three switches. Each switch comprises a strong side and a weak side. For each switch, there is a thick contact housing on the strong side connected to a thick shaft, and a thin one on the weak side connected to a thin shaft. A rotor component has a single contact spring mounted on the weak side. Rotation shafts are connected by a linkage shaft to connect the single-pole switches; a strong side of one switch is connected to a weak side of another switch.

Abstract: Systems and techniques for securing accessible computer-executable program code and systems are provided. One or more base functions may be generated and blended with existing program code, such that it may be difficult or impossible for a potential attacker to distinguish the base functions from the existing code. The systems and code also may be protected using a variety of other blending and protection techniques, such as fractures, variable dependent coding, dynamic data mangling, and cross-linking, which may be used individually or in combination, and/or may be blended with the base functions.

Abstract: A method and system for renewing software at the component-level is provided. A client program includes a base component for loading a software component into at least one loadable region of the program to update the program. Code in the software component is for writing state data associating the state of the update in storage, upon execution of the software component, and testing the state data to verify condition of the updated program and disallowing rollback and roll-forward attacks, the state data comprising hash chain values. The state data for verifying the correctness of the updated program is entangled with application data used for the program functionality. A server includes: an update pool having a plurality of software updates deployed in each client, and a policy control for monitoring and controlling at least one of: the length of time the client runs until the software update is invoked, a chain of the updates; and the granularity of the update.

Abstract: A method and system for renewing software at the component-level is provided. A client program includes a base component for loading a software component into at least one loadable region of the program to update the program. Code in the software component is for writing state data associating the state of the update in storage, upon execution of the software component, and testing the state data to verify condition of the updated program and disallowing rollback and roll-forward attacks, the state data comprising hash chain values. The state data for verifying the correctness of the updated program is entangled with application data used for the program functionality. A server includes: an update pool having a plurality of software updates deployed in each client, and a policy control for monitoring and controlling at least one of: the length of time the client runs until the software update is invoked, a chain of the updates; and the granularity of the update.

Abstract: Methods and nodes for securing execution of a web application by determining that a call dependency from a first to a second function needs to be protected, adding a Partial Execution Stub (PES) function comprising code to establish a communication connection with a trusted module. Methods and nodes for secured execution of a web application by invoking a function of the web application, invoking a Partial Execution Stub (PES) function during execution of the function of the web application, sending, from the PES function, a message call with current execution information to a trusted module and receiving, a verification result from the trusted module.

Abstract: A method to secure a non-native application. The non-native application is processed to obtain an application stub to be triggered within a virtual machine. The processing of the non-native application also provide a native code function upon which the application stub depends. The non-native function is part of a trusted module that extends application security services from the trusted module to the virtual machine. The trusted module is a native code application that creates a trusted zone as a root of trustiness extending to the virtual machine by an execution-enabling mechanism between the application tab and the non-native function.

Abstract: Methods and nodes for securing execution of a web application by determining that a call dependency from a first to a second function needs to be protected, adding a Partial Execution Stub (PES) function comprising code to establish a communication connection with a trusted module. Methods and nodes for secured execution of a web application by invoking a function of the web application, invoking a Partial Execution Stub (PES) function during execution of the function of the web application, sending, from the PES function, a message call with current execution information to a trusted module and receiving, a verification result from the trusted module.

Abstract: A method to secure a non-native application. The non-native application is processed to obtain an application stub to be triggered within a virtual machine. The processing of the non-native application also provide a native code function upon which the application stub depends. The non-native function is part of a trusted module that extends security services from the trusted module to the virtual machine. The trusted module is a native code application that creates a trusted zone as a root of trustiness extending to the virtual machine by an execution-enabling mechanism between the application tab and the non-native function.

Abstract: Methods and devices for thwarting code and control flow based attacks on software. The source code of a subject piece of software is automatically divided into basic blocks of logic. Selected basic blocks are amended so that their outputs are extended. Similarly, other basic blocks are amended such that their inputs are correspondingly extended. The amendments increase or create dependencies between basic blocks such that tampering with one basic block's code causes other basic blocks to malfunction when executed.

Abstract: The present invention discloses a contact module for circuit breaker. The contact module comprises: a base, a cover, an operation mechanism, three kinds of single-pole switches and a release mechanism. The cover is mounted on the base to form an accommodation space, the operation mechanism, the three kinds of single-pole switches and the release mechanism are disposed in the accommodation space. The operation mechanism is connected to one kind of the single-pole switch, the release mechanism is connected to the three kinds of the single-pole switches. All of the three kinds of single-pole switches are asymmetrical. Each kind of single-pole switch comprises a strong side and a weak side, for each kind of single-pole switch, a contact housing on the strong side is thick and is connected to a thick shaft, a contact housing on the weak side is thin and is connected to a thin shaft.

Abstract: A rotating dual break point contact includes a rotor support, a first shaft, a second shaft, a third shaft, a first connection rod, a second connection rod, a contact bridge and a contact spring. The contact bridge is provided in the rotor support, and the contact bridge rotates relative to the rotor support by means of the first shaft, the second shaft, the third shaft, the first connection rod and the second connection rod. The contact bridge rotates between an initial pressure position and a maximum repulsion position. A single contact spring is mounted on one side of the contact bridge and is located in the rotor support.

Abstract: A storage system is dynamically reconfigured. The storage system includes storage pools that each include one or more storage disks. Storage pools to be expanded are determined as target storage pools. For the target storage pools, source storage disks to be moved into the target storage pools are determined from other storage pools than the target storage pools in the storage system. The source storage disks are migrated to the respective target storage pools.

Abstract: A fast closing mechanism includes a rotation shaft and an ejector pin. The ejector pin is rotatably assembled to the side plate by the rotation shaft. The ejector pin strides over the side plate. The ejector pin includes a first portion and a second portion. The first portion is connected to a handle via a rod, and the second portion is located above a press plate. The fast closing mechanism may have an additional ejector pin based on current structures, the press plate may press against a moving contact at an initial stage of a closing process, so that the moving contact will not move during the initial stage of the closing process. The mechanical energy generated during the closing process is stored in an energy storage spring. At a later stage of the closing process, the ejector pin releases the press plate to accomplish closing quickly.

Abstract: A storage system is dynamically reconfigured. The storage system includes storage pools that each include one or more storage disks. Storage pools to be expanded are determined as target storage pools. For the target storage pools, source storage disks to be moved into the target storage pools are determined from other storage pools than the target storage pools in the storage system. The source storage disks are migrated to the respective target storage pools.

Abstract: A storage system is dynamically reconfigured. The storage system includes storage pools that each include one or more storage disks. Storage pools to be expanded are determined as target storage pools. For the target storage pools, source storage disks to be moved into the target storage pools are determined from other storage pools than the target storage pools in the storage system. The source storage disks are migrated to the respective target storage pools.

Abstract: A method and system that provides secure modules that can address Java platform weaknesses and protect Java bytecode during execution time. The secure modules are implemented in C/C++ as an example. Because implementation of the security modules is made in C/C++, this enables use of security technology that secures C/C++ software code.

Abstract: Systems and techniques for securing accessible computer-executable program code and systems are provided. One or more base functions may be generated and blended with existing program code, such that it may be difficult or impossible for a potential attacker to distinguish the base functions from the existing code. The systems and code also may be protected using a variety of other blending and protection techniques, such as fractures, variable dependent coding, dynamic data mangling, and cross-linking, which may be used individually or in combination, and/or may be blended with the base functions.

Abstract: A system and method for transforming a software application comprising binary code and optionally associated data, from an original form to a more secure form. The method includes performing a combination of binary transmutations to the application, and interlocking the transmutations by generating and placing interdependencies between the transmutations, wherein a transmutation is an irreversible change to the application. Different types of the transmutations are applied at varied granularities of the application. The transmutations are applied to the application code and the implanted code as well. The result is a transformed software application which is semantically equivalent to the original software application but is resistant to static and/or dynamic attacks.

Abstract: Methods and devices for thwarting code and control flow based attacks on software. The source code of a subject piece of software is automatically divided into basic blocks of logic. Selected basic blocks are amended so that their outputs are extended. Similarly, other basic blocks are amended such that their inputs are correspondingly extended. The amendments increase or create dependencies between basic blocks such that tampering with one basic block's code causes other basic blocks to malfunction when executed.

Abstract: Methods and nodes for securing execution of a web application by determining that a call dependency from a first to a second function needs to be protected, adding a Partial Execution Stub (PES) function comprising code to establish a communication connection with a trusted module. Methods and nodes for secured execution of a web application by invoking a function of the web application, invoking a Partial Execution Stub (PES) function during execution of the function of the web application, sending, from the PES function, a message call with current execution information to a trusted module and receiving, a verification result from the trusted module.