Abstract: The present teaching generally relates to identifying data bucket overlap with online experiments. In a non-limiting embodiment, first data representing a first set of identifiers associated with a first data bucket of a first online experiment may be obtained. Second data representing a second set of identifiers associated with a second data bucket of the first online experiment may be obtained. Based on the first data and the second data, a first number of identifiers that are associated with the first data bucket and the second data bucket may be determined. In response to determining that the first number exceeds a threshold, a data flag indicating that results associated with the first online experiment are inconsistent may be generated.

Abstract: An information handling system may include at least one processor and a non-transitory, computer-readable medium having instructions thereon that are executable by the at least one processor for: receiving information regarding a software defect, wherein the information regarding the software defect includes a description of one or more steps usable to reproduce the defect; determining a plurality of keywords based on the description of the one or more steps; and accessing a database to determine one or more executable commands corresponding to each of the one or more steps.

Abstract: Parameter values in source code can be automatically validated using the techniques described herein. For example, a system can receive source code that includes a call to an action. The action can have a parameter that is set to a selected value in the source code. The parameter can be defined in definition data. The system can also receive a file that separate from the source code and includes metadata for the parameter. The system can extract the metadata from the file and modify the definition data to include the metadata. The system can then execute a validation process on the selected value for the parameter. The validation process can involve retrieving the metadata from the modified definition data, evaluating the selected value using the metadata to determine whether the selected value is invalid, and if it is invalid, outputting an error notification indicating that the selected value is invalid.

Abstract: A method, computer system, and computer program product are provided for automatically analyzing software packages to identify the degree of differences between compared software packages and to apply security policies. A first software bill of materials for a software package is processed to extract a plurality of components of the software package, wherein the first software bill of materials indicates a first hierarchy of components based on relationships between components. The first hierarchy is compared to a second hierarchy, the second hierarchy corresponding to a second software bill of materials, to determine a degree of difference between the first hierarchy and the second hierarchy. The degree of difference is compared to one or more threshold values. A security policy is applied with respect to the software package according to a comparison of the degree of difference to the one or more threshold values.

Abstract: Aspects of the disclosure relate to conducting automated web service testing in a continuous integration and delivery test deployment environment using artificial intelligence (AI) generated test data. In some embodiments, a computing platform may receive, from a developer computing platform, a test code request, receive, from a web service computing platform, a training data set, configure a test data set based on the training data set and the test code request, use AI engine to apply one or more corrections to the test data set based on the test code request and to produce a corrected test data set, execute the test code using the corrected test data set to produce test code output results, and send, to the developer computing platform, the test code output results.

Abstract: The present disclosure relates to monitoring processes. A processor creates a numerical representation of a nominal operation of the process. The processor then encrypts the numerical representation using homomorphic encryption to determine an encrypted numerical representation that blocks access to the numerical representation but allows calculations on the numerical representations. The processor proceeds by creating smart contracts on a blockchain platform using the encrypted numerical representation as a first input to the calculations of the smart contract. Next, the processor attempts execution of the smart contract using the current operation of the process as a second input to the calculations of the smart contract. The execution of the smart contract generates an output result by performing the calculations on the encrypted numerical representations.

Abstract: A database system performs queries on fields storing arrays of a database (i.e., array fields) using de-duplication indexes. The system generates de-duplication indexes for array fields. The de-duplication indexes include unique entries for corresponding distinct values stored by the array fields. The system uses the de-duplication indexes to perform efficient queries specifying corresponding array fields. The system may further generate de-duplication indexes corresponding one or more fields storing various types of values. In various embodiments, the system selects an optimal index from various indexes usable to execute a query, such as a de-duplication index and a conventional index.

Abstract: Before deployment, artifacts and/or binaries are generated by the process of compilation from source code files are double signed with signatures. Immediately before deployment, a copy of the artifacts and/or binaries is made for the planned deployment and the double signed signatures are checked to ensure source code integrity and security.

Abstract: Methods and systems for testing of at least one computer application include receiving from a user a monitoring request; selecting a script; performing at least one automation test with at least one automation application; requesting analytic data from at least one computer application; receiving analytic data associated with the at least one computer application; determining response data of the at least one computer application by inputting the analytic data to a comparison model determined based on an analysis technique configured to detect a failure by the at least one computer application; and generating a report based on an output of the analysis technique if the failure by the at least one computer application is detected.

Abstract: A method can be used for verifying an execution of a compiled software program stored in a program memory of a processor and executed by the processor. A write operation includes assigning a destination address in a register of the processor and writing a datum at a location pointed to by the destination address contained in the register. A verification operation includes reassigning the same destination address in the same register, reading the datum contained at the location pointed to by the destination address contained in the register after the reassignment, and comparing the read datum and the written datum.

Abstract: A system for reference-aware application recreation in a container deployment environment is presented. The system includes a reference detection module configured to detect and store one or more reference paths corresponding to each resource type of a plurality of resources in the container deployment environment; a resource ordering module configured to generate a recreation sequence by ordering the plurality of resources based on corresponding references at the reference paths, such that a referenced resource is recreated before the referring resource; and an application recreation module configured to recreate an application based on the recreation sequence. A related method is also presented.

Abstract: The present technology addresses a need in the art for an automated tool that allows users to create network-based custom workflows for networks and associated management applications. The users do not need to have in-depth network knowledge to work with the tool or even write any code/script. The tool provides the users with a flexible graphical user interface for automated troubleshooting, network provisioning, and closed-loop automation. Further, the tool uses a domain-independent semantic machine reasoning engine as an underlying engine and a mock data engine to test and validate network-based workflows created by the users.

Abstract: A computer-implemented method for static testing a software system that is decomposed into software units connected by interfaces. The method comprises receiving context information for an interface, which includes at least one postcondition for the at least one output variable of a respective first software unit and/or a precondition for the input variable of a respective second software unit; receiving a selection of a third software unit in so that a substitute decomposition appertaining thereto of the software system into the third software unit and a complement of the third software unit is produced, the third software unit and the complement forming the software system and being connected via a substitute interface; selecting, based on the item of context information a postcondition per output variable of the complement; and testing whether the selected postcondition can be forward-propagated by the third software unit with regard to a formal verification.

Abstract: Described systems and techniques store, at a first time, first system service verification data that includes a first capture of a system services table having at least one system service entry, and a first portion of a system service identified in the at least one system service entry. At a second time, second system service verification data may be stored that includes a second capture of the system services table and a second portion of the system service identified in the at least one system service entry. At least one mismatch between the first system service verification data and the second system service verification data may be determined. At least one security notification message identifying the at least one mismatch with respect to at least one of the second capture of the system services table and the second portion may thus be generated.

Abstract: Systems and methods for adjusting operating parameters of at least one pipelined software asset. Within a pipelined environment, an agent software asset is inserted immediately preceding a software asset whose operating parameters are to be adjusted. The agent software asset receives data and/or data sets from a user and such data and data sets are inserted/used by the software asset. The agent software asset also allows for a reporting of the output of other software assets to thereby provide users with intermediate outputs from the pipelined environment.

Abstract: A system includes a memory and processor. The memory stores code segment vulnerability findings that were generated through static application security testing (SAST). The processor generates a code fingerprint for each code segment, which corresponds to an abstract syntax tree that has been augmented by data flow information and flattened. The processor applies a machine learning clustering algorithm to group the code fingerprints into clusters of fingerprints that share one or more features. The processor additionally determines that both the fingerprint corresponding to the first source code segment and the fingerprint corresponding to a second source code segment belong to the same cluster. In response, the processor transmits an alert to a device of an administrator, identifying the second code segment as vulnerable to a real vulnerability, where a vulnerability finding for the first code segment has been classified as the real vulnerability through external review.

Abstract: Systems and methods of defending against stack-based cybersecurity attacks that exploit vulnerabilities in buffer overflows. The embodiments disclosed herein propose hijacking program flow in a program binary by insert call checking CFI code before calling a target. Examples of a target can be a function within the program binary, a register, or a memory location. If the call target is a valid call target (e.g., included in a global list of addresses), normal program flow resumes and the program flow is transferred to the target. On the contrary, if the call target is not a valid call target (e.g., not included in a global list of addresses), the program binary is deliberately crashed.

Abstract: The technology disclosed herein can be used to evaluate system recovery using emulated production systems. In accordance with one example, the technology can involve accessing state data of a target computing device that is in a production environment, the state data can include a performance measurement of a target computing device; updating a configuration of a computing device to adjust a performance of the computing device to correspond to the performance measurement of the target computing device; introduce, by the processing device, a disturbance to the computing device; determining, by the processing device, a performance of the computing device at a time after the introducing the disturbance; and generating performance data indicating an effect the disturbance has on the computing device.

Abstract: Disclosed are systems and methods that determine specification portions of Dafny code and transform those specifications into one or more annotations, expressions, comments, and/or assertions that are included in a destination code written in a destination language as part of a compilation of the Dafny code into the destination code. The annotations, expressions, comments, and/or assertions in the destination code may be utilized by a verification component, such as a Checker Framework, to detect errors that are introduced into the destination code by the compiler as part of the compilation or to verify the absence of errors in the destination code.

Abstract: Methods and systems for verifying control coupling analysis in testing of software code include: selecting a source file to be tested, the source file having source code, the source file selected from a system set including a plurality of source files from one or more nodes in a system; identifying one or more control couples within the source file by performing static analysis on the source code of the source file; defining one or more test runs of the software code, the one or more test runs including one or more of the identified control couples, and the one or more test runs using dynamic analysis; executing the one or more defined test runs; identifying control coupling coverage of the source file based on the dynamic analysis; and generating a control coupling report based on the identified control coupling coverage of the source file.

Abstract: A computer-implemented system with a processor provides a reversible transfer of an atomic token from one side of an imperfect link to the other, such that if the protocol (or process) on either side fails at a critical moment, the atomic token will be found on both sides to be verifiably incomplete, unless the protocol has completed successfully past its ‘irreversible threshold’ on both sides.

Abstract: A method for visualizing a process map is executed by a process map server. The method includes receiving a flowchart and a step-by-step recording related to a process. Generating a process map by combining the flowchart and the step-by-step recording and displaying the process map. The process map displays a task, step, and action related to the process. A detail window shows information associated with the process, and portions of the process, in response to user input. The action is based on information from the step-by-step recording.

Abstract: A system and method for generating accessible user experience (UX) design guidance materials for software products uses page elements that are optically extracted from an input UX prototype page image and automatically classified into predefined element types to find accessibility rules for at least some of the extracted page elements. At least one accessible UX design guidance material is generated for the input UX prototype page image that indicates the extracted page elements and the accessibility rules corresponding to at least some of the extracted page elements.

Abstract: A method of improving integrity of a computer system includes executing certifiable and qualifiable software applications. The certifiable software application is composed of static program instructions executed sequentially to process input data to produce an output, and the qualifiable software application uses a model iteratively built using a machine learning algorithm to process the input data to produce a corresponding output. The certifiable software application is certifiable for the computer system according to a certification standard, and the qualifiable software application being non-certifiable for the computer system according to the certification standard. The method also includes cross-checking the output by comparison with the corresponding output to verify the output, and thereby improve integrity of the computer system.

Abstract: An approach is disclosed that determines an amount of time before a webpage is ready to use by a user by performing various actions. The approach captures a recording of the webpage from an invocation of the webpage for a period of time sufficient to load completely load the webpage with the capturing resulting in sequenced image frames. An AI system provides a loading point in the sequenced image frames based on an analysis of the frames input to the trained AI system. Image diversity and saturation measurements are calculated on consecutive image frames from the sequenced image frames resulting in an image change analysis. Native webpage events and times are detected from webpage characteristics gathered from the captured digital recording. The amount of time is then calculated based on the loading point from the AI system, the image change analysis; and the webpage events and their corresponding times.

Abstract: Embodiments relate to interactive graphical display. A request is processed by a generative system to generate multiple hypotheses of an output in response to the request, a primary hypothesis of the multiple hypotheses having a highest confidence for the output, multiple secondary hypotheses of the multiple hypotheses having a lower confidence than the highest confidence. At least one region of divergence is determined from the primary hypothesis by the multiple secondary hypotheses, the at least one region of divergence having alternatives in the multiple secondary hypotheses, the alternatives in the multiple secondary hypotheses differing from the primary hypothesis. A graphical user interface displays the at least one region of divergence in the primary hypothesis and alternatives in the multiple secondary hypotheses for the at least one region of divergence, the alternatives and primary hypothesis for the at least one region of divergence being displayed as selectable options for a user.

Abstract: Managing concurrent accesses by a set of tasks to a shared resource of a computer system. Synchronizing the set of tasks for assigning and releasing a resource according to a predefined access period with flexibility of providing an extended access period where an external task is not detected during the predefined access period. Where an extended access period is provided, resynchronizing is performed, and the external task is identified and access is prevented when the external task is determined to be a particular type of task.

Abstract: Example secure runtime systems and methods are described. In one implementation, a secure runtime system is configured to execute multiple applications in a secure manner. The secure runtime is associated with a secure enclave defined by a hardware device. A secure application loader is configured to load an application into the secure runtime system and an OS bridge is configured to provide OS services to the application.

Abstract: Some embodiments may facilitate software development and operations for an enterprise. A communication input port may receive information associated with a software continuous integration/deployment pipeline of the enterprise. An intelligent software agent platform, coupled to the communication input port, may listen for a trigger indication from the software continuous integration/deployment pipeline. Responsive to the trigger indication, the intelligent software agent platform may apply system configuration information and rule layer information to extract software log data and apply a machine learning model to the extracted software log data to generate a pipeline health check analysis report. The pipeline health check analysis report may include, for example, an automatically generated prediction associated with future operation of the software continuous integration/deployment pipeline.

Abstract: Aspects of the disclosure relate to conducting automated web service testing in a continuous integration and delivery test deployment environment using artificial intelligence (AI) generated test data. In some embodiments, a computing platform may receive, from a developer computing platform, a test code request, receive, from a web service computing platform, a training data set, configure a test data set based on the training data set and the test code request, use AI engine to apply one or more corrections to the test data set based on the test code request and to produce a corrected test data set, execute the test code using the corrected test data set to produce test code output results, and send, to the developer computing platform, the test code output results.

Abstract: An automated system automatically creates compliance checking code that is used to test the functional aspects of implemented product code. Intermediate code blocks are created that are then written into compliance checking code, to enable automatic creation of compliance checking scripts designed to test the implemented product code for compliance with persona, outcome, states and state transitions, consistency rules, and annotations specified by the codified user experience design.

Abstract: An system and a method for the detection and visualization of reported ethics cases is disclosed. The system receives a set of digital records corresponding to a reported ethics violations. The system converts each of the digital records from the set of digital records into a common digital format. The system deconstructs the uniform text structure of each digital recorded by a natural language processing module to lemmatize words, remove punctuation, and remove stop words. The system inputs each deconstructed uniform text structure into a binary machine learning data model. The system inputs each deconstructed uniform text structure into a multiclass machine learning data model. The system inputs the determined value and the label to an ensemble machine learning data model. The system prioritizes reported ethics violations into one or more lists based on the determination of the possible class and transmits the list to a user interface.

Abstract: Systems, apparatuses, and methods for modifying metadata associated with database objects obtained from providers, such as cloud providers, are disclosed. Modifying metadata associated with database objects obtained from cloud providers may include identifying resources in a computer network that originate from providers, such as cloud providers that do not have associated metadata. A user interface that includes the resources may be generated, and the resource may receive input to select the resources and a descriptor that may be associated with the resources. The selected resources may then be associated, in a configuration management dataset, with metadata derived from the selected descriptor. The metadata may indicate an association of the selected resources to a parameter.

Abstract: Systems, methods, and media for detecting the presence of return-oriented programming (ROP) payloads are provided, comprising: identifying a potential gadget address space; determining if a piece of the data corresponds to an address of the potential gadget address space; and in response to determining that the piece of the data corresponds to an address of the potential gadget address space: determining whether a plurality of operations, each associated one of a plurality instructions beginning at the address, indicates that an ROP payload is present in the data, and indicating that an ROP payload is present in the data in response to making a determination that a plurality of operations indicates that an ROP payload is present in the data a given number of times.

Abstract: A method and a system for agitation detection and response for a programming language are provided. The method includes collecting software code and activity data pertaining to one or more activities performed by a developer that is using a segment of a programming language. The method also includes evaluating the activity data to generate an agitation level of the developer when using the segment of the programming language. The method can also include generating a developer context by evaluating the software code. The developer context can include insights into the operation of features in the programming language by the developer. The activity and developer context can be provided to a software development provider for independent analysis.

Abstract: Systems, computer program products, and methods are described herein for software compiler integrity verification. The present invention is configured to retrieve, from a source code repository, a source code; process, using a first build machine, the source code into a first object code; process, using a second build machine, the source code into a second object code; initiate an integrity verification engine on the first object code and the second object code; decompile, using the integrity verification engine, the first object code to create a first decompiled object code and the second object code to create a second decompiled object code; compare the first decompiled object code with the second decompiled object code; determine a match between the first decompiled object code and the second decompiled object code; and transmit an approval notification.

Abstract: A process control system includes an engineering system for a project configuration of hardware and software components of a process control system, an operator system having a runtime component for operator control and monitoring of a technical process, and an archive system for archiving project configuration inputs of the engineering system and for archiving operator inputs in the operator system, via which a project engineer and/or an operator may be provided with the relationships between engineering-relevant actions or events and runtime-relevant actions or events.

Abstract: A method for managing nodes is disclosed. The method includes testing a management script on a management server for managing at least one node. The method also includes receiving administrator validation to distribute the management script. The method further includes sending the validated management script to one or more management servers on one or more networks.

Abstract: Techniques for static code analysis tool and configuration recommendation via codebase analysis are described. Multiple codebases are tested using multiple static analysis tools and corresponding configurations, and a machine learning model is trained based on the results and characteristics of the codebases. Users may provide a codebase to be analyzed and job preferences indicating what characteristics of static analysis they desire, the codebase may be analyzed to generate input data for the model, and the model may identify one or more similar testing runs. These candidate runs may be filtered and/or ordered based on the user's stated job preferences, and the resulting tools and configurations associated with these runs may be returned to the user or used to perform static analysis of the user's codebase.

Abstract: Verifying control coupling and data coupling analysis in testing of software code that implements components; identifying control couples by performing static analysis on the source code; defining and executing control couple test runs of the software code including of the identified control couples that test runs using dynamic analysis; identifying control coupling coverage of the source file based on the dynamic analysis; identifying data couples within the source file, the data couples being a variable and a parameter of the components; defining data couple tests for each of the components containing of the identified data couples, the data couple tests using dynamic analysis; executing the data couple tests on the source file; identifying data coupling variable use coverage of the source file based on the dynamic analysis; and generating a report based on the identified control couple coverage and identified data coupling variable use coverage of the source file.

Abstract: A non-transitory computer-readable medium having stored therein a program for causing a computer to execute a process, the process includes detecting a conflict between a first library and a second library in a first program based on a first definition file indicating that the first program depends on the first library and the second library among a plurality of libraries, generating a logical formula indicating that the first program depends on the first library and does not depend on the second library, and outputting a second definition file indicating that the first program depends on the first library and does not depend on the second library when the logical formula is determined to be satisfiable.

Abstract: Techniques for vector-based identification of software dependency relationships are described herein. An aspect includes determining a first dependency relationship value between a first code segment and a second code segment. Another aspect includes calculating a magnitude vector based on the first dependency relationship value and a second dependency relationship value corresponding to the first code segment and the second code segment. Another aspect includes determining a relationship score for the first code segment and the second code segment based on the magnitude vector and the first dependency relationship value.

Abstract: Examples herein disclose via use of a physical processor, detecting a specific application programming interface (API) call to interact with an application running on a production server. Based on the detection of the specific API call, die examples assist, using the physical processor, a scanning session based on the specific API call Using the physical processor, the examples identify a modification to the application based on the scanning session.

Abstract: Disclosed is a computer program stored in a computer readable storage medium, the computer program including commands which cause a processor of a server to execute operations below, the operations including: if a first program written in a source language is converted to a second program written in a target language, generating block information for the first program by analyzing the first program; inserting an annotation into the second program, wherein the annotation includes information on at least one source line, which is included in the first program, associated with at least one target line included in the second program; generating meta information associated with runtime verification based on the block information and the annotation.

Abstract: Automatically generating code from an abstract model of a database. The abstract model is derived from a physical model which may be a source such as a legacy database, an entity relationship diagram, or other schema defining the data tables, objects, entities, or relationships etc. of the source. The generated code exhibits several patterns, interfaces and/or features including (a) separation of generated and developer code (b) context patterns (c) response/action patterns (d) language, database interfaces, operating systems and/or (e) user interface patterns.

Abstract: Aspects of the invention include computer-implemented method that includes generating a preliminary control flow graph from memory dump data and compiler listing data in response to an exception event at a computing program. Code segments associated with each block of the preliminary control flow graph are translated to Boolean statements. Each Boolean statement is determined to be either satisfied or unsatisfied based on input values retrieved from the memory dump data. An edge property value of a first edge and a second edge of a plurality of edges of the preliminary control flow graph based are calculated based on a satisfaction of the Boolean statements. The edge property value of the first edge is compared to the edge property value of the second edge. The preliminary control flow graph is refined by deleting the first edge of the plurality of edges based at least in part on the comparison.

Abstract: A method of operating a system for diagnosing software for a vehicle according to the present invention includes: generating a plurality of data sets including a function and an argument related to a diagnosis of target software executed in each of the plurality of cores; sequentially outputting the plurality of data sets to a shared memory; operating the target software according to the data set of the shared memory; and verifying the operation result in a verifying core.

Abstract: Taint is dynamically tracked on a mobile device. Taint virtual instructions are added to virtual instructions of a control-flow graph (CFG). A taint virtual instruction has a taint operand that corresponds to an operand of a virtual instruction and has a taint output that corresponds to an output of the virtual instruction in a block of the CFG. Registers are allocated for the taint virtual instruction and the virtual instructions. After register allocation, the taint virtual instruction and the virtual instructions are converted to native code, which is executed to track taint on the mobile device.

Abstract: A system and method that provides inter-application relevance management for resources being brokered by an application virtualization platform. A described platform includes a memory configured to store a set of relevance rules for applications hosted by the application virtualization platform, wherein each relevance rule specifies a relevance setting between a first application and a second application. Also included is a processor coupled to the memory and configured to broker resources for the application virtualization platform, according to a method. The method includes: receiving a request from a client to launch a target application hosted by the application virtualization platform; retrieving a subset of applicable relevance rules that specify the target application from the set of relevance rules; and selecting a resource for the target application based on the subset of applicable relevance rules, wherein the resource includes at least one of a session or a session server.

Abstract: Certain aspects of the present disclosure provide techniques for maintaining an application through an execution platform. An example method generally includes receiving a first workflow definition of a plurality of workflow definitions associated with an application. The first workflow definition may be a workflow defining a build operation for building the application. The first workflow definition is executed to build the application by retrieving an executable binary from a binary repository, retrieving source code for the application binary from an application source code repository, building the application binary by executing the executable binary on the retrieved source code, and storing the application binary in the binary repository. A second workflow definition is received to execute the application. The second workflow is executed to execute the application by retrieving the application binary from the binary repository, and executing the retrieved application binary to run the application.