An aspect of behavior of an embedded system may be determined by (a) determining a baseline behavior of the embedded system from a sequence of patterns in real-time digital measurements extracted from the embedded system; (b) extracting, while the embedded system is operating, real-time digital measurements from the embedded system; (c) extracting features from the real-time digital measurements extracted from the embedded system while the embedded system was operating; and (d) determining the aspect of the behavior of the embedded system by analyzing the extracted features with respect to features of the baseline behavior determined.

A method and an apparatus for verifying an operation state of an application are provided. The method can include setting target verification operation information according to an operation verification item of an application to be verified; setting a verification process instruction for the target verification operation information; encapsulating the verification operation information and the verification process instruction as fault injection data, and sending the fault injection data to a data input port of the application to be verified; matching the process feedback information with the verification process instruction in response to receiving the process feedback information corresponding to the fault injection data, and determining executed target verification operation information.

A system and method of processing instructions may comprise an application processing domain (APD) and a metadata processing domain (MTD). The APD may comprise an application processor executing instructions and providing related information to the MTD. The MTD may comprise a tag processing unit (TPU) having a cache of policy-based rules enforced by the MTD. The TPU may determine, based on policies being enforced and metadata tags and operands associated with the instructions, that the instructions are allowed to execute (i.e., are valid). The TPU may write, if the instructions are valid, the metadata tags to a queue. The queue may (i) receive operation output information from the application processing domain, (ii) receive, from the TPU, the metadata tags, (iii) output, responsive to receiving the metadata tags, resulting information indicative of the operation output information and the metadata tags; and (iv) permit the resulting information to be written to memory.

A system and method of processing instructions may comprise an application processing domain (APD) and a metadata processing domain (MTD). The APD may comprise an application processor executing instructions and providing related information to the MTD. The MTD may comprise a tag processing unit (TPU) having a cache of policy-based rules enforced by the MTD. The TPU may determine, based on policies being enforced and metadata tags and operands associated with the instructions, that the instructions are allowed to execute (i.e., are valid). The TPU may write, if the instructions are valid, the metadata tags to a queue. The queue may (i) receive operation output information from the application processing domain, (ii) receive, from the TPU, the metadata tags, (iii) output, responsive to receiving the metadata tags, resulting information indicative of the operation output information and the metadata tags; and (iv) permit the resulting information to be written to memory.

Disclosed herein are techniques for analyzing control-flow integrity based on functional line-of-code behavior and relation models. Techniques include receiving data based on runtime operations of a controller; constructing a line-of-code behavior and relation model representing execution of functions on the controller based on the received data; constructing, based on the line-of-code behavioral and relation model, a dynamic control flow integrity model configured for the controller to enforce in real-time; and deploying the dynamic control flow integrity model to the controller.

Disclosed herein are techniques for analyzing control-flow integrity based on functional line-of-code behavior and relation models. Techniques include receiving data based on runtime operations of a controller; constructing a line-of-code behavior and relation model representing execution of functions on the controller based on the received data; constructing, based on the line-of-code behavioral and relation model, a dynamic control flow integrity model configured for the controller to enforce in real-time; and deploying the dynamic control flow integrity model to the controller.

Accelerator access control whereby an application's access to an accelerator is revoked in order to allow the system to perform a system function. In one or more embodiments, when an application is executing, a credit system is utilized to provide credits for controlled access to the accelerator. When request information is received to remove access to a credit associated with the application's access to the accelerator, the credit is marked to fail with operating system interfaces. Also, in one or more embodiments, if the credit is in use for accessing the accelerator, an effective address associated with the credit is unmapped from the accelerator.

Systems and methods are disclosed for event-based application control. A system extension is configured to leverage an endpoint security API for monitoring event activity within operating system kernel processes. The system extension registers with the endpoint security API particular event types for which the system extension would like to receive notifications. In response to receiving notifications regarding detected events corresponding to the registered event types, the system extension determines if the event, and its corresponding process, are safe and allowable to execute. In various embodiments, the system leverages whitelists, blacklists, and rules policies for making a safeness determination regarding the event notification. The system extension transmits this determination to the operating system via the endpoint security API.

Aspects of the disclosure relate to using secure authentication tokens to grant power of attorney. A computing platform may receive user input indicating a task and requesting that a power of attorney be granted to an individual. The computing platform may generate an authority token granting the individual the power of attorney to perform the task, and may send the authority token, along with task information indicating the task, to the individual. The computing platform may receive a validation request including the authority token and the task information. Based on successful validation, the computing platform may send validation information to an event processing system. After receiving confirmation that the task has been performed by the individual, the computing platform may update dashboard information to indicate that the task has been completed, which may cause the user device to display a dashboard indicating completion of the task.

The present disclosure provides privacy preservation of analytic workflows based on splitting the workflow into sub-workflows each with different privacy-preserving characteristics. Libraries are generated that provide for formatting and/or encrypting data for use in the sub-workflows and also for compiling a machine learning algorithm for the sub-workflows. Subsequently, the sub-workflows can be executed using the compiled algorithm and formatted data.