A method includes receiving a high-level function in a high-level code of an application is received. The method also include identifying resources in a hardware to execute a set of low-level instructions that is generated from the high-level function in the high-level code. One or more processing operations are determined to be performed that is associated with the high-level function in the high-level code. The determining of the one or more processing operations occurs based on architecture of the hardware. The high-level function in the high-level code of the application is compiled into the set of low-level instructions to be executed on the hardware. A plurality of structured metadata is generated and includes information associated with the determining resources in the hardware and further includes information associated with the determining one or more processing operations.

Systems and methods for determining conformance of a process based on a process model of the process and an event log of an execution of the process are provided. The process model is divided into one or more control regions and reachable nodes are determined for each node in the process model. Conformance of the process is determined by comparing transitions from source activities to destination activities in the event log with the reachable nodes based on the one or more control regions.

Systems, computer program products, and methods are described herein for software compiler integrity verification. The present invention is configured to retrieve, from a source code repository, a source code; process, using a first build machine, the source code into a first object code; process, using a second build machine, the source code into a second object code; initiate an integrity verification engine on the first object code and the second object code; decompile, using the integrity verification engine, the first object code to create a first decompiled object code and the second object code to create a second decompiled object code; compare the first decompiled object code with the second decompiled object code; determine a match between the first decompiled object code and the second decompiled object code; and transmit an approval notification.

An artifact lifecycle management on a cloud computing system and methods of managing are disclosed herein. In one embodiment, a method includes providing an integrated development environment for developing an artifact to be deployed in a productive environment of the cloud computing system; generating an artifact package associated with the artifact based on inputs received via the integrated development environment; performing one or more tests on the artifact package using the integrated development environment based on or more test cases; performing one or more validation checks on the artifact to be deployed in the productive environment; deploying the validated artifact in the productive environment; provisioning the deployed artifact to one or more tenants of the cloud computing system; and providing access to the artifact to the one or more tenants based on a role and permissions assigned to each of the tenants.

A system for validating software security analysis findings includes a non-transitory computer readable medium and a processor. The non-transitory computer readable medium stores a source truth dataset including criteria for validating characteristics of findings. The processor receives a finding from a software security analysis tool that performs scan on application code. The processor identifies a characteristic from the finding. The processor selects a criterion from the non-transitory computer readable medium for validating the identified characteristic. The processor determines a validity score for the finding based on whether the selected criterion is met. The processor determines whether the finding is false positive by comparing the validity score to a predetermined validity threshold. If the finding is true positive, a graphical user interface displays the finding.

Techniques for monitoring operating statuses of an application and its dependencies are provided. A monitoring application may collect and report the operating status of the monitored application and each dependency. Through use of existing monitoring interfaces, the monitoring application can collect operating status without requiring modification of the underlying monitored application or dependencies. The monitoring application may determine a problem service that is a root cause of an unhealthy state of the monitored application. Dependency analyzer and discovery crawler techniques may automatically configure and update the monitoring application. Machine learning techniques may be used to determine patterns of performance based on system state information associated with performance events and provide health reports relative to a baseline status of the monitored application. Also provided are techniques for testing a response of the monitored application through modifications to API calls. Such tests may be used to train the machine learning model.

Aspects of the disclosure relate to validating autonomous control software for operating a vehicle autonomously. For instance, the autonomous control software is run through a driving scenario to observe an outcome for the autonomous control software. A validation model is run through the driving scenario a plurality of times to observe an outcome for the model for each of the plurality of times. Whether the software passed the driving scenario is determined based on whether the outcome for the software indicates that a virtual vehicle under control of the software collided with another object during the single time. Whether the validation model passed the driving scenario is determined based on whether the outcome for the model indicates that a virtual vehicle under control of the model collided with another object in any one of the plurality of times. The software is validated based on the determinations.

Operations include obtaining a first patch that corrects a first error in a first buggy code snippet of first source code based on the first buggy code snippet and a first repaired code snippet. The operations also include generating a second patch based on the first patch and a bug pattern of a bug scenario that corresponds to the first error. In addition, the operations include generating a third patch based on the second patch, the bug pattern, and a second buggy code snippet of second source code, the third patch correcting a second error in the second buggy code snippet. Moreover, the operations include performing one or more repair operations with respect to the second buggy code snippet based on the third patch.

Abstract interpretation based static analysis tools use relational/non-relational abstract domains to verify program properties. Precision and scalability of analysis vary basis usage of abstract domains. K-limited path-sensitive interval domain is an abstract domain that was conventionally proposed for analysis on industry strength programs. The domain maintains variables' intervals along a configurable K subsets of paths at each program point, which implicitly provides co-relation among variables. When the number of paths at the join point exceeds K, set of paths are partitioned into K subsets, arbitrarily, which results in loss of precision required to verify program properties. To address the above problem, embodiments of the present disclosure provide selective merging of paths in such a way that the intervals computed help verifying more properties. The selective path-sensitive method of the present disclosure is based on the knowledge of variables whose values influence the verification outcome of program properties.

Source code of a golden version and a next version of a program is received in which procedure calls are modified to call from an entry point table (EPT) with index numbers corresponding to procedure memory addresses. An executable defect-free golden version program and next version program with a defect are received. A first entry point table (first EPT) for the new version program and a second EPT for the golden version program are generated. A series of substitutions of procedures from the second EPT to the first EPT is performed and an order of substitutions includes: a module set, a module of the module set, a procedure set of the module, and a procedure of the procedure set. The defect producing procedure is identified by substituting in order until the defect is absent and proceeding to the next substitution in order.