Systems, methods, and computer-readable media are disclosed for a systems and methods for improved smart infrastructure data transfer. An example method may involve identifying that a software update is available for a smart infrastructure system. The example method may also involve determining, by a processor of the smart infrastructure system and using a signal strength between a first vehicle and the smart infrastructure system, that the first vehicle is within a threshold range of the smart infrastructure system. The example method may also involve establishing, by the smart infrastructure system, a first ad-hoc peer-to-peer communication link with the first vehicle. The example method may also involve sending, to the vehicle, a request for the software update. The example method may also involve receiving, from the vehicle, at least a first portion of the software update that is transferred using the first ad-hoc peer-to-peer communication link.

Apparatuses, methods, and systems are provided for making continuous vulnerability management for modern applications. A dependency tree can be created mapping third-party libraries to microservices used in an application of a software package. Natural language processing can be used on release notes and changelogs of new library versions to generate a list of libraries afflicted with common vulnerabilities and exposures (“CVEs”). A number of code calls from an application program interface (“API”) can be made to an afflicted library. A number of code calls including CVEs can be enumerated for each afflicted library. A risk score can be assigned to the API based on the number of code calls including CVEs. The risk score can be compared against a threshold value to cause a remedial action to occur, including updating libraries to newer versions to resolve CVE issues or generating a report regarding the afflicted libraries.

A system described herein may provide a technique for generating one or more predictive models of device availability, which may be used to predict whether a given device will be able to be reached via one or more networks to receive information, such as Over-the-Air (“OTA”) updates. The predictive models may be based on, for example, radio frequency (“RF”) metrics, device availability metrics, and timing offsets between times associated with such RF metrics and availability metrics. For a given device, based on RF metrics associated with the device and further based on a candidate time, the predictive model may be used to determine whether the device will be available at the candidate time.

A digital product network system includes a set of digital products each having a product processor, a product memory, and a product network interface. The digital product network system includes a product network control tower having a control tower processor, a control tower memory, and a control tower network. The product processor and the control tower processor collectively include non-transitory instructions that program the digital product network system to generate product level data at the product processor, transmit the product level data from the product network interface, receive the product level data at the control tower network interface, encode the product level data as a product level data structure configured to convey parameters indicated by the product level data across the set of digital products, and write the product level data structure to at least one of the product memory and the control memory.

A deployment system can include a computing device that is configured to receive a broadcast message from a deployment device in response to the deployment device receiving an approval notification and obtain a plurality of deployment parameters via a distributed communications system. The computing device can also be configured to identify an installation time included in the plurality of deployment parameters and download application data associated with an application identifier included in the plurality of deployment parameters to a local database. The computing device can also be configured to initiate an installation of the application data from the local database at the installation time and transmit a status update to the deployment device in response to the installation being initiated.

A system for performing over-the-air (OTA) update is disclosed. The system may comprise a first communication interface, an electronic control subsystem of a vehicle, and a gateway. The gateway may be coupled to the electronic control subsystem by way of the first communication interface, receive trigger event information, and detect a trigger condition based on the trigger event information. The gateway may initiate, based on the detection of the trigger condition, a handshake with the electronic control subsystem, verify a set of parameters, and validate a version of a software or a firmware of at least one component of the electronic control subsystem. Based on the verification, the gateway may provide an update file to the electronic control subsystem by way of the first communication interface. The update file is configured to update the software or the firmware for the at least one component.

A method, computer program product, and system include a processor(s) generates a representation of microservice communications within a network. The processor(s) updates the representation, based on monitoring deployments of microservices within the network. The processor(s) identifies individual service clusters within the network. The processor(s) selects each cluster from the identified service clusters, and for each cluster, evaluates whether to recommend mergers of a portion of the microservices deployed to each cluster. The processor(s) recommends at least one merger for a given cluster of the identified services clusters. Based on the recommending, the processor(s) generates a what-if analysis for the at least one merger.

Security drift can be automatically handled in cloud environments. A security audit engine can be configured to extract security configuration datasets from cloud resources and create text sentences from the datasets as well as from a golden configuration. These text sentences can be encoded as vectors in an n-dimensional space. Probability distributions can then be generated using the vectors such as by using an unsupervised clustering algorithm. Distance matrixes can then be generated from the probability distributions. A probability distribution pertaining to a dataset and a probability distribution pertaining to the golden configuration can then be compared and normalized using a transport to thereby yield a security drift score representing a divergence of the corresponding security settings from the golden configuration. When a security drift score exceeds a threshold, the security audit engine can take appropriate action.

Systems and methods for managing user confirmation requirements are provided in response to a user entering a command. User confirmation may include an “Are you sure?” prompt or other similar prompts. A system, according to one implementation, is arranged in a distributed microservice system for providing microservices to one or more clients. The system includes a database, a processing device, and a memory device configured to store computer logic having instructions. When executed, the instructions enable the processing device to receive a message from a client regarding a user command to perform an operation with respect to a client device. Also, the processing device is enabled to extract information from the database regarding predetermined confirmation policies pertaining to the operation. The instructions further enable the processing device to analyze potential impact of the operation with respect to the client device to determine user confirmation requirements.

An edge computing system comprises: a cloud computing system; an edge processing function; a connection between the edge processing function and the cloud computing system; a backend server within the cloud computing system. An assessment module is configured to receive information about processing goals, and processing capabilities of the backend server and the edge processing function. The assessment module derives a set of possible interfaces and corresponding functionality splits defining a division of processing activity between the backend server and the edge processing function. Based on a received measurement of bandwidth and/or of latency on the connection, the assessment module selects an interface and corresponding functionality split, and downloads them to the edge processing function and the backend server.