A method to implement traceability and provability on a particular project in software development based on blockchain-recorded transactions of assigned developer time, the method comprising of the following steps: setting up a blockchain network comprised of a distributed, redundant, and tamper-resistant ledger; issuing each user an attestable pre-fabricated and signed virtualized environment on approved hardware that comes with functionality required for the user's role implemented as one of a set of virtual machine templates fashioned from a signed and approved pre-fabricated image; and verifying that assigned developer time is valid, and if so, record each development action on the ledger to enable extensive tracking and auditing of end- to-end software development process.

Data processing systems and methods, according to various embodiments, are adapted for determining an applicable privacy policy based on various criteria associated with a user and the associated product or service. User and product criteria may be obtained automatically and/or based on user input and analyzed by a privacy policy rules engine to determine the applicable policy. Text from the applicable policy can then be presented to the user. A default policy can be used when no particular applicable policy can be identified using by the rules engine. Policies may be ranked or prioritized so that a policy can be selected in the event the rules engine identifies two, conflicting policies based on the criteria.

A system (100) and method for detecting a malicious programmable logic controller (PLC) code segment (110) in a PLC program corresponding to a specific type of PLC includes a binary parser (112) that parses the code segment (110) into a plurality of functional elements. A variable and function block mapper (114) maps the functional elements into a high-level data structure. A fuzzer (116) generates a behavioral model of the high-level data structure into an automaton (118). A classifier (120) predicts to which processes the automaton (118) corresponds. A detector (122) detects unsafe states in the automaton (118) and that generates an indication of a detected unsafe state.

Each of a secure computation server apparatuses includes a random number generation part that generates random numbers using a pseudo random number generator shared among the secure computation server apparatuses; a seed storage part that shares and stores a seed(s) used for generating random numbers in the random number generation part; a pre-generated random number storage part that stores random numbers generated by the random number generation part; a share value storage part that stores a share(s) to be a target of processing; a logical operation part that computes a carry to be transmitted and received among the secure computation server apparatuses using the random numbers and the share(s) to be a target of processing; an inner product calculation part that removes a mask from the carry; and an arithmetic operation part that performs a processing of erasing the carry to obtain a processing result.

Methods and systems are described herein for improvements for cybersecurity of telecommunication devices. For example, cybersecurity for telecommunication devices may be improved by analyzing activity log data of telecommunication devices for a candidate event (e.g., the uploading of malware) and disabling one or more services of a telecommunication device. By doing so, cybersecurity for telecommunication devices may be improved by detecting a possible malware intrusion attempt and disabling one or more services of the telecommunication devices. For example, activity log data of telecommunication devices may be obtained. A candidate event indicating malware may be detected in the activity log data. A number of proximate telecommunication devices satisfying a proximity threshold condition may be determined. The number of proximate telecommunication devices that satisfy a density threshold condition may be determined. Responsive to the number of telecommunication devices satisfying a density threshold condition, services of telecommunication devices may be disabled.

Disclosed herein are systems and method for preventing zero-day attacks. A method may include receiving a first report including information about an execution of a first script of an application that modifies a file on a first computing device, and receiving a second report including an indication that the file includes malicious code. In response to determining that an identifier of the file is present in both the first report and the second report, the method may include generating and transmitting, to the first computing device, a first rule that prevents execution of any script that shares at least one operation of the first script. The method may include, in response to determining that a vulnerability detected by the first rule is not present in a vulnerability database, generating an entry in the vulnerability database for the vulnerability as a zero-day vulnerability and transmitting an alert to the application developer.

A proactively protected (P2) processing system and method is invented for stopping the cyber-attacks from malicious usages of computing systems. The invention is applicable to eliminate the roots of the cyber-threats before a successful cyber-incident. Thereby, demand for resilient computing systems to survive a cyber-incident will be disappeared. Any recovery act and information loss is not happened. The invention dynamically switches a plurality of instruction sets at random or scheduled time for determining authorized operations with code compatibility. Therefore, a P2 processing system and method can detect and delete only unauthorized operations before being executed while executing authorized operations.

In accordance with embodiments of this disclosure, a method of securing a processing unit according to some embodiments includes receiving a request for access from a user; detecting a device; determining whether the device is a trusted device; and providing the user access to the processing unit only if the device is a trusted device. In some embodiments, the trusted device may be a Bluetooth device.

A computer implemented method to detect a data breach in a network-connected computing system including generating, at a trusted secure computing device, a copy of data distributed across a network; the computing device accessing sensitive information for the network-connected computer system and searching for at least part of the sensitive information in the copy of the data; in response to an identification of sensitive information in the copy of the data identifying the sensitive information as compromised sensitive information.

A component security device may be disposed at an interface between a component and a cyber-physical system. The disclosed component security device may be physically and/or electrically coupled between the component and infrastructure of the cyber-physical system, such as a backplane, bus, and/or the like. The component security device may be configured to monitor the component, and selectively isolate the component from the cyber-physical system. Since the component security device is interposed at the interface of the component, the component security device may be capable of isolating the component regardless of whether the component has been compromised (e.g., regardless of whether the component is capable of complying with system commands).