Systems, methods, and apparatus for dynamic software generation and testing
US-10318412-B1 · Jun 11, 2019 · US
Non-regressive injection of deception decoys
US10789159B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10789159-B2 |
| Application number | US-201816211126-A |
| Country | US |
| Kind code | B2 |
| Filing date | Dec 5, 2018 |
| Priority date | Dec 5, 2018 |
| Publication date | Sep 29, 2020 |
| Grant date | Sep 29, 2020 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Systems and methods, as well as computing architecture for implementing the same, for decoy injection into an application. The systems and methods include splitting a standard test phase operation into two complementary phases, and add new unit tests to the process, dedicated to testing the proper coverage of the decoys and avoiding non-regression of the original code.
First claim
Opening claim text (preview).
What is claimed is: 1. A computer implemented method comprising: receiving, by one or more processors of an application development environment, functional requirements for an application; generating, by the one or more processors, application code for the application based on the functional requirements, the application code being configured to execute one or more application functions; receiving, by a weaving engine of the application development environment, decoy code representing one or more decoy data and/or functions to detect invocation by an attacker; inserting, by the weaving engine, the decoy code into the application with the application code to produce modified source code; generating, by a test engine of the application development environment, one or more functional tests of the application code; generating, by the test engine, one or more decoy tests of the decoy code; executing, by the test engine, the one or more functional tests on the application code; executing, by the test engine, the one or more functional tests and the one or more decoy tests of the decoy code on the modified source code; and comparing, by a verifier of the application development environment, results from the one or more functional tests executed on the application code and the one or more decoy tests executed on the modified source code to determine whether a regression exists in the application code by the inserting of the decoy code. 2. The computer implemented method in accordance with claim 1 , further comprising generating, by the verifier, a report of the results from the from the number of combinations of the one or more functional tests and the one or more decoy tests. 3. The computer implemented method in accordance with claim 1 , wherein the comparing results from the number of combinations of the one or more functional tests and the one or more decoy tests further determines whether the decoy code of the modified source code is triggered. 4. The computer implemented method in accordance with claim 1 , wherein the executing the one or more functional tests and the one or more decoy tests of the decoy code includes executing the one or more functional tests and the one or more decoy tests of the decoy code on the application code. 5. The computer implemented method in accordance with claim 1 , wherein the executing the one or more functional tests and the one or more decoy tests of the decoy code includes executing the one or more functional tests and the one or more decoy tests of the decoy code on the modified source code. 6. The computer implemented method in accordance with claim 1 , wherein the executing the one or more functional tests and the one or more decoy tests of the decoy code includes executing the one or more functional tests and the one or more decoy tests of the decoy code on the decoy code. 7. The computer implemented method in accordance with claim 1 , wherein the executing the one or more functional tests and the one or more decoy tests of the decoy code includes executing the one or more functional tests and the one or more decoy tests of the decoy code on one or more of the application code, the modified source code, and the decoy code. 8. The computer implemented method of claim 1 , wherein the decoy code is a lure to detect an attack of a system executing the application code. 9. A computer program product comprising a non-transitory machine-readable medium storing instructions that, when executed by at least one programmable processor, cause the at least one programmable processor to perform operations comprising: receiving, by one or more processors of an application development environment, functional requirements for an application; generating, by the one or more processors, application code for the application based on the functional requirements, the application code being configured to execute one or more application functions; receiving, by a weaving engine of the application development environment, decoy code representing one or more decoy data and/or functions to detect invocation by an attacker; inserting, by the weaving engine, the decoy code into the application with the application code to produce modified source code; generating, by a test engine of the application development environment, one or more functional tests of the application code; generating, by the test engine, one or more decoy tests of the decoy code; executing, by the test engine, the one or more functional tests on the application code; executing, by the test engine, the one or more functional tests and the one or more decoy tests of the decoy code on the modified source code; and comparing, by a verifier of the application development environment, results from the one or more functional tests executed on the application code and the one or more decoy tests executed on the modified source code to determine whether a regression exists in the application code by the inserting of the decoy code. 10. The computer program product in accordance with claim 9 , wherein the operations further comprise generating a report of the results from the from the number of combinations of the one or more functional tests and the one or more decoy tests. 11. The computer program product in accordance with claim 9 , wherein the comparing results from the number of combinations of the one or more functional tests and the one or more decoy tests further determines whether the decoy code of the modified source code is triggered. 12. The computer program product in accordance with claim 9 , wherein the executing the one or more functional tests and the one or more decoy tests of the decoy code includes executing the one or more functional tests and the one or more decoy tests of the decoy code on the application code. 13. The computer program product in accordance with claim 9 , wherein the executing the one or more functional tests and the one or more decoy tests of the decoy code includes executing the one or more functional tests and the one or more decoy tests of the decoy code on the modified source code. 14. The computer program product in accordance with claim 10 , wherein the executing the one or more functional tests and the one or more decoy tests of the decoy code includes executing the one or more functional tests and the one or more decoy tests of the decoy code on the decoy code. 15. The computer program product in accordance with claim 11 , wherein the executing the one or more functional tests and the one or more decoy tests of the decoy code includes executing the one or more functional tests and the one or more decoy tests of the decoy code on one or more of the application code, the modified source code, and the decoy code. 16. A system comprising: one or more programmable processors forming an application development environment comprising a weaving engine, a test engine, and a verifier; and a machine-readable medium storing instructions that, when executed by the one or more programmable processors, cause the one or more programmable processors to perform operations comprising: receiving, by one or more processors of an application development environment, functional requirements for an application; generating, by the one or more processors, application code for the application based on the functional requirements, the application code being configured to execute one or more application functions; receiving, by a weaving engine of the application development environment, decoy code representing one or more decoy data and/or functions to detect invocation by an attacker; inser
Assignees
Inventors
Classifications
Environments for analysis, debugging or testing of software · CPC title
for test execution, e.g. scheduling of test suites · CPC title
- G06F11/3692Primary
for test results analysis · CPC title
for test design, e.g. generating new test cases · CPC title
Test management · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10789159B2 cover?
- Systems and methods, as well as computing architecture for implementing the same, for decoy injection into an application. The systems and methods include splitting a standard test phase operation into two complementary phases, and add new unit tests to the process, dedicated to testing the proper coverage of the decoys and avoiding non-regression of the original code.
- Who is the assignee on this patent?
- Sap Se
- What technology area does this patent fall under?
- Primary CPC classification G06F11/3692. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Sep 29 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 5 related publications on this page (citations in our corpus or others sharing the same primary CPC).