Vehicle as a sensing platform for traffic light phase timing effectiveness
US-11263901-B1 · Mar 1, 2022 · US
Shift-left security risk analysis
US2022303302A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2022303302-A1 |
| Application number | US-202117249997-A |
| Country | US |
| Kind code | A1 |
| Filing date | Mar 22, 2021 |
| Priority date | Mar 22, 2021 |
| Publication date | Sep 22, 2022 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A method, a computer system, and a computer program product for security risk analysis is provided. Embodiments of the present invention may include collecting operational data. Embodiments of the present invention may include building pipelines. Embodiments of the present invention may include localizing security issues using the operational data on an unsupervised model. Embodiments of the present invention may include constructing a semantic graph using shift-left data. Embodiments of the present invention may include constructing a mapping between the operational data and the shift-left data. Embodiments of the present invention may include clustering collected datasets. Embodiments of the present invention may include creating an active learning cycle using ground truth.
First claim
Opening claim text (preview).
What is claimed is: 1 . A method for security risk analysis, the method comprising: collecting operational data; building pipelines; localizing security issues using the operational data on an unsupervised model; constructing a semantic graph using shift-left data; constructing a mapping between the operational data and the shift-left data; clustering collected datasets; and creating an active learning cycle using ground truth. 2 . The method of claim 1 , wherein the pipelines are built as an automated process that builds, tests and deploys computing data. 3 . The method of claim 1 , wherein the unsupervised model identifies a top list of representative information for each software application. 4 . The method of claim 1 , wherein the shift-left data includes source code, deployment configurations, deployment specifications and environmental variables. 5 . The method of claim 1 , wherein the semantic graphs are constructed using the shift-left data. 6 . The method of claim 1 , wherein the collected datasets are clustered, automatically, by the security issues. 7 . The method of claim 1 , wherein the active learning cycle allows feedback from subject matter experts to improve precision of security risk identification by a model over time. 8 . A computer system for security risk analysis, comprising: one or more processors, one or more computer-readable memories, one or more computer-readable tangible storage media, and program instructions stored on at least one of the one or more computer-readable tangible storage media for execution by at least one of the one or more processors via at least one of the one or more computer-readable memories, wherein the computer system is capable of performing a method comprising: collecting operational data; building pipelines; localizing security issues using the operational data on an unsupervised model; constructing a semantic graph using shift-left data; constructing a mapping between the operational data and the shift-left data; clustering collected datasets; and creating an active learning cycle using ground truth. 9 . The computer system of claim 8 , wherein the pipelines are built as an automated process that builds, tests and deploys computing data. 10 . The computer system of claim 8 , wherein the unsupervised model identifies a top list of representative information for each software application. 11 . The computer system of claim 8 , wherein the shift-left data includes source code, deployment configurations, deployment specifications and environmental variables. 12 . The computer system of claim 8 , wherein the semantic graphs are constructed using the shift-left data. 13 . The computer system of claim 8 , wherein the collected datasets are clustered, automatically, by the security issues. 14 . The computer system of claim 8 , wherein the active learning cycle allows feedback from subject matter experts to improve precision of security risk identification by a model over time. 15 . A computer program product for security risk analysis, comprising: one or more computer-readable tangible storage media and program instructions stored on at least one of the one or more computer-readable tangible storage media, the program instructions executable by a processor to cause the processor to perform a method comprising: collecting operational data; building pipelines; localizing security issues using the operational data on an unsupervised model; constructing a semantic graph using shift-left data; constructing a mapping between the operational data and the shift-left data; clustering collected datasets; and creating an active learning cycle using ground truth. 16 . The computer program product of claim 15 , wherein the pipelines are built as an automated process that builds, tests and deploys computing data. 17 . The computer program product of claim 15 , wherein the unsupervised model identifies a top list of representative information for each software application. 18 . The computer program product of claim 15 , wherein the shift-left data includes source code, deployment configurations, deployment specifications and environmental variables. 19 . The computer program product of claim 15 , wherein the semantic graphs are constructed using the shift-left data. 20 . The computer program product of claim 15 , wherein the collected datasets are clustered, automatically, by the security issues.
Assignees
Inventors
Classifications
Knowledge engineering; Knowledge acquisition · CPC title
Learning methods · CPC title
Test or assess software · CPC title
Inference or reasoning models · CPC title
- G06F21/577Primary
Assessing vulnerabilities and evaluating computer system security · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2022303302A1 cover?
- A method, a computer system, and a computer program product for security risk analysis is provided. Embodiments of the present invention may include collecting operational data. Embodiments of the present invention may include building pipelines. Embodiments of the present invention may include localizing security issues using the operational data on an unsupervised model. Embodiments of the pr…
- Who is the assignee on this patent?
- IBM
- What technology area does this patent fall under?
- Primary CPC classification G06F21/577. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Thu Sep 22 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).