Nvidia · Filed Nov 4, 2025 · Published Jul 2, 2026 · verified — real USPTO data

Nvidia Patents AI Method to Detect Code Vulnerabilities Before Hackers Can Strike

Nvidia is patenting an AI-powered code scanner that doesn't just flag suspicious code, it also runs a simulated attack to confirm the flaw is real, then uses what it learned to get sharper at spotting the next one.

Nvidia Patent: AI That Finds Fault-Injection Vulnerabilities in Code — figure from US 2026/0186754 A1
FIG. 1A — rendered from the official USPTO publication PDF.
Publication number US 2026/0186754 A1
Applicant NVIDIA Corporation
Filing date Nov 4, 2025
Publication date Jul 2, 2026
Inventors Alexander MATROSOV, Christopher SCHNEIDER
CPC classification 726/25
Grant likelihood Low
Examiner CENTRAL, DOCKET (Art Unit OPAP)
Status Docketed New Case - Ready for Examination (Mar 24, 2026)
Parent application is a Continuation of 16177311 (filed 2018-10-31)
Document 21 claims

What Nvidia's fault-injection scanner actually does

Imagine a security guard who not only notices an unlocked door but also tests whether it can actually be opened before reporting it, and then remembers exactly what that door looked like so they can spot similar ones faster. That's essentially what this Nvidia system does for software.

The tool scans computer code looking for spots where an attacker could cause a hardware glitch (a "fault injection") to trick the software into skipping a security check, like a login or a cryptographic verification. Fault injection attacks are a real threat in chips, embedded systems, and firmware, but they're notoriously hard to find by reading code alone.

What makes this approach different is the feedback loop. When the AI finds a confirmed flaw, it turns that discovery into a training example and feeds it back into the model. The system teaches itself as it works, becoming more accurate over time without engineers having to manually update it.

How the AI spots and confirms exploitable code patterns

The system has three main components working together:

  • A machine learning model trained on "training vectors," which are structured descriptions of code patterns known to be vulnerable to fault injection attacks.
  • A topological code analyzer that converts source code into a graph-like representation (a map of how the code flows and which parts depend on which), then runs the ML model over that map to flag suspicious spots.
  • An emulation layer that simulates a fault injection attack on the flagged code section to verify whether the vulnerability is actually exploitable, not just theoretically suspicious.

When the emulator confirms a real flaw, the system automatically generates a new training vector from that code pattern and uses it to retrain the model. This is a self-improving loop: each confirmed vulnerability makes the detector more accurate for future scans.

Fault injection attacks work by briefly disrupting a chip's power supply, clock signal, or electromagnetic environment to cause a processor to skip an instruction or misread a value. Attackers use this to bypass authentication or cryptographic checks in hardware like secure boot systems or payment chips. The patent targets the code patterns that make software susceptible to these physical-layer tricks.

What this means for hardware and firmware security

Fault injection is a particularly nasty class of attack because it operates at the intersection of hardware and software, and most standard code analysis tools don't account for it. Nvidia designs chips used in everything from data center accelerators to automotive systems and embedded controllers, all environments where firmware integrity is critical. A tool that automates this kind of analysis at scale would matter a lot internally.

The self-improving loop is the genuinely interesting part here. Most static analysis tools require manual rule updates when new vulnerability patterns emerge. A system that generates its own training data from confirmed exploits could, in principle, keep pace with new attack techniques without constant human curation. Whether that works as well in practice as it sounds in a patent is a different question.

Editorial take

This is a real engineering problem with a genuinely clever proposed solution. Fault injection vulnerabilities are under-scrutinized in software security tooling, and the self-training feedback loop addresses a concrete limitation of today's static analyzers. The canceled claims (claims 1-20 are listed as canceled in this publication) are a flag worth noting, as it suggests the patent may have run into examination challenges, so treat this more as a window into Nvidia's security research direction than a done deal.

Which company should we read for you?

We track 17 companies here. Pro is the same weekly breakdown for any company you choose, delivered privately. Type a name and we'll scope it and send you a quote.

Get one Big Tech patent every Sunday

Plain English, intelligent commentary, no hype. Free.

Source. Full patent text and figures from the official USPTO publication PDF.

Editorial commentary on a publicly published patent application. Not legal advice.