dependable and secure computing
TRANSCRIPT
Seminar: Advanced Topics in Software and Systems
EngineeringPresenter: Sabbir Ahmmed
MotivationBasic Concepts and Taxonomy of Dependable and Secure
Computing
Motivation
Motivation
Motivation
● Main definitions relating to dependability○ reliability○ availability○ safety○ integrity○ maintainability
● additional definitions ○ threats to dependability and security ○ e.g faults, errors, failures
● means for their achievement○ fault prevention, fault tolerance○ fault removal, fault forecasting etc
Introduction
"Basic Concepts and Taxonomy of Dependable and Secure Computing" by A. Avizienis, J.C. Laprie, B. Randell, C. Landwehr● 2525 citations● 360 citations● 315 citations
Introduction
This paper aims to give precise definitions of● dependability and security● computing and communications systems● focus on concepts
Introduction
This paper does not address the● measures of dependability and security● documenting state-of-the-art● implementations issues● confidentiality
Basic Concepts
● Basic set of definitions● Entire range of computing and
communications systems○ individual logic gates○ networks of computers○ computer based systems
Basic Concepts
● System function● Behaviour
○ described by a sequence of states○ total states
■ computation■ communication■ stored information■ interconnection■ physical connection
● Structure● Service
Basic Concepts
Threats to dependability and Security● Failures
○ also known as service failure○ a transition from correct service to incorrect
service○ service outage and service restoration
● Errors○ when at least one external state of the system
deviates from correct service state● Faults
○ hypothesized cause of an error○ could be internal or external○ could be active or dormant
Basic Concepts
[Mordechai Ben-Ari, Weizmann Institute of Science] (1999) The bug that destroyed a rocket
Basic Concepts
Software Hall of Shame
Basic Concepts
Software Growth
Picture Credit: Dr. Werner J.A. Dahm, Director, Security & Defense Systems Initiative, Arizona State University
Basic Concepts
● Degraded mode/partial failures○ slow service ○ limited service○ emergency service
Basic Concepts
Dependability○ ability to deliver a service that can justifiably be
trusted○ ability to avoid service failures○ encompasses the following attributes
■ availability■ reliability ■ safety■ integrity■ maintainability
Basic Concepts
Security○ is a composite of the attributes
■ confidentiality■ integrity■ availability
Basic Concepts
Means to attain dependability and security● Fault prevention● Fault tolerance● Fault removal● Fault forecasting
Threats to dependability
System life cycle● Development phase
○ physical world○ human developers○ development tools○ production and test facilities
● Use phase○ users○ administrators○ the infrastructure○ intruders○ ....
Threats to dependability
Forms of maintenance
Threats to dependability
A Taxonomy of Faults○ development fault○ physical faults○ interaction faults
FaultsThe elementary fault classes
31 likely combinations/256 possible combinations
● Natural Faults○ internal○ external
● Human-made Faults○ omission faults○ commission faults
Faults
Faults
Faults
Classification of Human-made faults
● Non- malicious Faults○ accidental○ incompetence
Faults
● Malicious faults○ malicious logic faults
■ logic bomb■ Trojan horse■ trapdoor■ virus■ worm■ zombie
○ intrusion attempts
Faults
Single vs MultipleIndependent vs Related
Failures
Service failure modes
Failures modes With respect to failure domain
Failures
Development failures and principal causesAAS example ($ 1.5 billion)● Complete development failure
○ budget failure○ schedule failure
● Partial development failure○ overruns (example F-35)○ downgrading (example F-35)
Dependability and security failuresAAS example (outage limit)
Errors
● Detected errors● Latent errors
● Multiple related errors● Single errors
Error propagation
Chain of threats
The way forward
Means to attain dependability
● Fault Prevention● Fault Tolerance● Fault Removal
○ during development■ verification■ diagnosis■ correction
○ during use
Fault tolerance techniques
Fault tolerance techniques
Fault removal (Verification)
Fault removal (Testing)
Conclusion