1 INTRUSION TOLERANT SYSTEMS WORKSHOP Phoenix, AZ 4 August 1999 Jaynarayan H. Lala ITS Program Manager.

Slides:

Advertisements

Similar presentations

An Overview of ABFT in cloud computing

Advertisements

© 2005 Dorian C. Arnold Reliability in Tree-based Overlay Networks Dorian C. Arnold University of Wisconsin Paradyn/Condor Week March 14-18, 2005 Madison,

11. Practical fault-tolerant system design Reliable System Design 2005 by: Amir M. Rahmani.

Chapter 4 Quality Assurance in Context

Dependability ITV Model-based Analysis and Design of Embedded Software Techniques and methods for Critical Software Anders P. Ravn Aalborg University August.

Term Paper OLOMOLA,Afolabi( ). Dependability Modellling.

Dependability TSW 10 Anders P. Ravn Aalborg University November 2009.

Software Fault Tolerance – The big Picture RTS April 2008 Anders P. Ravn Aalborg University.

1 Next-Generation Secure Internet: Security Overview and Context Adrian Perrig in collaboration with Steven Bellovin, David Clark, Dawn Song.

Fault Tolerance: Basic Mechanisms mMIC-SFT September 2003 Anders P. Ravn Aalborg University.

CSE 322: Software Reliability Engineering Topics covered: Dependability concepts Dependability models.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

Presented By: Vinay Kumar.  At the time of invention, Internet was just accessible to a small group of pioneers who wanted to make the network work.

Software Engineering for Safety : A Roadmap Presentation by: Manu D Vij CS 599 Software Engineering for Embedded Systems.

ABCSG - Dependable Systems - 01/06/ ABCSG Dependable Systems.

Dependability ITV Real-Time Systems Anders P. Ravn Aalborg University February 2006.

Software Fault Tolerance – The big Picture mMIC-SFT September 2003 Anders P. Ravn Aalborg University.

SENG521 (Fall SENG 521 Software Reliability & Testing Defining Necessary Reliability (Part 3b) Department of Electrical & Computer.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 2 Wenbing Zhao Department of Electrical and Computer Engineering.

Page 1 Copyright © Alexander Allister Shvartsman CSE 6510 (461) Fall 2010 Selected Notes on Fault-Tolerance (12) Alexander A. Shvartsman Computer.

Department of Computer Science & Engineering College of Engineering Dr. Betty H.C. Cheng, Laura A. Campbell, Sascha Konrad The demand for distributed real-time.

Introduction to Dependability slides made with the collaboration of: Laprie, Kanoon, Romano.

©Ian Sommerville 2006Critical Systems Slide 1 Critical Systems Engineering l Processes and techniques for developing critical systems.

Systems Engineering Approach to MPS Risk Management Kelly Mahoney Presented at the Workshop for Machine Protection in Linear Accelerators.

What Exactly are the Techniques of Software Verification and Validation A Storehouse of Vast Knowledge on Software Testing.

Software Dependability CIS 376 Bruce R. Maxim UM-Dearborn.

Slide 1 Using Models Introduced in ISA-d Standard: Security of Industrial Automation and Control Systems (IACS) Rahul Bhojani ISA SP99 WG4 Meeting.

Software Metrics - Data Collection What is good data? Are they correct? Are they accurate? Are they appropriately precise? Are they consist? Are they associated.

Secure Systems Research Group - FAU 1 A survey of dependability patterns Ingrid Buckley and Eduardo B. Fernandez Dept. of Computer Science and Engineering.

Introduction to Dependability. Overview Dependability: "the trustworthiness of a computing system which allows reliance to be justifiably placed on the.

Testing Basics of Testing Presented by: Vijay.C.G – Glister Tech.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 3 Slide 1 Critical Systems 1.

1 FRENCH PROPOSAL FOR ESARR6 1 - BACKGROUND - 15/02/00 : Kick-off meeting, Presentation of the CAA/SRG input (SW01), Request from the chairman to comment.

Building Dependable Distributed Systems Chapter 1 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

Secure Systems Research Group - FAU 1 Active Replication Pattern Ingrid Buckley Dept. of Computer Science and Engineering Florida Atlantic University Boca.

CprE 545Iowa State University CprE 558: Real-Time Systems Lectures 15-16: Dependability Concepts & Faul-Tolerance.

MAFTIA Expression of Interest for DEFINE and DESIRE presented by Robert Stroud, University of Newcastle upon Tyne.

Quality Assurance.

Safety-Critical Systems 7 Summary T V - Lifecycle model System Acceptance System Integration & Test Module Integration & Test Requirements Analysis.

Defect resolution  Defect logging  Defect tracking  Consistent defect interpretation and tracking  Timely defect reporting.

CS 505: Thu D. Nguyen Rutgers University, Spring CS 505: Computer Structures Fault Tolerance Thu D. Nguyen Spring 2005 Computer Science Rutgers.

Fault Tolerance Benchmarking. 2 Owerview What is Benchmarking? What is Dependability? What is Dependability Benchmarking? What is the relation between.

12/18/20151 Computer Security Introduction. 12/18/20152 Basic Components 1.Confidentiality: Concealment of information (prevent unauthorized disclosure.

Basic Concepts of Dependability Jean-Claude Laprie DeSIRE and DeFINE Workshop — Pisa, November 2002.

MAFTIA’s Interpretation of the IFIP 10.4 Terminology Yves Deswarte LAAS-CNRS Toulouse, France David Powell.

Diversity for Dependability * Jean-Claude Laprie PRDC’99 — December 16-17, 1999 — Hong Kong * Elaboration on «Diversity against Accidental and Deliberate.

1 Fault-Tolerant Computing Systems #1 Introduction Pattara Leelaprute Computer Engineering Department Kasetsart University

Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.

Slide 1 Security Engineering. Slide 2 Objectives l To introduce issues that must be considered in the specification and design of secure software l To.

Attributes Availability Reliability Safety Confidentiality Integrity Maintainability Dependability Means Fault Prevention Fault Tolerance Fault Removal.

©Ian Sommerville 2000Dependability Slide 1 Chapter 16 Dependability.

1 Software Engineering, 8th edition. Chapter 3 Courtesy: ©Ian Sommerville 2006 Sep 16, 2008 Lecture # 3 Critical Systems.

Langley Research Center An Architectural Concept for Intrusion Tolerance in Air Traffic Networks Jeffrey Maddalon Paul Miner {jeffrey.m.maddalon,

October 22, 2005 Parvaiz Ahmed Khand An Overview of Software Safety.

SRA 2016 – Strategic Research Challenges Design Methods, Tools, Virtual Engineering Jürgen Niehaus, SafeTRANS.

Computer Security Introduction

Software Dependability

Fault Tolerance & Reliability CDA 5140 Spring 2006

Security Engineering.

Fault Tolerance In Operating System

Fault Tolerance Distributed Web-based Systems

Computer Security Introduction

Software Engineering for Safety: a Roadmap

Luca Simoncini PDCC, Pisa and University of Pisa, Pisa, Italy

Presentation transcript:

1 INTRUSION TOLERANT SYSTEMS WORKSHOP Phoenix, AZ 4 August 1999 Jaynarayan H. Lala ITS Program Manager

2 TOPICS A Dependability Framework for ITS Sharing of Documents & Results Program Review Meetings Reporting Experimentation Coordination with other IA&S Programs Other issues

3 A DEPENDABILITY FRAMEWORK FOR ITS Goal: Establish a multi-dimensional, hierarchical framework for Intrusion Tolerant Systems program Approach:  Put forward a strawman  Solicit your inputs

4 WHY DO WE NEED A FRAMEWORK? To provide a system view of intrusion tolerance. To show inter-relationships between various techniques and tools. To provide a context for evaluating applicability& effectiveness of each technique and tool. To partition ITS into its various components and assign roles & responsibilities to those components. To design & implement ITS components.

5 PITAC RECOMMENDATIONS President’s Information Technology Advisory Committee (PITAC) recommended recently (Aug. ‘98) that Federal govt. should  “… foster projects of broader scope and longer duration.”  “Increase the emphasis on projects involving multiple investigators over several years.” Each PI must look beyond his/her own research to see how it fits in the big picture, relates to other PIs’ work, and advances the strategic vision.

6 ITS DEPENDABILITY FRAMEWORK Dependability Background A Strawman ITS Framework

7 DEPENDABILITY*: AN OVERARCHING CONCEPT Dependability is defined as the trustworthiness of a computer system such that reliance can justifiably be placed on the service it delivers. *J.C. Laprie (ed.), Dependability: Basic Concepts and Terminology, Springer-Verlag, 1992.

8 DEPENDABILITY PROPERTIES Availability is the readiness for usage. Reliability is the continuity of service. Maintainability is the ease of performing maintenance actions. Safety is the avoidance of catastrophic consequences on the environment. Security is the prevention of unauthorized access (Confidentiality) and/or handling of information (Integrity).

9 IMPAIRMENTS TO DEPENDABILITY Faults, errors and failures may affect dependability properties. Faults can be categorized by  Nature Accidental or Intentional  Origin Physical or Human made Internal or External Design or Operational  Persistence Temporary or Permanent

FAULT CLASSIFICATION

11 FAILURE CLASSIFICATION Consequence Viewpoint  Benign vs. Catastrophic  Fail-Safe vs. Critical Domain Viewpoint  Timing  Value  Both Perception Viewpoint  Consistent  Byzantine

12 MEANS FOR DEPENDABILITY Methods and techniques that provide the ability to deliver a service on which reliance can be placed. Fault/Attack Prevention Fault Removal  Verification, Diagnosis, Correction Fault/Attack Tolerance  Error Processing, Fault Treatment Fault/Attack Forecasting  System Evaluation wrt Fault/Attack Occurrence

13 A STRAWMAN ITS FRAMEWORK

14 POTENTIAL DIMENSIONS OF ITS FRAMEWORK (1 of 4) Dependability Property  Confidentiality  Integrity  Availability  Other dependability properties Attack Classification  Malicious Logic  Intrusions Fault/Attack Persistence  Temporary  Permanent

15 POTENTIAL DIMENSIONS OF ITS FRAMEWORK(2 of 4) Means for Dependability  Avoidance (Prevention, Removal)  Detection  Isolation/Identification  Response (Recovery, Reconfiguration, Graceful Degradation)  System Evaluation/ Validation Attack Severity  Ankle Biters, Single Target, Benign  Terrorist, Multiple Targets, Destructive  Rate of Attack

16 POTENTIAL DIMENSIONS OF ITS FRAMEWORK(3 of 4) Avoidance & Detection Techniques  Formal Methods  Execution Monitors  Others Tolerance Techniques  Data Redundancy  Programs Redundancy  Hardware Redundancy  Communication Codes Redundancy  Information (Analytic)/Design Redundancy  Temporal Redundancy

17 POTENTIAL DIMENSIONS OF ITS FRAMEWORK(4 of 4) Maturity for Fielding  Concept Exploration  Design/Implementation  Demonstration  Validation