![[SDL Logo]](../images/sdl.gif)
![[...]](../images/1x1.gif){kind=small}
|
|
|
System Design Laboratory
Dependable Systems Architectures |
|
![[]](../images/arrow.gif){kind=icon} |
Cyberscience |
|
DASADA |
|
Ants |
![[]](../images/arrow_on.gif){kind=icon} |
ITSA |
Average software engineering practice and average system complexity produce systems that typically have numerous vulnerabilities. Designing a system with maximal security assurance requires avoiding introducing vulnerabilities in the first place, removing known vulnerabilities, and stopping known vulnerabilities whose removal is not practical from being exploited by attackers.
Intrusion tolerance is the ultimate defense and assumes that unknown or unmitigated vulnerabilities remain in the system. The objective of intrusion tolerance is to maintain acceptable (but possibly degraded) system services when intrusions occur.
We intend to define abstract intrusion-tolerance properties at the architectural level and study mechanisms that can be used to ensure these properties. We will be able to decompose emergent intrusion tolerance properties into much simpler, directly verifiable architectural properties.
We will investigate definitions of levels of intrusion tolerance, based on acceptable risk and balanced protection.
We will define architectural refinement patterns and architectural styles that are relevant for building intrusion tolerant architectures.
We will examine how our ideas can be applied in the development of real systems.
Documents and PresentationsPeople
Project Partners
- NAI Labs: Lee Benzinger (lee_benzinger@nai.com) and Jan Filsinger (janf@tislabs.com)
Related Sites
![[top]](../images/b_nav1.gif){kind=small}
![[copyright]](../images/b_logo.gif){kind=logo}