Research Team Status

  • Names of researchers and position 

    David Garlan, PI, Professor
    Eunsuk Kang, Professor
    Bradley Schmerl, Principal Systems Scientist
    Simon Chu, PhD Student
    Ryan Wagner, PhD Student

  • Any new collaborations with other universities/researchers?

Project Goals

  • What is the current project goal?
    The current goal of this project is to develop a new approach for designing a network-based computer system that is resilient against attacks, in that it is capable of preserving critical functions even if some of its components are compromised. This approach, which we call Adaptive Security Architecture, will be achieved through a combination of (1) a design-time, model-based analysis for computing the resiliency of a system architecture as a security metric (i.e. the amount of functionality that it is capable of preserving given a particular attack) and (2) a run-time adaptation method that reconfigures the system architecture and temporarily degrade system functionality to prevent the propagation of an on-going attack. This quarter's activities have been primarily focused on fleshing out an exemplar system. 
  • How does the current goal factor into the long-term goal of the project?

    The identification of an exemplar system will allow early demonstration of our techniques for resilience.

Accomplishments

  • Address whether project milestones were met. If milestones were not met, explain why, and what are the next steps.
     As this was the first quarter of the project, the work done involved laying a theoretical foundation for adaptive security architecture: Formalizing key concepts such as resilience, graceful degradation, and trust boundaries, selecting an appropriate modeling language for specifying system architectures, understanding differences from existing approaches (such as zero trust architecture), and identifying target systems to use as case studies throughout the project. The milestones were mostly met, as we are converging to a formal framework for designing and reasoning about architectures with resilience and adaptation as first-class concepts. 
  • What is the contribution to foundational cybersecurity research? Was there something discovered or confirmed?
    Although further validation is needed, we believe that our notion of resilience could be used as a new type of security metric, for evaluating and comparing design alternatives with respect to their ability to tolerate attacks and preserve critical functionality. 
  • Impact of research
    As the project is still in an early stage, the impact of this research has not yet been demonstrated.  

Publications and presentations

  • A research publication titled "Integrating Graceful Degradation and Recovery through Requirement-driven Adaptation" will be presented at the upcoming International Conference on Software Engineering for Adaptive and Self-Managing Systems (SEAMS 2024). Although this work was done before this project, it has strong relevance and could serve as a basis for the development of the proposed run-time adaptation architecture.