Research Team Status
- Project Goals
- Names of researchers and position
- David Garlan, PI, Professor
Eunsuk Kang, Professor
Bradley Schmerl, Principal Systems Scientist
Simon Chu, PhD Student
Ryan Wagner, PhD Student
- David Garlan, PI, Professor
- Any new collaborations with other universities/researchers?
- No
Project Goals
What is the current project goal?
The current goal of this project is to develop a new approach for designing a network-based computer system that is resilient against attacks, in that it is capable of preserving critical functions even if some of its components are compromised. This approach, which we call Adaptive Security Architecture, will be achieved through a combination of (1) a design-time, model-based analysis for computing the resiliency of a system architecture as a security metric (i.e. the amount of functionality that it is capable of preserving given a particular attack) and (2) a run-time adaptation method that reconfigures the system architecture and temporarily degrade system functionality to prevent the propagation of an on-going attack. This quarter's activities have been primarily focused on fleshing out an exemplar system.
How does the current goal factor into the long-term goal of the project?
The identification of an exemplar system will allow early demonstration of our techniques for resilience.
Accomplishments
What was done: The overall goal of this project is to develop a methodology for designing computer systems that are resilient, in that during an attack, they are capable of preserving critical services, even if some of the less critical functions of the system are lost. There are two major components of our methodology: (1) a design-time analysis to automatically evaluate the resilience of a system architecture and (2) a run-time framework for dynamically adapting and reconfiguring the architecture to gracefully degrade the system functionality and preserve critical services.
The focus on Year 1 is on the design-time analysis for architectural resilience. In the past quarter, we have made significant progress on the analysis, developing a prototype tool that takes as input (1) a description of the system architecture and (2) a set of desired service requirements (e.g., a hospital IT system can provide critical medical support for an ICU). Our analysis tool then automatically analyzes the trust boundaries for the given architecture and service requirements; each trust boundary describes the subset of components in the system that need to be protected in order to satisfy the corresponding service requirement. We have shown that by analyzing trust boundaries, one can pinpoint weak points that represent single points of failure, identify opportunities to redesign the system and improve its resilience, and prepare a reconfiguration plan to achieve graceful degradation during an attack.
- Next steps: In the remainder of Year 1, we plan to (1) further refine our resilience analysis tool for improved usability and scalability, (2) apply the tool to analyze the resilience of other case study systems (such as industrial control systems) beside a sample hospital IT example that we have been working with so far, and (3) prepare and publish a technical report that describes the analysis technique and the results from its applications. The outcome of these tasks should put us in a good position to tackle the problems in Year 2, which will center around the development of run-time reconfiguration and adaptation tactics for graceful degradation.
Publications and presentations
- Changjian Zhang, Parv Kapoor, Romulo Meira-Goes, David Garlan, Eunsuk Kang, Akila Ganlath, Shatadal Mishra, and Nejib Ammar. "Tolerance of Reinforcement Learning Controllers against Deviations in Cyber Physical Systems." International Symposium on Formal Methods (FM), 2024.
- David Garlan, Humanizing Software Architecture, Keynote at keynote talk at the 50th International Conference on Applications of Mathematics in Engineering and Economics (AMEE 2024, https://amee.fpmi.bg/), June 7-13, in Sozopol, Bulgaria.