Resiliency

Image removed.

The European-based Resilience and Survivability for Future Networking: Framework, Mechanisms, and Experimental Evaluation (ResumeNET) project, defines resiliency as “the ability to provide and maintain an acceptable level of service in the face of faults and challenges to normal operations.” This broad definition includes both natural disasters and man-made intrusions. The articles cited here focus on resiliency amid cyber-attacks. Specific works address botnets, cross layer network design, finding disjoint linear codes, many core systems, redundant paths, and multiagent consensus networks.

  • "Studies on Resilient Control Through Multiagent Consensus Networks Subject to Disturbances,"  Meng, D.; Moore, K.L., Cybernetics, IEEE Transactions on, vol.PP, no.99, pp.1,1, 10 February 2014.  (ID#:14-1236) Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6736064&isnumber=6352949 Resiliency is one of the most critical objectives found in complex industrial applications today and designing control systems to provide resiliency is an open problem. This paper proposes resilient control design guidelines for industrial systems that can be modeled as networked multiagent consensus systems subject to disturbances or noise. The authors give a general analysis of multiagent consensus networks in the presence of different disturbances from the input-to-output stability point of view. Using a nonsingular linear transformation, some necessary and sufficient results are established for disturbed multiagent consensus networks by taking advantage of the input-to-state stability theory, based on which the disturbance rejection performance is analyzed in three cases separated by the spaces of disturbances and state disagreements between agents. It is shown that the linear matrix inequality technique can be adopted to determine the optimal disturbance rejection indexes for all the three cases. In addition, two illustrative numerical examples are given to demonstrate the derived consensus results for different types of directed graphs and subject to different classes of disturbances.
  • "A Process-Variation Resilient Current Mode Logic With Simultaneous Regulations for Time Constant, Voltage Swing, Level Shifting, and DC Gain Using Time-Reference-Based Adaptive Biasing Chain," Jeon, H.-J.; Silva-Martinez, J.; Hoyos, S., Very Large Scale Integration (VLSI) Systems, IEEE Transactions on, vol.PP, no.99, pp.1,1 14 February 2014.  (ID#:14-1237) Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6740824&isnumber=4359553 A process-variation resilient current mode logic (CML) is presented. The proposed CML employs time-reference-based adaptive biasing chain with replica load to address performance degradation over the process variations. It adjusts variable load resistor to simultaneously regulate time constant, voltage swing, level shifting, and DC gain. The prototype demonstrates the process-variation resiliency of the proposed solution by showing performance degradation over the process corners. Over 20% of polygate resistance variation, the proposed CML suppresses the degradation of speed and rms jitter less than 4.3% and 0.15 ps while conventional CML results in 13% and 3.8-ps degradation, respectively.
  • "Robust and Reverse-Engineering Resilient PUF Authentication and Key-Exchange by Substring Matching," Rostami, M.; Majzoobi, M.; Koushanfar, F.; Wallach, D.; Devadas, S., Emerging Topics in Computing, IEEE Transactions on , vol.PP, no.99, pp.1,1 January 2014.  (ID#:14-1238) Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6714458&isnumber=6558478  This paper proposes novel robust and low-overhead Physical Unclonable Function (PUF) authentication and key exchange protocols that are resilient against reverse-engineering attacks. The protocols are executed between a party with access to a physical PUF (Prover) and a trusted party who has access to the PUF compact model (Verifier). The proposed protocols do not follow the classic paradigm of exposing the full PUF responses or a transformation of them. Instead, random subsets of PUF response strings are sent to the Verifier so the exact position of the subset is obfuscated for the third-party channel observers. Authentication of the responses at the Verifier side is done by matching the substring to the available full response string; the indaex of the matching point is the actual obfuscated secret (or key) and not the response substring itself. The authors perform a thorough analysis of resiliency of the protocols against various adversarial acts, including machine learning and statistical attacks. The attack analysis guides them in tuning the parameters of the protocol for an efficient and secure implementation. The low overhead and practicality of the protocols are evaluated and confirmed by hardware implementation.
  • "Wide-Area Control Resiliency Using Redundant Communication Paths," Zhang, S.; Vittal, V., Power Systems, IEEE Transactions on, vol.PP, no.99, pp.1,11, January 2014.  (ID#:14-1239) Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6728664&isnumber=4374138 With significant investment made in the U.S. in deploying synchrophasor measurement technology, more wide-area measurements will be available and controls based on these signals are likely to be adopted. Communication systems play a critical role in interactive grid control as an indispensable medium to transmit wide-area measurements; however, they are vulnerable to disruptions leading to the risk of destabilizing power systems. This work addresses a critical issue related to engineering resilient cyber-physical systems. The proposed framework utilizes a hierarchical set of wide-area measurements for control and employs channel switching based on mathematical morphology identification to counteract the impact of communication failures on control effectiveness. The proposed control framework incorporating a set of synchronized wide-area measurements is designed to consist of multiple single-input single-output supplementary damping controllers associated with a static VAr compensator. This work is particularly important with regard to leveraging the large investment in installing phasor measurement units across the nation.
  • "Access Versus Bandwidth in Codes for Storage," Tamo, I.; Wang, Z.; Bruck, J.,  Information Theory, IEEE Transactions on , vol.60, no.4, pp.2028,2037, April 2014.  (ID#:14-1240) Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6737213&isnumber=6766686 Maximum distance separable (MDS) codes are widely used in storage systems to protect against disk (node) failures. A node is said to have capacity $l$  over some field $BBF$, if it can store that amount of symbols of the field. An $(n,k,l)$ MDS code uses $n$ nodes of capacity $l$  to store $k$ information nodes. The MDS property guarantees the resiliency to any $n-k$ node failures. An optimal bandwidth (respectively, optimal access) MDS code communicates (respectively, accesses) the minimum amount of data during the repair process of a single failed node. It was shown that this amount equals a fraction of $1/(n-k)$ of data stored in each node. In previous optimal bandwidth constructions, $l$ scaled polynomially with $k$ in codes when the asymptotic rate is less than 1. Moreover, in constructions with a constant number of parities, i.e., when the rate approaches 1, $l$ is scaled exponentially with $k$. In this paper, the authors focus on the case of linear codes with linear repair operations and constant number of parities $n-k=r$, and ask the following question: given the capacity of a node $l$ what is the largest number of information disks $k$ in an optimal bandwidth (respectively, access) $(k+r,k,l)$ MDS code? They give an upper bound for the general case, and two tight bounds in the special cases of two important families of codes. The first is a family of codes with optimal update property, and the second is a family with optimal access property. Moreover, the bounds show that in some cases optimal-bandwidth codes have larger $k$ than optimal-access codes, and therefore these two measures are not equivalent.
  • "Resiliency for many-core system on a chip," Karnik, T.; Tschanz, J.; Borkar, N.; Howard, J.; Vangal, S.; De, V.; Borkar, S., Design Automation Conference (ASP-DAC), 2014 19th Asia and South Pacific, vol., no., pp.388,389, 20-23 Jan. 2014.  (ID#:14-1241) Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6742921&isnumber=6742831 This paper discusses dynamic and static variation tolerance, and the adaptive clocking approach designed to greatly improve throughout and bandwidth, while conserving energy. This article also broaches the subject of resiliency in many-core microprocessors.
  • "Constructions of Resilient S-Boxes With Strictly Almost Optimal Nonlinearity Through Disjoint Linear Codes," Wei-Guo Zhang; Pasalic, E., Information Theory, IEEE Transactions on , vol.60, no.3, pp.1638,1651, March 2014.  (ID#:14-1242) Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6712115&isnumber=6739111 In this paper, a novel approach of finding disjoint linear codes is presented. The cardinality of a set of [u, m, t+1] disjoint linear codes largely exceeds all the previous best known methods used for the same purpose. Using such sets of disjoint linear codes, not necessarily of the same length, we have been able to provide a construction technique of t-resilient S-boxes F:F2n→2m ( n even, ) with strictly almost optimal nonlinearity . This is the first time that the bound 2n-1-2n/2 has been exceeded by multiple output resilient functions. Actually, the nonlinearity of our functions is in many cases equal to the best known nonlinearity of balanced Boolean functions. A large class of previously unknown cryptographic resilient S-boxes is obtained, and several improvements of the original approach are proposed. Some other relevant cryptographic properties are also briefly discussed. It is shown that these functions may reach Siegenthaler's bound n-t-1, and can be either of optimal algebraic immunity or of slightly suboptimal algebraic immunity, which was confirmed by simulations.
  • "Cross-layer resilient system design," Tahoori, M., Design and Diagnostics of Electronic Circuits & Systems (DDECS), 2013 IEEE 16th International Symposium on , vol., no., pp.10,10, 8-10 April 2013.  (ID#:14-1243) Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6549779&isnumber=6549768 Summary form only given. Improvements in chip manufacturing technology have propelled an astonishing growth of computing systems which are integrated into our daily lives. However, this trend is facing serious challenges, both at device and system levels. At the device level, as the minimum feature size continues to shrink, a host of vulnerabilities influence the robustness, reliability, and availability of embedded and critical systems. Some of these factors are caused by the stochastic nature of the nanoscale manufacturing process (e.g., process variability, sub-wavelength lithographic inaccuracies), while other factors appear because of high frequencies and nanoscale features (e.g. RLC noise, on-chip temperature variation, increased sensitivity to radiation and transistor aging). At the other end of the spectrum, these systems are seeing a tremendous increase in software content. Whereas traditional software design paradigms have assumed that the underlying hardware is fully predictable and error-free, there is now a critical need to build a software stack that is responsive to variations, and resilient against emerging vulnerabilities in the underlying hardware. To cost-efficiently tackle resiliency challenges, a new “cross-layer” trend has emerged in which different levels of design stacks, in hardware and software, work together to find a globally optimal solution. The interdisciplinary topic of cross layer resiliency cross various disciplines and requires collaboration and cooperation of various communities such as design automation, testing and design for testability, computer architecture, embedded systems and software, validation and verification, fabrication, device, circuits, and systems. Such cross-layer approach will lead to possible paradigm shifts to consider reliability throughout the design flow, from devices to systems and applications.
  • "A Next-Generation Approach to Combating Botnets," Alhomoud, A.; Awan, I.; Disso, J.F.P.; Younas, M., Computer, vol.46, no.4, pp.62,66, April 2013.  (ID#:14-1244) Available at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6459493&isnumber=6494531 As part of a defense-in-depth security solution for domain-controlled enterprise networks, a proposed self-healing system architecture is designed to increase resiliency against botnets with minimal disruption to network services.

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to SoS.Project (at) SecureDataBank.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.