Architecture-based Self-securing Systems

pdf

ABSTRACT

Despite our best attempts to ensure that software systems are secure by design and construction, deployed systems must inevitably cope with unanticipated attacks and latent vulnerabilities. Hence, a critical component of a comprehensive science for security is the ability to support run- time security enforcement, problem detection, and repair. However, today’s run-time mechanisms for handling security problems are often an ad hoc mixture of single point solutions unsupported by a unifying set of design and analysis principles. It is virtually impossible to make rigorous and assurable decisions about the kinds and levels of run time detection and prevention needed in a particular context. Our research contributes directly to this aspect of a science of security – namely, assurable run-time security enforcement and repair. Specifically, our approach recognizes that the problem is essentially one of developing closed-loop control systems that provide a supervisory level responsible for detecting and repairing security problems. It builds on prior research in architecture-based self-adaptive systems, where architecture models provide the foundation for analysis and repair.

Tags:

Carnegie Mellon University

modeling and analysis

self-security

Software Architecture

Poster

Academia

Posters

Science of Security Community Meeting, Nov '12

License: CC-2.5

Submitted by David Garlan on Thu, 12/06/2012 - 09:14