RST Labs Automatic Synthesis of Program- based Triggers for Intrusion Tolerance Mechanisms C C...
-
Upload
derrick-stewart -
Category
Documents
-
view
213 -
download
0
Transcript of RST Labs Automatic Synthesis of Program- based Triggers for Intrusion Tolerance Mechanisms C C...
![Page 1: RST Labs Automatic Synthesis of Program- based Triggers for Intrusion Tolerance Mechanisms C C Michael Reliable Software Technologies.](https://reader035.fdocuments.in/reader035/viewer/2022072017/56649efd5503460f94c10c5b/html5/thumbnails/1.jpg)
RST Labs
Automatic Synthesis of Program-based Triggers for Intrusion
Tolerance MechanismsC C Michael
Reliable Software Technologies
![Page 2: RST Labs Automatic Synthesis of Program- based Triggers for Intrusion Tolerance Mechanisms C C Michael Reliable Software Technologies.](https://reader035.fdocuments.in/reader035/viewer/2022072017/56649efd5503460f94c10c5b/html5/thumbnails/2.jpg)
RST Labs
Objective
• Triggers for intrusion-tolerance mechanisms• Reliable detection of events that intrusion-
tolerant systems need to know about• Based on system behavior, not the environment
(or user behavior).• Don’t try to detect the nail that’s about to puncture
the tire
• Based on domain knowledge on how the system should behave
![Page 3: RST Labs Automatic Synthesis of Program- based Triggers for Intrusion Tolerance Mechanisms C C Michael Reliable Software Technologies.](https://reader035.fdocuments.in/reader035/viewer/2022072017/56649efd5503460f94c10c5b/html5/thumbnails/3.jpg)
RST Labs
Technical Approach
• Tolerance triggers are synthesized automatically• A tolerance trigger has a model of normal system
behavior, and watches for deviations from the model.
• Intelligently model the system, don’t try to model the environment.– Probably won’t use statistical models of behavior
• Machine learning is used to build system models from automatically-generated training data.
![Page 4: RST Labs Automatic Synthesis of Program- based Triggers for Intrusion Tolerance Mechanisms C C Michael Reliable Software Technologies.](https://reader035.fdocuments.in/reader035/viewer/2022072017/56649efd5503460f94c10c5b/html5/thumbnails/4.jpg)
RST Labs
Technical Approach
• Our technical approach contains three main elements:
a. Automatic test data generation• Create structured tests that
exercise as much functionality as possible
• Observe application behavior while the tests are executed
b. Vocabulary extraction
c. Synthesis of finite automata that characterize system behavior
VE
SoFA
TDG
Behavior Model
a
b
c
observe behavior
![Page 5: RST Labs Automatic Synthesis of Program- based Triggers for Intrusion Tolerance Mechanisms C C Michael Reliable Software Technologies.](https://reader035.fdocuments.in/reader035/viewer/2022072017/56649efd5503460f94c10c5b/html5/thumbnails/5.jpg)
RST Labs
Evaluation
• Some elements of the system can be used in an LL-style evaluation.
• Quantifying performance– Begin with a statistical analysis.
• This assumes a constant operating environment but it may be all we can do without predicting the future.
• This may help us understand the domain better.
– How robust is this to environmental changes?
![Page 6: RST Labs Automatic Synthesis of Program- based Triggers for Intrusion Tolerance Mechanisms C C Michael Reliable Software Technologies.](https://reader035.fdocuments.in/reader035/viewer/2022072017/56649efd5503460f94c10c5b/html5/thumbnails/6.jpg)
RST Labs
Policy
• The default policy is: when the system behaves as intended, that’s good.– An analogy between tolerance triggering and fault
detection.
– “As intended” means whatever the developers put in the code.
• Extensions for custom policies are possible.– We have some preliminary results
![Page 7: RST Labs Automatic Synthesis of Program- based Triggers for Intrusion Tolerance Mechanisms C C Michael Reliable Software Technologies.](https://reader035.fdocuments.in/reader035/viewer/2022072017/56649efd5503460f94c10c5b/html5/thumbnails/7.jpg)
RST Labs
Major Milestones
• Year 1: Completion and evaluation of system for generating structured tests
• Year 2: Application-specific tolerance triggers• Year 3: System-wide tolerance triggers
![Page 8: RST Labs Automatic Synthesis of Program- based Triggers for Intrusion Tolerance Mechanisms C C Michael Reliable Software Technologies.](https://reader035.fdocuments.in/reader035/viewer/2022072017/56649efd5503460f94c10c5b/html5/thumbnails/8.jpg)
RST Labs
Tech Transfer
• Patent Inventions• Release and make software freely available• Market, sell, or license technology to leading
commercial vendor in market space.
![Page 9: RST Labs Automatic Synthesis of Program- based Triggers for Intrusion Tolerance Mechanisms C C Michael Reliable Software Technologies.](https://reader035.fdocuments.in/reader035/viewer/2022072017/56649efd5503460f94c10c5b/html5/thumbnails/9.jpg)
RST Labs
The Tolerance Triggering Team (so far)
C C Michael
Michael Schatz
{ccmich,mascha}@rstcorp.com
Automatic Synthesis of Program-based Triggers for Intrusion Tolerance Mechanisms
DARPA contract