Architecture-based self-protection

Schmerl, Bradley; Cámara, Javier; Gennari, Jeffrey; Garlan, David; Casanova, Paulo; Moreno, Gabriel A.; Glazier, Thomas J.; Barnes, Jeffrey M.

doi:10.1145/2600176.2600181

Cited by 30 publications

(12 citation statements)

References 29 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…These attacks exploit information exposed in one state of the system to compromise a later state that can be reached during or after adaptation. Moreover, risk identification and analysis is often performed at design time [122,227]. Runtime security analysis is required to cope with systems that adapt often and exhibit dynamic behavior.…”

Section: Discussionmentioning

confidence: 99%

“…P-III refers to enhancing security-aware adaptation with countermeasure selection. Countermeasure selection and deployment approaches have been proposed before, however, these approaches often are limited in either the kind of countermeasures that can be applied [94,204,227] or in the types of systems that they can protect. To the best of our knowledge, we lack a solution that follows a holistic approach taking into account the possible component and countermeasure configurations available to protect a software system, analyzes their effects, compatibility and costs, and identifies the best available configuration to be deployed.…”

Section: Discussionmentioning

confidence: 99%

“…The authors finally demonstrate how to incorporate their approach into Rainbow [94], a well known and adopted architecture-based self-adaptation framework. Schmerl et al [227] build upon the previous work and provide a methodology to compose security-related tactics into higher level strategies to respond to DoS attacks. They base their solution in utility theory and combine security strategies with business qualities to select the strategy that better fits the business context.…”

Section: Self-protecting Systemsmentioning

confidence: 99%

“…The patterns are implemented in a well-known exemplar SAS, by employing the Rainbow framework. In an extension of this work [227], DoS-related tactics are composed to mitigate DoS attacks and the utility-based reasoning provided in Rainbow is used to choose the best strategies to apply in the system. In contrast to the above approaches, we take into account the security risks of components' vulnerabilities while selecting a strategy to apply in the system.…”

Section: Related Workmentioning

confidence: 99%

“…Yuan et al [282] provide an architecturebased approach to self-protecting systems and proposed architectural patterns to protect a system. In an extension of that work, the authors in [227] analyzed adaptations from availability point of view to be able to mitigate DoS attacks. In the network security community, researchers have proposed a few approaches for security analysis of dynamic networks [5,92,283,284].…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

Design and Analysis of Self-protection: Adaptive Security for Software-Intensive Systems

Skandylas¹

View full text Add to dashboard Cite

Today's software landscape features a high degree of complexity, frequent changes in requirements and stakeholder goals, and uncertainty.Uncertainty and high complexity imply a threat landscape where cybersecurity attacks are a common occurrence while their consequences are often severe. Self-adaptive systems have been proposed to mitigate the complexity and frequent changes by adapting at run-time to deal with situations not known at design time.Self-adaptive systems that aim to identify, analyse and mitigate threats autonomously are called self-protecting systems.This thesis contributes approaches towards developing systems with self-protection capabilities under two perspectives. Under the first perspective, we enhance the security of component-based systems and equip them with self-protection capabilities that reduce the exposedattack surface or provide efficient defenses against identified attacks. We target systems where information about the system components and the adaptationdecisions is available, and control over the adaptation is possible. We employ runtime threat modeling and analysis using quantitative risk analysis and probabilistic verification to rank adaptations to be applied in the system in terms of their security levels. We then introduce modular and incremental verification approaches to tackle the scalability issues of probabilistic verification to be able to analyze larger-scale software systems.To protect against cyberattacks that cannot be mitigated by reducing the exposed attack surface, we propose an approach to analyze the security of different software architectures incorporating countermeasures to decide on the most suitable ones to evolve to. Under the second perspective, we study open decentralized systems where we have limited information about and limited control over the system entities. We employ decentralized information flow control mechanisms to enforce security by controlling the interactions among the system elements.We extend decentralized information flow control by incorporating trust and adding adaptationcapabilities that allow the system to identify security threats and self-organize to maximize trust between the system entities.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Discussionmentioning

confidence: 99%

Section: Self-protecting Systemsmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Design and Analysis of Self-protection: Adaptive Security for Software-Intensive Systems

Skandylas¹

View full text Add to dashboard Cite

show abstract

Software Engineering for Self-Adaptive Systems: Research Challenges in the Provision of Assurances

Lemos

Garlan

Ghezzi

et al. 2017

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

The important concern for modern software systems is to become more cost-effective, while being versatile, flexible, resilient, dependable, energy-efficient, customisable, configurable and self-optimising when reacting to run-time changes that may occur within the system itself, its environment or requirements. One of the most promising approaches to achieving such properties is to equip software systems with self-managing capabilities using self-adaptation mechanisms. Despite recent advances in this area, one key aspect of self-adaptive systems that remains to be tackled in depth is the provision of assurances, i.e., the collection, analysis and synthesis of evidence that the system satisfies its stated functional and non-functional requirements during its operation in the presence of self-adaptation. The provision of assurances for selfadaptive systems is challenging since run-time changes introduce a high degree of uncertainty. This paper on research challenges complements previous roadmap papers on software engineering for self-adaptive systems covering a different set of topics, which are related to assurances, namely, perpetual assurances, composition and decomposition of assurances, and assurances obtained from control theory. This research challenges paper is one of the many results of the Dagstuhl Seminar 13511 on Software Engineering for Self-Adaptive Systems: Assurances which took place in December 2013.

show abstract

Challenges in Composing and Decomposing Assurances for Self-Adaptive Systems

Schmerl

Andersson

Vogel

et al. 2017

Software Engineering for Self-Adaptive Systems III. Assurances

Self Cite

View full text Add to dashboard Cite

Abstract. Self-adaptive software systems adapt to changes in the environment, in the system itself, in their requirements, or in their business objectives. Typically, these systems attempt to maintain system goals at run time and often provide assurance that they will meet their goals under dynamic and uncertain circumstances. While significant research has focused on ways to engineer selfadaptive capabilities into both new and legacy software systems, less work has been conducted on how to assure that self-adaptation maintains system goals. For traditional, especially safety-critical software systems, assurance techniques decompose assurances into sub-goals and evidence that can be provided by parts of the system. Existing approaches also exist for composing assurances, in terms of composing multiple goals and composing assurances in systems of systems. While some of these techniques may be applied to self-adaptive systems, we argue that several significant challenges remain in applying them to self-adaptive systems in this chapter. We discuss how existing assurance techniques can be applied to composing and decomposing assurances for self-adaptive systems, highlight the challenges in applying them, summarize existing research to address some of these challenges, and identify gaps and opportunities to be addressed by future research.

show abstract

Architecture-based self-protection

Cited by 30 publications

References 29 publications

Design and Analysis of Self-protection: Adaptive Security for Software-Intensive Systems

Design and Analysis of Self-protection: Adaptive Security for Software-Intensive Systems

Software Engineering for Self-Adaptive Systems: Research Challenges in the Provision of Assurances

Challenges in Composing and Decomposing Assurances for Self-Adaptive Systems

Contact Info

Product

Resources

About