Models of Reliability of Fault-Tolerant Software Under Cyber-Attacks

Popov, Peter

doi:10.1109/issre.2017.23

Cited by 7 publications

(3 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…One of the most challenging parts of the work on applying diversity in practice is the justification of the effectiveness of proposed solutions due to the lack of empirical data. The use of software diversity for security and intrusion-tolerance was proposed in earlier studies reported in [19,20,21,22], which clearly showed the needs for demonstrating the applicability of the proposed architectural solutions and for evaluating their advantages to drive their design.…”

Section: From Analysing Operating System Vulnerabilities To Designingmentioning

confidence: 98%

From Analyzing Operating System Vulnerabilities to Designing Multiversion Intrusion-Tolerant Architectures

et al. 2020

View full text Add to dashboard Cite

This paper analyses security problems of modern computer systems caused by vulnerabilities in their operating systems. Our scrutiny of widely used enterprise operating systems focuses on their vulnerabilities by examining the statistical data available on how vulnerabilities in these systems are disclosed and eliminated, and by assessing their criticality. This is done by using statistics from both the National Vulnerabilities database (NVD) and the Common Vulnerabilities and Exposures system (CVE). The specific technical areas the paper covers are the quantitative assessment of forever-day vulnerabilities, estimation of days-ofrisk, the analysis of the vulnerabilities severity and their distributions by attack vector and impact on security properties. In addition, the study aims to explore those vulnerabilities that have been found across a diverse range of operating systems. This leads us to analysing how different intrusion-tolerance architectures deploying the operating system diversity impact availability, integrity and confidentiality.

show abstract

Section: From Analysing Operating System Vulnerabilities To Designingmentioning

confidence: 98%

From Analyzing Operating System Vulnerabilities to Designing Multiversion Intrusion-Tolerant Architectures

et al. 2020

View full text Add to dashboard Cite

show abstract

“…The reliability analysis is additional to the existing State Based Quantitative Dependability Analysis. It exploits Mobius's powerful and well-supported analysis capabilities as an engine for safety and security co-engineering, according to the scenario addressed in [117]. Editing Mobius models can be nontrivial, CHESS modeling language fully supports the modeling of system architectures taking into consideration safety and security co-engineering for reliability analysis with MOBIUS.…”

Section: Quantitative Reliability Analysismentioning

confidence: 99%

Low-Code Engineering for the Internet of Things

Ihirwe

2023

SSRN Journal

View full text Add to dashboard Cite

“…A system is fault-tolerant, if it can provide normal services, even facing the failures of one or more components. [16][17][18] Fault tolerance reduces the risk induced by random errors. Generally, a fault-tolerance system has the following basic characteristics: (1) all single points cannot fail simultaneously; (2) it must be equipped with mechanisms to isolate the failure components and prevent the spread of failure.…”

Section: Physical Securitymentioning

confidence: 99%

Hierarchically defining Internet of Things security: From CIA to CACA

Liu

Fang

et al. 2020

International Journal of Distributed Sensor Networks

View full text Add to dashboard Cite

With the rapid development of Internet of Things technology (e.g. wireless sensor networks), security has become a global issue. Confidentiality, integrity, and availability (known as the CIA triangle) is widely used to define and model information security. However, this CIA triangle is insufficient to address rapidly changing security requirements. In this article, we divide information systems into four layers: physical layer, operational layer, data layer, and content layers (PODC). Corresponding, hierarchy of information security is proposed. Furthermore, we define the basic security properties for each layer and show that the four properties (i.e. confidentiality, availability, controllability, and authentication, called CACA) are minimally complete and independent for information security. Based on PODC and CACA, a new definition of information security is proposed, which acts as a secure foundation for information systems.

show abstract

Models of Reliability of Fault-Tolerant Software Under Cyber-Attacks

Cited by 7 publications

References 24 publications

From Analyzing Operating System Vulnerabilities to Designing Multiversion Intrusion-Tolerant Architectures

From Analyzing Operating System Vulnerabilities to Designing Multiversion Intrusion-Tolerant Architectures

Low-Code Engineering for the Internet of Things

Hierarchically defining Internet of Things security: From CIA to CACA

Contact Info

Product

Resources

About