Pragmatic Directions in Engineering Secure Dependable Systems

Abstract All large and complex computer and communications systems have an intrinsic requirement to be dependable since their failure can cause significant losses in terms of life or treasure. Such the systems are expected to have the attributes of reliability , availability , safety , confidentiality , survivability , integrity , and maintainability . Current software and hardware systems continue to evolve in complexity at rapid rates. Although the increase in the complexity of single artifact (such as number of logical decision points in a software package) can often be tracked with Moore's Law like approximations, systems constructed out of larger number of smaller subsystems defy such classifications. The reason for this added complexity is that interactions between the subsystems explode exponentially in the size of the parent system. Yet all component interactions must be addressed exhaustively to predict accurate behavior of the whole system. The challenge that we face is that it is seldom possible to model or test all such interactions in a given system. As a result, building dependable complex systems with realistic assessment of risks of failure is an extremely difficult endeavor. Attempts have been made to ameliorate the difficulty in the engineering of dependable complex systems using lessons from engineering methodologies in other domains. We discuss key attributes of dependable complex systems, with a special emphasis on security where information is involved. We review classical approaches to designing, building, and maintaining dependable complex systems. We present promising features and novel ideas applicable to the lifecycle of dependable complex systems. Most of our discussion is focused within the domain of hardware and software systems. Over time, practitioners in dependable engineering have learned lessons from previous experience and continue to present prescriptive approaches discovered through research and analysis. These lessons and approaches are often applicable to other engineering domains such as construction, transportation, and industrial control. We look at specific engineering challenges and proposed solutions pertaining to the following general domains, with occasional examples from any branch of engineering: • dependable hardware/software systems; • secure dependable systems; • dependable cloud infrastructure and applications. Finally, we conclude with the observation that several approaches are applicable across all these domains and identify accessible techniques that have good potential to increase the dependability of systems. These approaches can be considered as axiomatic in building any future complex systems with a high degree of dependability.

[1]  Vladimiro Sassone,et al.  Trust in Anonymity Networks , 2010, CONCUR.

[2]  Brian Randell,et al.  Fundamental Concepts of Dependability , 2000 .

[3]  Rong-Hong Jan Design of reliable networks , 1993, Comput. Oper. Res..

[4]  E. N. Elnozahy,et al.  Checkpointing for peta-scale systems: a look into the future of practical rollback-recovery , 2004, IEEE Transactions on Dependable and Secure Computing.

[5]  Rudolf Ahlswede,et al.  Network information flow , 2000, IEEE Trans. Inf. Theory.

[6]  Randy H. Katz,et al.  Above the Clouds: A Berkeley View of Cloud Computing , 2009 .

[7]  Wilhelm Hasselbring,et al.  Toward trustworthy software systems , 2006, Computer.

[8]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[9]  Imad M. Abbadi,et al.  Toward Trustworthy Clouds' Internet Scale Critical Infrastructure , 2011, ISPEC.

[10]  Shor,et al.  Simple proof of security of the BB84 quantum key distribution protocol , 2000, Physical review letters.

[11]  Radia J. Perlman,et al.  Network security - private communication in a public world , 2002, Prentice Hall series in computer networking and distributed systems.

[12]  Paul Hofmann,et al.  Cloud Computing: The Limits of Public Clouds for Business Applications , 2010, IEEE Internet Computing.

[13]  Benjamin Edelman,et al.  Internet Filtering in China , 2003, IEEE Internet Comput..

[14]  Leah Hoffman In search of dependable design , 2008 .

[15]  Archana Ganapathi,et al.  Why Do Internet Services Fail, and What Can Be Done About It? , 2002, USENIX Symposium on Internet Technologies and Systems.

[16]  Ross J. Anderson Security engineering - a guide to building dependable distributed systems (2. ed.) , 2001 .

[17]  James A. Hendler,et al.  Information accountability , 2008, CACM.

[18]  Daniel P. Siewiorek,et al.  High-availability computer systems , 1991, Computer.

[19]  D. Vaughan Autonomy, Interdependence, and Social Control: NASA and the Space Shuttle "Challenger.". , 1990 .

[20]  David P. Anderson,et al.  Public Computing: Reconnecting People to Science , 2003 .

[21]  Tracey Ho,et al.  Resilient Network Coding in the Presence of Byzantine Adversaries , 2007, INFOCOM.

[22]  Daniel Jackson,et al.  A direct path to dependable software , 2009, CACM.

[23]  Adam Piore Planning for the black swan. , 2011, Scientific American.

[24]  Nancy R. Mead,et al.  Survivability: Protecting Your Critical Systems , 1999, IEEE Internet Comput..

[25]  Poul-Henning Kamp The one-second war , 2011, CACM.

[26]  Jan Bouda,et al.  Quantum key distribution and cryptography: a survey , 2009, Classical and Quantum Information Assurance Foundations and Practice.

[27]  J. Skaar,et al.  Hacking commercial quantum cryptography systems by tailored bright illumination , 2010, 1008.4593.

[28]  Tracey Ho,et al.  Resilient network coding in the presence of Byzantine adversaries , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[29]  Paul Gastin,et al.  CONCUR 2010 - Concurrency Theory, 21th International Conference, CONCUR 2010, Paris, France, August 31-September 3, 2010. Proceedings , 2010, CONCUR.

[30]  Debasish Ghosh DSL for the uninitiated , 2011, CACM.

[31]  Tom Leighton Given the Internet's Bottlenecks, How Can We Build Fast, Scalable, Content-delivery Systems? , .

[32]  Frank Thomson Leighton Improving performance on the internet , 2009, CACM.

[33]  Sandeep K. Shukla,et al.  Guest Editors' Introduction: Special Section on Science of Design for Safety Critical Systems , 2011, IEEE Trans. Computers.

[34]  Thomas W. Madron Network Security in the 90's: Issues and Solutions for Managers , 1992 .

[35]  James R. Larus The cloud will change everything , 2011, ASPLOS XVI.

[36]  David Hutchison,et al.  Resilience and survivability in communication networks: Strategies, principles, and survey of disciplines , 2010, Comput. Networks.

[37]  Pascal Junod,et al.  Revisiting the IDEA Philosophy , 2009, FSE.

[38]  M. Y. Hsiao,et al.  Reliability, Availability, and Serviceability of IBM Computer Systems: A Quarter Century of Progress , 1981, IBM J. Res. Dev..

[39]  Angappa Gunasekaran,et al.  Enterprise information systems project implementation:: A case study of ERP in Rolls-Royce , 2004 .