Embed Size (px)
Citation preview
RST Labs
Automatic Synthesis of Program-based Triggers for Intrusion
Tolerance MechanismsC C Michael
Reliable Software Technologies
RST Labs
Objective
• Triggers for intrusion-tolerance mechanisms• Reliable detection of events that intrusion-
tolerant systems need to know about• Based on system behavior, not the environment
(or user behavior).• Don’t try to detect the nail that’s about to puncture
the tire
• Based on domain knowledge on how the system should behave
RST Labs
Technical Approach
• Tolerance triggers are synthesized automatically• A tolerance trigger has a model of normal system
behavior, and watches for deviations from the model.
• Intelligently model the system, don’t try to model the environment.– Probably won’t use statistical models of behavior
• Machine learning is used to build system models from automatically-generated training data.
RST Labs
Technical Approach
• Our technical approach contains three main elements:
a. Automatic test data generation• Create structured tests that
exercise as much functionality as possible
• Observe application behavior while the tests are executed
b. Vocabulary extraction
c. Synthesis of finite automata that characterize system behavior
VE
SoFA
TDG
Behavior Model
a
b
c
observe behavior
RST Labs
Evaluation
• Some elements of the system can be used in an LL-style evaluation.
• Quantifying performance– Begin with a statistical analysis.
• This assumes a constant operating environment but it may be all we can do without predicting the future.
• This may help us understand the domain better.
– How robust is this to environmental changes?
RST Labs
Policy
• The default policy is: when the system behaves as intended, that’s good.– An analogy between tolerance triggering and fault
detection.
– “As intended” means whatever the developers put in the code.
• Extensions for custom policies are possible.– We have some preliminary results
RST Labs
Major Milestones
• Year 1: Completion and evaluation of system for generating structured tests
• Year 2: Application-specific tolerance triggers• Year 3: System-wide tolerance triggers
RST Labs
Tech Transfer
• Patent Inventions• Release and make software freely available• Market, sell, or license technology to leading
commercial vendor in market space.
RST Labs
The Tolerance Triggering Team (so far)
C C Michael
Michael Schatz
{ccmich,mascha}@rstcorp.com
Automatic Synthesis of Program-based Triggers for Intrusion Tolerance Mechanisms
DARPA contract
