9
RST Labs Automatic Synthesis of Program-based Triggers for Intrusion Tolerance Mechanisms C C Michael Reliable Software Technologies

RST Labs Automatic Synthesis of Program- based Triggers for Intrusion Tolerance Mechanisms C C Michael Reliable Software Technologies

Embed Size (px)

Citation preview

Page 1: RST Labs Automatic Synthesis of Program- based Triggers for Intrusion Tolerance Mechanisms C C Michael Reliable Software Technologies

RST Labs

Automatic Synthesis of Program-based Triggers for Intrusion

Tolerance MechanismsC C Michael

Reliable Software Technologies

Page 2: RST Labs Automatic Synthesis of Program- based Triggers for Intrusion Tolerance Mechanisms C C Michael Reliable Software Technologies

RST Labs

Objective

• Triggers for intrusion-tolerance mechanisms• Reliable detection of events that intrusion-

tolerant systems need to know about• Based on system behavior, not the environment

(or user behavior).• Don’t try to detect the nail that’s about to puncture

the tire

• Based on domain knowledge on how the system should behave

Page 3: RST Labs Automatic Synthesis of Program- based Triggers for Intrusion Tolerance Mechanisms C C Michael Reliable Software Technologies

RST Labs

Technical Approach

• Tolerance triggers are synthesized automatically• A tolerance trigger has a model of normal system

behavior, and watches for deviations from the model.

• Intelligently model the system, don’t try to model the environment.– Probably won’t use statistical models of behavior

• Machine learning is used to build system models from automatically-generated training data.

Page 4: RST Labs Automatic Synthesis of Program- based Triggers for Intrusion Tolerance Mechanisms C C Michael Reliable Software Technologies

RST Labs

Technical Approach

• Our technical approach contains three main elements:

a. Automatic test data generation• Create structured tests that

exercise as much functionality as possible

• Observe application behavior while the tests are executed

b. Vocabulary extraction

c. Synthesis of finite automata that characterize system behavior

VE

SoFA

TDG

Behavior Model

a

b

c

observe behavior

Page 5: RST Labs Automatic Synthesis of Program- based Triggers for Intrusion Tolerance Mechanisms C C Michael Reliable Software Technologies

RST Labs

Evaluation

• Some elements of the system can be used in an LL-style evaluation.

• Quantifying performance– Begin with a statistical analysis.

• This assumes a constant operating environment but it may be all we can do without predicting the future.

• This may help us understand the domain better.

– How robust is this to environmental changes?

Page 6: RST Labs Automatic Synthesis of Program- based Triggers for Intrusion Tolerance Mechanisms C C Michael Reliable Software Technologies

RST Labs

Policy

• The default policy is: when the system behaves as intended, that’s good.– An analogy between tolerance triggering and fault

detection.

– “As intended” means whatever the developers put in the code.

• Extensions for custom policies are possible.– We have some preliminary results

Page 7: RST Labs Automatic Synthesis of Program- based Triggers for Intrusion Tolerance Mechanisms C C Michael Reliable Software Technologies

RST Labs

Major Milestones

• Year 1: Completion and evaluation of system for generating structured tests

• Year 2: Application-specific tolerance triggers• Year 3: System-wide tolerance triggers

Page 8: RST Labs Automatic Synthesis of Program- based Triggers for Intrusion Tolerance Mechanisms C C Michael Reliable Software Technologies

RST Labs

Tech Transfer

• Patent Inventions• Release and make software freely available• Market, sell, or license technology to leading

commercial vendor in market space.

Page 9: RST Labs Automatic Synthesis of Program- based Triggers for Intrusion Tolerance Mechanisms C C Michael Reliable Software Technologies

RST Labs

The Tolerance Triggering Team (so far)

C C Michael

Michael Schatz

{ccmich,mascha}@rstcorp.com

Automatic Synthesis of Program-based Triggers for Intrusion Tolerance Mechanisms

DARPA contract