basic concepts and taxonomy of dependable and secure
play

Basic Concepts and Taxonomy of Dependable and Secure Computing - PDF document

Jan 28, 2023 •344 likes •640 views

Basic Concepts and Taxonomy of Dependable and Secure Computing Presented By H. Momeni Instructor: Dr. Abdollahi Azgomi Reliable Software Design Course Iran University of Science and Technology Spring 2007 The Basic Concepts

  1. Basic Concepts and Taxonomy of Dependable and Secure Computing Presented By H. Momeni Instructor: Dr. Abdollahi Azgomi Reliable Software Design Course Iran University of Science and Technology Spring 2007 The Basic Concepts • System Function, Behavior, Structure, and Service • The Threats to Dependability and Security • Dependability, Security, and Their Attributes • The Means to Attain Dependability and Security Reliable Software Design Course 2 Spring 2007 - IUST 1

  2. System Function • System is an entity that interacts with its environment (other systems, hardware, software, humans) • Systems are characterized by fundamental properties: functionality, performance, dependability and security, and cost • The function of a system is what the system is intended to do and is described by the functional specification Reliable Software Design Course 3 Spring 2007 - IUST Behavior • The behavior of a system is what the system does to implement its function and is described by a sequence of states. • The total state of a given system is the set of the following states: computation, communication, stored information, interconnection, and physical condition. Reliable Software Design Course 4 Spring 2007 - IUST 2

  3. Structure • The structure of a system is what enables it to generate the behavior • A system is composed of a set of components bound together in order to interact Reliable Software Design Course 5 Spring 2007 - IUST Service • The service delivered by a system is its behavior as it is perceived by its users • A user is another system that receives service from the provider • The part of the provider’s total state that is perceivable at the service interface is its external state. Reliable Software Design Course 6 Spring 2007 - IUST 3

  4. The Threats to Dependability and Security Concepts • Correct service is delivered when the service implements the system function. • Service failure, is an event that occurs when the delivered service deviates from correct service • A service failure is a transition from correct service to incorrect service to not implementing the system function • Service outage: the period of delivery of incorrect service • Service restoration: transition from incorrect service to correct service Reliable Software Design Course 7 Spring 2007 - IUST Threats • A service failure means that at least on ore more external state of the system deviate from the correct service state. • The deviation is called an error • Error is the part of the total state of the system that may lead to service failure • The cause of a error is called a fault • A fault is active when it cause an error, otherwise is dormant Reliable Software Design Course 8 Spring 2007 - IUST 4

  5. Dependability and Security Attributes • The original definition of dependability is the ability to deliver service that can justifiably be trusted. • Dependability attributes: – availability: readiness for correct service. – reliability: continuity of correct service. – safety: absence of catastrophic consequences on the users and the environment. – integrity: absence of improper system alterations. – maintainability: ability to undergo modifications and repairs. Reliable Software Design Course 9 Spring 2007 - IUST Dependability and Security Attributes (cont’d) • Security attributes: – availability: for authorized action – confidentiality: absence of unauthorized disclosure of information – integrity: absence of unauthorized system alterations. Reliable Software Design Course 10 Spring 2007 - IUST 5

  6. The Means to Attain Dependability and Security • Fault prevention – prevent the occurrence or introduction of faults . • Fault tolerance – avoid service failures in the presence of faults. • Fault removal – reduce the number and severity of faults. • Fault forecasting – estimate the present number, the future incidence and the likely consequences of faults. Reliable Software Design Course 11 Spring 2007 - IUST System Lifecycle 1. Development phase � System interact with development environment and related faults � Development environment � Physical world � Human developer � Development tools � Production and test facilities Reliable Software Design Course 12 Spring 2007 - IUST 6

  7. System Lifecycle (cont’d) 2. Use phase • Begins when the system is accepted for use and starts the service delivery • Three periods: � Service delivery � Service outage: service failure � Service shutdown: intentional halt of service by an authorized entity • System interacts with its use environment: � Physical world, administrators, users, providers, infrastructure, intruders Maintenance may take place during all three periods of the use phase Reliable Software Design Course 13 Spring 2007 - IUST Maintenance Reliable Software Design Course 14 Spring 2007 - IUST 7

  8. Maintenance vs. fault tolerance • Distinction between fault tolerance and maintenance: maintenance involves the participation of an external agent, e.g., a repairman, test equipment, remote reloading of software • Repair is part of fault removal (during the use phase) Reliable Software Design Course 15 Spring 2007 - IUST Taxonomy of Faults • All faults that may affect a system during its life are classified according to eight basic viewpoints • If all combinations of the eight elementary fault classes were possible, there would be 256 different combined fault classes • 31 faults have been identified Reliable Software Design Course 16 Spring 2007 - IUST 8

  9. Reliable Software Design Course 17 Spring 2007 - IUST Taxonomy of Faults (cont’d) • All 31 combined faults are categorized to three major overlapping groups: – Development faults : occurring during development – Physical faults: affect hardware – Interaction faults: external faults Reliable Software Design Course 18 Spring 2007 - IUST 9

  10. Reliable Software Design Course 19 Spring 2007 - IUST Reliable Software Design Course 20 Spring 2007 - IUST 10

  11. Human made faults • Two basic classes 1. Nonmalicious faults :introduced without malicious objectives • nondeliberate faults that are due to mistakes • deliberate faults that are due to bad decisions � It is usually considered that both mistakes and bad decisions are accidental. � Some very harmful mistakes and very bad decisions are made by persons who lack professional competence to do the job (incompetence) Reliable Software Design Course 21 Spring 2007 - IUST Human made faults (cont’d) 2. Malicious faults: introduced during either system development with the objective to cause harm to the system during its use Goals: – To disrupt or halt service (DoS) – Access confidential information – Improperly modify the system Classes: – Malicious logic faults: Trojan horses, logic or timing bombs, viruses, worms,… – Intrusion attempts: power fluctuation, radiation,… Reliable Software Design Course 22 Spring 2007 - IUST 11

  12. Malicious logic faults Reliable Software Design Course 23 Spring 2007 - IUST Interaction faults • Occur during the use phase – Operational faults – External faults – Human made faults A broad class of human-made operational faults are configuration faults, i.e., wrong setting of parameters that can affect security, networking, storage, middleware • Reconfiguration faults: occur during configuration changes concurrently with system operation Reliable Software Design Course 24 Spring 2007 - IUST 12

  13. Failures 1. Service failure • An event that occurs when the delivered service deviates from correct service. 2. Development failure • Be introduced into the system being developed by its environment, especially by human developers, development tools and production facilities. 3. Dependability and security failures • occurs when the given system suffers service failures more frequently or more severely than acceptable Reliable Software Design Course 25 Spring 2007 - IUST Service Failures • The service failures modes characterize according to four viewpoints: 1. Failure domain 2. Detectability of failures 3. Consistency of failures 4. Consequence of failures on the environment Reliable Software Design Course 26 Spring 2007 - IUST 13

  14. Failure domain viewpoint failure modes • content failures: service content deviates from implementing the system function • timing failures: timing of service delivery deviates from implementing the system function • halt failures: when the service is halted (silent failure) • erratic failures: a service delivered but is erratic Reliable Software Design Course 27 Spring 2007 - IUST Detectability viewpoint failure modes • The detectability viewpoint addresses the signaling of service failures to the users • Signaling at the service interface originates from detecting mechanisms in the system that check the correctness of the delivered service. – signaled failures: when the losses are detected and signaled by a warning signal – unsignaled failures: otherwise • The detecting mechanisms themselves have two failure modes : – signaled failures :signaling a loss of function when no failure has actually occurred (false alarm) – unsignaled failures: not signaling a function loss Reliable Software Design Course 28 Spring 2007 - IUST 14

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

MAFTIA: FTI Dependability: Basic Concepts and Terminology a European project for [Laprie 1992]

MAFTIA: FTI Dependability: Basic Concepts and Terminology a European project for [Laprie 1992]

Fundamental Concepts of Dependability [Avizienis, Laprie & Randell 2001] MAFTIA: FTI Dependability: Basic Concepts and Terminology a European project for [Laprie 1992] Intrusion-tolerant data processing dependable Internet applications

484 views • 11 slides
Fourth Workshop on Dependable and Secure Nanocomputing Organizers: Jean Arlat, LAAS- CNRS

Fourth Workshop on Dependable and Secure Nanocomputing Organizers: Jean Arlat, LAAS- CNRS

The 40th Annual IEEE/IFIP International Conference on Dependable Systems and Networks June 28-July 1, 2010 Chicago, IL, USA Fourth Workshop on Dependable and Secure Nanocomputing Organizers: Jean Arlat, LAAS- CNRS Cristian

198 views • 9 slides
Towards Secure and Dependable So2ware-Defined Networks Diego

Towards Secure and Dependable So2ware-Defined Networks Diego

Towards Secure and Dependable So2ware-Defined Networks Diego Kreutz, Fernando M. V. Ramos, Paulo Verssimo LaSIGE/FCUL, University of Lisbon SDN in short

561 views • 30 slides
Basic Concepts of I R: Outline Basic Concepts of Information Retrieval: Task definition of

Basic Concepts of I R: Outline Basic Concepts of Information Retrieval: Task definition of

CS490W: Web I nformation Search & Management CS-490W Web Information Search & Management Basic Concepts of Information Retrieval Luo Si Department of Computer Science Purdue University Basic Concepts of I R: Outline Basic Concepts of

664 views • 30 slides
Part I - Basic concepts of thermochronology Basic concepts of thermochronology

Part I - Basic concepts of thermochronology Basic concepts of thermochronology

Class overview today - December 2, 2019 Part I - Basic concepts of thermochronology Basic concepts of thermochronology Estimating closure temperatures Part II - Low-temperature thermochronology (online only) Definition of

951 views • 51 slides
Part I - Basic concepts of thermochronology Basic concepts of thermochronology

Part I - Basic concepts of thermochronology Basic concepts of thermochronology

Class overview today - December 2, 2019 Part I - Basic concepts of thermochronology Basic concepts of thermochronology Estimating closure temperatures Part II - Low-temperature thermochronology (online only) Definition

815 views • 35 slides
Part I - Basic concepts of thermochronology Basic concepts of thermochronology

Part I - Basic concepts of thermochronology Basic concepts of thermochronology

Class overview today - December 2, 2019 Part I - Basic concepts of thermochronology Basic concepts of thermochronology Estimating closure temperatures Part II - Low-temperature thermochronology (online only) Definition of

695 views • 31 slides
Survival analysis : from basic concepts to open research questions Ecole dt,

Survival analysis : from basic concepts to open research questions Ecole dt,

Survival analysis : from basic concepts to open research questions Ecole dt, Villars-sur-Ollon, 2-5 September 2018 Ingrid Van Keilegom ORSTAT KU Leuven Table of Contents Basic concepts 1 Basic concepts Cure models Introduction

2.57k views • 176 slides
Abstracting concepts from text documents by using a taxonomy E. Chernyak 1,4 , O. Chugunova 1 , J.

Abstracting concepts from text documents by using a taxonomy E. Chernyak 1,4 , O. Chugunova 1 , J.

Abstracting concepts from text documents by using a taxonomy E. Chernyak 1,4 , O. Chugunova 1 , J. Askarova 1 , S. Nascimento 2 , B. Mirkin 1,3 1 Division of Applied Mathematics and Informatics, NRU-HSE, Moscow, Russia 2 Department of Informatics,

517 views • 13 slides
Classification 1 Classification: Basic Concepts and Methods Classification: Basic Concepts

Classification 1 Classification: Basic Concepts and Methods Classification: Basic Concepts

Classification 1 Classification: Basic Concepts and Methods Classification: Basic Concepts Decision Tree Bayes Classification Methods Model Evaluation and Selection Ensemble Methods 2 Motivating Example Fruit

853 views • 66 slides
BLOOMS TAXONOMY At the end of this workshop you will be able to: Explain what a Taxonomy

BLOOMS TAXONOMY At the end of this workshop you will be able to: Explain what a Taxonomy

Presented by: Gerry Maloney Ciarn Muirgheasa Lorna Wilson BLOOMS TAXONOMY At the end of this workshop you will be able to: Explain what a Taxonomy is. Define Blooms Taxonomy. Recognise and Understand the 6 different

1.83k views • 42 slides
Nucleic Acids Basic Concepts Basic Concepts Nucleic Acids David Murray PhD UCD|Mater

Nucleic Acids Basic Concepts Basic Concepts Nucleic Acids David Murray PhD UCD|Mater

Nucleic Acids Basic Concepts Basic Concepts Nucleic Acids David Murray PhD UCD|Mater Clinical Research Centre UCD School of Medicine and Medical Sciences Mater Misericordiae University Hospital Dublin DNA and RNA are Nucleic Acids

1.76k views • 136 slides
Soft Error Rate Trends 4th Workshop on Dependable and Secure Nanocomputing (WDSN-10) Alan Wood

Soft Error Rate Trends 4th Workshop on Dependable and Secure Nanocomputing (WDSN-10) Alan Wood

<Insert Picture Here> Soft Error Rate Trends 4th Workshop on Dependable and Secure Nanocomputing (WDSN-10) Alan Wood June 28, 2010 Shameless Advertisements Presentation data came from the 2010 Workshop on System Effects of Logic

294 views • 18 slides
Basic Concepts G. Urvoy-Keller urvoy@unice.fr Probabilty and Statistics Outline Basic concepts

Basic Concepts G. Urvoy-Keller urvoy@unice.fr Probabilty and Statistics Outline Basic concepts

Basic Concepts G. Urvoy-Keller urvoy@unice.fr Probabilty and Statistics Outline Basic concepts Probability Conditional Probability Moments Common Distributions Binomial Zipf Poisson Uniform

1.04k views • 86 slides
AmI Taxonomy AmI Taxonomy Network Characteristics of the technologies allowing devices to

AmI Taxonomy AmI Taxonomy Network Characteristics of the technologies allowing devices to

AmI Taxonomy file:///D:/Mirror/elite/Didattica/Laurea/01PRD Ambient Intelligence/sl... AmI Taxonomy AmI Taxonomy Network Characteristics of the technologies allowing devices to communicate an collaborate in the exchange of information.

205 views • 9 slides
Luo Si Department of Computer Science Purdue University Basic Concepts of IR: Outline Basic

Luo Si Department of Computer Science Purdue University Basic Concepts of IR: Outline Basic

CS473: CS-473 Basic Concepts of Information Retrieval Luo Si Department of Computer Science Purdue University Basic Concepts of IR: Outline Basic Concepts of Information Retrieval: Task definition of Ad-hoc IR Terminologies and

634 views • 59 slides
improvement of productivity of TWR process Jan Alexander Langlo, Aslak Wegner Eide, Amela

improvement of productivity of TWR process Jan Alexander Langlo, Aslak Wegner Eide, Amela

Usefulness of FMECA for improvement of productivity of TWR process Jan Alexander Langlo, Aslak Wegner Eide, Amela Karahasanovi , Lisbeth Hansson, Hans Erik Swendgaard, Bjrn Andersen Theodor Zeh , Stephan Kind Karl-Herbert Rokitansky, Thomas

411 views • 18 slides
Exam Monday, July 26, 2010, 10-12 90 Minutes Same room: 01.11.018 Please be

Exam Monday, July 26, 2010, 10-12 90 Minutes Same room: 01.11.018 Please be

Exam Monday, July 26, 2010, 10-12 90 Minutes Same room: 01.11.018 Please be about 10 minutes early! Open book We try to be quick and give you access to your exams about a week later. Please check the web site for

633 views • 24 slides
Structuring and potentially formalising (Assurance) Case Arguments Tim Kelly

Structuring and potentially formalising (Assurance) Case Arguments Tim Kelly

Structuring and potentially formalising (Assurance) Case Arguments Tim Kelly tim.kelly@york.ac.uk Overview Safety Cases and Safety Arguments Structured (but Informal) Arguments Considerations in Formalisation Structured

586 views • 27 slides
efficient dependability analysis Fumio Machida University of Tsukuba April 8, 2019 In the 2nd

efficient dependability analysis Fumio Machida University of Tsukuba April 8, 2019 In the 2nd

Practices in model component reuse for efficient dependability analysis Fumio Machida University of Tsukuba April 8, 2019 In the 2nd Workshop on Education and Practice of Performance Engineering Outline Dependability analysis in practice

515 views • 26 slides
Quality Risk Management An Introduction Steve Slater Director, TRAQuE www.traqueasia.com

Quality Risk Management An Introduction Steve Slater Director, TRAQuE www.traqueasia.com

Quality Risk Management An Introduction Steve Slater Director, TRAQuE www.traqueasia.com Objective of this presentation Understand concept and the process Understand how and where to apply QRM 2 www.traqueasia.com Risk

1.08k views • 58 slides
Workforce Perceptions: Workforce Perceptions: Employer Assessment of the Employer Assessment of

Workforce Perceptions: Workforce Perceptions: Employer Assessment of the Employer Assessment of

Workforce Perceptions: Workforce Perceptions: Employer Assessment of the Employer Assessment of the Workforce in a Mississippi Delta Workforce in a Mississippi Delta County County

468 views • 23 slides
Requirements for a CCID for Interactive Media no draft (yet) Tom Phelan tphelan@sonusnet.com

Requirements for a CCID for Interactive Media no draft (yet) Tom Phelan tphelan@sonusnet.com

Requirements for a CCID for Interactive Media no draft (yet) Tom Phelan tphelan@sonusnet.com http://www.phelan-4.com/dccp/IETF-64-media-CCID.ppt 10-Nov-2005 DCCP IETF-64 1 CCID for Interactive Media History Group has interest in

490 views • 12 slides
Working Group 2: Performance Degradation, Cure, Beamline Quality Hiroshi Sakai (KEK/DESY), Bob

Working Group 2: Performance Degradation, Cure, Beamline Quality Hiroshi Sakai (KEK/DESY), Bob

Working Group 2: Performance Degradation, Cure, Beamline Quality Hiroshi Sakai (KEK/DESY), Bob Laxdal (TRIUMF), Axel Matheisen (DESY) The general aim of WG2 to gather and analyze the recorded degradations (or improvements) between vertical cavity

586 views • 25 slides

More recommend