Redundancy with diversity-based software architectures for the detection and tolerance of cyber-attacks – State-of-the-Art

PDF

Authors
  1. Gherbi, A.
  2. Charpentier, R.
  3. Couture, M.
Corporate Authors
Defence R&D Canada - Valcartier, Valcartier QUE (CAN)
Abstract
Software systems security remains a critical issue. This is evidenced by the ever in-creasing number and sophistication of cyber-attacks. This situation is the result of the combination of several factors. The software-based functionality of these systems is increasingly complex. The systems are often connected through open networks such as the Internet, which is increasingly accessible to potentially malicious users. Finally, these systems run software which is substantially similar. This is called IT monoculture. The mitigation against this issue requires implementation of the principle of diversity. The principle of diversity aims to reduce the common vulnerability in software and, in turn, increase the difficulty of violating the security of the systems that use diversity. The objective of this document is to present the state of the art in terms of approaches which use diversity for security purposes. Three different approaches can be distinguished: automated diversity, diversity-based behavior monitoring and diversity-based intrusion tolerance.

Il y a un résumé en français ici.

Keywords
Cyber Attack;Security;Software Architecture;Redundancy;Diversity;Tolerance;Survivability;Dependability
Report Number
DRDC-VALCARTIER-TM-2010-287 — Technical Memorandum
Date of publication
01 Feb 2012
Number of Pages
84
DSTKIM No
CA046425
CANDIS No
806871
Format(s):
Electronic Document(PDF)

Permanent link

Document 1 of 1

Date modified: