Probabilistic validation of computer system survivability

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

There is a growing need for systems whose survivability in a specified use and/or attack environment can be assured with confidence. Many techniques have been proposed to validate individual components (e.g., formal methods) or a system as a whole (e.g., red teaming). However, no single technique can provide the breadth of evidence needed to validate a system with respect to high-level survivability requirements. To accomplish this, we propose an integrated validation procedure (IVP) that begins with the formulation of a specific survivability requirement R and determines whether a system is valid with respect to R. The IVP employs a top-down approach that methodically breaks the task of validation into manageable tasks, and for each task, applies techniques best suited to its accomplishment. These efforts can be largely independent, and the results, which complement and supplement each other, are integrated to provide a convincing assurance argument. We then illustrate the IVP by applying it to an intrusion-tolerant information system being developed by the U.S. Department of Defense. In addition to validating the system against high-level survivability requirements, we demonstrate the use of model-based validation techniques, as a part of the overall validation procedure, to guide the system's design by exploring different configurations and evaluating tradeoffs.

Original languageEnglish (US)
Title of host publicationDependable Computing - Second Latin-American Symposium, LADC 2005, Proceedings
Number of pages1
DOIs
StatePublished - Dec 1 2005
Event2nd Latin-American Symposium on Dependable Computing, LADC 2005 - Salvador, Brazil
Duration: Oct 25 2005Oct 28 2005

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume3747 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other2nd Latin-American Symposium on Dependable Computing, LADC 2005
CountryBrazil
CitySalvador
Period10/25/0510/28/05

    Fingerprint

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Sanders, W. H. (2005). Probabilistic validation of computer system survivability. In Dependable Computing - Second Latin-American Symposium, LADC 2005, Proceedings (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 3747 LNCS). https://doi.org/10.1007/11572329_1