Abstract
The availability of techniques for dependability specification and analysis is essential for the design and the implementation of trustworthy software architectures. Today’s software architectures are usually designed following the principle of component-based software engineering, they are open and networked, and dependable software architectures are required to be both secure and fault-tolerant. Traditional methods of dependability analysis of software architectures must evolve as well to keep on supporting the software engineering practice. This step is not straightforward. Methods and tools for the specification and analysis of fault-tolerance are usually independent from those available in security, while a unified approach would reinforce proving the overall systems’ trustworthiness. This paper demonstrates that, in certain cases, a uniform approach between fault-tolerance and security is possible. We propose to check dependability properties against an unspecified environment that plays the same role as a malicious intruder in security. Then, we show how two security analysis techniques, related to partial model checking and to generalized non-interference, can be applied to verify a family of fault-tolerance properties. A running example illustrates the applicability of the proposed approaches.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Andersen, H.R.: Verification of Temporal Properties of Concurrent Systems. PhD thesis, Department of Computer Science, Aarhus University, Denmark (1993)
Andersen, H.R.: Partial model checking (extended abstract). In: Proc. of 10th Annual IEEE Symposium on Logic in Computer Science, San Diego, California, USA, 26-29 June 1995, pp. 398–407. IEEE Computer Society Press, Los Alamitos (1995)
Andersen, H.R., Lind-Nielsen, J.: Partial model checking of modal equations: A survey. Software Tools for Technology Transfer 2(3), 242–259 (1999)
Bernardeschi, C., Fantechi, A., Gnesi, S.: Model checking fault tolerant systems. Software Testing, Verification and Reliability 12, 1–25 (2002)
Bernardeschi, C., Fantechi, A., Simoncini, L.: Formally verifying fault tolerant system designs. The Computer Journal 3(43), 191–205 (2000)
Bhat, G., Cleaveland, R.: Efficient model checking via the equational μ-calculus. In: Proc., 11th Annual IEEE Symposium on Logic in Computer Science, New Brunswick, NJ, USA, July 27-30, pp. 304–312. IEEE Computer Society Press, Los Alamitos (1996)
Bondarev, E.R.V., Chaudron, M.R.V., de With, P.H.N.: Carat: a toolkit for design and performance analysis of component-based embedded systems. In: Proc. of Design, Automation, and Test in Europe (DATE), Nice, France, April 21, pp. 1024–1029 (2007)
Bradfield, J., Stirling, C.: Handbook of Process Algebra, chapter Modal Logics and μ-calculi: an introduction, pp. 293–332. Elsevier, North-Holland (2001)
Cachin, C., Poritz, J.A.: Secure intrusion-tolerant replication on the internet. In: Proc. of the Int. Conf. on Dependable Systems and Networks (DSN 2002), Bethesda, MD, USA, June 23-26, pp. 167–176. IEEE Computer Society, Los Alamitos (2002)
Chevochot, P., Puaut, I.: Experimental evaluation of the fail-silent behavior of a distributed real-time run-time support built from COTS components. In: Proc. of the Int. Conference on Dependable Systems and Networks (DSN 2001), Göteborg, Sweden, July 1-4, pp. 304–313. IEEE Computer Society, Los Alamitos (2001)
Clark, J.A., Pradhan, D.K.: Fault injection: a method for validating computer-systemdependability. Computer 28(6), 47–56 (1995)
Clarke, E.M., Emerson, E.A., Sistla, A.P.: Automatic Verification of Finite-State Concurrent Systems Using Temporal Logic Specification. ACM Transaction on Programming Languages and Systems 8(2), 244–263 (1986)
Cleaveland, R., Parrow, J., Steffen, B.: The concurrency workbench: A semantics-based tool for the verification of concurrent systems. ACM Transactions on Programming Languages and Systems 15(1), 36–72 (1993)
Daidone, A., Chiaradonna, S., Bondavalli, A.P., Veríssimo: Analysis of a redundant architecture for critical infrastructure protection. In: Architecting Dependable Systems V, pp. 78–100 (2008)
Dam, M.: CTL* and ECTL* as fragments of modal μ-calculus. Theoretical Computer Science 126(1), 77–96 (1994)
Durante, A., Focardi, R., Gorrieri, R.: CVS: A compiler for the analysis of cryptographic protocols. In: Proc. of the 12th IEEE Computer Security Foundations Workshop (CSFW 1999), Mordano, Italy, June 28-30, pp. 203–212. IEEE Computer Society, Los Alamitos (1999)
Durante, A., Focardi, R., Gorrieri, R.: A compiler for analyzing cryptographic protocols using noninterference. ACM Trans. Softw. Eng. Methodol. 9(4), 488–528 (2000)
Durante, A., Di Pietro, R., Mancini, L.V.: Formal specification for fast automatic IDS training. In: Abdallah, A.E., Ryan, P.Y.A., Schneider, S. (eds.) FASec 2002. LNCS, vol. 2629, pp. 191–204. Springer, Heidelberg (2002)
Emerson, E.A., Lei, C.L.: Efficient model checking in fragments of the propositional mu-calculus (extended abstract). In: Proc. of the 1st IEEE Symposium on Logic in Computer Science, Cambridge, MA, USA, June 16-18, pp. 267–278. IEEE Computer Society Press, Los Alamitos (1986)
Focardi, R., Gorrieri, R.: A taxonomy of security properties for ccs. In: Proc. 7th IEEE Computer Security Foundations Workshop (CSFW), Franconia, NH, USA, June 14-16, 1994, pp. 126–136. IEEE Computer Society, Los Alamitos (1994)
Focardi, R., Gorrieri, R.: The compositional security checker: A tool for the verification of information flow security properties. IEEE Trans. Software Eng. 23(9), 550–571 (1997)
Focardi, R., Gorrieri, R.: Classification of Security Properties - Part I: Information Flow. In: Focardi, R., Gorrieri, R. (eds.) FOSAD 2000. LNCS, vol. 2171, pp. 331–396. Springer, Heidelberg (2001)
Focardi, R., Gorrieri, R., Martinelli, F.: Classification of Security Properties - Part II: Network Security. In: Focardi, R., Gorrieri, R. (eds.) FOSAD 2001. LNCS, vol. 2946, pp. 139–185. Springer, Heidelberg (2004)
Focardi, R., Martinelli, F.: A Uniform Approch for the Definition of Security Properties. In: Wing, J.M., Woodcock, J.C.P., Davies, J. (eds.) FM 1999. LNCS, vol. 1708, pp. 794–813. Springer, Heidelberg (1999)
Foley, S.N.: External consistency and the verification of security protocols. In: Christianson, B., Crispo, B., Harbison, W.S., Roe, M. (eds.) Security Protocols 1998. LNCS, vol. 1550, pp. 28–33. Springer, Heidelberg (1998)
Foley, S.N.: A non-functional approach to systems integrity. IEEE Journal on Selected Areas in Communications 21(1), 36–43 (2003)
Gärtner, F.C., Kloppenburg, S.: Consistent detection of global predicates under a weak fault assumption. In: Proc. of the 19th IEEE Symposium on Reliable Distributed Systems (SRDS 2000), Osaka, Japan, 13-16 October 2002, pp. 94–103. IEEE Computer Society, Los Alamitos (2000)
Giannakopoulou, D., Pasareanu, C.S., Barringer, H.: Assumption generation for software component verification. In: Proc. of the 17th IEEE International Conference on Automated Software Engineering (ASE 2002), Edinburgh, Scotland, UK, September 23-27, pp. 3–12. IEEE Computer Society, Los Alamitos (2002)
Gnesi, S., Lenzini, G., Martinelli, F.: Applying generalized non deducibility on compositions (gndc) approach in dependability. ENTCS 99, 111–126 (2004)
Gnesi, S., Lenzini, G., Martinelli, F.: Logical specification and analysis of fault tolerant systems through partial model checking. ENTCS 118, 57–70 (2005)
Goguen, J.A., Meseguer, J.: Security policies and security models. In: Proceedings of the IEEE Symposium on Research in Security and Privacy, pp. 11–20. IEEE Computer Society Press, Los Alamitos (1982)
Hoare, C.A.R.: Communicating Sequential Processes. Prentice-Hall, Englewood Cliffs (1985)
Inverardi, P., Tivoli, M.: Software architecture for correct components assembly. In: Bernardo, M., Inverardi, P. (eds.) SFM 2003. LNCS, vol. 2804, pp. 92–121. Springer, Heidelberg (2003)
Janin, D., Walukiewicz, I.: Automata for the modal μ-calculus and related results. In: Wiedermann, J., Hájek, P. (eds.) MFCS 1995. LNCS, vol. 969. Springer, Heidelberg (1995)
Jonsson, E.: An integrated framework for security and dependability. In: Proc. of the New Security Paradigms Workshop, Charlotteville, VA, USA (September 1995)
Jonsson, E.: Towards an integrated conceptual model of security and dependability. In: Proc. of the 1st Int. Conference on Availability, Reliability and Security, Vienna, Austria, April 20-22, pp. 646–653. IEEE Computer Society, Los Alamitos (2006)
Jonsson, E., Stromberg, L., Lindskog, S.: On the functional relation between security and dependability impairments. In: Proc. of the New Security Paradigms Workshop, Ontario, Canada (1999)
Kozen, D.: Results on the propositional μ−calculus. Theoretical Computer Science 27(3), 333–354 (1983)
Kupferman, O., Vardi, M.Y.: Module checking. In: Alur, R., Henzinger, T.A. (eds.) CAV 1996. LNCS, vol. 1102, pp. 75–86. Springer, Heidelberg (1996)
Lamport, L.: Proving the correctness of multiprocess programs. IEEE Transactions of Software Engineering 7(21), 125–143 (1977)
Lenzini, G.: Integration Techniques in Security and Fault Tolerance. PhD thesis, Univ. Twente (2005)
Lenzini, G., Tokmakoff, A., Muskens, J.: Managing trustworthiness in component-based embedded systems. ENTCS 179, 143–155 (2007)
Lind-Nielsen, J.: Mudiv: A program performing partial model checking. Master’s thesis, Department of Information Technology, Technical University of Denmark (September 1996)
Martinelli, F.: Formal Methods for the Analysis of Open Systems with Applications to Security Properties. PhD thesis, Univ. of Siena (December 1998)
Martinelli, F.: Partial Model Checking and Theorem Proving for Ensuring Security Properties. In: Proc. of the 11th IEEE Computer Security Foundations Workshop (CSFW 1998), Rockport, MA, USA, June 9-11, 1998, pp. 44–52. IEEE Computer Society Press, Los Alamitos (1998)
Martinelli, F.: Analysis of Security Protocols as Open Systems. Theoretical Computer Science 290(1), 1057–1106 (2003)
Meadows, C., McLean, J.: Security and dependability: Then and now. In: Proc. of Computer Security, Fault Tolerance, and Software Assurance: From Needs to Solutions - Workshop on Computer Security, Dependability, and Assurance, Williamsburg, VA, USA, November 1998, pp. 166–170. IEEE Computer Society, Los Alamitos (1999)
Meadows, C.A.: Applying the dependability paradigm to computer security. In: Proc. of the 1995 workshop on New Security Paradigms, La Jolla, CA, USA, pp. 75–79. IEEE Computer Society, Los Alamitos (1995)
Mei-Chen, H., Tsai, T.K., Iyer, R.K.: Fault injection techniques and tools. Computer 30(4), 75–82 (1997)
Milner, R.: Communication and Concurrency. International Series in Computer Science. Prentice Hall, Englewood Cliffs (1989)
Muskens, J., Chaudron, M.: Integrity management in component based systems. In: Proc. of the 30th EUROMICRO Conference, Rennes, France, September 1-3, 2004, pp. 611–619. IEEE Computer Society Press, Los Alamitos (2004)
De Nicola, R., Fantechi, A., Gnesi, S., Ristori, G.: An action-based framework for verifying logical and behavioural properties of concurrent systems. Computer Networks and ISDN Systems 25(7), 761–778 (1993)
De Nicola, R., Vaandrager, F.W.: Three logics for branching bisimulation. J. ACM 42(2), 458–487 (1995)
Ramasamy, H.V., Pandey, P., Cukier, M., Sanders, H.: Experiences with building an intrusion-tolerant group communication system. Softw. Pract. Exper. 6(38), 639–666 (2008)
Roscoe, A.W.: Model-checking CSP. Prentice Hall International (UK) Ltd., Englewood Cliffs (1994)
Serrano, D., Maña, A., Sotirious, A.D.: Towards security patterns. In: Proc. of the 2008 19th International Conference on Database and Expert Systems Application, pp. 287–291. IEEE Computer Society, Los Alamitos (2008)
Simpson, A., Woodcock, J., Davis, J.: Safety through security. In: Proc. of the 9th Int. Workshop on Software Specification and Design, Ise-Shima (Isobe), Japan, April 16-18, 1998, pp. 18–23. IEEE Computer Society, Los Alamitos (1998)
Stavridou, V., Dutertre, B.: From security to safety and back. In: Proc. of Computer Security, Fault Tolerance, and Software Assurance: From Needs to Solutions - Workshop II, Williamsburg, VA, November 11-13 (1998)
Stavridou, V., Riemenschneider, R.A.: Provably dependable software architectures. In: Proc. of the 3rd Int. Workshop on Software Architecture, Orlando, FL, USA, pp. 133–136. ACM, New York (1998)
Su, R., Chaudron, M.R.V.: Self-adjusting component-based fault management. In: EUROMICRO Conference, pp. 118–125 (2006)
Su, R., Chaudron, M.R.V., Lukkien, J.J.: Adaptive runtime fault management for service instances in component-based software applications. IET Software 1(1), 18–28 (2007)
Majumdar, R., Henzinger, T.A., Kupferman, O.: On the universal and existential fragments of the μ-calculus. In: Garavel, H., Hatcliff, J. (eds.) TACAS 2003. LNCS, vol. 2619, pp. 49–64. Springer, Heidelberg (2003)
Tanenbaum, A.S., van Steen, M.: Distributed Systems: Principles and Paradigms. In: Fault Tolerance ch.7. Prentice Hall, Englewood Cliffs (2002)
Veríssimo, P., Neves, N.F., Correia, M., Deswarte, Y., Bondavalli, A., Kalam, A.A., Daidone, A.: The CRUTIAL architecture for critical information infrastructures. In: Architecting Dependable Systems V, pp. 1–27 (2008)
Veríssimo, P., Neves, N.F., Correira, M.: The CRUTIAL reference critical information infrastructure architecture: a blueprint. Int. J. System of Systems Engineering 1(1:2), 78–95 (2008)
Weber, D.G.: Formal specification of fault tolerance and its relation to computer security. In: Proc. of the 5th Int. Workshop on Software Specification and Design, pp. 273–277. ACM, New York (1989)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Lenzini, G., Martinelli, F., Matteucci, I., Gnesi, S. (2009). A Uniform Approach to Security and Fault-Tolerance Specification and Analysis. In: de Lemos, R., Fabre, JC., Gacek, C., Gadducci, F., ter Beek, M. (eds) Architecting Dependable Systems VI. Lecture Notes in Computer Science, vol 5835. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-10248-6_8
Download citation
DOI: https://doi.org/10.1007/978-3-642-10248-6_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-10247-9
Online ISBN: 978-3-642-10248-6
eBook Packages: Computer ScienceComputer Science (R0)