Elsevier

Science of Computer Programming

Volume 160, 1 August 2018, Pages 93-114
Science of Computer Programming

A theory of integrating tamper evidence with stabilization

https://doi.org/10.1016/j.scico.2017.03.001Get rights and content
Under an Elsevier user license
open archive

Highlights

  • We define the notion of tamper-evident stabilization and compare it with the other types of stabilization.

  • We define flexible tamper-evident stabilizing systems.

  • We present some theorems and their proofs for composing tamper-evident stabilizing systems.

  • We discuss whether the same theorems hold for flexible tamper-evident stabilization.

  • We discuss how the methods for designing stabilizing programs can be reused for the new systems.

Abstract

We propose the notions of tamper-evident stabilization and flexible tamper-evident stabilization – that combine stabilization with the concept of tamper evidence – for computing systems. On the first glance, these notions are contradictory; stabilization requires that eventually the system functionality is fully restored whereas tamper evidence requires that the system functionality is permanently degraded in the event of tampering. Tamper-evident stabilization and flexible tamper-evident stabilization capture the intuition that the system will tolerate perturbations upto a limit. In the event that it is perturbed beyond that limit, it will exhibit permanent evidence of tampering, where it may provide reduced (possibly none) functionality. We compare tamper-evident stabilization with (conventional) stabilization and with active stabilization and propose two approaches to verify tamper-evident and flexible tamper-evident stabilizing programs in polynomial time in the size of state space. We demonstrate tamper-evident stabilization with two examples and point out some of its potential applications. We also demonstrate how approaches for designing stabilization can be used to design tamper-evident and flexible tamper-evident stabilizations. Finally, we study issues of composition in tamper-evident and flexible tamper-evident stabilizations and discuss how tamper-evident stabilization can effectively be used to provide tradeoff between fault-prevention and fault tolerance.

Keywords

Self-stabilization
Reactive systems
Adversary
Formal methods

Cited by (0)