Resilience Requirements, Design, and Testing - April 2016

Submitted by drwright on Thu, 03/10/2016 - 12:20pm

Public Audience
PI(s): Kevin Sullivan, Mladen Vouk, Ehab Al-Shaer
Researchers: Gaith Husari and Mohamed Alsaleh (UNCC), Anoosha Vangaveeti (NCSU), Chong Tang (UVA)

HARD PROBLEM(S) ADDRESSED

Characterization of attack-resiliency of software based systems needs to be done from its very inception because without such characterization attack resiliency is not properly testable or implementable.

Resilient Architectures - vulnerability avoidance, evaluation and tolerance strategies and architectures.
Security Metrics and Models - development of metrics and models for static and dynamic assessment of resilience of software.

PUBLICATIONS

ACCOMPLISHMENT HIGHLIGHTS

In the context of our work of resilient system verification, we developed a simple language to model attacks, specifically DDoS and Worms propagation attacks. Since there are many different scenarios for these attacks, it is important to define a language that the users can use to define the attack model to be used to verify resiliency. We are currently building tools to simulate these attacks.
In the context of our survey of resiliency metrics, we have completed our survey and we are creating a framework and criteria to compare and contrast these metrics under different attack or failure models.

Groups:

NCSU Science of Security Lablet Research Initiative