Static and Dynamic Integrity Properties Patterns

Integrity is a crucial property in current computing systems. Due to natural or human-made (malicious and non-malicious) faults this property can be violated. Therefore, many methodologies and patterns that check or verify the integrity of systems or data have been introduced. However, integrity as a property cannot be identified directly. Existing methodologies tackle this problem by identifying other, computable, properties of the system and use a policy that describes how these properties reflect the integrity of the overall system. It is thus a critical task to select the right properties that reflect the integrity of a system in such a way that given integrity requirements are met. To ease this process, we introduce two new patterns, Static Integrity Properties and Dynamic Integrity Properties to classify the properties. Static Integrity Properties are used to ensure the integrity of a component prior it's use (e.g., the integrity of an executable binary), while Dynamic Integrity Properties are used to ensure the integrity of a component during run-time (e.g., properties that reflect the component's behavior or state transitions). Based on an exemplary embedded control system, we show typical use cases to help the system or software architect to choose the right class of integrity properties for the targeted system.