On Systematic Design of Protectors for Employing OTS Items

Off-the-shelf (OTS) components are increasingly used in application areas with stringent dependability requirements. Component wrapping is a well known structuring technique used in many areas. We propose a general approach to developing protective wrappers that assist in integrating OTS items with a focus on the overall system dependability. The wrappers are viewed as redundant software used to detect errors or suspicious activity and to execute appropriate recovery when possible; wrapper development is considered as a part of system integration activities. Wrappers are to be rigorously specified and executed at run time as a means of protecting OTS items against faults in the rest of the system, and the system against the OTS item's faults. Possible symptoms of erroneous behaviour to be detected by a protective wrapper and possible actions to be undertaken in response are listed and discussed. The information required for wrapper development is provided by traceability analysis. Possible approaches to implementing “protectors” in the standard current component technologies are briefly outline

50 years of isolation

The traditional means for isolating applications from each other is via the use of operating system provided “process” abstraction facilities. However, as applications now consist of multiple fine-grained components, the traditional process abstraction model is proving to be insufficient in ensuring this isolation. Statistics indicate that a high percentage of software failure occurs due to propagation of component failures. These observations are further bolstered by the attempts by modern Internet browser application developers, for example, to adopt multi-process architectures in order to increase robustness. Therefore, a fresh look at the available options for isolating program components is necessary and this paper provides an overview of previous and current research on the area

GPU devices for safety-critical systems: a survey

Graphics Processing Unit (GPU) devices and their associated software programming languages and frameworks can deliver the computing performance required to facilitate the development of next-generation high-performance safety-critical systems such as autonomous driving systems. However, the integration of complex, parallel, and computationally demanding software functions with different safety-criticality levels on GPU devices with shared hardware resources contributes to several safety certification challenges. This survey categorizes and provides an overview of research contributions that address GPU devices’ random hardware failures, systematic failures, and independence of execution.This work has been partially supported by the European Research Council with Horizon 2020 (grant agreements No. 772773 and 871465), the Spanish Ministry of Science and Innovation under grant PID2019-107255GB, the HiPEAC Network of Excellence and the Basque Government under grant KK-2019-00035. The Spanish Ministry of Economy and Competitiveness has also partially supported Leonidas Kosmidis with a Juan de la Cierva Incorporación postdoctoral fellowship (FJCI-2020- 045931-I).Peer ReviewedPostprint (author's final draft

Efficiently Managing Security Concerns in Component Based System Design

Component-based software development (CBSD) offers many advantages like reduced product time to market, reduced complexity and cost etc. Despite these advantages its wide scale utilization in developing security critical systems is currently hampered because of lack, of suitable design techniques to efficiently manage the complete system security concerns in the development process. The use of commercial of the shelf (COTS) components can introduce various security and reliability risks in the system. In this paper we propose a methodology for efficient management of all the system security concerns involved in the design of component based systems. Our methodology is based on formally representing the system security specifications and component capabilities. We identify the metrics for correlating both and suggest extensions to a previously proposed software development process, for selection of suitable components and integration mechanisms. The proposed solution ensures due treatment of all the security concerns for the complete system in the acquisition efforts

Performance Testing of Distributed Component Architectures

Performance characteristics, such as response time, throughput andscalability, are key quality attributes of distributed applications. Current practice,however, rarely applies systematic techniques to evaluate performance characteristics.We argue that evaluation of performance is particularly crucial in early developmentstages, when important architectural choices are made. At first glance, thiscontradicts the use of testing techniques, which are usually applied towards the endof a project. In this chapter, we assume that many distributed systems are builtwith middleware technologies, such as the Java 2 Enterprise Edition (J2EE) or theCommon Object Request Broker Architecture (CORBA). These provide servicesand facilities whose implementations are available when architectures are defined.We also note that it is the middleware functionality, such as transaction and persistenceservices, remote communication primitives and threading policy primitives,that dominates distributed system performance. Drawing on these observations, thischapter presents a novel approach to performance testing of distributed applications.We propose to derive application-specific test cases from architecture designs so thatthe performance of a distributed application can be tested based on the middlewaresoftware at early stages of a development process. We report empirical results thatsupport the viability of the approach

Automated Instruction-Set Randomization for Web Applications in Diversified Redundant Systems

The use of diversity and redundancy in the security do-main is an interesting approach to prevent or detect intru-sions. Many researchers have proposed architectures based on those concepts where diversity is either natural or ar-tificial. These architectures are based on the architecture of N-version programming and were often instantiated for web servers without taking into account the web applica-tion(s) running on those. In this article, we present a solu-tion to protect the web applications running on this kind of architectures in order to detect and tolerate code injection intrusions. Our solution consists in creating diversity in the web application scripts by randomizing the language un-derstood by the interpreter so that an injected code can not be executed by all the servers. We also present the issues re-lated to the automatization of our solution and present some solutions to tackle these issues.

Model-Driven Development of Aspect-Oriented Software Architectures

The work presented in this thesis of master is an approach that takes advantage of the Model-Driven Development approach for developing aspect-oriented software architectures. A complete MDD support for the PRISMA approach is defined by providing code generation, verification and reusability properties.Pérez Benedí, J. (2007). Model-Driven Development of Aspect-Oriented Software Architectures. http://hdl.handle.net/10251/12451Archivo delegad