11,861 research outputs found
ScaRR: Scalable Runtime Remote Attestation for Complex Systems
The introduction of remote attestation (RA) schemes has allowed academia and
industry to enhance the security of their systems. The commercial products
currently available enable only the validation of static properties, such as
applications fingerprint, and do not handle runtime properties, such as
control-flow correctness. This limitation pushed researchers towards the
identification of new approaches, called runtime RA. However, those mainly work
on embedded devices, which share very few common features with complex systems,
such as virtual machines in a cloud. A naive deployment of runtime RA schemes
for embedded devices on complex systems faces scalability problems, such as the
representation of complex control-flows or slow verification phase.
In this work, we present ScaRR: the first Scalable Runtime Remote attestation
schema for complex systems. Thanks to its novel control-flow model, ScaRR
enables the deployment of runtime RA on any application regardless of its
complexity, by also achieving good performance. We implemented ScaRR and tested
it on the benchmark suite SPEC CPU 2017. We show that ScaRR can validate on
average 2M control-flow events per second, definitely outperforming existing
solutions.Comment: 14 page
Device-Centric Monitoring for Mobile Device Management
The ubiquity of computing devices has led to an increased need to ensure not
only that the applications deployed on them are correct with respect to their
specifications, but also that the devices are used in an appropriate manner,
especially in situations where the device is provided by a party other than the
actual user. Much work which has been done on runtime verification for mobile
devices and operating systems is mostly application-centric, resulting in
global, device-centric properties (e.g. the user may not send more than 100
messages per day across all applications) being difficult or impossible to
verify. In this paper we present a device-centric approach to runtime verify
the device behaviour against a device policy with the different applications
acting as independent components contributing to the overall behaviour of the
device. We also present an implementation for Android devices, and evaluate it
on a number of device-centric policies, reporting the empirical results
obtained.Comment: In Proceedings FESCA 2016, arXiv:1603.0837
Using Taint Analysis and Reinforcement Learning (TARL) to Repair Autonomous Robot Software
It is important to be able to establish formal performance bounds for
autonomous systems. However, formal verification techniques require a model of
the environment in which the system operates; a challenge for autonomous
systems, especially those expected to operate over longer timescales. This
paper describes work in progress to automate the monitor and repair of
ROS-based autonomous robot software written for an a-priori partially known and
possibly incorrect environment model. A taint analysis method is used to
automatically extract the data-flow sequence from input topic to publish topic,
and instrument that code. A unique reinforcement learning approximation of MDP
utility is calculated, an empirical and non-invasive characterization of the
inherent objectives of the software designers. By comparing off-line (a-priori)
utility with on-line (deployed system) utility, we show, using a small but real
ROS example, that it's possible to monitor a performance criterion and relate
violations of the criterion to parts of the software. The software is then
patched using automated software repair techniques and evaluated against the
original off-line utility.Comment: IEEE Workshop on Assured IEEE Workshop on Assured Autonomous Systems,
May, 202
- …