Towards a Self-Forensics Property in the ASSL Toolset

This preliminary conceptual work discusses a notion of self-forensics as an autonomic property to augment the Autonomic System Specification Language (ASSL) framework of formal specification tools for autonomic systems. The core of the proposed methodology leverages existing designs, theoretical results, and implementing systems to enable rapid completion of and validation of the experiments and their the results initiated in this work. Specifically, we leverage the ASSL toolkit to add the self-forensics autonomic property (SFAP) to enable generation of the Java-based Object-Oriented Intensional Programming (JOOIP) language code laced with traces of Forensic Lucid to encode contextual forensic evidence and other expressions

Proceedings of the First NASA Formal Methods Symposium

Topics covered include: Model Checking - My 27-Year Quest to Overcome the State Explosion Problem; Applying Formal Methods to NASA Projects: Transition from Research to Practice; TLA+: Whence, Wherefore, and Whither; Formal Methods Applications in Air Transportation; Theorem Proving in Intel Hardware Design; Building a Formal Model of a Human-Interactive System: Insights into the Integration of Formal Methods and Human Factors Engineering; Model Checking for Autonomic Systems Specified with ASSL; A Game-Theoretic Approach to Branching Time Abstract-Check-Refine Process; Software Model Checking Without Source Code; Generalized Abstract Symbolic Summaries; A Comparative Study of Randomized Constraint Solvers for Random-Symbolic Testing; Component-Oriented Behavior Extraction for Autonomic System Design; Automated Verification of Design Patterns with LePUS3; A Module Language for Typing by Contracts; From Goal-Oriented Requirements to Event-B Specifications; Introduction of Virtualization Technology to Multi-Process Model Checking; Comparing Techniques for Certified Static Analysis; Towards a Framework for Generating Tests to Satisfy Complex Code Coverage in Java Pathfinder; jFuzz: A Concolic Whitebox Fuzzer for Java; Machine-Checkable Timed CSP; Stochastic Formal Correctness of Numerical Algorithms; Deductive Verification of Cryptographic Software; Coloured Petri Net Refinement Specification and Correctness Proof with Coq; Modeling Guidelines for Code Generation in the Railway Signaling Context; Tactical Synthesis Of Efficient Global Search Algorithms; Towards Co-Engineering Communicating Autonomous Cyber-Physical Systems; and Formal Methods for Automated Diagnosis of Autosub 6000

Intensional Cyberforensics

This work focuses on the application of intensional logic to cyberforensic analysis and its benefits and difficulties are compared with the finite-state-automata approach. This work extends the use of the intensional programming paradigm to the modeling and implementation of a cyberforensics investigation process with backtracing of event reconstruction, in which evidence is modeled by multidimensional hierarchical contexts, and proofs or disproofs of claims are undertaken in an eductive manner of evaluation. This approach is a practical, context-aware improvement over the finite state automata (FSA) approach we have seen in previous work. As a base implementation language model, we use in this approach a new dialect of the Lucid programming language, called Forensic Lucid, and we focus on defining hierarchical contexts based on intensional logic for the distributed evaluation of cyberforensic expressions. We also augment the work with credibility factors surrounding digital evidence and witness accounts, which have not been previously modeled. The Forensic Lucid programming language, used for this intensional cyberforensic analysis, formally presented through its syntax and operational semantics. In large part, the language is based on its predecessor and codecessor Lucid dialects, such as GIPL, Indexical Lucid, Lucx, Objective Lucid, and JOOIP bound by the underlying intensional programming paradigm.Comment: 412 pages, 94 figures, 18 tables, 19 algorithms and listings; PhD thesis; v2 corrects some typos and refs; also available on Spectrum at http://spectrum.library.concordia.ca/977460

Adaptive security

Automated runtime security adaptation has great potential in providing timely and fine grained security control. In this thesis we study the practical utility of a runtime security-performance trade off for the pervasive Secure Socket Layer (SSL/TLS) protocol. To that end we address a number of research challenges. We develop an Adaptive Security methodology to extend non-adaptive legacy security systems with adaptive features. We also create a design of such an extended system to support the methodology. The design aids in identifying additional key components necessary for the creation of an adaptive security system. We furthermore apply our methodology to the Secure Socket Layer (SSL) protocol to create a design and implementation of a practical Adaptive SSL (ASSL) solution that supports runtime security adaptation in response to cross-cutting environmental concerns. The solution effectively adapts security at runtime, only reducing maximum server load by 15% or more depending on adaptation decision complexity. Next we address the security-performance trade off research challenge. Following our methodology we conduct an offline study of factors affecting server performance when security is adapted. These insights allow for the creation of policies that can trade off security and performance by taking into account the expected future state of the system under adaptation. In so doing we found that client SSL session duration, requested file size and current security algorithm play roles predicting future system state. Notably, performance deviation is smaller when sessions are longer and files are smaller and vice versa. A complete Adaptive Security solution which successfully demonstrates our methodology is implemented with trade-off policies and ASSL as key components. We show that the solution effectively utilises available processing resources to increase security whilst still respecting performance guarantees.EThOS - Electronic Theses Online ServiceGBUnited Kingdo

MVICS: a repository and search tool towards holistic semantic-based precise component selection.

Driven by the continuous expansions of software applications and the increases in component varieties and sizes, the so-called component mismatch problem has become a more severe hurdle for component selection and integration. Although many component repositories and search tools have been proposed, so far there is no satisfactory solution which simultaneously achieves the following goals: automated, semantic-based, and precise. This paper presents a novel component repository and associated search tool which implements holistic semantic-based and adaptation-aware component specification and retrieval. The repository and tool is based on a Multiple-View and Interrelated Component Specification ontology model (MVICS), which has a smooth integration with domain related software system ontologies. The MVICS provides a formally defined and ontology-based architecture to specify components automatically in a spectrum of perspectives. The integration enhances the function and application scope of the MVICS model by bringing domain semantics into component specification and retrieval. The repository and search tool contributes to the current state of the art with four unique features: ontology-based component specification mechanism, semantic-based component retrieval method, adaptive component matching, and a comprehensive result component profile. The repository and tool has been widely tested and evaluated via its online version and follow-on survey reports, which concluded that they are effective for avoiding the component mismatch problem and is promising for industrial use

A holistic semantic based approach to component specification and retrieval

Component-Based Development (CBD) has been broadly used in software development as it enhances the productivity and reduces the costs and risks involved in systems development. It has become a well-understood and widely used technology for developing not only large enterprise applications, but also a whole spectrum of software applications, as it offers fast and flexible development. However, driven by the continuous expansions of software applications, the increase in component varieties and sizes and the evolution from local to global component repositories, the so-called component mismatch problem has become an even more severe hurdle for component specification and retrieval. This problem not only prevents CBD from reaching its full potential, but also hinders the acceptance of many existing component repository. To overcome the above problem, existing approaches engaged a variety of technologies to support better component specification and retrieval. The existing approaches range from the early syntax-based (traditional) approaches to the recent semantic-based approaches. Although the different technologies are proposed to achieve accurate description of the component specification and/or user query in their specification and retrieval, the existing semantic-based approaches still fail to achieve the following goals which are desired for present component reuse: precise, automated, semantic-based and domain capable. This thesis proposes an approach, namely MVICS-based approach, aimed at achieving holistic, semantic-based and adaptation-aware component specification and retrieval. As the foundation, a Multiple-Viewed and Interrelated Component Specification ontology model (MVICS) is first developed for component specification and repository building. The MVICS model provides an ontology-based architecture to specify components from a range of perspectives; it integrates the knowledge of Component-Based Software Engineering (CBSE), and supports ontology evolution to reflect the continuous developments in CBD and components. A formal definition of the MVICS model is presented, which ensures the rigorousness of the model and supports the high level of automation of the retrieval. Furthermore, the MVICS model has a smooth mechanism to integrate with domain related software system ontology. Such integration enhances the function and application scope of the MVICS model by bringing more domain semantics into component specification and retrieval. Another improved feature of the proposed approach is that the effect of possible component adaptation is extended to the related components. Finally a comprehensive profile of the result components shows the search results to the user from a summary to satisfied and unsatisfied discrepancy details. The above features of the approach are well integrated, which enables a holistic view in semantic-based component specification and retrieval. A prototype tool was developed to exert the power of the MVICS model in expressing semantics and process automation in component specification and retrieval. The tool implements the complete process of component search. Three case studies have been undertaken to illustrate and evaluate the usability and correctness of the approach, in terms of supporting accurate component specification and retrieval, seamless linkage with a domain ontology, adaptive component suggestion and comprehensive result component profile. A conclusion is drawn based on an analysis of the feedback from the case studies, which shows that the proposed approach can be deployed in real life industrial development. The benefits of MVICS include not only the improvement of the component search precision and recall, reducing the development time and the repository maintenance effort, but also the decrease of human intervention on CBD.EThOS - Electronic Theses Online ServiceGBUnited Kingdo

MVICS: a repository and search tool towards holistic semantic-based precise component selection.

Driven by the continuous expansions of software applications and the increases in component varieties and sizes, the so-called component mismatch problem has become a more severe hurdle for component selection and integration. Although many component repositories and search tools have been proposed, so far there is no satisfactory solution which simultaneously achieves the following goals: automated, semantic-based, and precise. This paper presents a novel component repository and associated search tool which implements holistic semantic-based and adaptation-aware component specification and retrieval. The repository and tool is based on a Multiple-View and Interrelated Component Specification ontology model (MVICS), which has a smooth integration with domain related software system ontologies. The MVICS provides a formally defined and ontology-based architecture to specify components automatically in a spectrum of perspectives. The integration enhances the function and application scope of the MVICS model by bringing domain semantics into component specification and retrieval. The repository and search tool contributes to the current state of the art with four unique features: ontology-based component specification mechanism, semantic-based component retrieval method, adaptive component matching, and a comprehensive result component profile. The repository and tool has been widely tested and evaluated via its online version and follow-on survey reports, which concluded that they are effective for avoiding the component mismatch problem and is promising for industrial use