13,729 research outputs found
Active Sampling-based Binary Verification of Dynamical Systems
Nonlinear, adaptive, or otherwise complex control techniques are increasingly
relied upon to ensure the safety of systems operating in uncertain
environments. However, the nonlinearity of the resulting closed-loop system
complicates verification that the system does in fact satisfy those
requirements at all possible operating conditions. While analytical proof-based
techniques and finite abstractions can be used to provably verify the
closed-loop system's response at different operating conditions, they often
produce conservative approximations due to restrictive assumptions and are
difficult to construct in many applications. In contrast, popular statistical
verification techniques relax the restrictions and instead rely upon
simulations to construct statistical or probabilistic guarantees. This work
presents a data-driven statistical verification procedure that instead
constructs statistical learning models from simulated training data to separate
the set of possible perturbations into "safe" and "unsafe" subsets. Binary
evaluations of closed-loop system requirement satisfaction at various
realizations of the uncertainties are obtained through temporal logic
robustness metrics, which are then used to construct predictive models of
requirement satisfaction over the full set of possible uncertainties. As the
accuracy of these predictive statistical models is inherently coupled to the
quality of the training data, an active learning algorithm selects additional
sample points in order to maximize the expected change in the data-driven model
and thus, indirectly, minimize the prediction error. Various case studies
demonstrate the closed-loop verification procedure and highlight improvements
in prediction error over both existing analytical and statistical verification
techniques.Comment: 23 page
Beyond the Hype: On Using Blockchains in Trust Management for Authentication
Trust Management (TM) systems for authentication are vital to the security of
online interactions, which are ubiquitous in our everyday lives. Various
systems, like the Web PKI (X.509) and PGP's Web of Trust are used to manage
trust in this setting. In recent years, blockchain technology has been
introduced as a panacea to our security problems, including that of
authentication, without sufficient reasoning, as to its merits.In this work, we
investigate the merits of using open distributed ledgers (ODLs), such as the
one implemented by blockchain technology, for securing TM systems for
authentication. We formally model such systems, and explore how blockchain can
help mitigate attacks against them. After formal argumentation, we conclude
that in the context of Trust Management for authentication, blockchain
technology, and ODLs in general, can offer considerable advantages compared to
previous approaches. Our analysis is, to the best of our knowledge, the first
to formally model and argue about the security of TM systems for
authentication, based on blockchain technology. To achieve this result, we
first provide an abstract model for TM systems for authentication. Then, we
show how this model can be conceptually encoded in a blockchain, by expressing
it as a series of state transitions. As a next step, we examine five prevalent
attacks on TM systems, and provide evidence that blockchain-based solutions can
be beneficial to the security of such systems, by mitigating, or completely
negating such attacks.Comment: A version of this paper was published in IEEE Trustcom.
http://ieeexplore.ieee.org/document/8029486
Secure Cloud-Edge Deployments, with Trust
Assessing the security level of IoT applications to be deployed to
heterogeneous Cloud-Edge infrastructures operated by different providers is a
non-trivial task. In this article, we present a methodology that permits to
express security requirements for IoT applications, as well as infrastructure
security capabilities, in a simple and declarative manner, and to automatically
obtain an explainable assessment of the security level of the possible
application deployments. The methodology also considers the impact of trust
relations among different stakeholders using or managing Cloud-Edge
infrastructures. A lifelike example is used to showcase the prototyped
implementation of the methodology
Validation of Ultrahigh Dependability for Software-Based Systems
Modern society depends on computers for a number of critical tasks in which failure can have very high costs. As a consequence, high levels of dependability (reliability, safety, etc.) are required from such computers, including their software. Whenever a quantitative approach to risk is adopted, these requirements must be stated in quantitative terms, and a rigorous demonstration of their being attained is necessary. For software used in the most critical roles, such demonstrations are not usually supplied. The fact is that the dependability requirements often lie near the limit of the current state of the art, or beyond, in terms not only of the ability to satisfy them, but also, and more often, of the ability to demonstrate that they are satisfied in the individual operational products (validation). We discuss reasons why such demonstrations cannot usually be provided with the means available: reliability growth models, testing with stable reliability, structural dependability modelling, as well as more informal arguments based on good engineering practice. We state some rigorous arguments about the limits of what can be validated with each of such means. Combining evidence from these different sources would seem to raise the levels that can be validated; yet this improvement is not such as to solve the problem. It appears that engineering practice must take into account the fact that no solution exists, at present, for the validation of ultra-high dependability in systems relying on complex software
- …