Diagnosing runtime violations of security and dependability properties

Monitoring the preservation of security and dependability (S&D) properties of complex software systems is widely accepted as a necessity. Basic monitoring can detect violations but does not always provide sufficient information for deciding what the appropriate response to a violation is. Such decisions often require additional diagnostic information that explains why a violation has occurred and can, therefore, indicate what would be an appropriate response action to it. In this thesis, we describe a diagnostic procedure for generating explanations of violations of S&D properties developed as extension of a runtime monitoring framewoek, called EVEREST. The procedure is based on a combination of abductive and evidential reasoning about violations of S&D properties which are expressed in Event Calculus

Diagnosing runtime violations of security and dependability properties

Monitoring the preservation of security and dependability (S&D) properties of complex software systems is widely accepted as a necessity. Basic monitoring can detect violations but does not always provide sufficient information for deciding what the appropriate response to a violation is. Such decisions often require additional diagnostic information that explains why a violation has occurred and can, therefore, indicate what would be an appropriate response action to it. In this thesis, we describe a diagnostic procedure for generating explanations of violations of S&D properties developed as extension of a runtime monitoring framewoek, called EVEREST. The procedure is based on a combination of abductive and evidential reasoning about violations of S&D properties which are expressed in Event Calculus.EThOS - Electronic Theses Online ServiceGBUnited Kingdo

Towards a Framework for Dynamic Verification of Peer-to-Peer Systems

Ensuring dependability and security of Peer-to-Peer (P2P) systems is an intricate task due to the autonomous and volatile nature of peers and the decentralization that characterizes such systems. Dynamic verification provides the means of monitoring aspects of peer behaviour at runtime and the capacity to react to identified violations with the aim of preserving the system in the desired state. Thus, it can provide an extra layer of checking properties like security and dependability and lead to enhanced system resilience in this respect. In this paper, we introduce a framework that supports the dynamic verification of P2P systems. 1