randomized failover intrusion tolerant systems rfits l.
Download
Skip this Video
Download Presentation
Randomized Failover Intrusion Tolerant Systems (RFITS)

Loading in 2 Seconds...

play fullscreen
1 / 13

Randomized Failover Intrusion Tolerant Systems (RFITS) - PowerPoint PPT Presentation


  • 131 Views
  • Uploaded on

Randomized Failover Intrusion Tolerant Systems (RFITS). Ranga Ramanujan Noel Schmidt Architecture Technology Corporation Odyssey Research Associates DARPA Intrusion Tolerant Systems Program. Application Domain Comparison. Situational awareness Representation of real-time Hard real-time

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Randomized Failover Intrusion Tolerant Systems (RFITS)' - Lucy


Download Now An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
randomized failover intrusion tolerant systems rfits

Randomized Failover Intrusion Tolerant Systems (RFITS)

Ranga Ramanujan

Noel Schmidt

Architecture Technology Corporation

Odyssey Research Associates

DARPA Intrusion Tolerant Systems Program

application domain comparison
Application Domain Comparison
  • Situational awareness
  • Representation of real-time
  • Hard real-time
  • Examples
    • Air traffic control
    • Sonar data processing

Server to Warfighter

Sensor to Warfighter

  • Data collection &dissemination
  • Up-to-date and historical data
  • Soft real-time
  • Examples
    • Intelligence gathering
    • MDDS

Architecture Technology Corporation/Odyssey Research Associates

technical challenge
Technical Challenge
  • Key challenges to building a high availability intrusion tolerant system
    • maintaining error detection coverage for an evolving fault set
    • sustaining required error recovery coverage in spite of intentional faults

Architecture Technology Corporation/Odyssey Research Associates

research objectives
Research Objectives
  • Develop general design principles, collectively called RFITS, for building robust information systems that can sustain correct operation in spite of intrusion-induced DOS attacks
    • Focus on real-time, high availability military systems
  • Validate and demonstrate effectiveness of RFITS
    • establish generality of RFITS architecture and techniques
    • build prototype of RFITS-based system
    • derive performance characteristics via experimentation and simulations
    • perform joint experimentation with other IA&S efforts

Architecture Technology Corporation/Odyssey Research Associates

rfits approach
RFITS Approach
  • Randomized failover process
  • Randomized distribution of service requests among redundant (and possibly diverse) servers
  • Semantic integrity checks at subsystem service boundaries
  • Hierarchical recovery management
  • Systems engineering methodology for deriving a layered intrusion tolerant architecture

Architecture Technology Corporation/Odyssey Research Associates

strawman rfits methodology
Strawman RFITS Methodology
  • The system engineering methodology consists of the application of the following processes:
    • Analysis of the operational, systems, and technical architecture to identify the threats
    • Derivation of fault model for the system under study
    • FMEA/FMECA driven design of error detection mechanisms
    • FMEA driven design of failover policy
    • End-to-end threads analyses
  • Applied RFITS methodology to tactical ad hoc networks to derive an intrusion tolerant architecture, i.e., TIARA

Architecture Technology Corporation/Odyssey Research Associates

vulnerabilities of ad hoc networks
Vulnerabilities of Ad Hoc Networks
  • Resource depletion attack
    • intruder usurps network resources by injecting spurious traffic or by replaying traffic
  • Flow disruption attack
    • intruder drops, corrupts, or delays data packets
  • Route hijacking
    • intruder creates phantom routes

Architecture Technology Corporation/Odyssey Research Associates

rfits based tiara approach
RFITS-Based TIARA Approach
  • Collectively, TIARA mechanisms protect ad hoc networks against intrusion attacks on routing as well as data traffic

Architecture Technology Corporation/Odyssey Research Associates

risks
Risks
  • Availability of sufficient number of candidate operational systems for study
    • Leverage FAA connections
    • Acquire openly available material on DoD systems
  • Implementation of prototype with sufficient richness to demonstrate a range of RFITS derive intrusion tolerant mechanisms
    • Augment base system with simulations, if possible

Architecture Technology Corporation/Odyssey Research Associates

metrics
Metrics
  • Coverage of RFITS derived techniques
    • error detection
    • failover
  • Lifecycle cost impact
    • deployment costs
    • operating costs
  • Performance overhead

Architecture Technology Corporation/Odyssey Research Associates

major achievements
Major Achievements
  • Handbook for building real-time, high-availability intrusion tolerant systems
    • RFITS system engineering methodology
    • RFITS-derived techniques for error detection and failover
  • Demonstration of a prototype military application (e.g., air traffic surveillance system) built using RFITS

Architecture Technology Corporation/Odyssey Research Associates

task schedule
Task Schedule

Architecture Technology Corporation/Odyssey Research Associates

technology transfer
Technology Transfer
  • Transferable technology resulting from this effort
    • Design techniques (i.e., RFITS) for building intrusion tolerant systems
  • Technology transition avenues include
    • Strategic alliances with DoD system integration contractors
    • Collaboration with DoD Technology Transition organizations
    • Leverage relationship with the FAA
    • Publications

Architecture Technology Corporation/Odyssey Research Associates