Research on Dependability and Security

1
Research on Dependability and Security
- Dr. Panagiotis Katsaros, Lecturer - Dr.
Lefteris Angelis, Assistant Professor -
collaboration with other academic staff members
2
Research on Dependability and Security

• Dependable Distributed Systems
  (research started in 2003)
• Dependable system is a system that meets its
  expected behavior in all circumstances
  (performance, availability, reliability and
  systems correctness properties like for example
  safety, atomicity and consistency).
• Dependability Security are two interrelated
  problems (new journal IEEE
  Transactions on Dependable and Secure Computing)
• - a security attack is possible to result in a
  systems failure to meet
• its expected behavior
• example recent incident in VODAFONE Greece,
  where an insider conversation privacy
  attack caused an AXE-10 system failure in
  dispatching SMS messages
• - correctness property violation like for
  example an atomicity
• violation design flaw results in a non secure
  system

3
Research on Dependability and Security

• Areas of interest
• quantitative evaluation and trade-offs between
  dependability attributes (performance,
  availability, reliability etc) in distributed
  systems
• simulation
• stochastic optimization
• formal methods in the analysis of safety,
  security and fault tolerance
• model checking (SPIN, Colored Petri Nets, AVISPA)
  
• theorem proving (Coq)
• issues related to access control, information
  flow control, concurrency control, atomicity and
  recovery

4
Research on Dependability and Security

• Research staff and students
• 2 academic staff members
• 2 PhD students
• 1 M.Sc. student (thesis)
• 7 undergraduate students (thesis)
• Research Development Projects
• EU INTERREG IIIC South programme (MedWet CODDE)
• ARCHIMIDES II Greek Ministry of Education (2
  projects)
• Collaboration
• Un. of Macedonia, Thessaloniki, Greece
• Athens Un. of Economics and Business, Athens,
  Greece
• CardiSoft, Thessaloniki, Greece

5
Research on Dependability and Security

• Recent publications ongoing research
• performance availability trade-off for
  different transaction processing alternatives
  (ACID Sim Tools ready prototype)
• ACID properties costs simulation for different
  Transaction Processing Models and their
  parameters (protocols for concurrency control,
  distributed atomic commit, recovery, deadlock
  handling and replication)

6
Research on Dependability and Security

• Recent publications ongoing research
• fault tolerance performance effectiveness
  trade-off (replication based or message logging
  with/without checkpointing)
• an approach to compare different fault tolerance
  mechanisms, choose the most effective one and
  tune its parameters (e.g. checkpoint intervals,
  number of replicas) such as to achieve the
  required response times at the lowest possible
  fault tolerance cost
• model checking various atomicity properties (in
  payment transactions) by the use of Colored Petri
  Nets
• an approach that can be extended to model
  checking many other correctness properties in
  component software models and in models of
  systems with timing constraints (schedulability
  analysis)

7
Research on Dependability and Security

• Recent publications ongoing research
• new interlocking control algorithm based on the
  use of the so-called Distributed Signal Boxes,
  for safety-critical systems (to be published)
• (correctness properties proved for the Athens
  underground railway system by the SPIN model
  checker)
• new approach for the design of access control in
  distributed systems, such as to prevent sensitive
  information leakage
• formal analysis of smart card security Public
  Key Infrastructures (ongoing work)
• More info
• http//delab.csd.auth.gr/katsaros/