Ensuring Security and Availability through Model-Based Cross-Layer Adaptation
Situation- and resource-aware security is essential for the process control systems, composed of networked entities with sensors and actuators, that monitor and control the national critical infrastructure. However, security cannot be addressed at a single layer because of the inherent dependencies and tradeoffs among crosscutting concerns. Techniques applied at one layer to improve security affect security, timing, and power consumption at other layers. This paper argues for an integrated treatment of security across multiple layers of abstraction (application, middleware, operating system including network stack, and hardware). An important step in realizing this integrated treatment of situation- and resource-aware security is first understanding the cross-layer interactions between security policies and then exploiting these interactions to design efficient adaptation strategies (i) to balance security, quality of service, and energy needs, and (ii) to maximize system availability. We propose a novel approach that employs a compositional method within an iterative tuning framework based on lightweight formal methods with dynamic adaptation.
Unable to display preview. Download preview PDF.
- 1.Pister, K.: From smart dust to smart plants the evolution of wireless sensor networking. In: ISA EXPO 2008: Keynote Speech (2008), http://www.dustnetworks.com
- 3.xTune Framework, http://xtune.ics.uci.edu
- 4.Kim, M., Stehr, M.-O., Kim, J., Ha, S.: An application framework for loosely coupled networked cyber-physical systems. In: 8th IEEE Intl. Conf. on Embedded and Ubiquitous Computing (EUC 2010), Hong Kong (December 2010), http://ncps.csl.sri.com/papers/cyberframework.pdf
- 6.Gutierrez-Nolasco, S., Venkatasubramanian, N., Stehr, M.-O., Talcott, C.: Exploring adaptability of secure group communication using formal prototyping techniques. In: ARM 2004: Workshop on Adaptive and Reflective Middleware, pp. 232–237 (2004)Google Scholar
- 7.SPADE Project, http://spade.csl.sri.com.
- 8.Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: SP 2007: Proceedings of the IEEE Symposium on Security and Privacy, pp. 321–334 (2007)Google Scholar
- 10.Maude System, http://maude.csl.sri.com.
- 11.Kim, M., Stehr, M.-O., Talcott, C., Dutt, N., Venkatasubramanian, N.: Constraint refinement for online verifiable cross-layer system adaptation. In: DATE 2008: Proceedings of the Design, Automation and Test in Europe Conference and Exposition (2008)Google Scholar
- 13.Rusu, R.B., Maldonado, A., Beetz, M., Gerkey, B.: Extending Player/Stage/Gazebo towards cognitive robots acting in ubiquitous sensor-equipped environments. In: IEEE Intl. Conf. on Robotics and Automation Workshop for Network Robot Systems (2007)Google Scholar
- 17.Wang, W.: Quality-driven cross layer design for multimedia security over resource constrained wireless sensor networks. University of Nebraska, Lincoln, Dept. of Computer and Electronics Engineering, Ph.D. Dissertation (2009)Google Scholar
- 18.Kim, M., Massaguer, D., Dutt, N., Mehrotra, S., Ren, S., Stehr, M.-O., Talcott, C., Venkatasubramanian, N.: A semantic framework for reconfiguration of instrumented cyber physical spaces. In: Workshop on Event-based Semantics, CPS Week (2008)Google Scholar