Abstract
We propose the notion of tamper-evident stabilization –that combines stabilization with the concept of tamper evidence– for computing systems. On the first glance, these notions are contradictory; stabilization requires that eventually the system functionality is fully restored whereas tamper evidence requires that the system functionality is permanently degraded in the event of tampering. Tamper-evident stabilization captures the intuition that the system will tolerate perturbation upto a limit. In the event that it is perturbed beyond that limit, it will exhibit permanent evidence of tampering, where it may provide reduced (possibly none) functionality. We compare tamper-evident stabilization with (conventional) stabilization and with active stabilization and propose an approach to verify tamper-evident stabilizing programs in polynomial time. We demonstrate tamper-evident stabilization with two examples and argue how approaches for designing stabilization can be used to design tamper-evident stabilization. We also study issues of composition in tamper-evident stabilization. Finally, we point out how tamper-evident stabilization can effectively be used to provide tradeoff between fault-prevention and fault tolerance.
Keywords
- Self-stabilization
- reactive systems
- adversary
- formal methods
Download conference paper PDF
References
Arora, A.: Efficient reconfiguration of trees: A case study in methodical design of nonmasking fault-tolerant programs. In: Langmaack, H., de Roever, W.-P., Vytopil, J. (eds.) FTRTFT 1994 and ProCoS 1994. LNCS, vol. 863, pp. 110–127. Springer, Heidelberg (1994)
Arora, A., Gouda, M., Varghese, G.: Constraint satisfaction as a basis for designing nonmasking fault-tolerant systems. Journal of High Speed Networks 5(3), 293–306 (1996)
Arora, A., Gouda, M.G.: Closure and convergence: A foundation of fault-tolerant computing. IEEE Transactions on Software Engineering 19(11), 1015–1027 (1993)
Beauquier, J., Kekkonen-Moneta, S.: On ftss-solvable distributed problems. In: WSS, pp. 64–79 (1997)
Bonakdarpour, B., Kulkarni, S.S.: Compositional verification of fault-tolerant real-time programs. In: EMSOFT, pp. 29–38 (2009)
Bonakdarpour, B., Kulkarni, S.S.: On the complexity of synthesizing relaxed and graceful bounded-time 2-phase recovery. In: Cavalcanti, A., Dams, D.R. (eds.) FM 2009. LNCS, vol. 5850, pp. 660–675. Springer, Heidelberg (2009)
Bonakdarpour, B., Kulkarni, S.S.: Active stabilization. In: Défago, X., Petit, F., Villain, V. (eds.) SSS 2011. LNCS, vol. 6976, pp. 77–91. Springer, Heidelberg (2011)
Burns, J.E., Gouda, M., Miller, R.E.: Stabilization and pseudo-stabilization. Distributed Computing 7(1), 35–42 (1993)
Devismes, S., Tixeuil, S., Yamashita, M.: Weak vs. self vs. probabilistic stabilization. In: ICDCS 2008, pp. 681–688 (2008)
Dijkstra, E.W.: Self-stabilizing systems in spite of distributed control. Communications of the ACM 17(11), 643–644 (1974)
Dijkstra, E.W.: A Discipline of Programming. Prentice-Hall (1990)
Dolev, S.: Self-Stabilization. MIT Press (2000)
Ebnenasir, A., Kulkarni, S.S.: Feasibility of stepwise design of multitolerant programs. TOSEM 21(1), 1–49 (2011)
Ghosh, S., Gupta, A.: An exercise in fault-containment: Self-stabilizing leader election. Information Processing Letters 59(5), 281–288 (1996)
Gouda, M.: Elements of security: Closure, convergence, and protection. Information Processing Letters 77(2-4), 109–114 (2001); In honor of Edsger W. Dijkstra
Gouda, M.: The theory of weak stabilization. In: Datta, A.K., Herman, T. (eds.) WSS 2001. LNCS, vol. 2194, pp. 114–123. Springer, Heidelberg (2001)
Hajisheykhi, R., Ebnenasir, A., Kulkarni, S.: Tamper-evident stabilization. Technical Report MSU-CSE-14-4 (June 2014)
Israeli, A., Jalfon, M.: Token management schemes and random walks yield self-stabilizing mutual exclusion. In: PODC, pp. 119–131 (1990)
Kulkarni, S., Arora, A.: Multitolerance in distributed reset. Chicago Journal of Theoretical Computer Science 1998(4) (December 1998)
Lie, D., Thekkath, C.A., Mitchell, M., Lincoln, P., Boneh, D., Mitchell, J.C., Horowitz, M.: Architectural support for copy and tamper resistant software. In: ASPLOS, pp. 168–177 (2000)
Malekpour, M.R.: A byzantine-fault tolerant self-stabilizing protocol for distributed clock synchronization systems. In: Datta, A.K., Gradinariu, M. (eds.) SSS 2006. LNCS, vol. 4280, pp. 411–427. Springer, Heidelberg (2006)
Nesterenko, M., Arora, A.: Tolerance to unbounded byzantine faults. In: SRDS, pp. 22–31 (2002)
Sean, W.: Smith and Steve Weingart. Building a high-performance, programmable secure coprocessor. Computer Networks 31(8), 831–860 (1999)
Suh, G.E., Clarke, D.E., Gassend, B., van Dijk, M., Devadas, S.: Aegis: architecture for tamper-evident and tamper-resistant processing. In: ICS, pp. 160–171 (2003)
Zhang, H., Arora, A.: Guaranteed fault containment and local stabilization in routing. Computer Networks 50(18), 3585–3607 (2006)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 IFIP International Federation for Information Processing
About this paper
Cite this paper
Hajisheykhi, R., Ebnenasir, A., Kulkarni, S.S. (2015). A Theory of Integrating Tamper Evidence with Stabilization. In: Dastani, M., Sirjani, M. (eds) Fundamentals of Software Engineering. FSEN 2015. Lecture Notes in Computer Science(), vol 9392. Springer, Cham. https://doi.org/10.1007/978-3-319-24644-4_6
Download citation
DOI: https://doi.org/10.1007/978-3-319-24644-4_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-24643-7
Online ISBN: 978-3-319-24644-4
eBook Packages: Computer ScienceComputer Science (R0)