 |
 |
|
|
![Back to [2]](../all_the_pictures/arrow_left.jpg){kind=icon} [3]
![Forwards to [4]](../all_the_pictures/arrow_right.jpg){kind=icon}
Anthony L. Barnes In a national level study we defined survivability as the ability of a computer-communication system-based application to continue satisfying its requirements (for example, requirements for security, reliability, real-time responsiveness, and correctness), in the face of arbitrary adverse conditions [1]. This broad view of diverse system requirements must now be applied to the design and development of the Army Tactical Internet. The Tactical Internet for the purposes of this paper can be viewed as an intranet composed of COTS and GOTS software and hardware with very band limited links (limiting is caused by the tactical radio systems). In order to apply the survivability requirements to the Tactical Internet, the requirements must be based on a threat to that system. Traditional threat documentation from DIA and NSA to some extent cover the security requirements of survivability. What needs to be defined now is the non-traditional threats that affect the reliability, real-time responsiveness, and correctness requirements of survivability. These non-traditional threats must address such areas as fault tolerance, detection of misuse, and functional correctness along with other survivability requirements. We are currently working on two efforts to start addressing the overall survivability requirements of the Tactical Internet. The first effort involves a research project to investigate new network architectures to support survivable systems and networks. These new architectures must address the use of COTS, GOTS, and legacy systems found in the tactical environment. The second effort involves the use of software assessment tools to determine if the system is vulnerable to misuse. For this testing the actual tactical internet is used in a laboratory environment. To insure more survivable systems and networks are developed to support the tactical environment, more efforts like the above need to be addressed. Personal Background: Past work includes threat definition, security requirements, system evaluation, software engineering, formal methods, vulnerability assessment, and working with OSD on IS policy. Co-author of the Army survivability report [1]. I believe my experience with applying survivability requirement to actual systems and networks would be beneficial to the workshop.
References: [3]
|
