 |
|  |
Survivable Systems EngineeringThe field of survivable systems engineering explores the current state of systems to identify problems and propose engineering solutions. The work described below focuses on the development lifecycles for both new development and COTS-based systems. It includes analysis of how susceptible these systems are to sophisticated attacks and suggestions for improving the design of systems based on this analysis.
Research Projects LEVANT: Protocols for Anonymity and Traceability Tradeoffs Howard Lipson The LEVANT (Levels of Anonymity and Traceability) project is addressing the engineering challenge of balancing the apparently conflicting needs of privacy and security with respect to the traceability of cyber attacks. LEVANT researchers are investigating the feasibility of a disciplined engineering design of Internet protocols (in the context of key policy issues) to allow optimal, fine-grained tradeoffs between traceability and anonymity to be made on the basis of specific mission requirements. SQUARE: Requirements Engineering for Improved System Security Nancy Mead It is well recognized in industry that requirements engineering is critical to the success of any major development project. Security requirements, however, tend to be developed independently of the rest of the requirements engineering activity. As a result, security requirements that are specific to the system and that provide for protection of essential services and assets are often neglected. Through the SQUARE project, CERT researchers have developed an end-to-end process for security requirements engineering to help organizations build security into the early stages of the production life cycle. The SQUARE methodology consists of nine steps that generate a final deliverable of categorized and prioritized security requirements. The process has been baselined and several case studies with real-world clients have shown that the methodology holds good promise for incorporation into industry practice. CERT has prototyped a computer-aided software engineering (CASE) tool to support each stage of the SQUARE process. Workshop, tutorial, and academic educational materials on SQUARE are available for download on the CERT web site. STAR*Lab: A Software Development Laboratory for Security Technology Automation and Research Richard Linger STAR*Lab is an internal software development laboratory that CERT has established to create theory-based prototype automation that provides operational solutions to challenge problems in security and software engineering. STAR*Lab is currently engaged in the Function Extraction for Software Assurance project, and is ready to expand application of function extraction technology in four projects: Computational Security Attributes, Software Correctness Verification, System Component Composition, and Flow- Service-Quality Engineering. STAR*Lab Function Extraction for Software Assurance: Engineering Automation for Computing Software Behavior Richard Linger STAR*Lab recognizes the importance of software assurance to national defense. Software assurance depends on knowing and verifying the complete behavior of software because behavior that is not known can contain errors, vulnerabilities, and malicious content. To help address this need, CERT is conducting research and development on the emerging technology of function extraction (FX). The goal of this project is to compute the behavior of software with mathematical precision to the maximum extent possible. Computation of the behavior of malicious code is of particular interest, to help analysts quickly determine intruder objectives and develop countermeasures. STAR*Lab Computational Security Attributes: Engineering Automation for Software Security Analysis Gwendolyn Walton In the current state of practice, security properties of software systems are assessed through labor-intensive human evaluation. These a priori evaluations can be of limited value in the dynamics of system operation, where threat environments can change quickly. This project focuses on automated analysis of the security properties of software. The goal is to develop foundations to help transform security engineering into more of a computational discipline. STAR*Lab Software Correctness Verification: Engineering Automation for Software Assurance Mark Pleszkoch In the current state of practice in software engineering, no practical means exists for automated, large-scale correctness verification of software with respect to intended behavior. As a result, much time and energy is devoted to inspection and testing activities that can provide only limited evidence of correctness. The objective of this project is to develop a proof-of-concept prototype of a function verification system that will analyze the correctness of programs. STAR*Lab System Component Composition: Engineering Automation for Understanding System Behavior Kirk Sayre Modern systems are characterized by large-scale heterogeneous networks with many components that must be correctly integrated to achieve mission objectives. System integration today is a complex, labor-intensive process that can take months or even years for large systems. The objective of this project is to develop a proof-of-concept prototype of a component composition system that will help determine the net effect of combining components in network architectures for faster integration. STAR*Lab Flow-Service-Quality (FSQ) Engineering: Foundations for Developing Network-Centric Systems Stacy Prowell Large-scale, network-centric systems are often characterized by massively distributed components, lack of global visibility, uncertain function and quality, ever-changing boundaries and user groups, permanent risk of intrusion and compromise, and extensive asynchronous operations. The objective of the FSQ project is to create rigorous engineering foundations for development and evolution of such systems under intellectual control. Flow structures, a key element of FSQ engineering, refine mission objectives into designed compositions of network components while accommodating the operational uncertainties of the underlying systems. SAF: Survivability Analysis Framework Robert Ellison, Carol Woody The Survivability Analysis Framework (SAF) was developed through research initially focused on assurance analysis methods applicable to increased demands for system interoperability, integration, and survivability. The complexity that arises in networked systems of systems is an aggregate of technology, scale, scope, and operational and organizational issues. The research effort has expanded to address analytical capabilities for service-oriented architectures (SOA) and the integration of shared services with organizational missions. The SAF process analyzes mission threads in end-to-end workflows and identifies potential stresses that could limit completion of the workflows. This approach permits analysis of interrelations among people, processes, and technology to identify critical patterns for system simplifications and reductions in potential mission failures. Last updated May 02, 2008 |
