Lifecycle Models for Survivable Systems

Size: px

Start display at page:

Download "Lifecycle Models for Survivable Systems"

Julia Howard
6 years ago
Views:

1 Lifecycle Models for Survivable s Rick Linger Carnegie Mellon University Pittsburgh, PA Sponsored by the U.S. Department of Defense 2000 by Carnegie Mellon University Version 2 SNA Tutorial - page 1

2 Survivability Concepts 2000 by Carnegie Mellon University Version 1 ISW page 2

3 Survivability Defined Survivability is the ability of a system to fulfill its mission, in a timely manner, in the presence of attacks, failures, or accidents. No amount of security can guarantee systems will not be penetrated Survivability focus is on mission continuity under adverse conditions 2000 by Carnegie Mellon University Version 1 ISW page 3

4 The Three Rs of Survivability Resistance capability to deter attacks Recognition capability to recognize attacks and damage Recovery capability to provide essential services during attack and recover full services after attack 2000 by Carnegie Mellon University Version 1 ISW page 4

5 Survivable Network Analysis SYSTEM: Essential services Essential service usage scenarios Essential architecture components ENVIRONMENT: Intrusion strategies Intrusion usage scenarios Architecture softspots 3Rs analysis Survivability Map recommendations Compromisible architecture components 2000 by Carnegie Mellon University Version 1 ISW page 5

6 Survivability Impact on Traditional Development Life Cycle 2000 by Carnegie Mellon University Version 1 ISW page 6

7 Survivability Impact - 1 Lifecycle Activities Mission Definition Concept of Operations Key Survivability Elements Analysis of mission criticality and consequences of failure Definition of system capabilities in adverse environments Examples Estimation of cost impact of denial of service attacks Enumeration of critical mission functions that must withstand attacks Project Planning Integration of survivability into lifecycle activities and work products Identification of defensive coding techniques for implementation Definition Specification Definition of survivability requirements from mission perspective Specification of essential service and intrusion scenarios Definition of access requirements for critical system assets during attacks Definition of steps that compose critical system transactions 2000 by Carnegie Mellon University Version 1 ISW page 7

8 Survivability Impact - 2 Lifecycle Key Survivability Elements Examples Activities Architecture Design Implementation Testing Evolution Integration of survivability strategies into architecture definition Development and verification of survivability strategies Application of survivability coding and implementation techniques Treatment of intruders as users in testing and certification Improvement of survivability to prevent degradation over time Creation of network facilities for replication of critical data assets Correctness verification of data encryption algorithms Definition of methods to avoid buffer overflow vulnerabilities Addition of intrusion usage to usage models for statistical testing Evolution of architecture in response to changing threat environment 2000 by Carnegie Mellon University Version 1 ISW page 8

9 Survivability Impact Survivability Develop/Test Survivability Operations Development/ Evolution Traditional Life Cycle / Survivability Legacy Software, Survivability Strategies Testing/ Evaluation Operation/ Administration Usage/ Intrusion Usage Model Development/ Evolution Survivability Evolution 2000 by Carnegie Mellon University Version 1 ISW page 9

10 Survivability Impact on Contemporary Development Life Cycle 2000 by Carnegie Mellon University Version 1 ISW page 10

11 Contemporary Life Cycle Iteration of customer requirements, COTS market capabilities, and system architecture Customer Context Architecture and Engineering Cycle Integration Market Context Reconciliation Life cycle of continuous system evolution Iteration 1 Iteration 2 Iteration 3 Iteration by Carnegie Mellon University Version 1 ISW page 11

12 Survivability Impact Reconcile mission survivability with COTS capabilities Assess COTS vendors for survivability focus Evaluate survivability of COTS products Achieve survivability in system integration Treat architecture as survivability integrator Maintain survivability as COTS products evolve 2000 by Carnegie Mellon University Version 1 ISW page 12

Sustaining Software-Intensive Systems - A Conundrum

Pittsburgh, PA 15213-3890 Sustaining Software-Intensive Systems - A Conundrum Mary Ann Lapham Sponsored by the U.S. Department of Defense 2006 by Carnegie Mellon University Version 2 GSAW 2006 - page 1