Assurable Software and Architectures
![[topcap]](/images/floating_sidebar_topcap.png){kind=small}
Research Areas
![[bottomcap]](/images/floating_sidebar_bottomcap.png){kind=small}
This area includes tools and methods for building software artifacts, servers, and networks that are resistant to attacks and failures. This includes research into vulnerability assessment and identification, programming languages and tools for secure programming, mobile code and "sandboxes," proof-carrying systems, trusted embedded systems, resilient server architectures, protection against malicious software, dynamic reconfiguration of systems, hardware architecture design, fault-tolerance, code tamperproofing, and penetration testing. Research into more secure operating systems and database systems falls in this area, as does research into better human-computer interfaces for security (HCI).
New Product Design Risk Assessment
A High Assurance, High Capacity Platform for Information Operations
Contracted research from Lockheed Martin
A Framework for Managing the Assured Information Sharing Lifecycle
Fault Determination and Recovery in Cycle-sharing Infrastructures
This project is expected to make three broad contributions towards developing a runtime infrastructure, called PROGNOSIS, for failure data collection and online analysis. The first set of contributions will be on collecting and analyzing system events and failure data from an actual BlueGene/L system over an extended period of time. In addition to presenting the raw system events, we will be developing filtering techniques to remove unimportant information and identifying stationary intervals, together with defining the attributes for logging and their frequency. The second set of contributions will be models for online analysis and prediction of evolving failure data by exploiting correlations between system events over time, across the nodes, and with respect to external factors such as imposed workload and operating temperature. The third set of contributions will be on demonstrating the uses of PROGNOSIS. This work will be specifically extending two important runtime techniques - parallel job scheduling and checkpointing - with the information provided by PROGNOSIS; will investigate how predictability of failures along spatial and/or temporal dimensions can enhance schedulers to provide a better trade-off between higher system utilization versus job loss upon failures, and will develop techniques to fine tune the frequency and location of checkpoints with PROGNOSIS. More importantly, the confidence level behind the prediction that is needed for online decision making will be evaluated, and the effect of inaccurate predictions.
A Testbed for Compiler-supported Scalable Error Monitoring and Diagnosis for Reliable and Secure Sensor Networks
This is a planning grant that focuses on an embedded middleware development tool for sensor networks that is based on a research prototype recently developed by this team at Purdue University. For this planning grant the project team proposes to expand their existing sensor capability by purchasing a larger sensor network test-bed to validate software development tools for run-time error monitoring and diagnosis. In addition, the project will enable an application case study for carbon dioxide monitoring for indoor circulation systems. Sensor nodes typically are highly vulnerable to hardware breakdowns when deployed in harsh conditions. Because of their ad hoc and dynamic nature, the communication protocols of networked embedded systems tend to be complex and frequently error-prone. In addition, these networks experience: components and communication links that are exposed to potential adversaries and hence are under security threats such as node capture, denial of service, and malicious code injection; constrained resources such as storage, bandwidth, computing power and energy; and, even though they may be correctly designed, network protocols may be implemented incorrectly due to programming errors. The goal of this project is to permit the broad research community of Networked Embedded Systems (NES) to use the robust programming tool proposed with this project for run-time error monitoring and diagnosis. The tool will target the problem that errors can occur in any of the many components of a sensor network and those errors need to be detected quickly and effectively.
Fault Determination and Recovery in Cycle-Sharing Infrastructures
This project is expected to make three broad contributions towards developing a runtime infrastructure, called PROGNOSIS, for failure data collection and online analysis. The first set of contributions will be on collecting and analyzing system events and failure data from an actual BlueGene/L system over an extended period of time. In addition to presenting the raw system events, we will be developing filtering techniques to remove unimportant information and identifying stationary intervals, together with defining the attributes for logging and their frequency. The second set of contributions will be models for online analysis and prediction of evolving failure data by exploiting correlations between system events over time, across the nodes, and with respect to external factors such as imposed workload and operating temperature. The third set of contributions will be on demonstrating the uses of PROGNOSIS. This work will be specifically extending two important runtime techniques - parallel job scheduling and checkpointing - with the information provided by PROGNOSIS; will investigate how predictability of failures along spatial and/or temporal dimensions can enhance schedulers to provide a better trade-off between higher system utilization versus job loss upon failures, and will develop techniques to fine tune the frequency and location of checkpoints with PROGNOSIS. More importantly, the confidence level behind the prediction that is needed for online decision making will be evaluated, and the effect of inaccurate predictions.
Systematic Control and Management of Data Integrity, Quality and Provenance for Command and Control Applications
Development of a Safe, Virtual Imaging Instrument for Logically Destructive Experiments (ReAssure)
This proposal, developing a networked system to allow safe and rapid analysis of network security and vulnerabilities with respect to worms, viruses, and other malicious conduct, creates a reconfigurable facility, named ReASSURE, for efficient reproducible, controlled, and safely contained experiments in computer science and technology with emphasis on information assurance and security. The new instrument will integrate functionalities in a manner that will enable high levels of safety and efficiency in manipulating, testing, and developing potentially dangerous experimental networking and virtual machine software while providing computational power to remote users. Advancing the study of virtual machine technology, the activity offers settings where potentially dangerous experimentation with networking and VM technologies can be performed safely. Providing as testbed networking facility, the infrastructure supports projects that require “self-contained” computing environments in computer science (including security), computer technology, forensics, and information warfares.
CSR-EHS: Resource-Efficient Monitoring, Diagnosis, and Programming Support for Reliable Networked Embedded Systems
This project focuses on an important kind of networked embedded systems called sensor networks. Such networks have become popular platforms for continuous sensing and analysis of physical environments, leading to a better understanding of natural phenomena, civil infrastructures, animal habitats, and other important scientific and engineering issues. The sensor data can also be used to improve environmental protection, infrastructure safety and energy efficiency, to name a few of the potential applications.
The ad-hoc and dynamic nature of networked embedded systems make their communication protocols complex. This research uses the methodology of continuous error monitoring for continued improvement of reliability after the deployment of sensor networks. The project builds a framework consisting of compiler-based tools and software techniques for the detection, diagnosis and correction of programming errors on sensor networks. The nature of the sensor-network applications requires the hardware components and software protocols to be small and resource-constrained. The project therefore makes resource efficiency one of the critical design criteria.
The success of this project should contribute substantially to the reliability of sensor networks whose potential applications are very broad. The project also engages a broad community of students in various disciplines, through Honor Seminars, special mentoring programs and undergraduate research opportunities such as Purdue’s EPICS program (Engineering Projects in Community Services).
Testing and Benchmarking Methodologies for Future Networking Security Mechanisms
Networks and computer systems are becoming increasingly attractive targets to large-scale programmed attacks such as worms and Distributed Denial of Service attacks (DDoS), which can compromise a vast number of vulnerable targets in a few minutes. Critical end-user applications vulnerable to such attacks include e-commerce, e-medicine, command-and-control applications, video surveillance and tracking, and many other applications. While there is a growing body of research techniques, prototypes, and commercial products that purport to protect these applications and the network infrastructure on which they rely, there is little existing scientific methodology by which to objectively evaluate the merits of such claims. Moreover, thorough testing of a defense system for worms or for attacks on the infrastructure cannot be evaluated safely on a live network without affecting its operation.
To make rapid advancements in defending against these and future attacks, the state of the art in the evaluation of network security mechanisms must be improved. This will require the emergence of large-scale security testbeds coupled with new standards for testing and benchmarking that can make these testbeds truly useful. Current shortcomings and impediments to evaluating network security mechanisms include lack of scientific rigor;lack of relevant and representative network data;inadequate models of defense mechanisms; and inadequate models of both the network and the transmitted data (benign and attack traffic). The latter is challenging because of the complexity of interactions among traffic, topology and protocols.
The researchers propose to develop thorough, realistic,and scientifically rigorous testing frameworks and methodologies for particular classes of network attacks and defense mechanisms. These testing frameworks will be adapted for different kinds of testbeds, including simulators such as NS, emulation facilities such as Emulab, and both small and large hardware testbeds. They will include attack scenarios; attack simulators; generators for topology and background traffic; data sets derived from live traffic; and tools to monitor and summarize test results. These frameworks will allow researchers to experiment with a variety of parameters representing the network environment, attack behaviors, and the configuration of the mechanisms under test.
In addition to developing testing frameworks, the researchers propose to validate them by conducting tests on representative network defense mechanisms. Defense mechanisms of interest include network-based Intrusion Detection Systems (IDS); automated attack traceback mechanisms;t raffic rate-limiting to control DDoS attacks; and mechanisms to detect large-scale worm attacks. Conducting these tests will require incorporating real defense mechanisms into a testbed, and applying and evaluating frameworks and methodologies. Conducting these tests will also help us to ensure that the testbed framework allows other researchers to easily integrate and test network defense echanisms of their own.
The research team includes experts in security, networking, data analysis, software engineering, and operating systems who are committed to developing these challenging integrated testing frameworks.
