Distinguished Speaker Series: William H. Sanders
Starts: November 1, 2007 at 5:00 PM
Location: McGlothlin-Street 020
Probabilistic Validation of Computer System Security
William H. Sanders
Dept. of Electrical and Computer Engineering,
Information Trust Institute, and
Coordinated Science Laboratory
University of Illinois
There is a growing need for systems whose security in a specified use and/or attack environment can be assured with confidence. Many techniques have been proposed to validate individual components (e.g., formal methods) or a system as a whole (e.g., red teaming). However, no single technique can provide the breadth of evidence needed to validate a system with respect to high-level security requirements. To accomplish this, we propose an integrated validation procedure (IVP) that begins with the formulation of a specific security requirement and determines whether a system is valid with respect to the requirement.
The IVP employs a top-down approach that methodically breaks the task of validation into manageable tasks, and for each task, applies techniques best suited to its accomplishment. Stochastic methods, logical arguments (including formal methods), and experimental methods are all employed. These efforts can be largely independent, and the results, which complement and supplement each other, are seamlessly integrated to provide a convincing assurance argument. We then illustrate the IVP by applying it to an intrusion-tolerant information system being developed by the U.S. Department of Defense. In addition to validating the system against high-level survivability requirements, we demonstrate the use of model-based validation techniques, as a part of the overall validation procedure, to guide the system's design by exploring different configurations and evaluating tradeoffs.
Sanders is a Donald Biggar Willett Professor of Engineering and the Director of the Information Trust Institute at the University of Illinois. He is a professor in the Department of Electrical and Computer Engineering and the Coordinated Science Laboratory. He is a Fellow of the IEEE and the ACM. In addition, he serves on the editorial board of Performance Evaluation and is the Area Editor for Simulation and Modeling of Computer Systems for the ACM Transactions on Modeling and Computer Simulation. He is a past Chair of the IEEE Technical Committee on Fault-Tolerant Computing and past Vice-Chair of IFIP Working Group 10.4 on Dependable Computing. Dr. Sander's research interests include performance/dependability evaluation, dependable computing, and reliable distributed systems. He has published more than 160 technical papers in those areas. He is a co-developer of three tools for assessing the performability of systems represented as stochastic activity networks: METASAN, UltraSAN, and Mšbius. Mšbius and UltraSAN have been distributed widely to industry and academia; more than 400 licenses for the tools have been issued to universities, companies, and NASA for evaluating the performance, dependability, security, and performability of a variety of systems. He is also a co-developer of the Loki distributed system fault injector and the AQuA/ITUA middlewares for providing dependability/security to distributed and networked applications.