From Security to Dependability

Summary

Security remains an elusive property for many systems today. Despite the research efforts of the last decades, the tremendous progress made, for example in the area of cryptography, and the impressive security technology being deployed with modern operating systems, security problems have not gone away. One reason why security technology may not have been able to fulfill its promise may be a lack of integration with the existing systems, and in particular with the technologies for fault tolerance.

Although fault tolerance and security are both necessary attributes of dependable systems, these properties have traditionally been treated separately and lead to distinct and orthogonal research areas. Both research areas are based on formal models, but their separation has lead to different approaches on achieving and validating the respective properties, and the approaches have become the subject of different communities.

As one particular example, consider the area of fault-tolerant systems on the one hand and secure systems (in particular those using cryptography) on the other: Researchers in fault-tolerance often make statements about systems by treating cryptographic primitives as black boxes. This is done to keep the model tractable, i.e., to simplify analysis and (sometimes) avoid number and probability theory. In the area of safety-critical systems, such models have been successfully applied in practice, with support from automated analysis and verification tools. However, by abstracting away the basic properties of the cryptographic primitives, this severely constrains the ability to conduct rigorous security proofs. Various examples of the past show that by over-abstraction, important attributes got neglected, contributing to attack vulnerabilities in the resultant protocols.

The separate areas are only recently being viewed as complementary, with work underway to unify the two approaches. We mention the current work on tool-supported formal verification of cryptographic protocols and the concept of intrusion-tolerant systems, i.e., systems that continue to provide their service despite the corruption or failure of some of their parts.

As indicated by the above and confirmed by many researchers, there are strong similarities between the ways of modeling and handling uncertainty in the different areas of dependable systems. But there also seem to be fundamental tradeoffs that lead different communities into different directions.

Topics of the Seminar

The Dagstuhl seminar brought together researchers and practitioners from the different areas of dependability (in particular, from fault-tolerance, safety, security, and cryptography) in order to discuss the foundations of these areas, their similarities and differences. Some of the research questions discussed during the seminar included:

• What are the relations between safety, fault-tolerance, security, and cryptography with respect to methodologies and models?/li>
• What classifications and metrics for dependability and security properties exist and how can they be compared?
• What are the differences between methods to specify, model and analyse fault-tolerant and secure systems?
• Under which circumstances can fault-tolerance techniques be used to achieve security and security methods be used to achieve fault-tolerance?
• What is the role of cryptography in the development of protocols that are both secure and fault-tolerant?