SRI Logo
About Us|R and D Divisions|Careers|Newsroom|Contact Us|SRI Home
     
  SRI Logo

Intrusion Tolerant Architectures

Average software engineering practice and average system complexity produce systems that typically have numerous vulnerabilities. Designing a system with maximal security assurance requires avoiding introducing vulnerabilities in the first place, removing known vulnerabilities, and stopping known vulnerabilities whose removal is not practical from being exploited by attackers.

Intrusion tolerance is the ultimate defense and assumes that unknown or unmitigated vulnerabilities remain in the system. The objective of intrusion tolerance is to maintain acceptable (but possibly degraded) system services when intrusions occur.

Project Objectives

We intend to define abstract intrusion-tolerance properties at the architectural level and study mechanisms that can be used to ensure these properties. We will be able to decompose emergent intrusion tolerance properties into much simpler, directly verifiable architectural properties.

We will investigate definitions of levels of intrusion tolerance, based on acceptable risk and balanced protection.

We will define architectural refinement patterns and architectural styles that are relevant for building intrusion tolerant architectures.

We will examine how our ideas can be applied in the development of real systems.

Recent Publications:

Project Partners: Funding Agency: Related Sites: Staff Members: Papers:
 













 

About Us  |  R&D Divisions  |  Careers  |  Newsroom  |  Contact Us
© 2017 SRI International 333 Ravenswood Avenue, Menlo Park, CA 94025-3493
SRI International is an independent, nonprofit corporation. Privacy policy