Abstract
As information systems became ever more complex and the interdependence of these systems increase, the survivability picture became more and more complicated. The need for survivability is most pressing for mission-critical systems, especially when they are integrated with other COTS products or services. When components are exported from a remote system to a local system under different administration and deployed in different environments, we cannot guarantee the proper execution of those remote components in the currently working environment. Therefore, in the runtime, we should consider the component failures (in particular, remote components) that may either occur genuinely due to poor implementation or the failures that occurred during the integration with other components in the system. In this paper, we introduce a generic architecture and mechanisms for dynamic component-failure detection and immunization for survivable distributed systems. We have also developed a prototype system based on our approaches as a proof of our ideas.
Chapter PDF
Similar content being viewed by others
Reference
Dimiter R. Avresky, Jean Arlat, Jean-Claude Laprie, Yves Crouzet. Fault Injection for the Formal Testing of Fault Tolerance. The Twenty-Second Annual International Symposium on Fault-Tolerant Computing, July 8–10, 1992: 345–354.
Abadi and L. Lamport. Composing Specications. ACM Transactions on Programming Languages, 15(1): 73–132, January 1993.
Anant Agarwal, Richard Sites and Mark Horwitz. ATUM: A New Technique for Capturing Address Traces Using Microcode. In Proceedings of the 13th International Symposium on Computer Architecture, 119–127, June 1986.
Amitabh Srivastava and Alan Eustace. “ATOM A System for Building Customized Program Analysis Tools.” In Proceedings of the SIGPLAN’ 94 Conference on Programming Language Design and Implementation (PLDI), pages 196–205, June 1994.
BCEL-Bytecode Engineering Library http://bcel.sourceforge.net/
BIT: Bytecode Instrumenting Tool http://www.cs.colorado.edu/~hanlee/BIT/index.html
M. Chen, E. Kiciman, E. Brewer, and A. Fox. Pinpoint: Problem Determination in Large, Dynamic Internet Services. In Proceedings of the IEEE International Conference on Dependable Systems and Networks, DSN, 2002.
Ajay Chander, John C. Mitchell, Insik Shin. Mobile Code Security by Java Bytecode Instrumentation. In Proceedings of the 2001 DARPA Information Survivability Conference & Exposition (DISCEX II), pages 1027–1040, Anaheim, CA, June 2001.
Brian Bershad et al. Etch Overview. http://etch.cs.washington.edu/
James R. Larus and Eric Schnarr. “EEL: Machine-Independent Executable Editing.” In proceedings of the SIGPLAN’ 95 Conference on Programming Language Design and Implementation (PLDI), pages 291–300, June 1995.
Susan J. Eggers, David R. Keppel, Eric J. Koldinger, and Henry M. Levy. Techiques for efficient Inline Tracing on a Shared-Memory Multiprocessor. In Pro-ceedings of the 1990 ACM Sigmetrics Conference on Measurement and Modelings of Computer Systems, 8(1), May 1990.
A. Ghosh, J. Voas. Inoculating Software for Survivability. Communications of the ACM, July 1999.
Galen Hunt and Doug Brubacher. Detours: Binary Interception of Win32 Functions. Proceedings of the 3rd USENIX Windows NT Symposium, pp. 135–143. Seattle, WA, July 1999. USENIX.
Galen Hunt and Michael Scott. Intercepting and Instrumenting COM Applications. Proceedings of the Fifth Conference on Object-Oriented Technologies and Systems (COOTS’99), pp. 45–56. San Diego, CA, May 1999. USENIX.
Jikes Bytecode Toolkit-IBM Alpha Works http://www.alphaworks.ibm.com/tech/jikesbt.
S. Jajodia, C. McCollum, and P. Ammann. Trusted Recovery. Communications of the ACM, 42(7), pp. 71–75, July 1999.
JOIE-The Java Object Instrumentation Environment http://www.cs.duke.edu/ari/ioie/
J. Knight, M. Elder, and X. Du. Error Recovery in Critical Infrastructure Systems. Proceedings of the 1998 Computer Security, Dependability, and Assurance (CSDA’98) Workshop, Williamsburg, VA, November 1998.
G. Kapfhammer, C. Michael, J. Haddox, R. Coyler. An Approach to Identifying and Understanding Problematic COTS Components. The Software Risk Management Conference, ISACC 2000.
J. Knight and K. Sullivan. Towards a Definition of Survivability. Proceedings of the 3rd Information Survivability Workshop (ISW), Boston, MA, October 2000.
P. Liu, P. Ammann, and S. Jajodia. Rewring Histories: Recovering from Malicious Transactions. Distributed and Parallel Databases, 8(1), pp. 7–40, January 2000.
James R. Larus and Thomas Ball. Rewriting Executable Files to Measure Program Behavior. Software, Practice and Experience, 24(2), February 1994.
H. Lipson and D. Fisher, Survivability — A New Technical and Business Perspective on Security. Proceedings of the New Security Paradigms Workshop (NSPW’99), Caledon Hills, Ontario, Canada, September 21–24, 1999.
Henrique Madeira, Diamantino Costa, Marco Vieira. On the Emulation of Software Faults by Software Fault Injection. International Conference on Dependable Systems and Networks (DSN 2000). New York, New York, June 25–28, 2000.
N. Mead, R. Ellison, R. Linger, et al. Survivability Network Analysis Method, SEI Technical Report: CMU/SEI-00-TR-013, September 2000.
Amitabh Srivastava and David Wall. “A Practical System for Intermodule Code Optimization at Link-Time.” Journal of Programming Languages, vol 1, no 1, pages 1–18, March 1993.
Joon S. Park. Component Survivability for Mission Critical Distributed Systems. Technical Report, NRC/Air Force SFFP (Summer Faculty Fellowship Program), 2004.
Joon S. Park and Pratheep Chandramohan. Component Recovery Approaches for Survivable Distributed Systems. 37th Hawaii International Conference on Systems Sciences (HICSS-37), Big Island, Hawaii, January 5–8, 2004.
Joon S. Park, Pratheep Chandramohan, and Joseph Giordano. Survivability Models and Implementations in Large Distributed Environments. 16th IASTED (International Association of Science and Technology for Development) Conference on Parallel and Distributed Computing and Systems (PDCS), MIT, Cambridge, MA, November 8–10, 2004.
Joon S. Park, Pratheep Chandramohan, and Joseph Giordano. Component-Abnormality Detection and Immunization for Survivable Systems in Large Distributed Environments. 8th IASTED (International Association of Science and Technology for Development) Conference on Software Engineering and Application (SEA), MIT, Cambridge, MA, November 8–10, 2004.
Joon S. Park and Judith N. Froscher. A Strategy for Information Survivability. 4th Information Survivability Workshop (ISW), Vancouver, Canada, March 18–20, 2002.
Joon S. Park and Ravi Sandhu. Binding Identities and Attributes Using Digitally Signed Certificates. 16th IEEE Annual Computer Security Applications Conference (ACSAC), New Orleans, Louisiana, December 11–15, 2000.
Ted Romer, Geoff Voelker, Dennis Lee, Alec Wol-man, Wayne Wong, Hank Levy, Brian Bershad, and Brad Chen. Instrumentation and Optimization of Win32/Intel Executables Using Etch. In Proceedings of the 1997USENIX Windows NT Workshop. August 1–7, 1997.
Jeffrey Voas. Software Fault Injection. IEEE Spectrum, appeared in 2000.
Jeffrey Voas, Keith W. Miller, and Jeffrey E. Payne. Pisces: A tool for predicting software testability. In the Proceedings of the Symposium on Assessment of Quality Software Development Tools, pages 297–309, New Orleans, LA, May 1992.
Jeffrey Voas and Jeffrey Payne. Dependability certification of software components. Journal of Systems and Software, 2000.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 International Federation for Information Processing
About this paper
Cite this paper
Park, J.S., Chandramohan, P., Devarajan, G., Giordano, J. (2005). Trusted Component Sharing by Runtime Test and Immunization for Survivable Distributed Systems. In: Sasaki, R., Qing, S., Okamoto, E., Yoshiura, H. (eds) Security and Privacy in the Age of Ubiquitous Computing. SEC 2005. IFIP Advances in Information and Communication Technology, vol 181. Springer, Boston, MA. https://doi.org/10.1007/0-387-25660-1_9
Download citation
DOI: https://doi.org/10.1007/0-387-25660-1_9
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-25658-0
Online ISBN: 978-0-387-25660-3
eBook Packages: Computer ScienceComputer Science (R0)