2016 12th European Dependable Computing Conference (EDCC) 2016
DOI: 10.1109/edcc.2016.27
|View full text |Cite
|
Sign up to set email alerts
|

Diversity, Safety and Security in Embedded Systems: Modelling Adversary Effort and Supply Chain Risks

Abstract: Abstract-We present quantitative considerations for the design of redundancy and diversity in embedded systems with security requirements. The potential for malicious activity against these systems have complicated requirements and design choices. New design trade-offs have arisen besides those already familiar in this area: for instance, adding redundancy may increase the attack surface of a system and thus increase overall risk. Our case study concerns protecting redundant communications between a control sy… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
5
0

Year Published

2017
2017
2022
2022

Publication Types

Select...
4
1
1

Relationship

0
6

Authors

Journals

citations
Cited by 7 publications
(5 citation statements)
references
References 18 publications
0
5
0
Order By: Relevance
“…Others, instead, concentrated on architectural solutions for specific application domains, smart grids (Babay et al, 2018), autonomous driving (Vöelp and Verissimo, 2018), or web servers (Saidane et al, 2009). Specific security architectures tailored to problems generated by specific vulnerabilities are the subject of the works of Gorbenko et al (2020) and Garcia et al (2014), while investigations on trade-offs between competing requirements are conducted by Gashi et al (2016).…”
Section: 2mentioning
confidence: 99%
See 2 more Smart Citations
“…Others, instead, concentrated on architectural solutions for specific application domains, smart grids (Babay et al, 2018), autonomous driving (Vöelp and Verissimo, 2018), or web servers (Saidane et al, 2009). Specific security architectures tailored to problems generated by specific vulnerabilities are the subject of the works of Gorbenko et al (2020) and Garcia et al (2014), while investigations on trade-offs between competing requirements are conducted by Gashi et al (2016).…”
Section: 2mentioning
confidence: 99%
“…Notice, though, that scattering data and code among on-premises and/or commercial data centers may degrade confidentiality, depending on the accessibility conditions to the chosen diverse sites (see the works of Gashi et al (2016) or Khan and Babay (2021) for specific examples). Thus, side effects of location diversity have to be carefully analyzed and managed.…”
Section: 21mentioning
confidence: 99%
See 1 more Smart Citation
“…The CLEARSY Safety Platform is made up of a hardware execution platform, an IDE enabling the generation of diverse binaries from a single B model, and a certification kit describing its safety features as well as the safety constraints exported to the hosting system. Diversity intentional differences between redundant components, to reduce the likelihood of common failures due to systematic causes that would reduce the benefit of redundancy [3].…”
Section: Terminologymentioning
confidence: 99%
“…─ Diversity: Each system of the set of systems is implemented in a different language or technology. A set composed of a C++ application, a JAVA application and a Python application highly supports diversity property [24]. ─ Redundancy: Each system of the set of systems offers the same functions.…”
Section: Processing Proximity Includesmentioning
confidence: 99%