City Research Online

Models of Reliability of Fault-Tolerant Software Under Cyber-Attacks

Popov, P. T. (2017). Models of Reliability of Fault-Tolerant Software Under Cyber-Attacks. In: 2017 IEEE 28th International Symposium on Software Reliability Engineering (ISSRE). IEEE 28th International Symposium on Software Reliability Engineering (ISSRE) (2017), 23-26 Oct 2017, Toulouse, France. doi: 10.1109/ISSRE.2017.23


This paper offers a new approach to modelling the effect of cyber-attacks on reliability of software used in industrial control applications. The model is based on the view that successful cyber-attacks introduce failure regions, which are not present in non-compromised software. The model is then extended to cover a fault tolerant architecture, such as the 1-out-of-2 software, popular for building industrial protection systems. The model is used to study the effectiveness of software maintenance policies such as patching and "cleansing" ("proactive recovery") under different adversary models ranging from independent attacks to sophisticated synchronized attacks on the channels. We demonstrate that the effect of attacks on reliability of diverse software significantly depends on the adversary model. Under synchronized attacks system reliability may be more than an order of magnitude worse than under independent attacks on the channels. These findings, although not surprising, highlight the importance of using an adequate adversary model in the assessment of how effective various cyber-security controls are.

Publication Type: Conference or Workshop Item (Paper)
Additional Information: © 2017 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Publisher Keywords: Software; Software reliability; Computer security; Probabilistic logic; Fault tolerance; Fault tolerant systems
Departments: School of Science & Technology > Computer Science
[thumbnail of PID4949283.pdf]
Text - Accepted Version
Download (603kB) | Preview


Add to AnyAdd to TwitterAdd to FacebookAdd to LinkedinAdd to PinterestAdd to Email


Downloads per month over past year

View more statistics

Actions (login required)

Admin Login Admin Login