DEFEATS
Full Title
Distributed Fault and Attack Tolerant Systems ConfigurationDescription
With the increasing experience with applications running in a large-scale asynchronous network such as the Internet, the need for dependability properties in that environment has become evident. For example, E-commerce services have to be secure, reliable and available. There has been research in those properties for a couple of decades now, but their implementation is still not simple for the average system architect.
Faults in critical systems have been handled by a number of techniques, from prevention to fault tolerance mechanisms based on replication. On the other hand, security is still mostly obtained through prevention, although it is possible to characterize the malicious faults involved in attacks, which can then be handled using fault-tolerance techniques. This issue, attack tolerance, only recently started to receive attention.
The composition of medium/large software systems from smaller components has also been an area of research in the last years. The application of these ideas to configuration of distributed systems and processes is a powerful framework. The basic principle is the separation between systems architecture and computation. Computation is done by the components. The architecture of the system can be defined using configuration languages or graphic tools, and changed using a configuration platform.
Project DEFEATS is concerned with studying a configurable framework to build attack and intrusion tolerant systems.