TY - GEN
T1 - Vulnerability-tolerant secure architectures
AU - Austin, Todd
AU - Bertacco, Valeria
AU - Kasikci, Baris
AU - Malik, Sharad
AU - Tiwari, Mohit
N1 - Funding Information:
In a similar vein, the white-hat attack research community, composed primarily of acadentics, security research companies, and independent researchers, expends significant effort to attack real systems to expose vulnerabilities before they can be exploited. The white-hat attack community is essentially a publicly funded redteam, providing open access to the discovered vulnerabilities. Support for white-hat attacking research is a powerful measure to find important threats. Ifwell funded, the white-hat attack community can help designers understand the threat landscape, so as to better craft future secure systems and their protections. In the US, the National Science Foundation (NSF) has long supported white-hat attack research through the SaTC program [15], although supported efforts typically include the development of protections as well.
Funding Information:
This work was supported by DARPA under Contract HROOl l-18-C-0019. Any opinions, findings and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of DARPA.
Publisher Copyright:
© 2018 ACM.
PY - 2018/11/5
Y1 - 2018/11/5
N2 - Today, secure systems are built by identifying potential vulnerabilities and then adding protections to thwart the associated attacks. Unfortunately, the complexity of today's systems makes it impossible to prove that all attacks are stopped, so clever attackers find a way around even the most carefully designed protections. In this article, we take a sobering look at the state of secure system design, and ask ourselves why the "security arms race" never ends? The answer lies in our inability to develop adequate security verification technologies. We then examine an advanced defensive system in nature - the human immune system - and we discover that it does not remove vulnerabilities, rather it adds offensive measures to protect the body when its vulnerabilities are penetrated We close the article with brief speculation on how the human immune system could inspire more capable secure system designs.
AB - Today, secure systems are built by identifying potential vulnerabilities and then adding protections to thwart the associated attacks. Unfortunately, the complexity of today's systems makes it impossible to prove that all attacks are stopped, so clever attackers find a way around even the most carefully designed protections. In this article, we take a sobering look at the state of secure system design, and ask ourselves why the "security arms race" never ends? The answer lies in our inability to develop adequate security verification technologies. We then examine an advanced defensive system in nature - the human immune system - and we discover that it does not remove vulnerabilities, rather it adds offensive measures to protect the body when its vulnerabilities are penetrated We close the article with brief speculation on how the human immune system could inspire more capable secure system designs.
UR - http://www.scopus.com/inward/record.url?scp=85058171123&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85058171123&partnerID=8YFLogxK
U2 - 10.1145/3240765.3273057
DO - 10.1145/3240765.3273057
M3 - Conference contribution
AN - SCOPUS:85058171123
T3 - IEEE/ACM International Conference on Computer-Aided Design, Digest of Technical Papers, ICCAD
BT - 2018 IEEE/ACM International Conference on Computer-Aided Design, ICCAD 2018 - Digest of Technical Papers
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 37th IEEE/ACM International Conference on Computer-Aided Design, ICCAD 2018
Y2 - 5 November 2018 through 8 November 2018
ER -