Change search
ReferencesLink to record
Permanent link

Direct link
Informed System Protection
Responsible organisation
2007 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

Critical Infrastructure Protection (CIP) and Critical Information Infrastructure Protection (CIIP) are high-priority research areas in several international R&D efforts. There are different types of critical infrastructures, from physical such as the electrical power grid to virtual such as the Internet and other communication networks. For different reasons, such as deregulation and the achievement of increased flexibility, there is a strong trend to open up control and information exchange systems related to critical infrastructures. This creates a situation where the function of a physical infrastructure is dependent on the function of software and networks open to many different actors. Thus, to protect critical infrastructure, the software and networks that process information for these systems must be protected. Traditionally, software systems are protected primarily by means of identifying unwanted elements (a bug, a defect, a vulnerability or a fault depending on terminology) in the source, followed by manual removal of this part in a process which aims to create perfect software. For complex software systems it is hard, if not impossible, to identify every single unwanted element, and unless perfect software can be created, complementary approaches for software protection are required. One such complementary approach is to use additional information about the system, such as information about how the system executes, and to use this information to protect the execution of the system at a later stage. This permits use of non-perfect software in conjunction with critical applications since the second-layer defense can identify and prevent certain unwanted execution. In this thesis we present a methodology to obtain information from executing software that can be used to later protect the execution of that software. We present a set of technical mechanisms which illustrate how such protection can be employed in real executing software, and which address well-known problems such as buffer overflow and format string attacks. We also present an environment which supports the structured experimentation of software execution and protection in order to achieve higher resilience.

Place, publisher, year, edition, pages
Ronneby: Blekinge Institute of Technology , 2007. , 220 p.
Blekinge Institute of Technology Doctoral Dissertation Series, ISSN 1653-2090 ; 10
Keyword [en]
Critical Infrastructures, Software Protection, In-depth Defense, Run-time Defense
National Category
Computer Science
URN: urn:nbn:se:bth-00367Local ID: 978-91-7295-106-8OAI: diva2:837033
Available from: 2012-09-18 Created: 2007-06-04 Last updated: 2015-06-30Bibliographically approved

Open Access in DiVA

fulltext(2380 kB)10 downloads
File information
File name FULLTEXT01.pdfFile size 2380 kBChecksum SHA-512
Type fulltextMimetype application/pdf

Computer Science

Search outside of DiVA

GoogleGoogle Scholar
Total: 10 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 27 hits
ReferencesLink to record
Permanent link

Direct link