Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Informed System Protection
Responsible organisation
2007 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

Critical Infrastructure Protection (CIP) and Critical Information Infrastructure Protection (CIIP) are high-priority research areas in several international R&D efforts. There are different types of critical infrastructures, from physical such as the electrical power grid to virtual such as the Internet and other communication networks. For different reasons, such as deregulation and the achievement of increased flexibility, there is a strong trend to open up control and information exchange systems related to critical infrastructures. This creates a situation where the function of a physical infrastructure is dependent on the function of software and networks open to many different actors. Thus, to protect critical infrastructure, the software and networks that process information for these systems must be protected. Traditionally, software systems are protected primarily by means of identifying unwanted elements (a bug, a defect, a vulnerability or a fault depending on terminology) in the source, followed by manual removal of this part in a process which aims to create perfect software. For complex software systems it is hard, if not impossible, to identify every single unwanted element, and unless perfect software can be created, complementary approaches for software protection are required. One such complementary approach is to use additional information about the system, such as information about how the system executes, and to use this information to protect the execution of the system at a later stage. This permits use of non-perfect software in conjunction with critical applications since the second-layer defense can identify and prevent certain unwanted execution. In this thesis we present a methodology to obtain information from executing software that can be used to later protect the execution of that software. We present a set of technical mechanisms which illustrate how such protection can be employed in real executing software, and which address well-known problems such as buffer overflow and format string attacks. We also present an environment which supports the structured experimentation of software execution and protection in order to achieve higher resilience.

Place, publisher, year, edition, pages
Ronneby: Blekinge Institute of Technology , 2007. , p. 220
Series
Blekinge Institute of Technology Doctoral Dissertation Series, ISSN 1653-2090 ; 10
Keywords [en]
Critical Infrastructures, Software Protection, In-depth Defense, Run-time Defense
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:bth-00367Local ID: oai:bth.se:forskinfo169A9A18D7974145C12572F00031DD2BISBN: 978-91-7295-106-8 (print)OAI: oai:DiVA.org:bth-00367DiVA, id: diva2:837033
Available from: 2012-09-18 Created: 2007-06-04 Last updated: 2018-01-11Bibliographically approved

Open Access in DiVA

fulltext(2380 kB)471 downloads
File information
File name FULLTEXT01.pdfFile size 2380 kBChecksum SHA-512
9f8113053975e8523d3a7f3cbf0e2ab50464524e8cffa73175e01a5717d3ad23e83b747301e99bb81ae323485ee63efdf8a4f4a97f455244503eb6a4d4f9ce63
Type fulltextMimetype application/pdf

Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 471 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

isbn
urn-nbn

Altmetric score

isbn
urn-nbn
Total: 150 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf