Forskningsradar
← Tech & AI
Tech & AI 4.7

New security check method handles software that rewires itself in real time

Researchers have developed a faster way to verify security in software systems that change their own architecture on the fly—a growing challenge for cloud platforms and autonomous systems. The approach cuts analysis time significantly while checking larger, more complex systems than before, potentially opening the door to runtime security checks that don't bog down performance.

Originaltitel: Compositional security analysis of dynamic component-based systems

Abstrakt

<p>Context: To reason about and enforce security in dynamic software systems, automated analysis and verification approaches are required. However, such approaches often encounter scalability issues, particularly when employed for runtime analysis, which is necessary in software systems with dynamically changing architectures, such as self-adaptive systems.</p><p>Objective: In this work, we propose an automated formal approach for security analysis of component-based systems with dynamic architectures.</p><p>Methods: This approach leverages formal abstraction and incremental analysis techniques to reduce the complexity of runtime analysis. We have implemented and evaluated our approach against ZNN, a widely known self-adaptive system exemplar.</p><p>Results: Compared to the state of the art, our results demonstrate an improvement both in the size of systems that can be analyzed and at the time required to complete the analysis. In particular, our incremental analysis is well suited for systems that alter their architectures at runtime.</p><p>Conclusion: Therefore, this approach is suitable for analyzing the security dynamic component based both statically and at runtime.</p>

Generera ett redaktionellt utkast på svenska