Assessing system performance impact of security attacks

US 8,832,839 B2
Filed: 07/08/2011
Issued: 09/09/2014
Est. Priority Date: 01/04/2011
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for assessing an impact of a security attack on a software system, the method executed by the computer comprising the steps of:

defining a system performance/reliability affecting metric for an observation period as a fraction of time the system satisfies a defined performance/reliability specification;

defining a resource failure based Markov model and a plurality of resource usage based Markov models for the system, wherein each resource usage based model is associated with a corresponding resource configuration;

using results of security test cases performed on said software system to obtain pass/fail results for each of a plurality of states of the resource failure based model and the resource usage based model for each corresponding resource configuration;

solving the resource failure based Markov model and the plurality of resource usage based Markov models and obtaining a long term fraction of time each model spends on each of the plurality of states;

andobtaining a measure of the system performance/reliability affecting metric by summing the states for a plurality of system performance requirements met using the pass/fail results obtained from the plurality of states of the resource failure based model and the resource usage based model for each corresponding resource configuration, and incorporating the long term fraction of time each model spends on each of the plurality of states.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for assessing an impact of a security attack on a system includes defining a system affecting metric for an observation period as a fraction of time the system satisfies a defined specification, defining a resource failure based model and a resource usage based model for the system, obtaining results for each of a plurality of states of the resource failure based model and the resource usage based model, solving the resource failure based model and the resource usage based model and obtaining a term fraction of time each model spends on each of the plurality of states, obtaining a state probability according to the term fraction, and obtaining a measure of the system affecting metric according to the state probability.

27 Citations

View as Search Results

17 Claims

1. A computer-implemented method for assessing an impact of a security attack on a software system, the method executed by the computer comprising the steps of:
- defining a system performance/reliability affecting metric for an observation period as a fraction of time the system satisfies a defined performance/reliability specification;
  
  defining a resource failure based Markov model and a plurality of resource usage based Markov models for the system, wherein each resource usage based model is associated with a corresponding resource configuration;
  
  using results of security test cases performed on said software system to obtain pass/fail results for each of a plurality of states of the resource failure based model and the resource usage based model for each corresponding resource configuration;
  
  solving the resource failure based Markov model and the plurality of resource usage based Markov models and obtaining a long term fraction of time each model spends on each of the plurality of states;
  
  andobtaining a measure of the system performance/reliability affecting metric by summing the states for a plurality of system performance requirements met using the pass/fail results obtained from the plurality of states of the resource failure based model and the resource usage based model for each corresponding resource configuration, and incorporating the long term fraction of time each model spends on each of the plurality of states.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein solving the Markov models for the resource failure model and the plurality of resource usage models includes conditioning each Markov model on an occurrence of a security attack on the software system.
  - 3. The method of claim 1, wherein the resource usage based model monitors a number of resources being used in each resource configuration of the software system.
  - 4. The method of claim 1, wherein the resource failure based model monitors a number of resources in the software system that fail due to a security attack.
  - 5. The method of claim 1, wherein the system reliability metric measures performance as accuracy.
  - 6. The method of claim 5, wherein accuracy includes determining a pass/fail criteria for each state of the resource usage models for a each defined failure configuration.
  - 7. The method of claim 1, wherein the system reliability metric measures performance as efficiency.
  - 8. The method of claim 7, wherein efficiency includes deriving the security test cases based on known security attacks, and updating the security test cases when new attacks are discovered.

9. A system for assessing an impact of a security attack on a software system, comprising:
- a processor configured to obtain a measure of a system performance/reliability affecting metric for an observation period as a fraction of time the system satisfies a defined performance/reliability specification by defining a resource failure based Markov chain and a plurality of resource usage based Markov chains for the system, wherein each resource usage based chain is associated with a corresponding resource configuration,using results of security test cases performed on said software system to obtaining pass/fail results for each of a plurality of states of the resource failure based Markov chain and the resource usage based Markov chain,solving the resource failure based Markov chain and the resource usage based Markov chain for each corresponding resource configuration and obtaining a long term fraction of time each Markov chain spends on each state,andobtaining a measure of the system affecting metric according to the state probability; and
  
  a memory configured to obtain a measure of the system performance/reliability affecting metric by summing the states for a plurality of system performance requirements met using the pass/fail results obtained from the plurality of states of the resource failure based model and the resource usage based model for each corresponding resource configuration, and incorporating the long term fraction of time each model spends on each of the plurality of states.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The system of claim 9, wherein solving the Markov chains for the resource failure model and the plurality of resource usage models includes conditioning each Markov chain on an occurrence of a security attack on the software system.
  - 11. The system of claim 9, wherein resource usage based model monitors a number of resources being used in each resource configuration of the software system.
  - 12. The system of claim 9, wherein the resource failure based model monitors a number of resources in the software system that fail due to a security attack.
  - 13. The system of claim 9, wherein the system reliability metric measures performance as accuracy.
  - 14. The system of claim 13, wherein accuracy includes determining a pass/fail criteria for each state of the resource usage models for a each defined failure configuration.
  - 15. The system of claim 9, wherein the system reliability metric measures performance as efficiency.
  - 16. The system of claim 15, wherein efficiency includes deriving the security test cases based on known security attacks, and updating the security test cases when new attacks are discovered.

17. A non-transitory computer readable medium storing instructions executable by a processor to performed method for assessing an impact of a security attack on a software system, the method comprising:
- defining a system performance/reliability affecting metric for an observation period as a fraction of time the system satisfies a defined performance/reliability specification;
  
  defining a resource failure based Markov model and a plurality of resource usage based Markov models for the system, wherein each resource usage based model is associated with a corresponding resource configuration;
  
  using results of security test cases performed on said software system to obtain pass/fail results for each of a plurality of states of the resource failure based model and the resource usage based model for each corresponding resource configuration;
  
  solving the resource failure based Markov model and the plurality of resource usage based Markov models and obtaining a long term fraction of time each model spends on each of the plurality of states;
  
  andobtaining a measure of the system performance/reliability affecting metric by summing the states for a plurality of system performance requirements met using the pass/fail results obtained from the plurality of states of the resource failure based model and the resource usage based model for each corresponding resource configuration, and incorporating the long term fraction of time each model spends on each of the plurality of states.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Siemens AG
Original Assignee
Siemens AG
Inventors
Avritzer, Alberto
Primary Examiner(s)
KIM, TAE K

Application Number

US13/178,581
Publication Number

US 20120174231A1
Time in Patent Office

1,159 Days
Field of Search

726 1- 25
US Class Current

726/25
CPC Class Codes

G06F 11/00   Error detection; Error corr...

G06F 11/3409   for performance assessment

G06F 21/00   Security arrangements for p...

G06F 2201/81   Threshold

G06Q 10/00   Administration; Management

Assessing system performance impact of security attacks

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

27 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Assessing system performance impact of security attacks

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

27 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links