Objectives

The main objective of MAFTIA is to investigate the tolerance paradigm in security.

Instead of just aiming at making attacks necessarily unsuccessful, we make the assumption that attacks can happen, and some of them can be locally successful. But the overall system should nevertheless remain secure and operational, even if some subsystems are successfully attacked.

We believe that many concepts from fault tolerance can be applied to the construction of secure systems. These include:

• error containment, detection and recovery as a means of countering the effect of attacks;
• error compensation as a means of overcoming the inaccuracy; and
• possible long latency of intrusion detection.

Constructing secure systems using these principles will achieve better dependability with less complex solutions, compared to a standard avoidance approach. Reduced complexity will not only reduce costs, it will also result in systems that are more trustworthy to their users.

Thus, we will investigate the tolerance paradigm systematically and then propose an integrated architecture and realise a concrete design that can be used to support the dependability of many applications.

We have identified three broad categories of operational goals that will enable us to achieve the project objectives. They are described in the next subsections:

1. Goals related to the architecture of MAFTIA
2. Goals related to the design of mechanisms and protocols
3. Goals related to verification and assessment