ISSTA/ECOOP 2024
Mon 16 - Fri 20 September 2024 Vienna, Austria
Thu 19 Sep 2024 14:30 - 15:00 at EI 4 Reithoffer - Afternoon talks 1 Chair(s): Giorgio Audrito

Runtime monitors frequently need to be deployed in highly secure software environments to help further secure the system under scrutiny. In such contexts, the monitor could benefit from security hardening over and above the rest of the system since the monitoring component is of particular interest to the attacker. If the attacker successfully disables the monitor, the attack can be executed without potential alarms being raised, leave no evidence behind. Furthermore, due to separation of concerns inherent in runtime verification, monitors are typically separated from the rest of the system, facilitating isolation and a hardened security environment which would otherwise be difficult to achieve for the whole system.

The combination of these two observations, motivate us to consider a number of approaches for increased monitor security which we present as a generic framework called RVsec which could be instantiated in various contexts. Using a quantum-safe chat application as a case study, we present a pragmatic solution to various threat scenarios while considering the trade-offs in terms of additional setup and runtime costs.

Thu 19 Sep

Displayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change


Information for Participants
Thu 19 Sep 2024 14:30 - 15:00 at EI 4 Reithoffer - Afternoon talks 1 Chair(s): Giorgio Audrito
Info for room EI 4 Reithoffer:

Map: https://tuw-maps.tuwien.ac.at/?q=CF0245

Room tech: https://raumkatalog.tiss.tuwien.ac.at/room/15735