USI Countermeasure Synthesizer
| ID: R25 | Licence: TBD | Owner: USI | Contacts: francesco.regazzoni@usi.ch subhadeep.banik@usi.ch |
| Short Description | The Countermeasure Synthesizer takes care of the selection of the most appropriate (set of) countermeasures given specific requirements. |
| Key features | – Support a wide range of countermeasures – Support several security levels |
| Require | Characterization of the countermeasures (such as power consumption, throughput, security level), application requirements (such as Security Level, Power constraint, Throughput requirement). |
| Provide | Support (such as script) to instantiate the selected countermeasure. Result of security operation respecting the policy constraints. |
| Input | Library of countermeasures, library characterization, application security requirements, application constraints. |
| Output | – Instantiation of the needed countermeasures and an estimation of the power/throughput information. |
| User | -Developers that need to include security in their systems. |
| Benefits for the user | Easily handling of security requirements. |
| Position in the MYRTUS DPE | Step 2 – Model to implementation |
| TRL@M0 | New Tool |
| TRL@M36 | 2 |
General description
The synthesizer is a software tool that has at its disposal a library of security countermeasures, each of which possess certain performance characteristics.
Given policies and constraints, extracted from an Attack Defense Tree, for any such security measure with added constraints on performance requirements it selects suitable library components that conforms to all performance requirements.
Role in the MYRTUS DPE
At the “Model to implementation” step of the MYRTUS DPE, it provides a seamless interface to provide access to a bundle of countermeasure libraries that have specific performance traits, all of which the end user may want to use as per the given usage scenario. The internal logic of the synthesizer recommends the optimal library component as per the given constraint.
MYRTUS Extension/Contribution
In MYRTUS, the synthesizer will make for an easily accessible defense mechanism against a host of countermeasures as envisaged by an Attack Defense Tree. The tool can accommodate a wide range of performance scenarios that add more flexibility.
Plans and Expectation
Assessment Plan@M18:
Usage of the new MDC features to create the accelerators listed in R1.
Expected Results@M18:
Initial test using a simple selection mechanism to launch specific instances of countermeasures within docker containers.