IDEAS home Printed from https://ideas.repec.org/a/eee/ijocip/v5y2012i1p30-39.html
   My bibliography  Save this article

Creating a cyber moving target for critical infrastructure applications using platform diversity

Author

Listed:
  • Okhravi, Hamed
  • Comella, Adam
  • Robinson, Eric
  • Haines, Joshua

Abstract

Despite the significant effort that often goes into securing critical infrastructure assets, many systems remain vulnerable to advanced, targeted cyber attacks. This paper describes the design and implementation of the Trusted Dynamic Logical Heterogeneity System (TALENT), a framework for live-migrating critical infrastructure applications across heterogeneous platforms. TALENT permits a running critical application to change its hardware platform and operating system, thus providing cyber survivability through platform diversity. TALENT uses containers (operating-system-level virtualization) and a portable checkpoint compiler to create a virtual execution environment and to migrate a running application across different platforms while preserving the state of the application (execution state, open files and network connections). TALENT is designed to support general applications written in the C programming language. By changing the platform on-the-fly, TALENT creates a cyber moving target and significantly raises the bar for a successful attack against a critical application. Experiments demonstrate that a complete migration can be completed within about one second.

Suggested Citation

  • Okhravi, Hamed & Comella, Adam & Robinson, Eric & Haines, Joshua, 2012. "Creating a cyber moving target for critical infrastructure applications using platform diversity," International Journal of Critical Infrastructure Protection, Elsevier, vol. 5(1), pages 30-39.
  • Handle: RePEc:eee:ijocip:v:5:y:2012:i:1:p:30-39
    DOI: 10.1016/j.ijcip.2012.01.002
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S1874548212000030
    Download Restriction: Full text for ScienceDirect subscribers only

    File URL: https://libkey.io/10.1016/j.ijcip.2012.01.002?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:ijocip:v:5:y:2012:i:1:p:30-39. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: https://www.journals.elsevier.com/international-journal-of-critical-infrastructure-protection .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.