The design of a COTS real-time distributed security kernel

Miguel Correia, Paulo Veríssimo, Nuno Ferreira Neves

Research output: Chapter in Book/Report/Conference proceedingConference contribution

25 Scopus citations


This paper describes the design of a security kernel called TTCB, which has innovative features. Firstly, it is a distributed subsystem with its own secure network. Secondly, the TTCB is real-time, that is, a synchronous subsystem capable of timely behavior. These two characteristics together are uncommon in security kernels. Thirdly, the TTCB can be implemented using only COTS components. We discuss essentially three things in this paper: (1) The TTCB is a simple component providing a small set of basic secure services. It aims at building a new style of protocols to achieve intrusion tolerance, which for the most part execute in insecure, arbitrary failure environments, and resort to the TTCB only in crucial parts of their operation. (2) Besides, the TTCB is a synchronous device supplying functions that may be an enabler of a new generation of timed secure protocols, until now known to be fragile due to attacks on timing assumptions. (3) Finally, we present a design methodology that establishes our hybrid failure assumptions in a well-founded manner. It helps us to achieve a robust design, despite using exclusively COTS components, with the advantage of allowing the security kernel to be easily deployed on widely used platforms.
Original languageEnglish (US)
Title of host publicationLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
PublisherSpringer Verlag
Number of pages19
ISBN (Print)9783540000129
StatePublished - Jan 1 2002
Externally publishedYes

Bibliographical note

Generated from Scopus record by KAUST IRTS on 2021-03-16


Dive into the research topics of 'The design of a COTS real-time distributed security kernel'. Together they form a unique fingerprint.

Cite this