Howard Shrobe



Title: Building Survivable Information Systems



Abstract:  Cyber-attack poses a major challenge to the large scale computational infrastructures of modern society.  Traditional approaches to the protection of such systems, emphasizes the static construction of "provably secure" systems and the erection of "perimeter defenses" such as fire-walls.  Although these are useful techniques, we believe they are at most a part of the story.  No system in the real world will be provably secure (although many of the most glaring vulnerabilities would be removed if we programmed in languages like LISP that emphasize structured use of memory) and perimeter defenses are always subject to subversion from the inside.  Instead we must rely on systems that take responsibility for their own survival.  Autonomous Survivable Systems must:


1)     Build models of the trustability of the computational resources

2)     Allocate resources and decide on methods for achieving goals based on these models

3)     Monitor their own execution in order to detect symptoms of compromised resources

4)     Update the trust model based on self-monitoring as well as other information (such as intrusion detectors). 


These Autonomous Survivable Systems are highly dynamic and most easily built in Lisp-like environments. 

I will describe work done on early prototyping of such systems.

Howard Shrobe is a Principal Research Scientist at the MIT AI Lab.