Karthik Pattabiraman, Zbigniew Kalbarczyk and Ravishankar Iyer, Proceedings of the IFIP International Conference on Information Security (SEC), 2009.[ PDF File | Talk ]
You can find the technical report version of the paper here.
Galen Lyle, Shelley Chen, Karthik Pattabiraman, Zbigniew Kalbarczyk and Ravishankar Iyer, Proceedings of the International Conference on Dependable Systems and Networks (DSN), 2009.
[ PDF File | Talk ]
Paruj Ratanaworabhan, Martin Burtscher, Darko Kirovski, Rahul Nagpal, Benjamin Zorn and Karthik Pattabiraman, Proceedings of the International Symposium on the Principles and Practice of Parallel Programming (PPoPP), 2009. [ PDF File | Talk ]
You can find the technical report version here.
Karthik Pattabiraman, PhD thesis, University of Illinois at Urbana-Champaign (UIUC), May 2009.
Part 1 (Pages 1 – 160)
Part 2 (Pages 161 – 318)
Abstract : As computer systems become more and more complex, it becomes harder to ensure that they are dependable i.e. reliable and secure. Existing dependability techniques do not take into account the characteristics of the application and hence detect errors that may not manifest in the application. This results in wasteful detections and high overheads. In contrast to these techniques, this dissertation proposes a novel paradigm called “Application-Aware Dependability”, which leverages application properties to provide low-overhead, targeted detection of errors and attacks that impact the application. The dissertation focuses on derivation, validation and implementation of application-aware error and attack detectors.
The key insight in this dissertation is that certain data in the program is more important than other data from a reliability or security point of view (we call this the critical data). Protecting only the critical data provides significant performance improvements while achieving high detection coverage. The technique derives error and attack detectors to detect corruptions of critical data at runtime using a combination of static and dynamic approaches. The derived detectors are validated using both experimental approaches and formal verification. The experimental approaches validate the detectors using random fault-injection and known security attacks. The formal approach considers the effect of all possible errors and attacks according to a given fault or threat model and finds the corner cases that escape detection. The detectors have also been implemented in reconfigurable hardware in the context of the Reliability and Security Engine (RSE).
I was invited to speak at a workshop on Cross-Layer Resilience organized by the Computing Community Consortium (CCC).
My talk was on protecting critical infrastructure systems such as the power-grid from errors. You can find the slides here .
Karthik Pattabiraman, Zbigniew Kalbarczyk and Ravishankar Iyer. To appear in the Proceedings of the IEEE Transactions on Dependable and Secure Computing (TDSC). (Accepted on May 1, 2009). [ PDF File ]