Cetratus: A framework for zero downtime secure software updates in safety‐critical systems. (20th March 2020)
- Record Type:
- Journal Article
- Title:
- Cetratus: A framework for zero downtime secure software updates in safety‐critical systems. (20th March 2020)
- Main Title:
- Cetratus: A framework for zero downtime secure software updates in safety‐critical systems
- Authors:
- Mugarza, Imanol
Parra, Jorge
Jacob, Eduardo - Abstract:
- Summary: Safety‐critical systems are evolving into complex, networked, and distributed systems. As a result of the high interconnectivity among all networked systems and of potential security threats, security countermeasures need to be incorporated. Nonetheless, albeit cutting‐edge security measures are adopted and incorporated during the system development, such as latest recommended encryption algorithms, these protection mechanisms may turn out obsolete because of the long operational periods. New security flaws and bugs are continuously detected. Software updates are then essential to restore the security level of the system. However, system shutdowns may not be acceptable when high availability is required. As expressed by the European Union Agency for Network and Information Security (ENISA) "the research in the area of patching and updating equipment without disruption of service and tools" is needed. In this article, a novel live updating approach for zero downtime safety‐critical systems named Cetratus is presented. Cetratus, which is based on a quarantine‐mode execution and monitoring, enables the update of non‐safety‐critical software components while running, without compromising the safety integrity level of the system. The focus of this work lies on the incorporation of leading‐edge security mechanisms while safety‐related software components will remain untouched. Other non‐safety‐related software components could also be updated.
- Is Part Of:
- Software, practice & experience. Volume 50:Number 8(2020)
- Journal:
- Software, practice & experience
- Issue:
- Volume 50:Number 8(2020)
- Issue Display:
- Volume 50, Issue 8 (2020)
- Year:
- 2020
- Volume:
- 50
- Issue:
- 8
- Issue Sort Value:
- 2020-0050-0008-0000
- Page Start:
- 1399
- Page End:
- 1424
- Publication Date:
- 2020-03-20
- Subjects:
- availability -- Cetratus -- dynamic software updates -- live patching -- live updates -- safety -- security
Computer software -- Periodicals
Computer programming -- Periodicals
Computer programs -- Periodicals
005.3 - Journal URLs:
- http://onlinelibrary.wiley.com/ ↗
- DOI:
- 10.1002/spe.2820 ↗
- Languages:
- English
- ISSNs:
- 0038-0644
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 8321.453000
British Library DSC - BLDSS-3PM
British Library STI - ELD Digital store - Ingest File:
- 13357.xml