Reference : Threat Adaptive Byzantine Fault Tolerant State-Machine Replication
Scientific congresses, symposiums and conference proceedings : Unpublished conference
Engineering, computing & technology : Computer science
Computational Sciences
http://hdl.handle.net/10993/47787
Threat Adaptive Byzantine Fault Tolerant State-Machine Replication
English
Simoes Silva, Douglas mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > CritiX >]
Graczyk, Rafal mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > CritiX >]
Decouchant, Jérémie []
Volp, Marcus mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > CritiX >]
Esteves-Verissimo, Paulo []
Sep-2021
Yes
International
The 40th International Symposium on Reliable Distributed Systems
from 20-09-2021 to 23-09-2021
[en] Threat-adaptive systems ; Byzantine fault-tolerant state machine replication ; Resilient computing
[en] Critical infrastructures have to withstand advanced
and persistent threats, which can be addressed using Byzantine
fault tolerant state-machine replication (BFT-SMR). In practice,
unattended cyberdefense systems rely on threat level detectors
that synchronously inform them of changing threat levels. How-
ever, to have a BFT-SMR protocol operate unattended, the state-
of-the-art is still to configure them to withstand the highest
possible number of faulty replicas f they might encounter, which
limits their performance, or to make the strong assumption that
a trusted external reconfiguration service is available, which
introduces a single point of failure. In this work, we present
ThreatAdaptive the first BFT-SMR protocol that is automatically
strengthened or optimized by its replicas in reaction to threat
level changes. We first determine under which conditions replicas
can safely reconfigure a BFT-SMR system, i.e., adapt the number
of replicas n and the fault threshold f, so as to outpace an
adversary. Since replicas typically communicate with each other
using an asynchronous network they cannot rely on consensus
to decide how the system should be reconfigured. ThreatAdaptive
avoids this pitfall by proactively preparing the reconfiguration
that may be triggered by an increasing threat when it optimizes
its performance. Our evaluation shows that ThreatAdaptive can
meet the latency and throughput of BFT baselines configured
statically for a particular level of threat, and adapt 30%
faster than previous methods, which make stronger assumptions
to provide safety.
http://hdl.handle.net/10993/47787

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
paper.pdfAuthor preprint508.8 kBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.