Enforcing Safety and Security Through Non-Intrusive Runtime Verification

The recent extensive development in Cyber-Physical Systems (CPSs) has lead to the emergence of new concerns regarding timeliness, safety and security properties. For decades, numerous vulnerabilities have put systems and applications at risk and CPSs are no exception. Noteworthy recurring issues are, for example, Buffer Overflows (BOs). We intend to deal with some types of BOs, other accidental faults and intended attacks by means of Non-Intrusive Runtime Verification (NIRV), to be accomplished through the design of a black-box observer and monitoring entity. Tackling security hazards can be enforced at different levels or granularities depending on how detailed our knowledge of the inner workings of the system and applications running on it is. We introduce solutions to detect and handle explicit attacks and accidental faults, focusing on completely null understanding of the analyzed environment’s specificities, but also discussing scenarios where program mechanics and engineering are completely known.