New for: D3
consequences like severe irritation, industrial damage, even loss of
human lives. Failures can arise due to hardware and software faults,
but also as the result of malicious actions initiated by an attacker
of the system. While the former should be dealt with using
fault-tolerance mechanisms, the latter should be addressed using
approaches from computer security.
In the past, the existing fault tolerance and security problems in
practice have often been dealt with using ad hoc methods developed by
practitioners in response to urgent development needs. However, many
of the questions regarding the underlying priniciples of
fault-tolerant and secure operations have not been sufficiently
answered yet. What is needed is a theoretically sound methodological
foundation for the design of fault-tolerant and secure systems.
In this talk, I will discuss the main aspects of such a foundation
which cover questions of system models, fault and attacker
assumptions, design theories of fault-tolerant and secure algorithms,
and algorithmical building blocks for paradigmatic problems. I will
sketch the state of the art as well as directions for future work in
these areas.