Sébastien Martinez‡, Christophe Gransart‡, Olivier Stienne‡, Virginie Deniau‡, Philippe Bon‡Corresponding author: Sébastien Martinez ( sebastien.martinez@univ-eiffel.fr ) © Sébastien Martinez, Christophe Gransart, Olivier Stienne, Virginie Deniau, Philippe Bon. This is an open access article distributed under the terms of the Creative Commons Attribution License (CC BY-ND 4.0). This license allows reusers to copy and distribute the material in any medium or format in unadapted form only, and only so long as attribution is given to the creator. The license allows for commercial use. Citation:
Martinez S, Gransart C, Stienne O, Deniau V, Bon P (2022) SoREn, How Dynamic Software Update Tools Can Help Cybersecurity Systems to Improve Monitoring and Actions. JUCS - Journal of Universal Computer Science 28(1): 27-53. https://doi.org/10.3897/jucs.66857 |  |
Because stopping a service to apply updates raises issues, Dynamic Software Updating studies the application of updates on programs without disrupting the services they provide. This is acheived using specific mechanisms operating updating tasks such as the modification of the program state. To acheive transparency, Dynamic Software Updating systems use pre-selected and pre-configured mechanisms. Developers provide patches that are transparently converted to dynamic updates. The cost of such transparency is often that applied patches cannot modify the general semantic of the updated program. Allowing dynamic modification of the general semantic of a running program is rarely considered.
In the context of protection of communications between moving vehicles and uncontrolled infrastructure, SoREn (Security REconfigurable Engine) is designed to be dynamically reconfigurable. Its semantics can transparently be modified at runtime to change the security policy it enforces. Administrators can supply new policies to trigger a reconfiguration, without developing new components. This paper details and discusses the design of SoREn, its meta-model linked to cybersecurity business concepts and its automatic reconfiguration calculator allowing transparent application of reconfigurations.