Explore an unorthodox approach to cybersecurity in this 23-minute IEEE conference talk. Delve into the concept of "Security Through Feebleness" as presented by Rick McGeer at the 2016 LangSec Workshop. Examine the challenges and opportunities in Software-Defined Infrastructure, focusing on the need for guaranteed properties of performance and function in opaque, user-independent systems. Investigate the importance of static bug detection and inherently verifiable infrastructure configurations. Learn about the tractability of verification in state-free and finite-state systems, particularly in OpenFlow rulesets and configuration layers. Consider the community's challenge in designing usable, concise configuration models for software-defined infrastructure that maintain weak semantics and appropriate performance abstractions while enabling verification.
Safety to the Weak! Security Through Feebleness - An Unorthodox Manifesto
Overview
Syllabus
Intro
Prevent Bugs
Why use Turingcomplete languages
What are Turingcomplete languages
Verilog VHDL
Verification
Networking is a mess
Traditional switch
Turing
SoftwareDefined Networking
Network Verification
Network Specifications
Key Unverifiable Component
SDI
Base
Soft
Finite State Modeling
Finite State Simulation
Runtime Model Checking
Taught by
IEEE Symposium on Security and Privacy
