Visible to the public On Isolation-Driven Automated Module Decomposition

TitleOn Isolation-Driven Automated Module Decomposition
Publication TypeConference Paper
Year of Publication2018
AuthorsCerny, Tomas, Sedlisky, Filip, Donahoo, Michael J.
Conference NameProceedings of the 2018 Conference on Research in Adaptive and Convergent Systems
ISBN Number978-1-4503-5885-9
KeywordsArchitectures, compositionality, Cyber physical system, decomposition, Metrics, microservices, pubcrawl, self-contained systems, SOA

Contemporary enterprise systems focus primarily on performance and development/maintenance costs. Dealing with cyber-threats and system compromise is relegated to good coding (i.e., defensive programming) and secure environment (e.g., patched OS, firewalls, etc.). This approach, while a necessary start, is not sufficient. Such security relies on no missteps, and compromise only need a single flaw; consequently, we must design for compromise and mitigate its impact. One approach is to utilize fine-grained modularization and isolation. In such a system, decomposition ensures that compromise of a single module presents limited and known risk to data/resource theft and denial. We propose mechanisms for automating such modular composition and consider its system performance impact.

Citation Keycerny_isolation-driven_2018