Filtering Security Mechanism for Digital Communication

Publicerad

Typ

Examensarbete för masterexamen
Master Thesis

Modellbyggare

Tidskriftstitel

ISSN

Volymtitel

Utgivare

Sammanfattning

Many digital systems handle data that is either public or private depending on its sensitivity level. In these systems it is important that sensitive data is not lost or exposed to the public domain, even if parts of the system has been compromised with malicious code. In the military domain it is common for systems to be divided into different information zones based on the confidentiality of the data that the subsystem handles. In some cases these subsystems need to exchange data with each other. Therefore, it is important that sensitive data is not lost or exposed to lower classification levels, even if one unit has been compromised by malicious code. As of today and to our knowledge, no device that can control this information flow for serial communication in common protocols like RS232, RS422, RS485, and CAN exists. This thesis proposes a device that could be placed between two information zones in order to ensure that classified data is not exposed to lower classification levels. The software is developed in SPARK and acts as an Intrusion Prevention System. It is based on the latest research within the area of anomaly detection. This thesis includes how such a device should be designed, developed, certified, and integrated in order to meet requirements from the military. Finally, the device is tested and evaluated with respect to both performance and security.

Beskrivning

Ämne/nyckelord

Data- och informationsvetenskap, Computer and Information Science

Citation

Arkitekt (konstruktör)

Geografisk plats

Byggnad (typ)

Byggår

Modelltyp

Skala

Teknik / material

Index

item.page.endorsement

item.page.review

item.page.supplemented

item.page.referenced