Issue No. 01 - January-March (2004 vol. 1)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TDSC.2004.10
Explosive growth in the number and complexity of computing systems requiring dependability and security in their operation is one of the most striking features of our technological and social landscape. Dependability and security are here understood as a system's general worthiness of being relied upon and trusted to the extent required, even under extreme conditions. Dependability involves the relevant application and system qualities, including fault tolerance, availability, performability, and robustness. Security, with its classic foundations in cryptography, involves issues relating to intrusion detection and tolerance, authentication and firewall designs, as well as security-related protocols, modeling, and benchmarking. The interplay between dependability and security on one hand and performance on the other is also at play here, as is evident in many critical application domains, such as critical infrastructure protection, aerospace, telecommunications, healthcare, and e-commerce. The expectation that modern, vast computing systems be highly available and secure despite accidental failures and malicious attacks constitutes a major challenge for researchers, developers, and managers in the computing field.
In recent years, as interest in these areas has grown rapidly, special issues and special sections of existing journals focusing on aspects of dependability and security have appeared regularly. Design of systems for dependability and security has assumed major importance in both government and commercial sectors, where there is a renewed interest in validation, verification, and measurement of various aspects of security, system survivability, fault tolerance, and performance.
Nonetheless, until now, research results in the fields of dependability and security have been published in many different journals, creating a somewhat dispersed audience. Furthermore, dependability, security, and performance have tended to be treated separately, despite the fact that the rigorous discipline of system design and analysis is best based on the joint consideration of these issues to allow appropriate trade offs.
In response, the IEEE Transactions on Dependable and Secure Computing (TDSC) has been created to provide a comprehensive international forum for original results in research, design, and development of dependable and secure computing methodologies, strategies, and systems. Articles will represent—in full technological depth—systems in which issues of fault tolerance, security, and safety are paramount. The journal will discuss problems and solutions at all levels of investigation (hardware, embedded devices, operating system and network protocols, and applications) relating to cyber security, information infrastructure assurance, and threat/survivability assessment. Measurement, modeling and evaluation, and the combined modeling of performance with dependability and security, will be a significant component. Analytic, simulation, and hybrid modeling methodologies and their associated solution techniques and optimization methods will be addressed in this context.
Our initial two-fold task was to create an editorial board while, at the same time, preparing for the inaugural issue. With the help of an ad hoc search committee and suggestions from experienced professionals and researchers, we have assembled an exciting editorial board consisting of worldwide experts representing the many areas of interest to the new transactions. We set the ball rolling for the first issue by soliciting key people in the field to submit papers that would be topical and of interest to a broad audience. We sought papers that reflect and advance the state of the art in research, and we were not disappointed. All papers went through a rigorous review process, and revisions were submitted to accommodate the perceptions of peer reviewers. We would like to thank the reviewers who responded to the challenge of providing comprehensive reviews in a timely fashion. Without their participation and support, this issue would not have been possible.
The journal is off to an impressive start in this first issue. The papers illustrate the variety of research that can contribute to our understanding of dependability and security when considered in one forum. A. Avizienis, J.-C. Laprie, B. Randell, and C. Landwehr in "Basic Concepts and Taxonomy of Dependable and Secure Computing," provide an expose of foundational definitions and concepts in the field as it stands today. This work attempts to develop a framework to accommodate both dependability and security needs. I expect this work to continue and this paper to motivate greater participation in this effort. M. Marsh and F. Schneider's "CODEX: A Robust and Secure Secret Distribution System" presents a data storage system that embodies a new approach to distributed services, addressing the issues of malicious and nonmalicious faults. "Model-Based Evaluation: From Dependability to Security," by D. Nicol, W. Sanders, and K. Trivedi examines the challenges of applying stochastic techniques, which have matured in the dependability domain, to the security domain. In "A Systems-Theoretic Approach to Safety in Software-Intensive Systems," N. Leveson uses systems theory to form accident models that consider the social and technical aspects of systems jointly.
No TDSC issue would be complete without a look at progress in the commercial sector: In the end, fault tolerance succeeds or not based on its application and realization in the field. W. Bartlett and L. Spainhower's "Commercial Fault Tolerance: A Tale of Two Systems" compares the design philosophies and implementations of two longstanding, prominent computer system families. It is fortuitous that these two competitors have come together to write a paper on commercial practice.
Future issues will contain additional papers solicited for the first issues of the journal. These papers address issues of significant relevance and breadth, continuing the trend this first issue begins so promisingly. A measurements paper entitled, "Reflections on Industry Trends and Experimental Research in Dependability" by Siewiorek et al. looks at the trends in dependability and security measurements in parallel with the trends in computing. "Checkpointing for Peta-Scale Systems: A Look into the Future of Practical Rollback-Recovery" by E. Elnozahy and J. Plank addresses the important issue of checkpointing which, while a much researched area, is a significant challenge in large supercomputers. A third paper by T. Karnik, P. Hazucha, and J. Patel "Characterization of Soft Errors Caused by Single Event Upsets in CMOS Processes" addresses the important issue of a resurgence of Single Event Upsets (SEU) in memory and logic circuits resulting from the scaling of CMOS technologies to nanometer levels. Finally, "A Comprehensive Approach to Intrusion Detection Alert Correlation," by F. Valeur, G. Vigna, C. Kruegel, and R. Kemmerer, provides an approach to intrusion detection based on a multicomponent correlation process and a framework to perform the correlation analysis.
There are several individuals and groups who participated significantly in the proposal and creation of TDSC. Professor Kishor Trivedi of Duke University, Professor John Knight, the editor-in-chief of IEEE Transactions on Software Engineering, and Dr. Carl Landwehr, who heads the US National Science Foundation's Trusted Systems program, provided much-needed insight into the topics and the contents of the proposal. TDSC also received strong support from the International Federation for Information Processing (IFIP) via Dr. Laprie, its new vice president. The IEEE CS Technical Committee on Fault-Tolerant Computing, then chaired by Professor William Sanders, provided significant support, as did Professor Brian Randell, Dr. Jean Arlat, and others too numerous to list here. Special thanks to Rangachar Kasturi, past vice president of publications at the IEEE, Professor Ben Wah, past president of the Computer Society, and Angela Burgess, publisher of the IEEE Computer Society, all of whom provided significant guidance without which this journal would not be possible. The IEEE Computer Society staff assistance has been outstanding, including notably Selina Norman, Alicia Stickley, and Suzanne Werner. I also wish to acknowledge and thank Tammi O'Neill and Frances Rigberg Baker for their invaluable editorial and organizational help.
I am honored to serve as the inaugural editor-in-chief of the IEEE Transactions on Dependable and Secure Computing. I enthusiastically welcome the participation of all researchers who share an interest in this exciting, complex, and compelling field. This inaugural issue is the realization of a long-cherished hope of many in the computing community for a premier forum for discussion of dependability and security issues. I hope you enjoy it and the many more issues to come.
Ravishankar K. Iyer
For information on obtaining reprints of this article, please send e-mail to: firstname.lastname@example.org.