Sustainable Security & Safety: Challenges and Opportunities

Authors Andrew Paverd, Marcus Völp, Ferdinand Brasser, Matthias Schunter, N. Asokan, Ahmad-Reza Sadeghi, Paulo Esteves-Veríssimo, Andreas Steininger, Thorsten Holz

Thumbnail PDF


  • Filesize: 0.8 MB
  • 13 pages

Document Identifiers

Author Details

Andrew Paverd
  • Microsoft Research Cambridge, UK
Marcus Völp
  • University of Luxembourg, Luxembourg
Ferdinand Brasser
  • TU Darmstadt, Germany
Matthias Schunter
  • Intel Labs, Darmstadt, Germany
N. Asokan
  • Aalto University, Finland
Ahmad-Reza Sadeghi
  • TU Darmstadt, Germany
Paulo Esteves-Veríssimo
  • University of Luxembourg
Andreas Steininger
  • TU Wien, Austria
Thorsten Holz
  • Ruhr-University Bochum, Germany


This work was supported by the Intel Research Institute for Collaborative Autonomous and Resilient Systems (ICRI-CARS). The authors thank Muhammad Shafique for his helpful suggestions on this manuscript.

Cite AsGet BibTex

Andrew Paverd, Marcus Völp, Ferdinand Brasser, Matthias Schunter, N. Asokan, Ahmad-Reza Sadeghi, Paulo Esteves-Veríssimo, Andreas Steininger, and Thorsten Holz. Sustainable Security & Safety: Challenges and Opportunities. In 4th International Workshop on Security and Dependability of Critical Embedded Real-Time Systems (CERTS 2019). Open Access Series in Informatics (OASIcs), Volume 73, pp. 4:1-4:13, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2019)


A significant proportion of today’s information and communication technology (ICT) systems are entrusted with high value assets, and our modern society has become increasingly dependent on these systems operating safely and securely over their anticipated lifetimes. However, we observe a mismatch between the lifetimes expected from ICT-supported systems (such as autonomous cars) and the duration for which these systems are able to remain safe and secure, given the spectrum of threats they face. Whereas most systems today are constructed within the constraints of foreseeable technology advancements, we argue that long term, i.e., sustainable security & safety, requires anticipating the unforeseeable and preparing systems for threats not known today. In this paper, we set out our vision for sustainable security & safety. We summarize the main challenges in realizing this desideratum in real-world systems, and we identify several design principles that could address these challenges and serve as building blocks for achieving this vision.

Subject Classification

ACM Subject Classification
  • Security and privacy → Systems security
  • Software and its engineering → Software reliability
  • sustainability
  • security
  • safety


  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    PDF Downloads


  1. Martín Abadi, Mihai Budiu, Úlfar Erlingsson, and Jay Ligatti. Control-flow integrity principles, implementations, and applications. ACM Trans. on Information System Security, 13, 2009. Google Scholar
  2. National Highway Traffic Safety Administration. Vehicle Survivability and Travel Mileage Schedules, 2006. URL:
  3. Algirdas Avizienis, Jean-Claude Laprie, Brian Randell, and Carl Landwehr. Basic concepts and taxonomy of dependable and secure computing. IEEE Transactions on Dependable and Secure Computing, 1(1):11-33, January 2004. URL:
  4. Alysson Neves Bessani, Paulo Sousa, Miguel Correia, Nuno Ferreia Neves, and Paulo Verissimo. The Crutial Way of Critical Infrastructure Protection. IEEE Security Privacy, 6(6):44-51, November 2008. URL:
  5. Nicolas Carlini, Antonio Barresi, Mathias Payer, David Wagner, and Thomas R. Gross. Control-Flow Bending: On the Effectiveness of Control-Flow Integrity. In 24th USENIX Security Symposium, USENIX Sec, 2015. Google Scholar
  6. ENISA. Algorithms, Key Sizes and Parameters Report - 2013 recommendations. Technical report,, October 2013. Google Scholar
  7. Patrice Godefroid, Michael Y. Levin, and David Molnar. Automated whitebox fuzz testing. In Annual Network &Distributed System Security Symposium (NDSS), 2008. Google Scholar
  8. Patrice Godefroid, Michael Y. Levin, and David Molnar. SAGE: Whitebox Fuzzing for Security Testing. Queue, 10(1), January 2012. Google Scholar
  9. ISO Technical Committee 22/SC 32. ISO26262: Road vehicles - Functional safety, 2018. Google Scholar
  10. Antonio Lima, Francisco Rocha, Marcus Völp, and Paulo Esteves-Veríssimo. Towards Safe and Secure Autonomous and Cooperative Vehicle Ecosystems. In 2ndACM Workshop on Cyber-Physical Systems Security and Privacy (co-located with CCS), Vienna, Austria, October 2016. Google Scholar
  11. Rowan McAllister, Yarin Gal, Alex Kendall, Mark Van Der Wilk, Amar Shah, Roberto Cipolla, and Adrian Weller. Concrete Problems for Autonomous Vehicle Safety: Advantages of Bayesian Deep Learning. In Proceedings of the 26th International Joint Conference on Artificial Intelligence, IJCAI, 2017. Google Scholar
  12. Barton P. Miller, Louis Fredriksen, and Bryan So. An Empirical Study of the Reliability of UNIX Utilities. Commun. ACM, 33(12), December 1990. Google Scholar
  13. Peter Oehlert. Violating Assumptions with Fuzzing. IEEE S&P, 3(2), March 2005. Google Scholar
  14. Andrew Paverd, Marcus Völp, Ferdinand Brasser, Matthias Schunter, N. Asokan, Ahmad-Reza Sadeghi, Paulo Esteves Verissimo, Andreas Steininger, and Thorsten Holz. Sustainable Security &Safety: Challenges and Opportunities. long version avail. at:, May 2019.
  15. Felix Schuster, Thomas Tendyck, Christopher Liebchen, Lucas Davi, Ahmad-Reza Sadeghi, and Thorsten Holz. Counterfeit Object-oriented Programming: On the Difficulty of Preventing Code Reuse Attacks in C++ Applications. In 36th IEEE Symp. on Security and Privacy, 2015. Google Scholar
  16. Adi Shamir. How to Share a Secret. Commun. ACM, 22(11):612-613, November 1979. URL:
  17. Kevin Snow, Lucas Davi, Alexandra Dmitrienko, Christopher Liebchen, Fabian Monrose, and Ahmad-Reza Sadeghi. Just-In-Time Code Reuse: On the Effectiveness of Fine-Grained Address Space Layout Randomization. In 34th IEEE Symposium on Security and Privacy (Oakland 2013), 2013. Google Scholar
  18. Paulo Sousa, Alysson Neves Bessani, Miguel Correia, Nuno Ferreia Neves, and Paulo Verissimo. Highly Available Intrusion-Tolerant Services with Proactive-Reactive Recovery. IEEE Transactions on Parallel and Distributed Systems, 21(4):452-465, April 2010. URL:
  19. Shruti Tople, Karan Grover, Shweta Shinde, Ranjita Bhagwan, and Ramachandran Ramjee. Privado: Practical and Secure DNN Inference. CoRR, abs/1810.00602, 2018. URL:
  20. Paulo Verissimo, Miguel Correia, Nuno Ferreira Neves, and Paulo Sousa. Intrusion-Resilient Middleware Design and Validation. In Information Assurance, Security and Privacy Services, volume 4 of Handbooks in Information Systems, pages 615-678. Emerald Group Publishing Limited, May 2009. URL:
  21. Paulo Verissimo, Nuno Ferreira Neves, and Miguel Correia. Intrusion-Tolerant Architectures: Concepts and Design. In Architecting Dependable Systems, volume 2677 of LNCS, pages 3-36. Springer-Verlag, June 2003. Extended version in 2954. URL:
  22. Marcus Völp, Francisco Rocha, Jeremie Decouchant, Jiangshan Yu, and Paulo Esteves-Verissimo. Permanent Reencryption: How to Survive Generations of Cryptanalysts to Come. In Frank Stajano, Jonathan Anderson, Bruce Christianson, and Vashek Matyáš, editors, Security Protocols XXV, pages 232-237, Cham, 2017. Springer International Publishing. Google Scholar