Supplemental Material for a Mode Switching Framework with Web Server Case Study

In order to detect relevant reported security vulnerabilities and, in turn, to react appropriately, automation support is needed to reduce the manual effort required for these tasks. Our model-driven framework can be used for developing and managing multi-modal architectures. We support switching between modes with specific system configurations, which refer to specific software components, features, and settings. Each mode faces different security risks over time. If a vulnerability is detected, we automatically switch modes to overcome and reduce the risk until software vendors provide patches and system administrators install them.

In the context of our framework, we use modes to divide complex interconnected systems into logical, controllable, and tangible modes of operation characterized by a set of functionalities and respective configuration options. They can contain a plethora of different actions to be executed at various levels of abstraction, as modes are highly dependent on the domain and system they represent. Therefore, we define a mode as a system state where a specific configuration is active and specific functionality is provided for a period of time.

To demonstrate the feasibility and potential benefits of our approach described in Paper "A Model-based Mode-Switching-Framework based on Security Vulnerability Scores" (preprint), we performed a case study for web server security. We analyzed the time span of two years, from Feb. 2019 to Feb. 2021. We created a system configuration with commonly used components: Linux distribution Debian 10 (Buster) and two different implementations of popular web servers in its most recent version: Apache2 (v2.4.38) and nginx (v1.14.2). Additionally running on the web server, PHP (version 7.3) and FastCGI Process Manager are used to serve dynamic web content. Both web servers were selected because they provide similar functionality and work together with PHP. The web content was saved to the common /var/www directory so both web servers could access it. The combination of a web server and a PHP interpreter is used by many common content management systems (CMSs) such as WordPress, Joomla, or Typo 3. Typically, an instance of a CMS uses only a single (type of) web server. We investigate how mode switching can improve security and protect the system from reported vulnerabilities by applying our Mode Domain Specific Language (MDSL) and the accompanying mode switching framework.

Features

• Define modes with our Mode Domain Specific Language (MDSL)
• Automatic Operating System (OS) detection
• Generation of the System Configuration from the MDSL-Definition
• Initialization with the System Configuration (modes)
• Fetch and update Common Vulnerability Enumerations (CVEs) and Patches
• Calculate the current severity for each mode
• Automatic mode switch based on a changed severity
• Optional manual mode switch
• Show several statistics like the used software, open vulnerabilities, and historic CVEs
• Simulate/execute scenarios

Contents of the repository

1. Getting Started
2. Re-run the Web Server Case Study
3. Menu Options
4. Command Line Options
5. Mode Domain Specific Language (MDSL)
6. Reproduction package (CVEs and patches)

More information can be found in the publication:

M. Riegler, J. Sametinger, M. Vierhauser and M. Wimmer: "A Model-based Mode-Switching-Framework based on Security Vulnerability Scores", Journal of Systems and Software, in press, 2023.