Introduction of first passage time (FPT) analysis for software reliability and network security

摘要

The study of the First Passage Time (FPT) problem (also known as first passage problem, FPP) started more than a century ago, but its diverse applications in science and engineering mostly emerged in the last two to three decades. Assuming that X(t) is a one-dimensional stochastic process, the First Passage Time is defined as the time (T) when X(t) first crosses a threshold. Engineering reliability is obviously a suitable application domain, and indeed applications such as optimal dam design in hydrology and analysis of structural failure in civil and mechanical engineering are typical examples. Although we envision that the FPT problem has great potential in network and software reliability, it should be more useful for network security and survivability because the approaches developed for the FPT problem are mostly analytical. The assumption for this inference is that in reliability analysis, experimental or historical data are often more readily available, which makes statistical approaches such as survival analysis more convenient and likely more realistic. In contrast, data is generally more difficult to obtain in security and survivability analyses, and analytical approaches can be leveraged to play more important roles. Furthermore, security and survivability often have to deal with malicious actions that may be driven by sophisticated cognition and behavioral processes, which are highly variable over time and very difficult to detect with short term data. If the behavior of an intruder can be characterized with some stochastic process such as Brownian motion, then the FPT approach may be applied to find the closed-form solution of the probability density function (PDF) of the first passage time, which can be the time when the system breaks down or when the hacker is successful in compromising a network. In addition, the solutions to FPT depend on boundary and initial conditions of the corresponding partial differential equations, and they also describe the evolution of PDF over time. This may suggest that it is possible to model the behavior changes of an intruder over time and circumstances. Another advantage of FPT analysis is that it may help solve some non-Markov stochastic process problems in reliability analysis and survival analysis. In this article, we first briefly introduce the FPT problem with Brownian motion as an example, and then suggest its potential applications in software reliability and network security.