Endogenous safety and security (ESS), which advocates for designing systems that are inherently safe and secure by nature, has emerged as a pivotal paradigm for addressing the inherent vulnerabilities of information systems. The Dynamic Heterogeneous Redundancy (DHR) architecture serves as its typical implementation by introducing dynamic, heterogeneous, redundant executors with equivalent function (EF) into the information system. However, the functional equivalence property explicitly connects the system’s output to that of the individual executors, thereby creating potential security risks that adversaries could exploit. In addition, EF-DHR faces an inherent contradiction between functional equivalence and heterogeneous implementations (HIS), leading to high engineering costs and limited applicability. To address these problems, this paper proposes the Non-Equivalent Functional DHR (NEF-DHR) architecture, leveraging function secret sharing (FSS) theory to replace EF executors with NEF components, which fundamentally eliminates the EF-HIS contradiction. Specifically, we propose the concept of `terminal executor output information entropy loss’ to formalize the risk of output information interception by adversaries and theoretically prove that NEF-DHR improves unpredictability and resistance to attacks. Experimental results further validate that NEF-DHR exhibits lower error rates under various attack levels, with enhanced robustness and superior ESS performance. Additionally, we generalize the DHR architecture based on three core properties (indistinguishability, output recoverability, verification) and classify ESS into three types with corresponding DHR variants. This work advances the application of entropy theory in ESS and provides a novel entropy-enhanced solution for the large-scale deployment of DHR security systems.
Jiang et al. (Fri,) studied this question.