Presentation is loading. Please wait.

Presentation is loading. Please wait.

CPSC 875 John D. McGregor Security-2. A medical platform.

Published byMagdalene Cole Modified over 8 years ago

Similar presentations

Presentation on theme: "CPSC 875 John D. McGregor Security-2. A medical platform."— Presentation transcript:

1 CPSC 875 John D. McGregor Security-2

2 A medical platform

3 System boundaries

4 Integrated Clinical Environment

5

6 Actual architecture

7 Different view

8 Threads

9 Producer/Consumer with directory

10 In the context of Quality attributes must be understood in the context of its use It is not realistic to expect the same depth of analysis in financial software as in aircraft navigation

11 With respect to Even within the same context the quality attribute value may vary from one part of the architecture to another For example a piece of software may be secure with respect to one type of attack but not with respect to another Risk and cost are used to factors in deciding the breadth of the verification

12 As complexity goes up As complexity goes up so does the probability of a vulnerability being inserted Security is a system property but has to be addressed at the module level before the complexity gets too great

13 Security system hierarchy

14 NEAT criteria Non-bypassable—security functions cannot be circumvented. Evaluatable—the size and complexity of the security functions allow them to be verified and evaluated. Always invoked—security functions are invoked each and every time without exceptions. The reference monitor concept can be used by the system architecture to enforce this for critical applications. Tamperproof—subversive code cannot alter the function of the security functions by exhausting resources, overrunning buffers, or other forms of making the security software fail.

15 Multiple Independent Levels of Security (MILS) architecture

16 Levels of security SLS—Single-Level Secure component; only processes data at one security level MSLS—Multiple Single-Level Secure component; processes data at multiple levels, but maintains separations between classes of data MLS—Multi-Level Secure component; processes data at multiple levels simultaneously

17 Security policies Data isolation – data is local to a partition Control of information flow – the source of information from one partition to another is authenticated Periods processing – no leaking of information from CPU to outside Fault isolation – no propagation into another partition

18 Hierarchical control structure Vehicle speed and acceleration CACC (controller) Driver (controller) actuators sensors Hazard (Hit vehicle) Ramussen Model Human Mental Model STPA Model Distractions Weather conditions

19 Multiple system boundaries Vehicle speed and acceleration CACC (controller) Driver (controller) actuators sensors Hazard (Hit vehicle)

20 http://psas.scripts.mit.edu/home/wp- content/uploads/2015/03/2015-Procter- Using-STPA-for-RM-in-Interoperable-Medical- Systems.pdf

21 Here’s what you are going to do… Put everything together in one neat package. Fix it up based on in-class discussions. There have been 11 assignments at 1 point a piece. This final turn in will count 14 points. Submit zip via usual route plus mail an additional copy to johnmc@clemson.edu Submit by Wednesday, April22 at 11:59pm.

22 Feedback/control loop Vehicle speed and acceleration CACC (controller) Driver (controller) actuators sensors Hazard (Hit vehicle)

23 Message Bus

24 Service Oriented Architecture https://docs.oracle.com/cd/E18727_01/doc.121/e12064/T291171T509748.htm

25 N-tier architecture http://www.ibm.com/developerworks/rational/library/05/0816_Louis/

26 Event-driven

27 Blackboard http://mupumb.com/blackboard-architectural-design-pattern/

Download ppt "CPSC 875 John D. McGregor Security-2. A medical platform."

Similar presentations

Technology Drivers Traditional HPC application drivers – OS noise, resource monitoring and management, memory footprint – Complexity of resources to be.

Technology Drivers Traditional HPC application drivers – OS noise, resource monitoring and management, memory footprint – Complexity of resources to be.
1 Integration Testing CS 4311 I. Burnstein. Practical Software Testing, Springer-Verlag, 2003.

1 Integration Testing CS 4311 I. Burnstein. Practical Software Testing, Springer-Verlag, 2003.
Chapter 6 Security Kernels.

Chapter 6 Security Kernels.
Chap 1: Overview Concepts of CIA: confidentiality, integrity, and availability Confidentiality: concealment of information –The need arises from sensitive.

Chap 1: Overview Concepts of CIA: confidentiality, integrity, and availability Confidentiality: concealment of information –The need arises from sensitive.
Introduction to Operating Systems CS-2301 B-term 20081 Introduction to Operating Systems CS-2301, System Programming for Non-majors (Slides include materials.

Introduction to Operating Systems CS-2301 B-term Introduction to Operating Systems CS-2301, System Programming for Non-majors (Slides include materials.
Informatics 43 – May 7, 2015. Restatement of Goals for Testing Want to verify software’s correctness  Need to test  Need to decide on test cases  No.

Informatics 43 – May 7, Restatement of Goals for Testing Want to verify software’s correctness  Need to test  Need to decide on test cases  No.
Term Project Teams of ~3 students Pick a system (discuss choice with me)  Want simple functionality, security issues, whole system (e. g., client and.

Term Project Teams of ~3 students Pick a system (discuss choice with me)  Want simple functionality, security issues, whole system (e. g., client and.
Chapter 1 Software Development. Copyright © 2005 Pearson Addison-Wesley. All rights reserved. 1-2 Chapter Objectives Discuss the goals of software development.

Chapter 1 Software Development. Copyright © 2005 Pearson Addison-Wesley. All rights reserved. 1-2 Chapter Objectives Discuss the goals of software development.
Information Systems Security Security Architecture Domain #5.

Information Systems Security Security Architecture Domain #5.
©Ian Sommerville 2006Critical Systems Slide 1 Critical Systems Engineering l Processes and techniques for developing critical systems.

©Ian Sommerville 2006Critical Systems Slide 1 Critical Systems Engineering l Processes and techniques for developing critical systems.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 2 Slide 1 Systems engineering 1.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 2 Slide 1 Systems engineering 1.
Software System Integration

Software System Integration
Group 5 Alain J. Percial Paula A. Ortiz Francis X. Ruiz.

Group 5 Alain J. Percial Paula A. Ortiz Francis X. Ruiz.
Chapter 13 & 14 Software Testing Strategies and Techniques

Chapter 13 & 14 Software Testing Strategies and Techniques
CPSC 872 John D. McGregor Session 12 Software Design, cont’d.

CPSC 872 John D. McGregor Session 12 Software Design, cont’d.
Secure Software Development SW Penetration Testing Chapter 6 Rasool Jalili & M.S. Dousti Dept. of Computer Engineering Fall 2010.

Secure Software Development SW Penetration Testing Chapter 6 Rasool Jalili & M.S. Dousti Dept. of Computer Engineering Fall 2010.
Standards John D. McGregor. But first… 07-07-SECIE-Safety-in-Software-and-Human- Intensive-Systems-Leveson-brief.pdf.

Standards John D. McGregor. But first… SECIE-Safety-in-Software-and-Human- Intensive-Systems-Leveson-brief.pdf.
UNIX System Administration OS Kernal Copyright 2002, Dr. Ken Hoganson All rights reserved. OS Kernel Concept Kernel or MicroKernel Concept: An OS architecture-design.

UNIX System Administration OS Kernal Copyright 2002, Dr. Ken Hoganson All rights reserved. OS Kernel Concept Kernel or MicroKernel Concept: An OS architecture-design.
Slide 1 Using Models Introduced in ISA-d99.00.01 Standard: Security of Industrial Automation and Control Systems (IACS) Rahul Bhojani ISA SP99 WG4 Meeting.

Slide 1 Using Models Introduced in ISA-d Standard: Security of Industrial Automation and Control Systems (IACS) Rahul Bhojani ISA SP99 WG4 Meeting.
CPSC 873 John D. McGregor Session 1 Introduction.

CPSC 873 John D. McGregor Session 1 Introduction.

Similar presentations

Ads by Google