Risk Analysis in Software Design Author: Verdon, D. and McGraw, G. Presenter: Chris Hundersmarck.

Slides:



Advertisements
Similar presentations
Security+ All-In-One Edition Chapter 17 – Risk Management
Advertisements

Elements for Integrating Early Warning into Disaster Preparedness and Management Policies A Contribution of the EWC-II Advisory Group to the High level.
OCTAVESM Process 4 Create Threat Profiles
S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,
Lesson Title: Threat Modeling Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas 1 This.
Risk Assessment What is RISK?  requires vulnerability  likelihood of successful attack  amount of potential damage Two approaches:  threat modeling.
Risk Analysis James Walden Northern Kentucky University.
Bridging the gap between software developers and auditors.
Ranking of security controlling strategies driven by quantitative threat analysis. Tavolo 2: "Big data security evaluation" UNIFI-CNR Nicola Nostro, Andrea.
Session 3: Security Risk Management Eduardo Rivadeneira IT Pro Microsoft Mexico.
S2-1 © 2001 Carnegie Mellon University OCTAVE SM Process 2 Identify Operational Area Management Knowledge Software Engineering Institute Carnegie Mellon.
Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.
1 SANS Technology Institute - Candidate for Master of Science Degree 1 A Preamble into Aligning Systems Engineering and Information Security Risk Dr. Craig.
S5-1 © 2001 Carnegie Mellon University OCTAVE SM Process 5 Identify Key Components Software Engineering Institute Carnegie Mellon University Pittsburgh,
By: Ashwin Vignesh Madhu
Lecture 8: Risk Management Controlling Risk
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Quantitative.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.
Risk Management.
Formality, Agility, Security, and Evolution in Software Development Cody Ronning 2/16/2015.
Application Threat Modeling Workshop
Security Risk Management Paula Kiernan Ward Solutions.
1 Security Risk Management Liping Cai 02/01/2006.
SEC835 Database and Web application security Information Security Architecture.
Architecting secure software systems
Conostix S.A. Sensible defence.
Discussing “Risk Analysis in Software Design” 1 FEB Joe Combs.
Risk Analysis vs Security Controls. Security Controls Risk assessment is a flawed safeguard selection method. There is a tendency to confuse security.
1 Oppliger: Ch. 15 Risk Management. 2 Outline Introduction Formal risk analysis Alternative risk analysis approaches/technologies –Security scanning –Intrusion.
Security Risk Management
Threat Modeling: Security Development Lifecycle Tyrell Flurry Jeff Thomas Akhil Oniha.
Risk Analysis James Walden Northern Kentucky University.
Dr. Benjamin Khoo New York Institute of Technology School of Management.
INFORMATION SECURITY MANAGEMENT L ECTURE 7: R ISK M ANAGEMENT I DENTIFYING AND A SSESSING R ISK You got to be careful if you don’t know where you’re going,
Lesson 7-Managing Risk. Overview Defining risk. Identifying the risk to an organization. Measuring risk.
APPLICATION PENETRATION TESTING Author: Herbert H. Thompson Presentation by: Nancy Cohen.
CARVER+Shock Vulnerability Assessment Tool “As Agile As the Enemy” The Foundation for Institutional Development.
Risk Management CS5493. Risk Management The process of ● identifying, ● assessing, ● prioritizing, and ● mitigating risks.
Lesson 20-Risk Management. Background  Risk management can be described as a decision-making process.  Effective risk management avoids costly oversights.
CSCE 548 Architectural Risk Analysis. CSCE Farkas2 Reading This lecture: – McGraw: Chapter 5 Next lecture: – Secure Software Construction Jan Jürjens,
INFORMATION SECURITY MANAGEMENT L ECTURE 8: R ISK M ANAGEMENT C ONTROLLING R ISK You got to be careful if you don’t know where you’re going, because you.
CSCE 548 Secure Software Development Security Operations.
Visual 1. 1 Lesson 1 Overview and and Risk Management Terminology.
Module 2: Designing Network Security
What is RISK?  requires vulnerability  likelihood of successful attack  amount of potential damage Two approaches:  threat modeling  OCTAVE Risk/Threat.
The Digital Crime Scene: A Software Perspective Written By: David Aucsmith Presented By: Maria Baron.
Information Security Governance and Risk Chapter 2 Part 2 Pages 69 to 100.
CST 481/598 Many thanks to Jeni Li.  Risk matrix or cube  Cost effectiveness analysis  Annualized Loss Expectancy  Multi-Attribute Risk Assessment.
INFORMATION SECURITY MANAGEMENT L ECTURE 8: R ISK M ANAGEMENT C ONTROLLING R ISK You got to be careful if you don’t know where you’re going, because you.
Risk Assessment What is good about the Microsoft approach to threat modeling? What is bad about it? OCTAVE…  Advantage: ___________  Disadvantage: ___________.
By Ramesh Mannava.  Overview  Introduction  10 secure software engineering topics  Agile development with security development activities  Conclusion.
Risk Assessment What is good about the Microsoft approach to threat modeling? OCTAVE…  Advantage: ___________  Disadvantage: ___________ What is bad.
Secure Software Development Architectural Risk Analysis Chapter 5 Rasool Jalili & M.S. Dousti Dept. of Computer Engineering Fall 2010.
RISK MANAGEMENT: CONTROLLING RISK IN INFORMATION SECURITY By Collin Donaldson.
INFORMATION SECURITY MANAGEMENT L ECTURE 8: R ISK M ANAGEMENT C ONTROLLING R ISK You got to be careful if you don’t know where you’re going, because you.
ON “SOFTWARE ENGINEERING” SUBJECT TOPIC “RISK ANALYSIS AND MANAGEMENT” MASTER OF COMPUTER APPLICATION (5th Semester) Presented by: ANOOP GANGWAR SRMSCET,
Dr. Gerry Firmansyah CID Business Continuity and Disaster Recovery Planning for IT (W-XIV)
S7-1 © 2001 Carnegie Mellon University OCTAVE SM Process 7 Conduct Risk Analysis Software Engineering Institute Carnegie Mellon University Pittsburgh,
Risk management «Once we know our weaknesses, they cease to do us any harm.» G.C. Lichtenberg.
CSCE 548 Secure Software Development Risk-Based Security Testing
TOPIC 3 RISK MANAGEMENT.
Off-line Risk Assessment of Cloud Service Provider
CSCE 548 Secure Software Development Test 1 Review
Business Impact Analysis 101
Chapter 27 Security Engineering
The Asset Reinvestment Logic Diagram
Cybersecurity Threat Assessment
Cyber Security in a Risk Management Framework
Chapter 1 Key Security Terms.
Presentation transcript:

Risk Analysis in Software Design Author: Verdon, D. and McGraw, G. Presenter: Chris Hundersmarck

1.What is risk analysis and why do it? 2.Modern Risk analysis methodologies and themes, and an example 3.Risk Analysis Limitations and how to overcome them. 4.A practical Solution to the problems inherent in Risk Analysis

The “Black Art”  Part fortune telling, part mathematics.  A business-level decision-support tool A way of gathering the requisite data to make a good judgment call based on knowledge about:  Vulnerabilities  Threats  Impacts  Probability

What’s the big deal?  Roughly 50% of security problems are the result of design flaws.

Risk-analysis methodologies  Commercial Microsoft’s STRIDE Sun’s ACSM/SAR Insight’s CRAMM Cigital’s SQM  Standards Based National Institute of Standards and Technology’s ASSET Software Engineering Institute’s OCTAVE

Knowledge Requirement  Design level analysis is knowledge intensive Microsoft’s STRIDE  Threat categories Cigital’s SQM  Attack patterns and exploit graphs  Design principles  Knowledge of frameworks and software components.

An example of how to calculate a “value” for risk.  Express risk as a financial loss  ALE = SLE x ARO SLE: single loss expectancy ARO: annualized rate of occurrence.  Example

Common Themes (which run through risk-analysis processes)  Continuous Process  Best not to be performed solely by design team.  Knowledge and Experience

Basic steps of a prototypical analysis  Learn as much as possible about the analysis target.  Discuss security issues.  Determine the probability of compromise  Perform impact analysis  Rank risks  Develop a mitigation strategy  Report findings

Limitations  Difficult to apply to modern software design  Do traditional risk-analysis techniques provide an easy guide of all potential vulnerabilities and threats?  Many applications today rely on protection at the transport layer only.

Overcoming limitations  A Large Knowledge Base and Experience is invaluable.  Start looking at software risk analysis on multiple levels: Component-by-component Tier-by-tier Environment-by-environment

A Practical Solution  Building up a consistent view of the target system at a high level. Appropriate level: whiteboard view of boxes and arrows. Code-level description of software is NOT sufficient for spotting design problems. See the forest, don’t get lost in the trees.

 We use high level design to consider: Each tier’s environment Component Vulnerabilities Business impact Probabilities Countermeasures High level design

Conclusions  Decomposition – a natural way to partition a system.  However, Composition is the tricky part.  Evolution

Reference  Denis Verdon and Gary McGraw, Risk Analysis in Software Design, IEEE Vol. 2 Issue 4, Jul-Aug 2004, pg

?’s/Comments

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.