For SIGAda Conference, 2005 November, Atlanta 1 A New Standards Project on Avoiding Programming Language Vulnerabilities Jim Moore Liaison Representative.

Slides:



Advertisements
Similar presentations
MGD Services, Inc. The IT Quality Assurance Specialists
Advertisements

Significance of ISO to the Food Industry
Ethics and Social Responsibility
© 2005 by Prentice Hall Chapter 13 Finalizing Design Specifications Modern Systems Analysis and Design Fourth Edition Jeffrey A. Hoffer Joey F. George.
Assurance Services Independent professional services that “improve the quality of information, or its context, for decision makers” Assurance service encompass.
Blue Pilot Consulting, Inc. 1 A new type of Working Group used for a new SC22 Working Group OWG: Vulnerability John Benito JTC 1/SC 22 WG14.
For OWGV Meeting #1, 2006 June, Washington, DC, USA 1D Terms of Reference: ISO/IEC Project , Guidance to Avoiding Vulnerabilities in Programming.
1 Report of Progress of ISO/IEC 24772, Programming Language Vulnerabilities, in ISO/IEC JTC 1/SC 22 John Benito, Convener Jim Moore, Secretary ISO/IEC.
1 OWG: Vulnerability ISO working group on Guidance for Avoiding Vulnerabilities through language selection and use John Benito, Convener Jim Moore, Secretary.
For C Language WG, 2006 March, Berlin 1 A New Standards Project on Avoiding Programming Language Vulnerabilities Jim Moore Liaison Representative from.
1 OWG: Vulnerability ISO working group on Guidance for Avoiding Vulnerabilities through language selection and use. ISO/IEC JTC 1/SC 22/ OWGV N0139.
1 ISO/IEC JTC 1/SC 22/WG 23 ISO working group on Guidance for Avoiding Vulnerabilities through language selection and use John Benito, Convener Jim Moore,
For OWGV Meeting #1, 2006 June, Washington, DC, USA 1D Conveners Remarks, Meeting #1 of ISO/IEC JTC 1/SC 22/OWG:V Jim Moore Convener, ISO/IEC JTC.
ITU WORKSHOP ON STANDARDS AND INTELLECTUAL PROPERTY RIGHTS (IPR) ISSUES Session 5: Software copyright issues Dirk Weiler, Chairman of ETSI General Assembly.
Module N° 7 – Introduction to SMS
COBIT® 5 for Assurance Introduction
PRESENTATION TO CEN/TC 319 VENICE - APRIL 13, 2005
Configuration management
Software change management
Quality Assurance/Quality Control Plan Evaluation February 16, 2005.
Testing Workflow Purpose
1 Cyber Security Research: A Personal Perspective Prof. Ravi Sandhu Executive Director and Endowed Chair January 18, 2013
Khammar Mrabit Director Office of Nuclear Security
2009 Data Protection Seminar
OWASP Secure Coding Practices Quick Reference Guide
Lecture 8: Testing, Verification and Validation
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering 2.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 20 Slide 1 Critical systems development.
Testing Without Executing the Code Pavlina Koleva Junior QA Engineer WinCore Telerik QA Academy Telerik QA Academy.
1 MANUFACTURING AND PRODUCTION OF BIOLOGICAL PRODUCTS (ERT 455) HAZARD ANALYSIS AND CRITICAL CONTROL POINT (HACCP) SYSTEM Munira Mohamed Nazari School.
QinetiQ Proprietary AN ISO standard for high integrity software.
Software Process and Product Metrics
Data Structures and Programming.  John Edgar2.
Evolving IT Framework Standards (Compliance and IT)
CSCE 548 Secure Software Development Risk-Based Security Testing.
Introduction to RUP Spring Sharif Univ. of Tech.2 Outlines What is RUP? RUP Phases –Inception –Elaboration –Construction –Transition.
University of Palestine software engineering department Testing of Software Systems Fundamentals of testing instructor: Tasneem Darwish.
 Protect customers with more secure software  Reduce the number of vulnerabilities  Reduce the severity of vulnerabilities  Address compliance requirements.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Computer Security and Penetration Testing
Page 1 ISO/IEC JTC 1/SC 7/WG 7 N Summary of the Alignment of System and Software Life Cycle Process Standards The material in this briefing.
Software Testing. What is Testing? The process consisting of all life cycle activities, both static and dynamic, concerned with planning, preparation.
CS 3610: Software Engineering – Fall 2009 Dr. Hisham Haddad – CSIS Dept. Chapter 2 The Software Process Discussion of the Software Process: Process Framework,
LESSON 3. Properties of Well-Engineered Software The attributes or properties of a software product are characteristics displayed by the product once.
Security Development Life Cycle Baking Security into Development September 2010.
Software Testing and Quality Assurance Software Quality Assurance 1.
Hussein Alhashimi. “If you can’t measure it, you can’t manage it” Tom DeMarco,
Slide 1 Security Engineering. Slide 2 Objectives l To introduce issues that must be considered in the specification and design of secure software l To.
Recap Introduction to Inheritance Inheritance in C++ IS-A Relationship Polymorphism in Inheritance Classes in Inheritance Visibility Rules Constructor.
What Causes Software Vulnerabilities? _____________________ ___________ ____________ _______________   flaws in developers own code   flaws resulting.
ISO 9001:2015 Subject: Quality Management System Clause 8 - Operation
What is a software? Computer Software, or just Software, is the collection of computer programs and related data that provide the instructions telling.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Lecturer: Eng. Mohamed Adam Isak PH.D Researcher in CS M.Sc. and B.Sc. of Information Technology Engineering, Lecturer in University of Somalia and Mogadishu.
CMSC 345 Defensive Programming Practices from Software Engineering 6th Edition by Ian Sommerville.
CSCE 548 Secure Software Development Risk-Based Security Testing
James W. Moore Liaison Representative IEEE Computer Society June 2004
ISO/IEC JTC 1/SC 7 Working Group 42 - Architecture Johan Bendz
BANKING INFORMATION SYSTEMS
C++ and Programming Language Vulnerabilities
Security Engineering.
Definitions.
Cyber-security and IEC International Standards
ارائه كننده: شاهين انتصاري
Verification and Validation Unit Testing
Standards.
יוסי שדמתי רק איכות מניהול סיכונים לאימות ותיקוף תהליכי הרכבה From Risk Management to Processes Validation יוסי.
Baisc Of Software Testing
Presentation transcript:

For SIGAda Conference, 2005 November, Atlanta 1 A New Standards Project on Avoiding Programming Language Vulnerabilities Jim Moore Liaison Representative from IEEE Computer Society to ISO/IEC JTC 1/SC 7 Liaison Representative between ISO/IEC JTC 1/SC 7 and SC 22 Convener, ISO/IEC JTC 1/SC 22/OWG Vulnerability

For SIGAda Conference, 2005 November, Atlanta 2 Cyber Security is a Growing Problem -- From Joe Jarzombek, PMP, Director for Software Assurance, NCSD, DHS

For SIGAda Conference, 2005 November, Atlanta 3 Threat -- From Joe Jarzombek, PMP, Director for Software Assurance, NCSD, DHS The problem has implications for: Safety Privacy Security Economy Even national security

For SIGAda Conference, 2005 November, Atlanta 4 Government Response -- From Joe Jarzombek, PMP, Director for Software Assurance, NCSD, DHS There are initiatives underway in both DoD and DHS.

For SIGAda Conference, 2005 November, Atlanta 5 Relationship of Software Assurance to Other Disciplines

For SIGAda Conference, 2005 November, Atlanta 6 Relationship of Software Assurance to Other Disciplines Some avoidable mistakes are encouraged by poor usage (arguably, poor design) of programming languages.

For SIGAda Conference, 2005 November, Atlanta 7 Problem Any programming language has constructs that are imperfectly defined, implementation- dependent or difficult to use correctly. As a result, software programs sometimes execute differently than intended by the writer. In some cases, these vulnerabilities can be exploited by unfriendly parties. –Can compromise safety, security and privacy. –Can be used to make additional attacks.

For SIGAda Conference, 2005 November, Atlanta 8 Complicating Factors The choice of programming language for a project is not solely a technical decision and is not made solely by software engineers. Some vulnerabilities cannot be mitigated by better use of the language but require mitigation by other methods, e.g. review, static analysis.

For SIGAda Conference, 2005 November, Atlanta 9 JTC1TC176TC65 ISOIEC SC7SC27 Quality MgmtSafety IT SecuritySoftware and Systems Engineering SC22 Programming Languages

For SIGAda Conference, 2005 November, Atlanta 10 Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use (1 of 3) New project in ISO/IEC JTC 1/SC 22 will produce a Technical Report (which is not a standard). It will provide guidance, not requirements. Purpose:... prepare comparative guidance spanning a large number of programming languages, so that application developers will be better informed regarding the vulnerabilities inherent to candidate languages and the costs of avoiding such vulnerabilities. An additional benefit is that developers will be better prepared to select tooling to assist in the evaluation and avoidance of vulnerabilities...

For SIGAda Conference, 2005 November, Atlanta 11 Example from NUREG/CR-6463, Rev. 1, Review Guidelines for Software Languages for Use in Nuclear Power Plant Safety Systems: Final Report, 1997, US Nuclear Regulatory Commission If dynamic memory allocation is unavoidable, the source code should include provisions to ensure that: –All dynamically allocated memory during a specific execution cycle is released at the end of that cycle, and –The possibility of interruption of execution between the point where memory is dynamically allocated and when it is released is minimized (if not totally eliminated); there should also be provisions in the application code that will detect any situation where dynamically allocated memory has not been released and release such memory. To see the following languages select: Ada; C and C++ ; Pascal; PL/M; Ada 95.

For SIGAda Conference, 2005 November, Atlanta 12 Example from NUREG/CR-6463, Rev. 1, Review Guidelines for Software Languages for Use in Nuclear Power Plant Safety Systems: Final Report, 1997, US Nuclear Regulatory Commission The following discussion applies to C++ only. In C++, the functions to dynamically allocate and free memory are new and delete. The following guideline applies. Ensure that all classes include a destructor. To avoid memory leaks, all classes must include a destructor that releases any memory allocated by the class. Constructors must themselves be defined in a way to avoid possible memory leaks in case of failures. Ensure that for all derived classes there are virtual destructors.

For SIGAda Conference, 2005 November, Atlanta 13 Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use (2 of 3)... the project will prefer linguistic means of avoiding vulnerabilities but, when necessary may describe extra-linguistic means (e.g. static analysis or targeted testing)... the project will prefer the avoidance of identified risks but, when necessary, may describe means to mitigate the risk of vulnerabilities that cannot be economically avoided... in cases where identified problems can be neither avoided nor mitigated, the report may assist users in understanding the nature of risk that must be accepted...

For SIGAda Conference, 2005 November, Atlanta 14 Example from ISO/IEC TR 15942:2000, Information technology Programming languages Guide for the use of the Ada programming language in high integrity systems Initialization of Variables All variables should be given a meaningful value before use. Failure to do so may raise a predefined exception or cause a bounded error at run-time. Initial values may be given by: 1. Associating an explicit initialization expression with the variable at the point of its declaration. 2. Making an assignment to the variable that will be executed prior to references to it. For state variables in packages, assignments may also be made in the package elaboration part. A consistent approach to the initialization of package state variables should be adopted. In all cases, Data Flow analysis should be used to confirm that every object has been assigned a value before it is used. The effectiveness of the analysis is undermined if variables are initialized unnecessarily (sometimes called junk initialization)....

For SIGAda Conference, 2005 November, Atlanta 15 Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use (3 of 3)... in some situations, one construct might be preferred over another on the grounds that it is easier to test or easier to analyze. This relationship between construction and subsequent verification activities makes it clear that the report will be useful both for those emphasizing "correctness by construction" and those who desire to improve the predictability of execution through testing and analysis...

For SIGAda Conference, 2005 November, Atlanta 16 Status The project is now being organized. Temporarily, the project is assigned to SC22s OWG on Vulnerability chaired by Jim Moore. More information

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.