Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS2S562 Secure Software Development

Published byÉmilie Dumont Modified over 5 years ago

Similar presentations

Presentation on theme: "CS2S562 Secure Software Development"— Presentation transcript:

1 CS2S562 Secure Software Development
Trustworthy Software Initiative

2 Today Trusted Software Initiative (TSI) What is the TSI? Why TSI?
How does it work – basic overview Some example of resources provided

3 What is the TSI? UK Government Initiative
UK Government sponsored, part of £850m ‘National Cyber Security Program’ Run on behalf of UK Government by ‘Cyber Security Centre’ at Warwick University Aim: to improve software in terms of: Safety Security Reliability Availability Resilience Not to be confused with Microsoft ’Trustworthy Computing’ (deceased 2014, jobs gone)

4 Why is TSI important Software engineering now = mechanical engineering ca. 1800 It works but things explode quite often, trial and error approach Not engineering, dabbling Only few and emerging standards  few interchangeable components Is now part of HE curriculum (i.e. this module) Employers will expect you to know it (e.g. interview)

5 The Effect of Standards
Guess what happened here Yes, standard was introduced.

6 Real Life Example DFUPS (Diabetic Foot Ulcer Prevention System, 2015)
Engineering: 2 months (hard- and software design, production) Regulatory: 12 months standard compliance, testing paperwork, forms, … ca. 800 pages in total

7 A Few Definitions Some of them we know already... TERM TRUSTED
TRUSTWORTHY Safety (operate without causing harm) Must Security (operate protected against accidents or attacks) Availability (ability to deliver when requested) Should Resilience (ability to transform, renew or recover) Reliability (deliver services as specified) Privacy (not observing or disturbing, free of attention) May Lecture 10

8 What does TSI do? The CWE Create, publish and update resources such as the ‘Common Weakness Enumerator’ (CWE) (sounds horrible but is in fact a very useful list of coding error sources) Instrumental in developing standards, most importantly BS PAS 754:2014 Lecture 22

9 Standards Why? Make things interchangeable Save costs & time
Promote best practice Level the playing field Accreditation of products (lowers insurance cost, improves marketing, usually a legal requirement, e.g. CE marking, medical devices directive, …)

10 BS PAS 754:2014 The standard applies to:
BS PAS 754:2014, Figure 2 BS= British Standard, PAS=Publicly Available Standard, 754=number, 2014= year of publication

11 BS PAS 754:2014 Used throughout software life cycle
System specification Component specification Module RISK ANALYSIS test System System validation VERIFICATION Validation Plan Specification User: Overall system Requirements BS PAS 754:2014 Used throughout software life cycle BS PAS 754:2014, Figure 5 TSMS = Trustworthy Software Management System

12 BS PAS 754:2014 In order to achieve this:
The PAS implements it own definitions and references existing standards: BS ISO/IEC :2013, Information technology Security techniques, Information security management systems – Requirements BS ISO/IEC/IEEE 42010, Systems and software engineering – Architecture description ISO/IEC 15288, Systems and software engineering – System life cycle processes BS EN ISO 9000:2005, Quality management systems Several others

13 BS PAS 754:2014 The Trustworthy Software Framework
BS PAS 754:2014, Figure 3

14 BS PAS 754:2014 Level 1: Concepts Governance Risk Controls (on risk)
Management arrangements (e.g. ISO 9001) Risk Risk identification, minimisation and mitigation Controls (on risk) On personnel, physical artefacts (i.e. the software itself), processes, technical issues Compliance (using controls) A regime to ensure the above are implemented & maintained

15 BS PAS 754:2014 Level 2: Principles Applicability Governance Controls
Only where relevant (see next slide) Governance Understanding: general environment, trust environment, general & trustworthiness risks Controls Maintaining competence, manage people risk, code protection, defect management, “hygienic” coding, … Compliance Verifications, reviews

16 BS PAS 754:2014 It’s not one size fits all, it’s scalable IMPACT ROLE
None Routine Significant Critical Paramount N/A Level 3 Level 4 Explicit Implicit Level 2 Ancillary Level 0 Level 1 Trustworthiness delivered by: Level 0: (no process required) Level 1: due diligence Level 2: managed processes Level 3: established processes Level 4: predictable and optimised processes

17 BS PAS 754:2014 Level 3: Techniques

18 BS PAS 754:2014 Level 4: Repository
(work in progress) CWE: the ‘Common Weakness Enumerator’ A list of currently over 1000 common software bugs Very useful for programmers (“how not to…”) Especially the top 25 list

19 CWE (Top 10 from the top 25 list)
hyperlink Rank ID Name [1] CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') [2] CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') [3] CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') [4] CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') [5] CWE-306 Missing Authentication for Critical Function [6] CWE-862 Missing Authorization [7] CWE-798 Use of Hard-coded Credentials [8] CWE-311 Missing Encryption of Sensitive Data [9] CWE-434 Unrestricted Upload of File with Dangerous Type [10] CWE-807 Reliance on Untrusted Inputs in a Security Decision hyperlink

20 Case Study Austerity – how did it happen?

21 Case Study Austerity – how did it happen?

22 Core of Trusted Component
Case Study Austerity – how did it happen? From lecture 4 (Formatted I/O): Unformatted input Trusted Component Canonicalise Output sanitisation Output Normalise Core of Trusted Component Sanitise Validate

23 Further Reading http://www.uk-tsi.org/ http://cwe.mitre.org/
PPT by director of TSI The BS PAS 754:2014 standard document (normally £55)

Download ppt "CS2S562 Secure Software Development"

Similar presentations

h Protection from cyber attacks is achieved by acting on several levels: first, at the physical and material, placing the server in a place as safe as.

h Protection from cyber attacks is achieved by acting on several levels: first, at the physical and material, placing the server in a place as safe as.
A Joint Code of Practice Objectives and Summary Presentation

A Joint Code of Practice Objectives and Summary Presentation
System Integration Verification and Validation

System Integration Verification and Validation
Software Quality Assurance Plan

Software Quality Assurance Plan
1 SOFTWARE TESTING Przygotował: Marcin Lubawski. 2 Testing Process AnalyseDesignMaintainBuildTestInstal Software testing strategies Verification Validation.

1 SOFTWARE TESTING Przygotował: Marcin Lubawski. 2 Testing Process AnalyseDesignMaintainBuildTestInstal Software testing strategies Verification Validation.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
GReening business through the Enterprise Europe Network EN 16001 Giovanni FRANCO European Commission Enterprise and Industry EN 16001.

GReening business through the Enterprise Europe Network EN Giovanni FRANCO European Commission Enterprise and Industry EN
Internal Control Concepts Knowledge. Best Practices for IT Governance IT Governance Structure of Relationship Audit Role in IT Governance.

Internal Control Concepts Knowledge. Best Practices for IT Governance IT Governance Structure of Relationship Audit Role in IT Governance.
SWE Introduction to Software Engineering

SWE Introduction to Software Engineering
1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.

1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.
Software Engineering For Beginners. General Information Lecturer, Patricia O’Byrne, office K115A. –

Software Engineering For Beginners. General Information Lecturer, Patricia O’Byrne, office K115A. –
Geneva, Switzerland, 15-16 September 2014 ITU-T CYBEX standards for cybersecurity and data protection Youki Kadobayashi, NICT Japan Rapporteur, ITU-T Q.4/17.

Geneva, Switzerland, September 2014 ITU-T CYBEX standards for cybersecurity and data protection Youki Kadobayashi, NICT Japan Rapporteur, ITU-T Q.4/17.
Introduction to Systems Analysis and Design

Introduction to Systems Analysis and Design
Quality Manual for Interoperability Testing Morten Bruun-Rasmussen Presented by Jos Devlies, Eurorec.

Quality Manual for Interoperability Testing Morten Bruun-Rasmussen Presented by Jos Devlies, Eurorec.
©Ian Sommerville 2006Critical Systems Slide 1 Critical Systems Engineering l Processes and techniques for developing critical systems.

©Ian Sommerville 2006Critical Systems Slide 1 Critical Systems Engineering l Processes and techniques for developing critical systems.
Software Security Course Course Outline 2-27-09. Course Overview Introduction to Software Security Common Attacks and Vulnerabilities Overview of Security.

Software Security Course Course Outline Course Overview Introduction to Software Security Common Attacks and Vulnerabilities Overview of Security.
Presentation on Integrating Management Systems www.imsrisksolutions.co.uk.

Presentation on Integrating Management Systems
Welcome ISO9001:2000 Foundation Workshop.

Welcome ISO9001:2000 Foundation Workshop.
Software Dependability CIS 376 Bruce R. Maxim UM-Dearborn.

Software Dependability CIS 376 Bruce R. Maxim UM-Dearborn.
Secure Software Development Mini Zeng University of Alabama in Huntsville 1.

Secure Software Development Mini Zeng University of Alabama in Huntsville 1.

Similar presentations

Ads by Google