SlideShare a Scribd company logo

Designing Flexibility in Software to Increase Security

Download as PPTX, PDF
L
lawmoore

"Software security" is becoming a hot topic but true security must go beyond bounds checking and memory leaks. Outside forces such as customer demands, competition and regulatory requirements will eventually force changes in the software architecture so designing a flexible software architecture that reacts to those impacts while maintaining a security state is very critical.

Software
1 of 33
Designing Flexibility in Software to Increase Security Larry Moore, CISSP CISA October 22, 2015
About Code A Code A’ Time The only constant in business is change.
What is Flexibility? Software design that promotes modularity and can be easily modified to adjust to internal and external changes such as customer demands, architecture modification, regulatory compliance modifications or other factors while maintaining a consistent proactive security posture. Best during the requirements analysis phase and followed through during design and implementation Quality = Security
Outside Influences • Operating system changes • Deprecated API’s • Architecture changes (motherboard) • New laws and/or regulatory requirements • PCI testing procedures change over time • Outside legitimate hacks • Third party and customer demands • Business changes such as new opportunities • Competition
Security & Flexibility • Changes in security protocols • OUT: SSL; IN: TLS • OUT: MD5; IN: SHA • SecurityNOW Podcasts • 499: InstantCryptor • Incorrect security implementation, encryption without authentication • 530: Doing it Wrong • Four examples of companies making security mistakes PCI
Flexibility Advantages • Improved scalability • Lower maintenance costs • The cost of fixing errors after a system is operational is up to 30 times greater than if the error was caught during system testing. • Lieblein, E. (see Reference at end) • Extends lifecycle • Reduces impact to customers • Your career!
Flexibility Disadvantages • More easily abused especially by management • Additional overhead • Additional size • Lower performance • Generally decreasing because of increasing processor speed • Integrity may be impacted because of generalization of data structures
Timeline - 1977 • Factors in Software Quality • Griffiss Air Force Base and General Electric, NY • “This report has stressed the methodology of deriving and validating the normalization functions to encourage the application of these techniques to other software development. Use on future developments will add to the data base for the establishment of generalized normalization function…toward a higher quality product.” • Flexibility was included in the top list of 11 out of 55 software quality factors. It extends to Accessibility, Adaptability, Augmentability, Expandability, Extensibility, Modifiability • Effort required to modify an operational program • A system that is not flexible costs more and takes longer to change. • Focuses on: • Identify a set of quality factors • Metrics throughout the development cycle • Communicate results to senior management (Air Force)
Factors in Software Quality • Flexibility vs. Integrity: Flexibility requires very general and flexible data structures. This increases the data security problem. • May be mitigated through XML Cost to Fix Time Impact to fix after delivery
Business Resistance • Be first on the market • First is not always best; others may learn at your expense • Sell it now, fix it later • Generally higher help desk costs • Limited budgets • Regulatory requirements and customer feedback • Four types of business risk: • Finance: Loss of customers or revenue • Reputation: Loss of trust or loss due to competition or public opinion (true or false) • Compliance: Fines or penalties; loss of business • Certainty of non-compliance vs. possibility of a breach • Liability: Civil litigation
Architectural Changes Architecture Release Microprosessor Bits 8088 1979 8 8086 80286 1978 1984 16 80386 1985 32 Current 2001 - 2003 64
Architectural Changes If unsigned int x in C equals…. x = 0xFFFF —OR— x = (unsigned int) -1 0xFFFF -1 16 Bit 0xFFFF 0xFFFF 32 Bit 0x0000FFFF 0xFFFFFFFF 64 Bit 0X000000000000FFFF 0xFFFFFFFFFFFFFFFF
Example Integrity
OS/2 Postscript Driver 1.0 to < 2.1
Caught between… Management OS/2 VendorsMe
OS/2 Postscript Driver 2.1 & later
Standards • Define the framework and use it • Encapsulation • Possible even with non-object oriented code • Minimize the use of global variables • Try to predict changes • Polymorphism • Common interfaces • Set short-term definable goals and include metrics • Involve various business units to ensure proper scope • Enforce scope • Include dependencies in your requirements and plan for the possibility of requirements failures
Standards • Creation • Zero all buffer contents • Nullify all pointers • Set all variables to a Non-Defined or Not-In-Use state • Consider hashes or algorithms for immutable values; check periodically • Use • Proper read and write interfaces • Verify all data before modifications outside of your code • Restrict access of values via interfaces • Use proper error return values • Deletion • Most of the same as Creation • Remember: Data must be under your control only between Creation and Deletion
Why Standards? • Designing standards into the earliest versions forces customers to adhere appropriately • Once customers use your product they’re, in a sense, “locked” onto your standards • Customers will sacrifice security and may blame you if there are any vulnerabilities • Changing products can be expensive and time-consuming. That will likely create dissatisfaction with your product • Customers will expect change but only to a certain point
Static Code Analysis • PROS • Great for low-cost identification of clear errors • Variety of software engineers approach threats from different perspectives They also contain a variety of experiences. • Excellent way of improving development skills by learning from other experts • CONS • “Static” focuses on immediate issues yet misses many strategic goals • Not very useful to identify vulnerabilities “from a 30,000 foot level” • Many people have missed vulnerabilities • Heartbleed and Shellshock
Modularity • A technique that emphasizes separating program functionality into independent, interchangeable modules • Data trust only exists directly between trusted modules • Trust is broken any time an outside process “touches” data for a trusted module • Global data is kept to an absolute minimum • Verify, verify, verify! • Document, document, document! • Enforce standards rules
Modularity • Object-oriented code • Methods are declared private by default an only lowered to a less secure level when necessary. • Any data that is declared public or protected is to be considered untrusted. Declare data as either only when absolutely necessary. • Public methods are more trustworthy to “shield” internal data thus permitting internal changes when necessary. • Deprecated public access points may be retained if needed for backward compatibility.
Modularity Process (Private) Conversion • Core process is shielded from the rest of the program • Conversion or sanitization process ensures that code is protected • Modifications are primarily processed by the converter then by the internal process • The “separation process” enables easier development
Modularity Function A (old) Function B (new) Process (Private)
Modularity Example • Example: Alexander D’Alessandro • Note the apostrophe • O’Hara (Ohara), D’Abo, Smith-Jones, etc.
Example #define UNDEFINED_AGE ((unsigned int) -1) #defined MIN_AGE 0 /* newborn */ #defined MAX_AGE 100 unsigned int current_age; Creation and Deletion current_age = UNDEFINED_AGE;
Example if (current_age == UNDEFINED_AGE) { } else if (current_age >= MIN_AGE && current_age <= MAX_AGE) { } else { <error handling> } /* First iteration will never be true since ‘current_age’ is */ /* unsigned. */ /* UNDEFINED_AGE will be included in this context */ if (current_age < MIN_AGE && current_age > MAX_AGE) { <error handling> } else { }
Agile Methodology • Agile is a more flexible • Implements more object-oriented software development through smaller, more incremental work • Encourages simplicity • Enables faster changes • Involves cross-platform teams across the enterprise • Baseline for: • Scrum • Extreme programming (XP) • Rational Unified Process (RUP) • The Waterfall model is still used today but is not very effective in modular design.
What About Security? • Modularity… • Enforces standards • Developers will bypass standards if you permit it • Developers will “hack” public data (not melovantly) if permitted • Your manager will likely prefer to keep your customers happy over security. Accept it! • Permits you to make internal changes with little or no impact to the customer • Migrating from one security protocol to another
Career Recommendations • Never disclose sensitive or private information • Read and understand all NDA agreements. Obey them! • Err on the side of caution • Metrics are critical • Ease of modifying code • Minimum number of defects per line of code • “Forward thinking” • “Security is the focal point of my development!”
Questions? Larry Moore larry.moore.cissp@gmail.com https://www.linkedin.com/in/lawrencemoore
Recommendations • The Power of Ten - Rules for Developing Safety Critical Code • Gerard J. Holzmann, NASA JPL Laboratory for Reliable Software; 2006 • Formalizing Space Shuttle Software Requirements • Judith Crow, Computer Science Laboratory, 1996 • Two case studies in which requirements for new flight software subsystems on NASA's Space Shuttle were analyzed using mechanically supported formal methods. • The Economic Impacts of Inadequate Infrastructure for Software Testing • NIST, May 2002
References • Adrian, David; Bhargavan, Karthikeyan, et. al; Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice • Agile Modeling: http://www.agilemodeling.com/essays/agileModelingRUP .htm • Lieblein, E., “Computer Software: Problem and Possible Solutions”, CENTACS USAECOM Memorandum, 7 November 1972 • Factors in Software Quality: http://www.dtic.mil/dtic/tr/fulltext/u2/a049055.pdf

Recommended

FLIGHT Amsterdam Presentation - From Protex to Hub
FLIGHT Amsterdam Presentation - From Protex to Hub FLIGHT Amsterdam Presentation - From Protex to Hub
FLIGHT Amsterdam Presentation - From Protex to Hub Black Duck by Synopsys
 
Security Design Concepts
Security Design ConceptsSecurity Design Concepts
Security Design ConceptsMohammed Fazuluddin
 
Flight WEST 2018 Presentation - A Buyer Investor Playbook for Successfully Na...
Flight WEST 2018 Presentation - A Buyer Investor Playbook for Successfully Na...Flight WEST 2018 Presentation - A Buyer Investor Playbook for Successfully Na...
Flight WEST 2018 Presentation - A Buyer Investor Playbook for Successfully Na...Black Duck by Synopsys
 
FLIGHT Amsterdam Presentation - Open Source License Management in the Black D...
FLIGHT Amsterdam Presentation - Open Source License Management in the Black D...FLIGHT Amsterdam Presentation - Open Source License Management in the Black D...
FLIGHT Amsterdam Presentation - Open Source License Management in the Black D...Black Duck by Synopsys
 
Open Architecture: The Key to Aviation Security
Open Architecture: The Key to Aviation SecurityOpen Architecture: The Key to Aviation Security
Open Architecture: The Key to Aviation Securityagoldsmith1
 
NetWrix Change Reporter Suite - Product Review by Don Jones
NetWrix Change Reporter Suite - Product Review by Don JonesNetWrix Change Reporter Suite - Product Review by Don Jones
NetWrix Change Reporter Suite - Product Review by Don JonesNetwrix Corporation
 
Top 5 identity management challenges and solutions
Top 5 identity management challenges and solutionsTop 5 identity management challenges and solutions
Top 5 identity management challenges and solutionsNetwrix Corporation
 
File system auditing who accessed what files and where
File system auditing who accessed what files and whereFile system auditing who accessed what files and where
File system auditing who accessed what files and whereNetwrix Corporation
 

Recommended

FLIGHT Amsterdam Presentation - From Protex to Hub
FLIGHT Amsterdam Presentation - From Protex to Hub FLIGHT Amsterdam Presentation - From Protex to Hub
FLIGHT Amsterdam Presentation - From Protex to Hub Black Duck by Synopsys
 
Security Design Concepts
Security Design ConceptsSecurity Design Concepts
Security Design ConceptsMohammed Fazuluddin
 
Flight WEST 2018 Presentation - A Buyer Investor Playbook for Successfully Na...
Flight WEST 2018 Presentation - A Buyer Investor Playbook for Successfully Na...Flight WEST 2018 Presentation - A Buyer Investor Playbook for Successfully Na...
Flight WEST 2018 Presentation - A Buyer Investor Playbook for Successfully Na...Black Duck by Synopsys
 
FLIGHT Amsterdam Presentation - Open Source License Management in the Black D...
FLIGHT Amsterdam Presentation - Open Source License Management in the Black D...FLIGHT Amsterdam Presentation - Open Source License Management in the Black D...
FLIGHT Amsterdam Presentation - Open Source License Management in the Black D...Black Duck by Synopsys
 
Open Architecture: The Key to Aviation Security
Open Architecture: The Key to Aviation SecurityOpen Architecture: The Key to Aviation Security
Open Architecture: The Key to Aviation Securityagoldsmith1
 
NetWrix Change Reporter Suite - Product Review by Don Jones
NetWrix Change Reporter Suite - Product Review by Don JonesNetWrix Change Reporter Suite - Product Review by Don Jones
NetWrix Change Reporter Suite - Product Review by Don JonesNetwrix Corporation
 
Top 5 identity management challenges and solutions
Top 5 identity management challenges and solutionsTop 5 identity management challenges and solutions
Top 5 identity management challenges and solutionsNetwrix Corporation
 
File system auditing who accessed what files and where
File system auditing who accessed what files and whereFile system auditing who accessed what files and where
File system auditing who accessed what files and whereNetwrix Corporation
 
Top 10 critical changes to audit in your it infrastructure
Top 10 critical changes to audit in your it infrastructureTop 10 critical changes to audit in your it infrastructure
Top 10 critical changes to audit in your it infrastructureNetwrix Corporation
 
Top 5 critical changes to audit for active directory
Top 5 critical changes to audit for active directoryTop 5 critical changes to audit for active directory
Top 5 critical changes to audit for active directoryNetwrix Corporation
 
Design Like a Pro: Machine Learning Basics
Design Like a Pro: Machine Learning BasicsDesign Like a Pro: Machine Learning Basics
Design Like a Pro: Machine Learning BasicsInductive Automation
 
Managing Security in Agile Culture
Managing Security in Agile CultureManaging Security in Agile Culture
Managing Security in Agile CultureSARCCOM
 
Design Like a Pro: Scripting Best Practices
Design Like a Pro: Scripting Best PracticesDesign Like a Pro: Scripting Best Practices
Design Like a Pro: Scripting Best PracticesInductive Automation
 
Security in the Software Development Life Cycle (SDLC)
Security in the Software Development Life Cycle (SDLC)Security in the Software Development Life Cycle (SDLC)
Security in the Software Development Life Cycle (SDLC)Frances Coronel
 
Adressing nonfunctional requirements with agile practices
Adressing nonfunctional requirements with agile practicesAdressing nonfunctional requirements with agile practices
Adressing nonfunctional requirements with agile practicesMario Cardinal
 
CISSP - Chapter 3 - CPU Architecture
CISSP - Chapter 3 - CPU ArchitectureCISSP - Chapter 3 - CPU Architecture
CISSP - Chapter 3 - CPU ArchitectureKarthikeyan Dhayalan
 
CISSP Chapter 1 BCP
CISSP Chapter 1 BCPCISSP Chapter 1 BCP
CISSP Chapter 1 BCPKarthikeyan Dhayalan
 
Social Distance Your IBM i from Cybersecurity Risk
Social Distance Your IBM i from Cybersecurity RiskSocial Distance Your IBM i from Cybersecurity Risk
Social Distance Your IBM i from Cybersecurity RiskPrecisely
 
How to achieve Continous Delivery
How to achieve Continous DeliveryHow to achieve Continous Delivery
How to achieve Continous DeliveryGeoffrey Vandiest
 
CNIT 125 Ch 4. Security Engineering (Part 1)
CNIT 125 Ch 4. Security Engineering (Part 1)CNIT 125 Ch 4. Security Engineering (Part 1)
CNIT 125 Ch 4. Security Engineering (Part 1)Sam Bowne
 
CISSP Chapter 7 - Security Operations
CISSP Chapter 7 - Security OperationsCISSP Chapter 7 - Security Operations
CISSP Chapter 7 - Security OperationsKarthikeyan Dhayalan
 
CISSP Prep: Ch 6. Identity and Access Management
CISSP Prep: Ch 6. Identity and Access ManagementCISSP Prep: Ch 6. Identity and Access Management
CISSP Prep: Ch 6. Identity and Access ManagementSam Bowne
 
Putting the Sec into DevOps
Putting the Sec into DevOpsPutting the Sec into DevOps
Putting the Sec into DevOpsMaytal Levi
 
Decision Matrix for IoT Product Development
Decision Matrix for IoT Product DevelopmentDecision Matrix for IoT Product Development
Decision Matrix for IoT Product DevelopmentAlexey Pyshkin
 
Validating Non Functional Requirements
Validating Non Functional RequirementsValidating Non Functional Requirements
Validating Non Functional RequirementsReuben Korngold
 
Capturing Measurable Non Functional Requirements
Capturing Measurable Non Functional RequirementsCapturing Measurable Non Functional Requirements
Capturing Measurable Non Functional RequirementsShehzad Lakdawala
 
Non-Functional Requirements Are Important (with Explanatory Notes)
Non-Functional Requirements Are Important (with Explanatory Notes)Non-Functional Requirements Are Important (with Explanatory Notes)
Non-Functional Requirements Are Important (with Explanatory Notes)Stephen Booth MIET MBCS OLA
 
Design Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security GuidelinesDesign Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security GuidelinesInductive Automation
 
Comparing Legacy and Modern e-commerce solutions
Comparing Legacy and Modern e-commerce solutionsComparing Legacy and Modern e-commerce solutions
Comparing Legacy and Modern e-commerce solutionsMike Ensor
 
Quality attributes in software architecture
Quality attributes in software architectureQuality attributes in software architecture
Quality attributes in software architectureGang Tao
 

More Related Content

What's hot

Top 10 critical changes to audit in your it infrastructure
Top 10 critical changes to audit in your it infrastructureTop 10 critical changes to audit in your it infrastructure
Top 10 critical changes to audit in your it infrastructureNetwrix Corporation
 
Top 5 critical changes to audit for active directory
Top 5 critical changes to audit for active directoryTop 5 critical changes to audit for active directory
Top 5 critical changes to audit for active directoryNetwrix Corporation
 
Design Like a Pro: Machine Learning Basics
Design Like a Pro: Machine Learning BasicsDesign Like a Pro: Machine Learning Basics
Design Like a Pro: Machine Learning BasicsInductive Automation
 
Managing Security in Agile Culture
Managing Security in Agile CultureManaging Security in Agile Culture
Managing Security in Agile CultureSARCCOM
 
Design Like a Pro: Scripting Best Practices
Design Like a Pro: Scripting Best PracticesDesign Like a Pro: Scripting Best Practices
Design Like a Pro: Scripting Best PracticesInductive Automation
 
Security in the Software Development Life Cycle (SDLC)
Security in the Software Development Life Cycle (SDLC)Security in the Software Development Life Cycle (SDLC)
Security in the Software Development Life Cycle (SDLC)Frances Coronel
 
Adressing nonfunctional requirements with agile practices
Adressing nonfunctional requirements with agile practicesAdressing nonfunctional requirements with agile practices
Adressing nonfunctional requirements with agile practicesMario Cardinal
 
CISSP - Chapter 3 - CPU Architecture
CISSP - Chapter 3 - CPU ArchitectureCISSP - Chapter 3 - CPU Architecture
CISSP - Chapter 3 - CPU ArchitectureKarthikeyan Dhayalan
 
Social Distance Your IBM i from Cybersecurity Risk
Social Distance Your IBM i from Cybersecurity RiskSocial Distance Your IBM i from Cybersecurity Risk
Social Distance Your IBM i from Cybersecurity RiskPrecisely
 
How to achieve Continous Delivery
How to achieve Continous DeliveryHow to achieve Continous Delivery
How to achieve Continous DeliveryGeoffrey Vandiest
 
CNIT 125 Ch 4. Security Engineering (Part 1)
CNIT 125 Ch 4. Security Engineering (Part 1)CNIT 125 Ch 4. Security Engineering (Part 1)
CNIT 125 Ch 4. Security Engineering (Part 1)Sam Bowne
 
CISSP Chapter 7 - Security Operations
CISSP Chapter 7 - Security OperationsCISSP Chapter 7 - Security Operations
CISSP Chapter 7 - Security OperationsKarthikeyan Dhayalan
 
CISSP Prep: Ch 6. Identity and Access Management
CISSP Prep: Ch 6. Identity and Access ManagementCISSP Prep: Ch 6. Identity and Access Management
CISSP Prep: Ch 6. Identity and Access ManagementSam Bowne
 
Putting the Sec into DevOps
Putting the Sec into DevOpsPutting the Sec into DevOps
Putting the Sec into DevOpsMaytal Levi
 
Decision Matrix for IoT Product Development
Decision Matrix for IoT Product DevelopmentDecision Matrix for IoT Product Development
Decision Matrix for IoT Product DevelopmentAlexey Pyshkin
 
Validating Non Functional Requirements
Validating Non Functional RequirementsValidating Non Functional Requirements
Validating Non Functional RequirementsReuben Korngold
 
Capturing Measurable Non Functional Requirements
Capturing Measurable Non Functional RequirementsCapturing Measurable Non Functional Requirements
Capturing Measurable Non Functional RequirementsShehzad Lakdawala
 
Non-Functional Requirements Are Important (with Explanatory Notes)
Non-Functional Requirements Are Important (with Explanatory Notes)Non-Functional Requirements Are Important (with Explanatory Notes)
Non-Functional Requirements Are Important (with Explanatory Notes)Stephen Booth MIET MBCS OLA
 
Design Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security GuidelinesDesign Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security GuidelinesInductive Automation
 

What's hot (20)

Top 10 critical changes to audit in your it infrastructure
Top 10 critical changes to audit in your it infrastructureTop 10 critical changes to audit in your it infrastructure
Top 10 critical changes to audit in your it infrastructure
 
Top 5 critical changes to audit for active directory
Top 5 critical changes to audit for active directoryTop 5 critical changes to audit for active directory
Top 5 critical changes to audit for active directory
 
Design Like a Pro: Machine Learning Basics
Design Like a Pro: Machine Learning BasicsDesign Like a Pro: Machine Learning Basics
Design Like a Pro: Machine Learning Basics
 
Managing Security in Agile Culture
Managing Security in Agile CultureManaging Security in Agile Culture
Managing Security in Agile Culture
 
Design Like a Pro: Scripting Best Practices
Design Like a Pro: Scripting Best PracticesDesign Like a Pro: Scripting Best Practices
Design Like a Pro: Scripting Best Practices
 
Security in the Software Development Life Cycle (SDLC)
Security in the Software Development Life Cycle (SDLC)Security in the Software Development Life Cycle (SDLC)
Security in the Software Development Life Cycle (SDLC)
 
Adressing nonfunctional requirements with agile practices
Adressing nonfunctional requirements with agile practicesAdressing nonfunctional requirements with agile practices
Adressing nonfunctional requirements with agile practices
 
CISSP - Chapter 3 - CPU Architecture
CISSP - Chapter 3 - CPU ArchitectureCISSP - Chapter 3 - CPU Architecture
CISSP - Chapter 3 - CPU Architecture
 
CISSP Chapter 1 BCP
CISSP Chapter 1 BCPCISSP Chapter 1 BCP
CISSP Chapter 1 BCP
 
Social Distance Your IBM i from Cybersecurity Risk
Social Distance Your IBM i from Cybersecurity RiskSocial Distance Your IBM i from Cybersecurity Risk
Social Distance Your IBM i from Cybersecurity Risk
 
How to achieve Continous Delivery
How to achieve Continous DeliveryHow to achieve Continous Delivery
How to achieve Continous Delivery
 
CNIT 125 Ch 4. Security Engineering (Part 1)
CNIT 125 Ch 4. Security Engineering (Part 1)CNIT 125 Ch 4. Security Engineering (Part 1)
CNIT 125 Ch 4. Security Engineering (Part 1)
 
CISSP Chapter 7 - Security Operations
CISSP Chapter 7 - Security OperationsCISSP Chapter 7 - Security Operations
CISSP Chapter 7 - Security Operations
 
CISSP Prep: Ch 6. Identity and Access Management
CISSP Prep: Ch 6. Identity and Access ManagementCISSP Prep: Ch 6. Identity and Access Management
CISSP Prep: Ch 6. Identity and Access Management
 
Putting the Sec into DevOps
Putting the Sec into DevOpsPutting the Sec into DevOps
Putting the Sec into DevOps
 
Decision Matrix for IoT Product Development
Decision Matrix for IoT Product DevelopmentDecision Matrix for IoT Product Development
Decision Matrix for IoT Product Development
 
Validating Non Functional Requirements
Validating Non Functional RequirementsValidating Non Functional Requirements
Validating Non Functional Requirements
 
Capturing Measurable Non Functional Requirements
Capturing Measurable Non Functional RequirementsCapturing Measurable Non Functional Requirements
Capturing Measurable Non Functional Requirements
 
Non-Functional Requirements Are Important (with Explanatory Notes)
Non-Functional Requirements Are Important (with Explanatory Notes)Non-Functional Requirements Are Important (with Explanatory Notes)
Non-Functional Requirements Are Important (with Explanatory Notes)
 
Design Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security GuidelinesDesign Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security Guidelines
 

Similar to Designing Flexibility in Software to Increase Security

Comparing Legacy and Modern e-commerce solutions
Comparing Legacy and Modern e-commerce solutionsComparing Legacy and Modern e-commerce solutions
Comparing Legacy and Modern e-commerce solutionsMike Ensor
 
Quality attributes in software architecture
Quality attributes in software architectureQuality attributes in software architecture
Quality attributes in software architectureGang Tao
 
Avoid outages-from-misconfigured-devices-webinar-slides
Avoid outages-from-misconfigured-devices-webinar-slidesAvoid outages-from-misconfigured-devices-webinar-slides
Avoid outages-from-misconfigured-devices-webinar-slidesAlgoSec
 
VMworld 2013: Separating Cloud Hype from Reality in Healthcare – a Real-Life ...
VMworld 2013: Separating Cloud Hype from Reality in Healthcare – a Real-Life ...VMworld 2013: Separating Cloud Hype from Reality in Healthcare – a Real-Life ...
VMworld 2013: Separating Cloud Hype from Reality in Healthcare – a Real-Life ...VMworld
 
AppSec in an Agile World
AppSec in an Agile WorldAppSec in an Agile World
AppSec in an Agile WorldDavid Lindner
 
Top Devops bottlenecks, constraints and best practices
Top Devops bottlenecks, constraints and best practicesTop Devops bottlenecks, constraints and best practices
Top Devops bottlenecks, constraints and best practicesMike Kavis
 
Transforming cloud security into an advantage
Transforming cloud security into an advantageTransforming cloud security into an advantage
Transforming cloud security into an advantageMoshe Ferber
 
LOW LEVEL DESIGN INSPECTION SECURE CODING
LOW LEVEL DESIGN INSPECTION SECURE CODINGLOW LEVEL DESIGN INSPECTION SECURE CODING
LOW LEVEL DESIGN INSPECTION SECURE CODINGSri Latha
 
Application Darwinism - Why Most Enterprise Apps Will Evolve to the Cloud
Application Darwinism - Why Most Enterprise Apps Will Evolve to the CloudApplication Darwinism - Why Most Enterprise Apps Will Evolve to the Cloud
Application Darwinism - Why Most Enterprise Apps Will Evolve to the CloudSkytap Cloud
 
Overcoming Barriers to the Cloud
Overcoming Barriers to the Cloud Overcoming Barriers to the Cloud
Overcoming Barriers to the Cloud Andy Milsark
 
Started In Security Now I'm Here
Started In Security Now I'm HereStarted In Security Now I'm Here
Started In Security Now I'm HereChristopher Grayson
 
Enumerating software security design flaws throughout the ssdlc cosac - 201...
Enumerating software security design flaws throughout the ssdlc cosac - 201...Enumerating software security design flaws throughout the ssdlc cosac - 201...
Enumerating software security design flaws throughout the ssdlc cosac - 201...John M. Willis
 
Enumerating software security design flaws throughout the SSDLC
Enumerating software security design flaws throughout the SSDLCEnumerating software security design flaws throughout the SSDLC
Enumerating software security design flaws throughout the SSDLCJohn M. Willis
 
Addressing Cloud Security with OPA
Addressing Cloud Security with OPAAddressing Cloud Security with OPA
Addressing Cloud Security with OPADiemShin
 
IBM i HA and Security: Why They Need to Work Together
IBM i HA and Security: Why They Need to Work TogetherIBM i HA and Security: Why They Need to Work Together
IBM i HA and Security: Why They Need to Work TogetherPrecisely
 
Make A Stress Free Move To The Cloud: Application Modernization and Managemen...
Make A Stress Free Move To The Cloud: Application Modernization and Managemen...Make A Stress Free Move To The Cloud: Application Modernization and Managemen...
Make A Stress Free Move To The Cloud: Application Modernization and Managemen...Dell World
 
Design principles &amp; quality factors
Design principles &amp; quality factorsDesign principles &amp; quality factors
Design principles &amp; quality factorsAalia Barbe
 
Non functional requirements. do we really care…?
Non functional requirements. do we really care…?Non functional requirements. do we really care…?
Non functional requirements. do we really care…?OSSCube
 

Similar to Designing Flexibility in Software to Increase Security (20)

Comparing Legacy and Modern e-commerce solutions
Comparing Legacy and Modern e-commerce solutionsComparing Legacy and Modern e-commerce solutions
Comparing Legacy and Modern e-commerce solutions
 
Quality attributes in software architecture
Quality attributes in software architectureQuality attributes in software architecture
Quality attributes in software architecture
 
Avoid outages-from-misconfigured-devices-webinar-slides
Avoid outages-from-misconfigured-devices-webinar-slidesAvoid outages-from-misconfigured-devices-webinar-slides
Avoid outages-from-misconfigured-devices-webinar-slides
 
VMworld 2013: Separating Cloud Hype from Reality in Healthcare – a Real-Life ...
VMworld 2013: Separating Cloud Hype from Reality in Healthcare – a Real-Life ...VMworld 2013: Separating Cloud Hype from Reality in Healthcare – a Real-Life ...
VMworld 2013: Separating Cloud Hype from Reality in Healthcare – a Real-Life ...
 
Secure coding practices
Secure coding practicesSecure coding practices
Secure coding practices
 
AppSec in an Agile World
AppSec in an Agile WorldAppSec in an Agile World
AppSec in an Agile World
 
Top Devops bottlenecks, constraints and best practices
Top Devops bottlenecks, constraints and best practicesTop Devops bottlenecks, constraints and best practices
Top Devops bottlenecks, constraints and best practices
 
Transforming cloud security into an advantage
Transforming cloud security into an advantageTransforming cloud security into an advantage
Transforming cloud security into an advantage
 
LOW LEVEL DESIGN INSPECTION SECURE CODING
LOW LEVEL DESIGN INSPECTION SECURE CODINGLOW LEVEL DESIGN INSPECTION SECURE CODING
LOW LEVEL DESIGN INSPECTION SECURE CODING
 
Application Darwinism - Why Most Enterprise Apps Will Evolve to the Cloud
Application Darwinism - Why Most Enterprise Apps Will Evolve to the CloudApplication Darwinism - Why Most Enterprise Apps Will Evolve to the Cloud
Application Darwinism - Why Most Enterprise Apps Will Evolve to the Cloud
 
Overcoming Barriers to the Cloud
Overcoming Barriers to the Cloud Overcoming Barriers to the Cloud
Overcoming Barriers to the Cloud
 
Software Standards
Software StandardsSoftware Standards
Software Standards
 
Started In Security Now I'm Here
Started In Security Now I'm HereStarted In Security Now I'm Here
Started In Security Now I'm Here
 
Enumerating software security design flaws throughout the ssdlc cosac - 201...
Enumerating software security design flaws throughout the ssdlc cosac - 201...Enumerating software security design flaws throughout the ssdlc cosac - 201...
Enumerating software security design flaws throughout the ssdlc cosac - 201...
 
Enumerating software security design flaws throughout the SSDLC
Enumerating software security design flaws throughout the SSDLCEnumerating software security design flaws throughout the SSDLC
Enumerating software security design flaws throughout the SSDLC
 
Addressing Cloud Security with OPA
Addressing Cloud Security with OPAAddressing Cloud Security with OPA
Addressing Cloud Security with OPA
 
IBM i HA and Security: Why They Need to Work Together
IBM i HA and Security: Why They Need to Work TogetherIBM i HA and Security: Why They Need to Work Together
IBM i HA and Security: Why They Need to Work Together
 
Make A Stress Free Move To The Cloud: Application Modernization and Managemen...
Make A Stress Free Move To The Cloud: Application Modernization and Managemen...Make A Stress Free Move To The Cloud: Application Modernization and Managemen...
Make A Stress Free Move To The Cloud: Application Modernization and Managemen...
 
Design principles &amp; quality factors
Design principles &amp; quality factorsDesign principles &amp; quality factors
Design principles &amp; quality factors
 
Non functional requirements. do we really care…?
Non functional requirements. do we really care…?Non functional requirements. do we really care…?
Non functional requirements. do we really care…?
 

Recently uploaded

React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaHanief Utama
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
 
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtimeandrehoraa
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackVICTOR MAESTRE RAMIREZ
 
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)jennyeacort
 
CRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceCRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceBrainSell Technologies
 
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...Matt Ray
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWave PLM
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEEVICTOR MAESTRE RAMIREZ
 
英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作qr0udbr0
 
What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...Technogeeks
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样umasea
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Velvetech LLC
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxTier1 app
 
Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesPhilip Schwarz
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmSujith Sukumaran
 
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsAhmed Mohamed
 
Unveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesUnveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesŁukasz Chruściel
 

Recently uploaded (20)

React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief Utama
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
 
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtime
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStack
 
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
 
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort ServiceHot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
 
CRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceCRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. Salesforce
 
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need It
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEE
 
英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作
 
What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
 
Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a series
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalm
 
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML Diagrams
 
Unveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesUnveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New Features
 

Designing Flexibility in Software to Increase Security

  • 1. Designing Flexibility in Software to Increase Security Larry Moore, CISSP CISA October 22, 2015
  • 2. About Code A Code A’ Time The only constant in business is change.
  • 3. What is Flexibility? Software design that promotes modularity and can be easily modified to adjust to internal and external changes such as customer demands, architecture modification, regulatory compliance modifications or other factors while maintaining a consistent proactive security posture. Best during the requirements analysis phase and followed through during design and implementation Quality = Security
  • 4. Outside Influences • Operating system changes • Deprecated API’s • Architecture changes (motherboard) • New laws and/or regulatory requirements • PCI testing procedures change over time • Outside legitimate hacks • Third party and customer demands • Business changes such as new opportunities • Competition
  • 5. Security & Flexibility • Changes in security protocols • OUT: SSL; IN: TLS • OUT: MD5; IN: SHA • SecurityNOW Podcasts • 499: InstantCryptor • Incorrect security implementation, encryption without authentication • 530: Doing it Wrong • Four examples of companies making security mistakes PCI
  • 6. Flexibility Advantages • Improved scalability • Lower maintenance costs • The cost of fixing errors after a system is operational is up to 30 times greater than if the error was caught during system testing. • Lieblein, E. (see Reference at end) • Extends lifecycle • Reduces impact to customers • Your career!
  • 7. Flexibility Disadvantages • More easily abused especially by management • Additional overhead • Additional size • Lower performance • Generally decreasing because of increasing processor speed • Integrity may be impacted because of generalization of data structures
  • 8. Timeline - 1977 • Factors in Software Quality • Griffiss Air Force Base and General Electric, NY • “This report has stressed the methodology of deriving and validating the normalization functions to encourage the application of these techniques to other software development. Use on future developments will add to the data base for the establishment of generalized normalization function…toward a higher quality product.” • Flexibility was included in the top list of 11 out of 55 software quality factors. It extends to Accessibility, Adaptability, Augmentability, Expandability, Extensibility, Modifiability • Effort required to modify an operational program • A system that is not flexible costs more and takes longer to change. • Focuses on: • Identify a set of quality factors • Metrics throughout the development cycle • Communicate results to senior management (Air Force)
  • 9. Factors in Software Quality • Flexibility vs. Integrity: Flexibility requires very general and flexible data structures. This increases the data security problem. • May be mitigated through XML Cost to Fix Time Impact to fix after delivery
  • 10. Business Resistance • Be first on the market • First is not always best; others may learn at your expense • Sell it now, fix it later • Generally higher help desk costs • Limited budgets • Regulatory requirements and customer feedback • Four types of business risk: • Finance: Loss of customers or revenue • Reputation: Loss of trust or loss due to competition or public opinion (true or false) • Compliance: Fines or penalties; loss of business • Certainty of non-compliance vs. possibility of a breach • Liability: Civil litigation
  • 11. Architectural Changes Architecture Release Microprosessor Bits 8088 1979 8 8086 80286 1978 1984 16 80386 1985 32 Current 2001 - 2003 64
  • 12. Architectural Changes If unsigned int x in C equals…. x = 0xFFFF —OR— x = (unsigned int) -1 0xFFFF -1 16 Bit 0xFFFF 0xFFFF 32 Bit 0x0000FFFF 0xFFFFFFFF 64 Bit 0X000000000000FFFF 0xFFFFFFFFFFFFFFFF
  • 17. Standards • Define the framework and use it • Encapsulation • Possible even with non-object oriented code • Minimize the use of global variables • Try to predict changes • Polymorphism • Common interfaces • Set short-term definable goals and include metrics • Involve various business units to ensure proper scope • Enforce scope • Include dependencies in your requirements and plan for the possibility of requirements failures
  • 18. Standards • Creation • Zero all buffer contents • Nullify all pointers • Set all variables to a Non-Defined or Not-In-Use state • Consider hashes or algorithms for immutable values; check periodically • Use • Proper read and write interfaces • Verify all data before modifications outside of your code • Restrict access of values via interfaces • Use proper error return values • Deletion • Most of the same as Creation • Remember: Data must be under your control only between Creation and Deletion
  • 19. Why Standards? • Designing standards into the earliest versions forces customers to adhere appropriately • Once customers use your product they’re, in a sense, “locked” onto your standards • Customers will sacrifice security and may blame you if there are any vulnerabilities • Changing products can be expensive and time-consuming. That will likely create dissatisfaction with your product • Customers will expect change but only to a certain point
  • 20. Static Code Analysis • PROS • Great for low-cost identification of clear errors • Variety of software engineers approach threats from different perspectives They also contain a variety of experiences. • Excellent way of improving development skills by learning from other experts • CONS • “Static” focuses on immediate issues yet misses many strategic goals • Not very useful to identify vulnerabilities “from a 30,000 foot level” • Many people have missed vulnerabilities • Heartbleed and Shellshock
  • 21. Modularity • A technique that emphasizes separating program functionality into independent, interchangeable modules • Data trust only exists directly between trusted modules • Trust is broken any time an outside process “touches” data for a trusted module • Global data is kept to an absolute minimum • Verify, verify, verify! • Document, document, document! • Enforce standards rules
  • 22. Modularity • Object-oriented code • Methods are declared private by default an only lowered to a less secure level when necessary. • Any data that is declared public or protected is to be considered untrusted. Declare data as either only when absolutely necessary. • Public methods are more trustworthy to “shield” internal data thus permitting internal changes when necessary. • Deprecated public access points may be retained if needed for backward compatibility.
  • 23. Modularity Process (Private) Conversion • Core process is shielded from the rest of the program • Conversion or sanitization process ensures that code is protected • Modifications are primarily processed by the converter then by the internal process • The “separation process” enables easier development
  • 24. Modularity Function A (old) Function B (new) Process (Private)
  • 25. Modularity Example • Example: Alexander D’Alessandro • Note the apostrophe • O’Hara (Ohara), D’Abo, Smith-Jones, etc.
  • 26. Example #define UNDEFINED_AGE ((unsigned int) -1) #defined MIN_AGE 0 /* newborn */ #defined MAX_AGE 100 unsigned int current_age; Creation and Deletion current_age = UNDEFINED_AGE;
  • 27. Example if (current_age == UNDEFINED_AGE) { } else if (current_age >= MIN_AGE && current_age <= MAX_AGE) { } else { <error handling> } /* First iteration will never be true since ‘current_age’ is */ /* unsigned. */ /* UNDEFINED_AGE will be included in this context */ if (current_age < MIN_AGE && current_age > MAX_AGE) { <error handling> } else { }
  • 28. Agile Methodology • Agile is a more flexible • Implements more object-oriented software development through smaller, more incremental work • Encourages simplicity • Enables faster changes • Involves cross-platform teams across the enterprise • Baseline for: • Scrum • Extreme programming (XP) • Rational Unified Process (RUP) • The Waterfall model is still used today but is not very effective in modular design.
  • 29. What About Security? • Modularity… • Enforces standards • Developers will bypass standards if you permit it • Developers will “hack” public data (not melovantly) if permitted • Your manager will likely prefer to keep your customers happy over security. Accept it! • Permits you to make internal changes with little or no impact to the customer • Migrating from one security protocol to another
  • 30. Career Recommendations • Never disclose sensitive or private information • Read and understand all NDA agreements. Obey them! • Err on the side of caution • Metrics are critical • Ease of modifying code • Minimum number of defects per line of code • “Forward thinking” • “Security is the focal point of my development!”
  • 32. Recommendations • The Power of Ten - Rules for Developing Safety Critical Code • Gerard J. Holzmann, NASA JPL Laboratory for Reliable Software; 2006 • Formalizing Space Shuttle Software Requirements • Judith Crow, Computer Science Laboratory, 1996 • Two case studies in which requirements for new flight software subsystems on NASA's Space Shuttle were analyzed using mechanically supported formal methods. • The Economic Impacts of Inadequate Infrastructure for Software Testing • NIST, May 2002
  • 33. References • Adrian, David; Bhargavan, Karthikeyan, et. al; Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice • Agile Modeling: http://www.agilemodeling.com/essays/agileModelingRUP .htm • Lieblein, E., “Computer Software: Problem and Possible Solutions”, CENTACS USAECOM Memorandum, 7 November 1972 • Factors in Software Quality: http://www.dtic.mil/dtic/tr/fulltext/u2/a049055.pdf