The Art of Defensive Programming By Ipan Ardian
•
1 like•226 views
Defensive programming is a form of programming intended to ensure software continues functioning under unexpected conditions. It is important for software dealing with safety, security, or high availability. Without defensive programming, bugs can have serious consequences like falsely reporting missile attacks, delivering fatal radiation overdoses, or destroying expensive rockets. Defensive practices include writing solid code following principles like single responsibility, testing units of code, conducting code reviews, and tracking errors in real time.
Report
Share
Report
Share
Download to read offline
Recommended
St 1.1
Software testing is important to find bugs that can cause major damages. Some examples include 50,000 social security checks being mailed without names due to a software error, a $500 million satellite lost due to a floating point exception not being handled, and a $125 million climate orbiter lost in space from a data conversion error. Software testing is the process of verifying and validating that a program meets requirements and works as intended to avoid such problems.
Liran Tal - StrangerDanger - Finding Security Vulnerabilities Before They Fin...
Open source modules on the NPM ecosystem are undoubtedly awesome. However, they also represent an undeniable and massive risk. You’re introducing someone else’s code into your system, often with little or no scrutiny. The wrong package can introduce severe vulnerabilities into your application, exposing your application and your user’s data.
This talk will use a sample application, Goof, which uses various vulnerable dependencies, which we will exploit as an attacker would. For each issue, we’ll explain why it happened, show its impact, and – most importantly – see how to avoid or fix it.
Liran tal Stranger Danger Security vulnerabilities - Negev Web Developers mee...
The document discusses the security risks of open source software and dependencies. It notes that while open source software is great, it can introduce vulnerabilities if dependencies are not properly reviewed since they are written by many strangers and may contain vulnerabilities. It advocates using a tool like Snyk to continuously find and fix vulnerabilities in dependencies before attackers can exploit them.
Charan Resume
This document contains the resume of Sai Charan Mukkamala. It summarizes his work experience as an Information Security Analyst and Security Researcher, education background with a Bachelor's Degree in Computer Science, and lists some of his professional achievements and skills. It provides his contact information and includes a summary of previous roles, responsibilities, and projects at various companies.
Mobile application security tools
With numerous mobile applications being used and developed today, these are often vulnerable to data theft and cyber crime. Cyber security testing of these apps are therefore a must to ensure efficiency and enhance customer experience. Our shift-left software testing approach at Qualitest, into every phase of your application development and prevent attacks.
Automatically Locating Malicious Packages in Piggybacked Android Apps
"Automatically Locating Malicious Packages in Piggybacked Android Apps" by Li Li with Daoyuan Li, Tegawendé F. Bissyandé, Jacques Klein, Haipeng Cai, David Lo, and Yves le Traon.
MobileSoft17, Buenos Aires, Argentina, 2017.
Erlang os
Erlang is a general-purpose programming language and runtime environment with built-in support for concurrency, distribution and fault tolerance. It was developed in 1986 at Ericsson for developing telecommunications systems. Some key features of Erlang include simplicity, managing concurrency and failure through lightweight processes, and a mature community. While setup can be complex and it lacks static types, Erlang excels at handling concurrency robustly. Major companies like WhatsApp use Erlang for its reliability in large distributed systems.
2016 - Daniel Lebrero - REPL driven development
New computers have more and more available memory which for us, programmers means we can use more memory in our applications.
However in JAVA (actually all JVM based languages) at some certain point things may get tricky, especially when we expect from our applications to be responsive all the time. This talk will focus on Garbage First collector (the new default in JDK9) which is the newest algorithm available in HotSpot JVM (not so new though) and the only one which can handle 32+GB heap size without blocking your application threads for longer than 200ms. After this talk you will have overview how G1 works, how to read the log, spot common problems and which gc settings you should avoid.
Recommended
St 1.1
Software testing is important to find bugs that can cause major damages. Some examples include 50,000 social security checks being mailed without names due to a software error, a $500 million satellite lost due to a floating point exception not being handled, and a $125 million climate orbiter lost in space from a data conversion error. Software testing is the process of verifying and validating that a program meets requirements and works as intended to avoid such problems.
Liran Tal - StrangerDanger - Finding Security Vulnerabilities Before They Fin...
Open source modules on the NPM ecosystem are undoubtedly awesome. However, they also represent an undeniable and massive risk. You’re introducing someone else’s code into your system, often with little or no scrutiny. The wrong package can introduce severe vulnerabilities into your application, exposing your application and your user’s data.
This talk will use a sample application, Goof, which uses various vulnerable dependencies, which we will exploit as an attacker would. For each issue, we’ll explain why it happened, show its impact, and – most importantly – see how to avoid or fix it.
Liran tal Stranger Danger Security vulnerabilities - Negev Web Developers mee...
The document discusses the security risks of open source software and dependencies. It notes that while open source software is great, it can introduce vulnerabilities if dependencies are not properly reviewed since they are written by many strangers and may contain vulnerabilities. It advocates using a tool like Snyk to continuously find and fix vulnerabilities in dependencies before attackers can exploit them.
Charan Resume
This document contains the resume of Sai Charan Mukkamala. It summarizes his work experience as an Information Security Analyst and Security Researcher, education background with a Bachelor's Degree in Computer Science, and lists some of his professional achievements and skills. It provides his contact information and includes a summary of previous roles, responsibilities, and projects at various companies.
Mobile application security tools
With numerous mobile applications being used and developed today, these are often vulnerable to data theft and cyber crime. Cyber security testing of these apps are therefore a must to ensure efficiency and enhance customer experience. Our shift-left software testing approach at Qualitest, into every phase of your application development and prevent attacks.
Automatically Locating Malicious Packages in Piggybacked Android Apps
"Automatically Locating Malicious Packages in Piggybacked Android Apps" by Li Li with Daoyuan Li, Tegawendé F. Bissyandé, Jacques Klein, Haipeng Cai, David Lo, and Yves le Traon.
MobileSoft17, Buenos Aires, Argentina, 2017.
Erlang os
Erlang is a general-purpose programming language and runtime environment with built-in support for concurrency, distribution and fault tolerance. It was developed in 1986 at Ericsson for developing telecommunications systems. Some key features of Erlang include simplicity, managing concurrency and failure through lightweight processes, and a mature community. While setup can be complex and it lacks static types, Erlang excels at handling concurrency robustly. Major companies like WhatsApp use Erlang for its reliability in large distributed systems.
2016 - Daniel Lebrero - REPL driven development
New computers have more and more available memory which for us, programmers means we can use more memory in our applications.
However in JAVA (actually all JVM based languages) at some certain point things may get tricky, especially when we expect from our applications to be responsive all the time. This talk will focus on Garbage First collector (the new default in JDK9) which is the newest algorithm available in HotSpot JVM (not so new though) and the only one which can handle 32+GB heap size without blocking your application threads for longer than 200ms. After this talk you will have overview how G1 works, how to read the log, spot common problems and which gc settings you should avoid.
IFIP2023-Abhik.pptx
Greybox fuzzing methods to find security vulnerabilities in software systems are discussed in this talk. We discuss how fuzz testing methods can be inspired by ideas from symbolic execution and model checking to go beyond conventional fuzzing methods, without sacrificing the efficiency of fuzzing.
The OHF Legacy
After an looking back at the history of Eclipse OHF and its parts, we're going to learn what happened to them and why.
Beside those going a different path, mainly Open Health Tools (OHT) we take a closer look at the Legacy of OHF at Eclipse, mainly The Spatiotemporal Epidemiological Modeler (STEM) and Units of Measurement support from UOMo and related standards like the Unified Code for Units of Measure (UCUM)
Software Testing Basics
This document is an introduction to software testing that discusses why testing is important and what activities are involved in testing. It notes that software is ubiquitous and critical in many applications, and failures can have huge financial and safety impacts. More testing is needed due to increased expectations for reliability, larger and more complex software, and new platforms like the web. The goal is to help reduce risks and costs from failures through systematic testing approaches.
Code - Fu: Defensive Programming
Defensive programming aims to anticipate failure points and improve software quality by making code more reliable, maintainable, and robust. It involves programming with the assumption that things can go wrong in the real world where software interacts with users and external systems. Defensive practices include validating external input, writing code with teams in mind through standards and modularity, adding error handling and logging, and assuming other developers' code could contain bugs. The goal is to create programs that work as intended and are protected from invalid or malicious data.
KYS SSD - SOMMERVILE CH13-SECURE PROGRAMMING.pptx
This document discusses aspects of secure systems programming and dependable programming guidelines. It outlines eight guidelines for writing dependable code, including limiting information visibility, checking all inputs, handling exceptions, minimizing error-prone constructs, providing restart capabilities, checking array bounds, including timeouts for external calls, and naming constants. Following these guidelines can help improve program reliability and security by reducing vulnerabilities.
Droidcon it-2014-marco-grassi-viaforensics
Marco Grassi gives a presentation on reverse engineering, penetration testing, and hardening Android apps. The presentation covers techniques for reverse engineering APKs, dealing with obfuscation, tamper detection, securing network communications, attacks on IPC, and more advanced topics like runtime manipulation. Real-world examples are provided to demonstrate vulnerabilities found in apps and how they can be exploited.
Code - Fu: Defensive Programming
Defensive programming is much like defensive driving. In a world where we have different developers collaborating on a single project, whether closed or open source, different ways of coding can impact on the end product.
Defensive programming is a practice where one anticipates failures in coding and adds supporting code to detect, isolate and in some cases, recover from the ainticipated failure.
In this presentation we illustrate a number of defensive programming techniques, along with a few generally bad programming examples you'll want to avoid.
Unit Testing in Android
Unit testing in Android involves testing individual units or components of an Android application to verify their correctness. This is done during development by the developer. The document discusses what unit testing involves, provides examples of unit tests for a number validator class and interval overlapping detector class, and discusses test doubles, constraints of unit testing in Android, where to unit test in an Android app, and test-driven development.
Internet worms definitions and strategies to avoid it.
Internet worms definitions and strategies to avoid it. Compromising the availability and reliability of systems through security failure
In November 1988, a program was deliberately released that spread itself throughout Digital VAX and Sun workstations across the Internet. It exploited security vulnerabilities in Unix systems.
In itself, the program did no damage but it’s replication and threat of damage caused extensive loss of system service and reduced system responsiveness in thousands of host computers.
This program has become known as the Internet Worm.
This was the first widely distributed Internet security threat.
Strange files appeared in systems that were infected.
Strange log messages appeared in certain programs.
Each infection caused a number of processes to be generated. As systems were constantly re-infected, the number of processes grew and systems became overloaded.
Some systems (1000s) were shut down because of the problems and because of the unknown threat of damage.
Program was made up of two parts
A main program that looked for other machines that might be infected and that tried to find ways of getting into these machines;
A vector program (99 lines of C) that was compiled and run on the infected machine and which then transferred the main program to continue the process of infection.
Security vulnerabilities
fingerd - an identity program in Unix that runs in the background;
sendmail - the principal mail distribution program;
Password cracking;
Trusted logins.
Written in C and runs continuously.
C does NOT have bound checking on arrays. fingerd expects an input string but the writer of the worm noticed that if a longer string than was allowed for was presented, this overwrote part of memory.
By designing a string that included machine instructions and that overwrote a return address, the worm could invoke a remote shell (a Unix facility) that allowed priviledged commands to be executed.
sendmail routes mail and the worm took advantage of a debug facility that was often left on and which allowed a set of commands to be issued to the sendmail program.
This allowed the worm to specify that information should be transferred to new hosts through the mail system without having to process normal mail messages.
Unix passwords are encrypted and, in the encrypted form, are publicly available in /etc/passwd.
The worm encrypted lists of possible passwords and compared them with the password file to discover user passwords.
It used a list of about 400 common words that were known to be used as passwords.
It exploited fast versions of the encryption algorithm that were not envisaged when the Unix scheme was devised.
On Unix, tasks can be executed on remote machines.
To support this, there is the notion of a trusted login so that if a login command is issued to machine Z from user Y in machine X then Z assumes that X has carried out the authentication and that Y is trusted; no password is required.
The worm exploited this by looking for
An introduction to erlang
Erlang is a programming language used to build distributed, fault-tolerant systems. It was developed in the late 1980s at Ericsson for building telecom applications. Erlang uses lightweight processes to model systems and provides features like process isolation, message passing, distribution, and hot code swapping. The Open Telecom Platform (OTP) is a set of libraries and design principles for building robust Erlang applications. Many companies use Erlang for building scalable and reliable systems, including WhatsApp, Klarna, and Ericsson.
PROGRAMMING AND CYBER SECURITY
An overview of why knowing programming can make you a better cyber security professional, a look at the most popular languages and some pitfalls to avoid
Applying principles of chaos engineering to serverless (O'Reilly Software Arc...
This document summarizes a talk on applying principles of chaos engineering to serverless applications. It discusses defining steady state, injecting realistic failures like latency and errors, and using controlled experiments to build confidence in a system's ability to withstand failures in production. Specifically for serverless, it addresses challenges like smaller units of deployment and many managed services, and demonstrates how to inject latency and errors at different points to test failure handling. The goal is learning from failures, not intentionally breaking systems, so containment is important.
Not All Flaws Are Created Equal: The Difference Between a Flaw, a Vulnerabil...
According to Gartner, the application layer contains 90% of all vulnerabilities. However, do security experts and developers know what’s happening underneath the application layer? Organizations are aware they cannot afford to let potential system flaws or weaknesses in applications be exploited, but knowing the distinctions between these weaknesses can make all the difference in removing them successfully.
During this webinar, Jim Jastrzebski of CA Veracode will discuss how to identify risk factors within your application landscape and share his approach to helping security and development teams address them efficiently. Learn about the methods and solutions attackers typically rely on to perform application vulnerability discovery and compromise, and hear how organizations rely on application security technology and services to gain visibility into their overall landscape—and act upon it in the right way.
EARS: The Easy Approach to Requirements Syntax
One key to specifying effective functional requirements is minimizing misinterpretation and ambiguity. By employing a consistent syntax in your requirements, you can improve readability and help ensure that everyone on the team understands exactly what to develop. John Terzakis provides examples of typical requirements and explains how to improve them using the Easy Approach to Requirements Syntax (EARS). EARS provides a simple yet powerful method of capturing the nuances of functional requirements. John explains that you need to identify two distinct types of requirements. Ubiquitous requirements state a fundamental property of the software that always occurs; non-ubiquitous requirements depend on the occurrence of an event, error condition, state, or option. Learn and practice identifying the correct requirements type and restating those requirements with the corresponding syntax. Join John to find out what’s wrong with the requirements statement—The software shall warn of low battery—and how to fix it.
Apt presso good to learn
The document discusses Advanced Persistent Threats (APTs), which are sophisticated cyber attacks by hostile organizations aimed at gaining access to targeted information from governments, corporations, and individuals. APTs maintain a foothold in these environments to enable future access and control, and can modify data to disrupt performance. The document provides examples of how APTs use social engineering and malware delivered in emails or websites to infiltrate networks and maintain deep persistent access. It also discusses tools that APT actors use and specific cases like attacks targeting Tibetan groups.
Testingfor Sw Security
The document discusses techniques for testing software security, as traditional testing methods are not well-suited for finding security bugs. It outlines several approaches for identifying unintended side effects, including monitoring for unexpected interactions with the environment, injecting faults to test error handling, and attacking dependencies and implementations. Specifically, the document recommends testing applications' use of resources like files, memory, and network availability under stressful conditions to identify potential vulnerabilities.
Good programming
The document provides wisdom and advice for programmers from Sung-Kook Han. It discusses many principles and best practices for programming, including:
- Fully define the problem before starting to program.
- Use a top-down approach, draw diagrams, and think through the design before coding.
- Keep things simple, avoid duplication, and minimize complexity.
- Practice abstraction, single responsibility, and defensive programming.
- Iterate and refine through repeated programming.
- Choose tools and languages carefully and get continuous learning.
NDSU CSCI 717Software ConstructionDefensive Programming.docx
NDSU CSCI 717
Software Construction
Defensive Programming
Textbook
Steve McConnell. Code Complete: A Practical Handbook of Software Construction. 2nd Edition. Microsoft Press, 2004. Chapter 8.
2
Outline
Protecting from Invalid Inputs
Using Assertions
Error-Handling Techniques
Using Exceptions
Barricade/Firewall Your Program
Debugging Aids
Be Defensive about Defensive Programming
3
Protecting from Invalid Inputs
Garbage in, garbage out?
Mark of sloppy nonsecure program
Garbage in, nothing/error message out
No garbage allowed in
Defensive programming
If a routine is passed bad data, it won’t be hurt, even if the bad data is another routine’s fault.
Check values of all data from external sources
Sources: file, user, network
Allowable range: String vs security problem
Check values of all routine input parameters
Decide how to handle bad inputs
4
Assertions
To document assumptions made in the code and to flush out unexpected conditions
An input/output parameter in its expected range
A file/stream is open (or closed) when a routine begins (or ends) executing
A file/stream is at the beginning
A file/stream is open for read-only, write-only, etc.
An input-only variable is not changed
A pointer is non-null
A container is empty (or full) when a routine begins (or ends) executing
Match two results
5
Assertion Mechanism
Java assertions
Assert denominator!=0 : “denominator is 0”
Define your own
#define ASSERT(condition, message) {
if (!(condition)) {
LogError(“Assertion failed: ”, #condition, message);
exit(EXIT_FAILURE);
}
}
6
Using Assertions: Guidelines
Use error-handling for conditions you expect to occur; use assertions for condition that should never occur
Error handling typically checks for bad input
Assertions check for bugs in the code
Avoid putting executable code into assertions
The compiler will eliminate the code when the assertions are turned off
Use assertions to document/verify pre/postconds
For highly robust code, assert and then handle the error anyway.
E.g. change an invalid input to the closest legal value
7
Error-Handling Techniques
Return a neutral value (known to be harmless)
Examples: 0, empty string, default color
Substitute the next place of valid data
Encounter a corrupted record when reading from a DB
Return the same answer as the previous time
Thermometer-reading code does not get a reading one time
Substitute the closest legal value
Log a warning message to a file
Return an error code
8
Error-Handling Techniques
Call an error processing routine/object
Centralize error handling in a global routine/object
Display an error message wherever the error is encountered
Handle the error in whatever way works best locally
Individual developers have the flexibility
Risky: spread UI code throughout the system
Shut down
Safety critical applications
9
Using Exceptions: Suggestions
Use exceptions to notify other parts about errors that should not be ignored
Throw an exception only for conditions that are truly ex ...
Joe armstrong erlanga_languageforprogrammingreliablesystems
This document discusses principles for building reliable systems and references several experts in the field. It summarizes six laws for building fault-tolerant systems: isolation, concurrency, failure detection, fault identification, live code upgrades, and stable storage. It also discusses Erlang and how it was designed based on these principles for building concurrent and fault-tolerant systems.
Mobile Penetration Testing: Episode III - Attack of the Code
In the final installment of our mobile penetration testing trilogy, we dive deep to find security flaws in mobile apps by dissecting the code with reverse-engineering and code analysis.
Literature Review Basics and Understanding Reference Management.pptx
Three-day training on academic research focuses on analytical tools at United Technical College, supported by the University Grant Commission, Nepal. 24-26 May 2024
More Related Content
Similar to The Art of Defensive Programming By Ipan Ardian
IFIP2023-Abhik.pptx
Greybox fuzzing methods to find security vulnerabilities in software systems are discussed in this talk. We discuss how fuzz testing methods can be inspired by ideas from symbolic execution and model checking to go beyond conventional fuzzing methods, without sacrificing the efficiency of fuzzing.
The OHF Legacy
After an looking back at the history of Eclipse OHF and its parts, we're going to learn what happened to them and why.
Beside those going a different path, mainly Open Health Tools (OHT) we take a closer look at the Legacy of OHF at Eclipse, mainly The Spatiotemporal Epidemiological Modeler (STEM) and Units of Measurement support from UOMo and related standards like the Unified Code for Units of Measure (UCUM)
Software Testing Basics
This document is an introduction to software testing that discusses why testing is important and what activities are involved in testing. It notes that software is ubiquitous and critical in many applications, and failures can have huge financial and safety impacts. More testing is needed due to increased expectations for reliability, larger and more complex software, and new platforms like the web. The goal is to help reduce risks and costs from failures through systematic testing approaches.
Code - Fu: Defensive Programming
Defensive programming aims to anticipate failure points and improve software quality by making code more reliable, maintainable, and robust. It involves programming with the assumption that things can go wrong in the real world where software interacts with users and external systems. Defensive practices include validating external input, writing code with teams in mind through standards and modularity, adding error handling and logging, and assuming other developers' code could contain bugs. The goal is to create programs that work as intended and are protected from invalid or malicious data.
KYS SSD - SOMMERVILE CH13-SECURE PROGRAMMING.pptx
This document discusses aspects of secure systems programming and dependable programming guidelines. It outlines eight guidelines for writing dependable code, including limiting information visibility, checking all inputs, handling exceptions, minimizing error-prone constructs, providing restart capabilities, checking array bounds, including timeouts for external calls, and naming constants. Following these guidelines can help improve program reliability and security by reducing vulnerabilities.
Droidcon it-2014-marco-grassi-viaforensics
Marco Grassi gives a presentation on reverse engineering, penetration testing, and hardening Android apps. The presentation covers techniques for reverse engineering APKs, dealing with obfuscation, tamper detection, securing network communications, attacks on IPC, and more advanced topics like runtime manipulation. Real-world examples are provided to demonstrate vulnerabilities found in apps and how they can be exploited.
Code - Fu: Defensive Programming
Defensive programming is much like defensive driving. In a world where we have different developers collaborating on a single project, whether closed or open source, different ways of coding can impact on the end product.
Defensive programming is a practice where one anticipates failures in coding and adds supporting code to detect, isolate and in some cases, recover from the ainticipated failure.
In this presentation we illustrate a number of defensive programming techniques, along with a few generally bad programming examples you'll want to avoid.
Unit Testing in Android
Unit testing in Android involves testing individual units or components of an Android application to verify their correctness. This is done during development by the developer. The document discusses what unit testing involves, provides examples of unit tests for a number validator class and interval overlapping detector class, and discusses test doubles, constraints of unit testing in Android, where to unit test in an Android app, and test-driven development.
Internet worms definitions and strategies to avoid it.
Internet worms definitions and strategies to avoid it. Compromising the availability and reliability of systems through security failure
In November 1988, a program was deliberately released that spread itself throughout Digital VAX and Sun workstations across the Internet. It exploited security vulnerabilities in Unix systems.
In itself, the program did no damage but it’s replication and threat of damage caused extensive loss of system service and reduced system responsiveness in thousands of host computers.
This program has become known as the Internet Worm.
This was the first widely distributed Internet security threat.
Strange files appeared in systems that were infected.
Strange log messages appeared in certain programs.
Each infection caused a number of processes to be generated. As systems were constantly re-infected, the number of processes grew and systems became overloaded.
Some systems (1000s) were shut down because of the problems and because of the unknown threat of damage.
Program was made up of two parts
A main program that looked for other machines that might be infected and that tried to find ways of getting into these machines;
A vector program (99 lines of C) that was compiled and run on the infected machine and which then transferred the main program to continue the process of infection.
Security vulnerabilities
fingerd - an identity program in Unix that runs in the background;
sendmail - the principal mail distribution program;
Password cracking;
Trusted logins.
Written in C and runs continuously.
C does NOT have bound checking on arrays. fingerd expects an input string but the writer of the worm noticed that if a longer string than was allowed for was presented, this overwrote part of memory.
By designing a string that included machine instructions and that overwrote a return address, the worm could invoke a remote shell (a Unix facility) that allowed priviledged commands to be executed.
sendmail routes mail and the worm took advantage of a debug facility that was often left on and which allowed a set of commands to be issued to the sendmail program.
This allowed the worm to specify that information should be transferred to new hosts through the mail system without having to process normal mail messages.
Unix passwords are encrypted and, in the encrypted form, are publicly available in /etc/passwd.
The worm encrypted lists of possible passwords and compared them with the password file to discover user passwords.
It used a list of about 400 common words that were known to be used as passwords.
It exploited fast versions of the encryption algorithm that were not envisaged when the Unix scheme was devised.
On Unix, tasks can be executed on remote machines.
To support this, there is the notion of a trusted login so that if a login command is issued to machine Z from user Y in machine X then Z assumes that X has carried out the authentication and that Y is trusted; no password is required.
The worm exploited this by looking for
An introduction to erlang
Erlang is a programming language used to build distributed, fault-tolerant systems. It was developed in the late 1980s at Ericsson for building telecom applications. Erlang uses lightweight processes to model systems and provides features like process isolation, message passing, distribution, and hot code swapping. The Open Telecom Platform (OTP) is a set of libraries and design principles for building robust Erlang applications. Many companies use Erlang for building scalable and reliable systems, including WhatsApp, Klarna, and Ericsson.
PROGRAMMING AND CYBER SECURITY
An overview of why knowing programming can make you a better cyber security professional, a look at the most popular languages and some pitfalls to avoid
Applying principles of chaos engineering to serverless (O'Reilly Software Arc...
This document summarizes a talk on applying principles of chaos engineering to serverless applications. It discusses defining steady state, injecting realistic failures like latency and errors, and using controlled experiments to build confidence in a system's ability to withstand failures in production. Specifically for serverless, it addresses challenges like smaller units of deployment and many managed services, and demonstrates how to inject latency and errors at different points to test failure handling. The goal is learning from failures, not intentionally breaking systems, so containment is important.
Not All Flaws Are Created Equal: The Difference Between a Flaw, a Vulnerabil...
According to Gartner, the application layer contains 90% of all vulnerabilities. However, do security experts and developers know what’s happening underneath the application layer? Organizations are aware they cannot afford to let potential system flaws or weaknesses in applications be exploited, but knowing the distinctions between these weaknesses can make all the difference in removing them successfully.
During this webinar, Jim Jastrzebski of CA Veracode will discuss how to identify risk factors within your application landscape and share his approach to helping security and development teams address them efficiently. Learn about the methods and solutions attackers typically rely on to perform application vulnerability discovery and compromise, and hear how organizations rely on application security technology and services to gain visibility into their overall landscape—and act upon it in the right way.
EARS: The Easy Approach to Requirements Syntax
One key to specifying effective functional requirements is minimizing misinterpretation and ambiguity. By employing a consistent syntax in your requirements, you can improve readability and help ensure that everyone on the team understands exactly what to develop. John Terzakis provides examples of typical requirements and explains how to improve them using the Easy Approach to Requirements Syntax (EARS). EARS provides a simple yet powerful method of capturing the nuances of functional requirements. John explains that you need to identify two distinct types of requirements. Ubiquitous requirements state a fundamental property of the software that always occurs; non-ubiquitous requirements depend on the occurrence of an event, error condition, state, or option. Learn and practice identifying the correct requirements type and restating those requirements with the corresponding syntax. Join John to find out what’s wrong with the requirements statement—The software shall warn of low battery—and how to fix it.
Apt presso good to learn
The document discusses Advanced Persistent Threats (APTs), which are sophisticated cyber attacks by hostile organizations aimed at gaining access to targeted information from governments, corporations, and individuals. APTs maintain a foothold in these environments to enable future access and control, and can modify data to disrupt performance. The document provides examples of how APTs use social engineering and malware delivered in emails or websites to infiltrate networks and maintain deep persistent access. It also discusses tools that APT actors use and specific cases like attacks targeting Tibetan groups.
Testingfor Sw Security
The document discusses techniques for testing software security, as traditional testing methods are not well-suited for finding security bugs. It outlines several approaches for identifying unintended side effects, including monitoring for unexpected interactions with the environment, injecting faults to test error handling, and attacking dependencies and implementations. Specifically, the document recommends testing applications' use of resources like files, memory, and network availability under stressful conditions to identify potential vulnerabilities.
Good programming
The document provides wisdom and advice for programmers from Sung-Kook Han. It discusses many principles and best practices for programming, including:
- Fully define the problem before starting to program.
- Use a top-down approach, draw diagrams, and think through the design before coding.
- Keep things simple, avoid duplication, and minimize complexity.
- Practice abstraction, single responsibility, and defensive programming.
- Iterate and refine through repeated programming.
- Choose tools and languages carefully and get continuous learning.
NDSU CSCI 717Software ConstructionDefensive Programming.docx
NDSU CSCI 717
Software Construction
Defensive Programming
Textbook
Steve McConnell. Code Complete: A Practical Handbook of Software Construction. 2nd Edition. Microsoft Press, 2004. Chapter 8.
2
Outline
Protecting from Invalid Inputs
Using Assertions
Error-Handling Techniques
Using Exceptions
Barricade/Firewall Your Program
Debugging Aids
Be Defensive about Defensive Programming
3
Protecting from Invalid Inputs
Garbage in, garbage out?
Mark of sloppy nonsecure program
Garbage in, nothing/error message out
No garbage allowed in
Defensive programming
If a routine is passed bad data, it won’t be hurt, even if the bad data is another routine’s fault.
Check values of all data from external sources
Sources: file, user, network
Allowable range: String vs security problem
Check values of all routine input parameters
Decide how to handle bad inputs
4
Assertions
To document assumptions made in the code and to flush out unexpected conditions
An input/output parameter in its expected range
A file/stream is open (or closed) when a routine begins (or ends) executing
A file/stream is at the beginning
A file/stream is open for read-only, write-only, etc.
An input-only variable is not changed
A pointer is non-null
A container is empty (or full) when a routine begins (or ends) executing
Match two results
5
Assertion Mechanism
Java assertions
Assert denominator!=0 : “denominator is 0”
Define your own
#define ASSERT(condition, message) {
if (!(condition)) {
LogError(“Assertion failed: ”, #condition, message);
exit(EXIT_FAILURE);
}
}
6
Using Assertions: Guidelines
Use error-handling for conditions you expect to occur; use assertions for condition that should never occur
Error handling typically checks for bad input
Assertions check for bugs in the code
Avoid putting executable code into assertions
The compiler will eliminate the code when the assertions are turned off
Use assertions to document/verify pre/postconds
For highly robust code, assert and then handle the error anyway.
E.g. change an invalid input to the closest legal value
7
Error-Handling Techniques
Return a neutral value (known to be harmless)
Examples: 0, empty string, default color
Substitute the next place of valid data
Encounter a corrupted record when reading from a DB
Return the same answer as the previous time
Thermometer-reading code does not get a reading one time
Substitute the closest legal value
Log a warning message to a file
Return an error code
8
Error-Handling Techniques
Call an error processing routine/object
Centralize error handling in a global routine/object
Display an error message wherever the error is encountered
Handle the error in whatever way works best locally
Individual developers have the flexibility
Risky: spread UI code throughout the system
Shut down
Safety critical applications
9
Using Exceptions: Suggestions
Use exceptions to notify other parts about errors that should not be ignored
Throw an exception only for conditions that are truly ex ...
Joe armstrong erlanga_languageforprogrammingreliablesystems
This document discusses principles for building reliable systems and references several experts in the field. It summarizes six laws for building fault-tolerant systems: isolation, concurrency, failure detection, fault identification, live code upgrades, and stable storage. It also discusses Erlang and how it was designed based on these principles for building concurrent and fault-tolerant systems.
Mobile Penetration Testing: Episode III - Attack of the Code
In the final installment of our mobile penetration testing trilogy, we dive deep to find security flaws in mobile apps by dissecting the code with reverse-engineering and code analysis.
Similar to The Art of Defensive Programming By Ipan Ardian (20)
Internet worms definitions and strategies to avoid it.
Internet worms definitions and strategies to avoid it.
Applying principles of chaos engineering to serverless (O'Reilly Software Arc...
Applying principles of chaos engineering to serverless (O'Reilly Software Arc...
Not All Flaws Are Created Equal: The Difference Between a Flaw, a Vulnerabil...
Not All Flaws Are Created Equal: The Difference Between a Flaw, a Vulnerabil...
NDSU CSCI 717Software ConstructionDefensive Programming.docx
NDSU CSCI 717Software ConstructionDefensive Programming.docx
Joe armstrong erlanga_languageforprogrammingreliablesystems
Joe armstrong erlanga_languageforprogrammingreliablesystems
Mobile Penetration Testing: Episode III - Attack of the Code
Mobile Penetration Testing: Episode III - Attack of the Code
Recently uploaded
Literature Review Basics and Understanding Reference Management.pptx
Three-day training on academic research focuses on analytical tools at United Technical College, supported by the University Grant Commission, Nepal. 24-26 May 2024
ISPM 15 Heat Treated Wood Stamps and why your shipping must have one
For International shipping and maritime laws all wood must contain the ISPM 15 Stamp. Here is how and why.
IEEE Aerospace and Electronic Systems Society as a Graduate Student Member
IEEE Aerospace and Electronic Systems Society as a Graduate Student Member
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODEL
As digital technology becomes more deeply embedded in power systems, protecting the communication
networks of Smart Grids (SG) has emerged as a critical concern. Distributed Network Protocol 3 (DNP3)
represents a multi-tiered application layer protocol extensively utilized in Supervisory Control and Data
Acquisition (SCADA)-based smart grids to facilitate real-time data gathering and control functionalities.
Robust Intrusion Detection Systems (IDS) are necessary for early threat detection and mitigation because
of the interconnection of these networks, which makes them vulnerable to a variety of cyberattacks. To
solve this issue, this paper develops a hybrid Deep Learning (DL) model specifically designed for intrusion
detection in smart grids. The proposed approach is a combination of the Convolutional Neural Network
(CNN) and the Long-Short-Term Memory algorithms (LSTM). We employed a recent intrusion detection
dataset (DNP3), which focuses on unauthorized commands and Denial of Service (DoS) cyberattacks, to
train and test our model. The results of our experiments show that our CNN-LSTM method is much better
at finding smart grid intrusions than other deep learning algorithms used for classification. In addition,
our proposed approach improves accuracy, precision, recall, and F1 score, achieving a high detection
accuracy rate of 99.50%.
Iron and Steel Technology Roadmap - Towards more sustainable steelmaking.pdf
Iron and Steel Technology towards Sustainable Steelmaking
Casting-Defect-inSlab continuous casting.pdf
Casting-Defect-inSlab continuous casting. Casting-Defect-inSlab continuous casting. Casting-Defect-inSlab continuous casting. Casting-Defect-inSlab continuous casting. Casting-Defect-inSlab continuous casting. Casting-Defect-inSlab continuous casting. Casting-Defect-inSlab continuous casting. Casting-Defect-inSlab continuous casting
CHINA’S GEO-ECONOMIC OUTREACH IN CENTRAL ASIAN COUNTRIES AND FUTURE PROSPECT
The rivalry between prominent international actors for dominance over Central Asia's hydrocarbon
reserves and the ancient silk trade route, along with China's diplomatic endeavours in the area, has been
referred to as the "New Great Game." This research centres on the power struggle, considering
geopolitical, geostrategic, and geoeconomic variables. Topics including trade, political hegemony, oil
politics, and conventional and nontraditional security are all explored and explained by the researcher.
Using Mackinder's Heartland, Spykman Rimland, and Hegemonic Stability theories, examines China's role
in Central Asia. This study adheres to the empirical epistemological method and has taken care of
objectivity. This study analyze primary and secondary research documents critically to elaborate role of
china’s geo economic outreach in central Asian countries and its future prospect. China is thriving in trade,
pipeline politics, and winning states, according to this study, thanks to important instruments like the
Shanghai Cooperation Organisation and the Belt and Road Economic Initiative. According to this study,
China is seeing significant success in commerce, pipeline politics, and gaining influence on other
governments. This success may be attributed to the effective utilisation of key tools such as the Shanghai
Cooperation Organisation and the Belt and Road Economic Initiative.
A SYSTEMATIC RISK ASSESSMENT APPROACH FOR SECURING THE SMART IRRIGATION SYSTEMS
The smart irrigation system represents an innovative approach to optimize water usage in agricultural and landscaping practices. The integration of cutting-edge technologies, including sensors, actuators, and data analysis, empowers this system to provide accurate monitoring and control of irrigation processes by leveraging real-time environmental conditions. The main objective of a smart irrigation system is to optimize water efficiency, minimize expenses, and foster the adoption of sustainable water management methods. This paper conducts a systematic risk assessment by exploring the key components/assets and their functionalities in the smart irrigation system. The crucial role of sensors in gathering data on soil moisture, weather patterns, and plant well-being is emphasized in this system. These sensors enable intelligent decision-making in irrigation scheduling and water distribution, leading to enhanced water efficiency and sustainable water management practices. Actuators enable automated control of irrigation devices, ensuring precise and targeted water delivery to plants. Additionally, the paper addresses the potential threat and vulnerabilities associated with smart irrigation systems. It discusses limitations of the system, such as power constraints and computational capabilities, and calculates the potential security risks. The paper suggests possible risk treatment methods for effective secure system operation. In conclusion, the paper emphasizes the significant benefits of implementing smart irrigation systems, including improved water conservation, increased crop yield, and reduced environmental impact. Additionally, based on the security analysis conducted, the paper recommends the implementation of countermeasures and security approaches to address vulnerabilities and ensure the integrity and reliability of the system. By incorporating these measures, smart irrigation technology can revolutionize water management practices in agriculture, promoting sustainability, resource efficiency, and safeguarding against potential security threats.
Electric vehicle and photovoltaic advanced roles in enhancing the financial p...
Climate change's impact on the planet forced the United Nations and governments to promote green energies and electric transportation. The deployments of photovoltaic (PV) and electric vehicle (EV) systems gained stronger momentum due to their numerous advantages over fossil fuel types. The advantages go beyond sustainability to reach financial support and stability. The work in this paper introduces the hybrid system between PV and EV to support industrial and commercial plants. This paper covers the theoretical framework of the proposed hybrid system including the required equation to complete the cost analysis when PV and EV are present. In addition, the proposed design diagram which sets the priorities and requirements of the system is presented. The proposed approach allows setup to advance their power stability, especially during power outages. The presented information supports researchers and plant owners to complete the necessary analysis while promoting the deployment of clean energy. The result of a case study that represents a dairy milk farmer supports the theoretical works and highlights its advanced benefits to existing plants. The short return on investment of the proposed approach supports the paper's novelty approach for the sustainable electrical system. In addition, the proposed system allows for an isolated power setup without the need for a transmission line which enhances the safety of the electrical network
22CYT12-Unit-V-E Waste and its Management.ppt
Introduction- e - waste – definition - sources of e-waste– hazardous substances in e-waste - effects of e-waste on environment and human health- need for e-waste management– e-waste handling rules - waste minimization techniques for managing e-waste – recycling of e-waste - disposal treatment methods of e- waste – mechanism of extraction of precious metal from leaching solution-global Scenario of E-waste – E-waste in India- case studies.
Comparative analysis between traditional aquaponics and reconstructed aquapon...
The aquaponic system of planting is a method that does not require soil usage. It is a method that only needs water, fish, lava rocks (a substitute for soil), and plants. Aquaponic systems are sustainable and environmentally friendly. Its use not only helps to plant in small spaces but also helps reduce artificial chemical use and minimizes excess water use, as aquaponics consumes 90% less water than soil-based gardening. The study applied a descriptive and experimental design to assess and compare conventional and reconstructed aquaponic methods for reproducing tomatoes. The researchers created an observation checklist to determine the significant factors of the study. The study aims to determine the significant difference between traditional aquaponics and reconstructed aquaponics systems propagating tomatoes in terms of height, weight, girth, and number of fruits. The reconstructed aquaponics system’s higher growth yield results in a much more nourished crop than the traditional aquaponics system. It is superior in its number of fruits, height, weight, and girth measurement. Moreover, the reconstructed aquaponics system is proven to eliminate all the hindrances present in the traditional aquaponics system, which are overcrowding of fish, algae growth, pest problems, contaminated water, and dead fish.
学校原版美国波士顿大学毕业证学历学位证书原版一模一样
原版一模一样【微信:741003700 】【美国波士顿大学毕业证学历学位证书】【微信:741003700 】学位证,留信认证(真实可查,永久存档)offer、雅思、外壳等材料/诚信可靠,可直接看成品样本,帮您解决无法毕业带来的各种难题!外壳,原版制作,诚信可靠,可直接看成品样本。行业标杆!精益求精,诚心合作,真诚制作!多年品质 ,按需精细制作,24小时接单,全套进口原装设备。十五年致力于帮助留学生解决难题,包您满意。
本公司拥有海外各大学样板无数,能完美还原海外各大学 Bachelor Diploma degree, Master Degree Diploma
1:1完美还原海外各大学毕业材料上的工艺:水印,阴影底纹,钢印LOGO烫金烫银,LOGO烫金烫银复合重叠。文字图案浮雕、激光镭射、紫外荧光、温感、复印防伪等防伪工艺。材料咨询办理、认证咨询办理请加学历顾问Q/微741003700
留信网认证的作用:
1:该专业认证可证明留学生真实身份
2:同时对留学生所学专业登记给予评定
3:国家专业人才认证中心颁发入库证书
4:这个认证书并且可以归档倒地方
5:凡事获得留信网入网的信息将会逐步更新到个人身份内,将在公安局网内查询个人身份证信息后,同步读取人才网入库信息
6:个人职称评审加20分
7:个人信誉贷款加10分
8:在国家人才网主办的国家网络招聘大会中纳入资料,供国家高端企业选择人才
Recycled Concrete Aggregate in Construction Part III
Using recycled concrete aggregates (RCA) for pavements is crucial to achieving sustainability. Implementing RCA for new pavement can minimize carbon footprint, conserve natural resources, reduce harmful emissions, and lower life cycle costs. Compared to natural aggregate (NA), RCA pavement has fewer comprehensive studies and sustainability assessments.
TIME DIVISION MULTIPLEXING TECHNIQUE FOR COMMUNICATION SYSTEM
Time Division Multiplexing (TDM) is a method of transmitting multiple signals over a single communication channel by dividing the signal into many segments, each having a very short duration of time. These time slots are then allocated to different data streams, allowing multiple signals to share the same transmission medium efficiently. TDM is widely used in telecommunications and data communication systems.
### How TDM Works
1. **Time Slots Allocation**: The core principle of TDM is to assign distinct time slots to each signal. During each time slot, the respective signal is transmitted, and then the process repeats cyclically. For example, if there are four signals to be transmitted, the TDM cycle will divide time into four slots, each assigned to one signal.
2. **Synchronization**: Synchronization is crucial in TDM systems to ensure that the signals are correctly aligned with their respective time slots. Both the transmitter and receiver must be synchronized to avoid any overlap or loss of data. This synchronization is typically maintained by a clock signal that ensures time slots are accurately aligned.
3. **Frame Structure**: TDM data is organized into frames, where each frame consists of a set of time slots. Each frame is repeated at regular intervals, ensuring continuous transmission of data streams. The frame structure helps in managing the data streams and maintaining the synchronization between the transmitter and receiver.
4. **Multiplexer and Demultiplexer**: At the transmitting end, a multiplexer combines multiple input signals into a single composite signal by assigning each signal to a specific time slot. At the receiving end, a demultiplexer separates the composite signal back into individual signals based on their respective time slots.
### Types of TDM
1. **Synchronous TDM**: In synchronous TDM, time slots are pre-assigned to each signal, regardless of whether the signal has data to transmit or not. This can lead to inefficiencies if some time slots remain empty due to the absence of data.
2. **Asynchronous TDM (or Statistical TDM)**: Asynchronous TDM addresses the inefficiencies of synchronous TDM by allocating time slots dynamically based on the presence of data. Time slots are assigned only when there is data to transmit, which optimizes the use of the communication channel.
### Applications of TDM
- **Telecommunications**: TDM is extensively used in telecommunication systems, such as in T1 and E1 lines, where multiple telephone calls are transmitted over a single line by assigning each call to a specific time slot.
- **Digital Audio and Video Broadcasting**: TDM is used in broadcasting systems to transmit multiple audio or video streams over a single channel, ensuring efficient use of bandwidth.
- **Computer Networks**: TDM is used in network protocols and systems to manage the transmission of data from multiple sources over a single network medium.
### Advantages of TDM
- **Efficient Use of Bandwidth**: TDM all
5214-1693458878915-Unit 6 2023 to 2024 academic year assignment (AutoRecovere...
Bigdata of technology
Recently uploaded (20)
BPV-GUI-01-Guide-for-ASME-Review-Teams-(General)-10-10-2023.pdf
BPV-GUI-01-Guide-for-ASME-Review-Teams-(General)-10-10-2023.pdf
Literature Review Basics and Understanding Reference Management.pptx
Literature Review Basics and Understanding Reference Management.pptx
ISPM 15 Heat Treated Wood Stamps and why your shipping must have one
ISPM 15 Heat Treated Wood Stamps and why your shipping must have one
IEEE Aerospace and Electronic Systems Society as a Graduate Student Member
IEEE Aerospace and Electronic Systems Society as a Graduate Student Member
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODEL
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODEL
Iron and Steel Technology Roadmap - Towards more sustainable steelmaking.pdf
Iron and Steel Technology Roadmap - Towards more sustainable steelmaking.pdf
Engineering Drawings Lecture Detail Drawings 2014.pdf
Engineering Drawings Lecture Detail Drawings 2014.pdf
CHINA’S GEO-ECONOMIC OUTREACH IN CENTRAL ASIAN COUNTRIES AND FUTURE PROSPECT
CHINA’S GEO-ECONOMIC OUTREACH IN CENTRAL ASIAN COUNTRIES AND FUTURE PROSPECT
A SYSTEMATIC RISK ASSESSMENT APPROACH FOR SECURING THE SMART IRRIGATION SYSTEMS
A SYSTEMATIC RISK ASSESSMENT APPROACH FOR SECURING THE SMART IRRIGATION SYSTEMS
Electric vehicle and photovoltaic advanced roles in enhancing the financial p...
Electric vehicle and photovoltaic advanced roles in enhancing the financial p...
Manufacturing Process of molasses based distillery ppt.pptx
Manufacturing Process of molasses based distillery ppt.pptx
Comparative analysis between traditional aquaponics and reconstructed aquapon...
Comparative analysis between traditional aquaponics and reconstructed aquapon...
Recycled Concrete Aggregate in Construction Part III
Recycled Concrete Aggregate in Construction Part III
TIME DIVISION MULTIPLEXING TECHNIQUE FOR COMMUNICATION SYSTEM
TIME DIVISION MULTIPLEXING TECHNIQUE FOR COMMUNICATION SYSTEM
5214-1693458878915-Unit 6 2023 to 2024 academic year assignment (AutoRecovere...
5214-1693458878915-Unit 6 2023 to 2024 academic year assignment (AutoRecovere...
The Art of Defensive Programming By Ipan Ardian
- 1. THE ART OF DEFENSIVE PROGRAMMING MEETUP CIREBON DEV #3 IPAN ARDIAN
- 2. <HELLO!/> Ipan Ardian Sr. Software Engineer Indosystem & Loket (GoJek Group) 9+ years’ experience http://ipanardian.com 2
- 3. WHAT’S DEFENSIVE PROGRAMMING Let’s start with the definition first 3
- 4. 4 Defensive programming is a form of defensive design intended to ensure the continuing function of a piece of software under unforeseen circumstances. Defensive programming practices are often used where high availability, safety or security is needed — Wikipedia
- 5. WHY DEFENSIVE PROGRAMMING Does it matter 5
- 6. 6 WW3, ALMOST… In 1980, NORAD reported that the US was under missile attack. The problem was caused by a faulty circuit, a possibility the reporting software hadn’t taken into account. DEADLY RADIATION THERAPY A bug in the code controlling the Therac-25 radiation therapy machine was directly responsible for at least five patient deaths in the 1980s when it administered excessive quantities of X-rays. BUGS
- 7. 7 ROCKET LAUNCH ERRORS The European Space Agency’s Ariane 5 Flight 501 was destroyed 40 seconds after takeoff (June 4, 1996). The US$1 billion prototype rocket self-destructed due to a bug in the on-board guidance software. LOST IN SPACE One of the subcontractors NASA used when building its Mars climate orbiter had used English units instead of the intended metric system, which caused the orbiter’s thrusters to work incorrectly. Due to this bug, the orbiter crashed almost immediately when it arrived at Mars in 1999. The cost of the project was $327 million.
- 8. “You can’t sleep well if you are not confident that your last commit didn’t take down the whole application” 8
- 10. 10
- 11. 11 Try to be as strict as possible. Assert that your input values are what you expect. Never Trust User Input
- 12. Don’t write STUPID code, use SOLID code!! Write SOLID Code 12
- 13. 13 From STUPID to SOLID Code! STUPID Singleton Tight Coupling Untestability Premature Optimization Indescriptive Naming Duplication SOLID Single Responsibility Principle Open/Closed Principle Liskov Substitution Principle Interface Segregation Principle Dependency Inversion Principle
- 14. Writing unit tests will help you adhering to common principles such as High Cohesion, Single Responsibility, Low Coupling and right object composition Test test test! 14
- 16. As developers shouldn’t trust others developers’ code. We shouldn’t trust our code neither. Code Review 16
- 17. Stop hoping your users will report errors. Monitor and fix crashes in real time. Iterate continuously. Boost efficiency. Improve user experience. Tracking Error 17