Sources of Vulnerabilities

Sources of Vulnerabilities

CSEM02University of Sunderland

Reference

• P. Neumann, 1995, Computer-Related Risks, Addison-Wesley, ISBN: 0-201-55805-X

Vulnerabilities in Development

• System conceptualization – Miss-assessment of the

technology. • Requirements definition

– Erroneous, incomplete, or inconsistent requirements.

• System design – Fundamental

misconceptions or flaws. • Implementation

– Various errors. • Support systems

– Faulty or poor tools.

• System analysis – False assumptions or

erroneous models. • Testing

– Incomplete or erroneous testing.

• Evolution – Sloppy maintenance and

upgrades. • Decommission

– Premature removal; removal of components

used elsewhere.

Vulnerabilities in Use• Environment

– Earthquakes, floods, fires, etc.

• Animals – E.g., squirrelcide.

• Infrastructure – Loss of power, air conditioning

• Hardware – Malfunction due to ageing or transients

• Software – Bugs

• Communications – Outages, interference, and jamming

• Human Limitations – Installation or misuse

Note Well…• Vulnerabilities are not just security…

• However, security vulnerabilities:– Tend to involve insiders– Tend to involve human behavior– Sometimes result from unwarranted assumptions

– Often are due to design errors or incomplete understanding of a system or technology

System Conceptualization

• Misunderstanding of the technology– Too far– Not far enough

• Cost overruns• Schedule overruns• Lack of FeasibilityExample—MIFASS (Marine Fire and Air Support System). The agency direction was to use a CPU somewhat slower than a first generation Apple II. There was no recovery.

Requirements Definition

• Erroneous requirements• Incomplete requirements• Inconsistent requirementsExtremely common and expensive. Missing requirements are the worst problem. Agile methods attempt to address this.

System Design• Fundamentally false assumptions

– E.g., infinite speed of light• Erroneous modelsExample: the FAA’s Advance Automation System. The contractor assumed that the average statement in Ada generated 5 machine instructions (actually it was 10) and that the speed of a 10 MHz machine was (with parallelism) 20 MHz (actually it was 12 MHz). There was no recovery.

Implementation

• Various and varied.– Chip fab– Wiring– Programming bugs– Trojan horses– VirusesWe will discuss this.

Support Systems• Faulty or poor tools

– Language choice– Compiler/debugger– Bad tools– EdittingCASE tools never met their expectations…Sometimes reflect failure to meet standards.Sometimes are deliberate on the part of a vendor.

System Analysis

• False assumptions about– World– Operating environment– Human behavior

• Erroneous models and simulationsPrototypes help here.

Testing

• Incomplete testing• Erroneous testing• Faulty code verificationWhat is a testable requirement? One way of addressing this is Test-Driven Development (TDD), where you write the unit tests first.

Evolution• Sloppy maintenance and upgrades.• Misconceptions• New flaws• Loss of design coherencyMaintenance organizations do not attract the best engineers. Design your system so it can be maintained by entry-level staff.

Decommission• Premature removal.• Removal of components needed elsewhere.

• Hidden dependencies• Replacement not done in time• Hardware and software end of life

• Vendor profiteering

Environment

• Earthquake• Flood• Fire• Temperature extremes• EMI• Etc…

Animals• Sharks (underwater cables)• Squirrels (enjoy fibre and cabling)• Monkeys (inquisitive)• Birds (watch your neighborhood telephone poles)

• Horses (enjoy practical jokes)• Cattle• Pigs• Etc.

Infrastructure

• Power• Air Conditioning• Physical Security

Hardware

• Ageing• Transients• Environmental problems• Errors in Design

Software

• Bugs of many sorts– System development– Change implementation– Maintenance

Communications

• Outages• Natural interference• Jamming

– Intentional– Accidental

• Tapping• Other

Human Error

• Installation• Misuse

– Intentional– Unintentional

Adverse Effects

• A myriadDiscuss…