“I am not in the office at the moment. Send any work to be translated.”

Slides:



Advertisements
Similar presentations
Electronic Measure and Test Unit 53 Task 4 (P4).  A plan that clearly details the tests that will be performed  What to test  How to test (step by.
Advertisements

CML CML CS 230: Computer Organization and Assembly Language Aviral Shrivastava Department of Computer Science and Engineering School of Computing and Informatics.
DAP-1520 FAQ’s Wireless AC750 Dual Band Range Extender.
Syllabus Case Histories WW III Almost Medical Killing Machine
Department of Informatics, UC Irvine SDCL Collaboration Laboratory Software Design and sdcl.ics.uci.edu 1 Informatics 121 Software Design I Lecture 5 Duplication.
CSC 4250 Computer Architectures September 12, 2006 Appendix H. Computer Arithmetic.
WHY THEY FAILED AND LESSONS TO BE DRAWN Samuel Franklin G53QAT: Quality Assurance and Testing Famous Software Failures.
Software Engineering Disasters
What is Rounding Error? AiS Challenge STI 2003 Richard Allen.
Chapter 8 Representing Information Digitally.
Introduction to InfoSec – Recitation 7 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)
1 COMS 161 Introduction to Computing Title: Numeric Processing Date: November 10, 2004 Lecture Number: 31.
ICLOUD TECHNOLOGY WITH SECURITY ISSUES Group 4: Tse Shun Dun Wong Ngai Shan Wong Chi Ho Cheung Chun Kan Wong Yuet Hing
Wi-Fi Security January 21, 2008 by Larry Finger. Wi-Fi Security Most laptops now come with built-in wireless capability, which can be very handy; however,
©Ian Sommerville 2000CS 365 Ariane 5 launcher failureSlide 1 The Ariane 5 Launcher Failure June 4th 1996 Total failure of the Ariane 5 launcher on its.
Modern Software Development Fawzi Emad Chau-Wen Tseng Department of Computer Science University of Maryland, College Park.
ARIANE 5 FAILURE ► BACKGROUND:- ► European space agency’s re-useable launch vehicle. ► Ariane-4 was a major success ► Ariane -5 was developed for the larger.
1 CMSC 132: Object-Oriented Programming II Software Development I Department of Computer Science University of Maryland, College Park.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
Changing the iPhone 5 from 3G mode to LTE mode. *IMPORTANT BEFORE YOU START!* iPhone MUST be charged and you MUST have access to iTunes.
©Ian Sommerville 2004Software Engineering Case Studies Slide 1 The Ariane 5 Launcher Failure June 4th 1996 Total failure of the Ariane 5 launcher on its.
1 Semester 2 Module 2 Introduction to Routers Yuda college of business James Chen
1 Network Quarantine At Cornell University Steve Schuster Director, Information Security Office.
HCare access on an iPad hCare access is the remote access to PGH. The steps for installing vary from the Mac somewhat. This will guide you. Installation.
Software Errors Who is to blame?. Almost everything in our daily lives is controlled by CPU’s and software… Does Embedded Software = Embedded Disasters?
PEMSolutions Technology Training The New Early Warning System.
Air Traffic Control Software System Failure Case Study – As-is Scenario Presented by Stanley Dam For SE 6361 Advanced Requirement Engineering 10/25/2013.
USS Yorktown (1998) A crew member of the guided-missile cruiser USS Yorktown mistakenly entered a zero for a data value, which resulted in a division by.
Configuring the MagicInfo Pro Display
The Unintended Consequences of a career in Engineering Or How to end up a mass murderer without even trying.
The Ariane 5 Launcher Failure
CRASH AND BURN ARIANE 5 Kristen Hieronymus SYSM6309 Advanced Requirements Engineering
The Ariane 5 Launcher Failure June 4th 1996 Total failure of the Ariane 5 launcher on its maiden flight.
Troubleshooting Windows Vista Security Chapter 4.
Module 7: Fundamentals of Administering Windows Server 2008.
EMerge Browser Managed Security Platform Module 3: Startup eMerge Certification Course  Physical connection  TCP/IP Characteristics of PC  Initial connection.
Figures – Chapter 14. Figure 14.1 System layers where security may be compromised.
Modern Software Development Nelson Padua-Perez Chau-Wen Tseng Department of Computer Science University of Maryland, College Park.
 Most current version 1.3  Will review some basic and advanced portions of the software  Only have 50 minutes including questions  Please write down.
Lecture 08 – Documentation, debugging.  docstring  A special kind of string (text) used to provide documentation  Appears at the top of a module 
14 Copyright © 2005, Oracle. All rights reserved. Backup and Recovery Concepts.
“I am not in the office at the moment. Send any work to be translated.”
IPhone iOS7 Setup and Activation. Hello When the device is turned on, the first screen you will see is the iPhone Hello screen. On this screen you will.
The Unintended Consequences of a career in Engineering Or How to end up a mass murderer without even trying.
© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.
Unintended Consequences of a career in Engineering.
18 Copyright © 2004, Oracle. All rights reserved. Backup and Recovery Concepts.
1 Network Quarantine At Cornell University Steve Schuster Director, Information Security Office.
18 Copyright © 2004, Oracle. All rights reserved. Recovery Concepts.
Global Field Operations From Vision to Value Cisco Confidential1© 2011 Cisco and/or its affiliates. All rights reserved. Access to PMC Partner Training.
CSCE 201 Identification and Authentication Fall 2015.
Virtual Machines Module 2. Objectives Define virtual machine Define common terminology Identify advantages and disadvantages Determine what software is.
HAMILTON VENUS Security Settings. Security Settings are set in the System Configuration Editor.
Maryknoll Wireless Network Access Steps for Windows 7 As of Aug 20, 2012.
Topic 10Summer Ariane 5 Some slides based on talk from Sommerville.
Make Your iPad Work for You Session 2 Brian McCarty.
Technology Coordinator Training. Agenda Getting Started Using SystemCheck Technology Configurations Infrastructure Trial Proctor Caching Overview Managing.
Proctor Caching Overview. 2 Proctor Caching Diagram.
Introduction to Information Security Vulnerabilities 1.
SOFTWARE FAILURES.
SuccessFactors - Frequently Asked Questions FAQs Question: I don't have easy access to a computer at work. What other options do I have? Answer: SuccessFactors.
Chapter Objectives In this chapter, you will learn:
LONER MOBILE.
LONER MOBILE.
ECE 103 Engineering Programming Chapter 2 SW Disasters
Install and Run the Kronos Mobile App
Unit Conversions.
What this course is NOT about:
Software Engineering Disasters
How to install and manage exchange server 2010 OP Saklani.
Presentation transcript:

“I am not in the office at the moment. Send any work to be translated.”

WinVote Security One of several systems built in response to Help America Vote Act of 2002 Based on Windows XP Uses Wi-Fi to program election details and download results In 2014 reports of crashing when a poll worker downloaded music on his iPhone Led to new assessment of the system

WinVote Security Results XP embedded not patched since 2004 Uses WEP, considered obsolete already in 2004 due to security flaws WEP key hardwired to “abcde” Disabling Wi-Fi disabled the WinVote app, left XP exposed Windows administrator password set to “admin” with no interface to change it No logs or checksums to detect tampering with system’s database “If system was not hacked it was only because nobody tried”

Apple Security Update iOS Data Security Available for: iPhone 4 and later, iPod touch (5th generation), iPad 2 and later Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS Description: Secure Transport failed to validate the authenticity of the connection. This issue was addressed by restoring missing validation steps.

hashOut.data = hashes + SSL_MD5_DIGEST_LEN; hashOut.length = SSL_SHA1_DIGEST_LEN; if ((err = SSLFreeBuffer(&hashCtx)) != 0) goto fail; if ((err = ReadyHash(&SSLHashSHA1, &hashCtx)) != 0) goto fail; if ((err = SSLHashSHA1.update(&hashCtx, &clientRandom)) != 0) goto fail; if ((err = SSLHashSHA1.update(&hashCtx, &serverRandom)) != 0) goto fail; if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0) goto fail; if ((err = SSLHashSHA1.final(&hashCtx, &hashOut)) != 0) goto fail; err = sslRawVerify(...); fail:... Return(err);

In other cases it is not so funny.

Patriot Timing Glitch Loses Scud 25 Feb 1991 (Gulf War) Iraqi scud rocket hits American base in Saudia, killing 28 Patriot missile battery failed to track the scud Patriot keeps time using 0.1 sec clock Calculates seconds by multiplying by 1/10 Using 24-bit value for 1/10 lost 0.34 sec after 100 hours of operation Scud travels >500m in this time, and tracking failed

AA 965 Crash – 159 Dead 20 Dec 1995 flight from Miami to Colombia Pilots entered “R” for Rozo waypoint into navigational computer “R” also represented Romeo waypoint, which was somewhere else Romeo was more common, so it was the default Plane automatically turned towards Romeo Unfortunately there was a mountain in the way

Ariane 5 Explodes 4 Jun 1996, maiden flight of new launcher for placing satellites into orbit Destroyed after ~40 seconds due to obvious flight problems Primary cause: failure to convert a 64-bit value into 16-bits in inertial reference system (SRI) Secondary cause: diagnostic error data from SRI was interpreted as (extremely strange) flight data by main computer Trying to “correct” flight led to instability

Ariane 5 Irony The original 64-bit value is used only for alignment before launch, but left on for ~45 sec later as was desired in Ariane 4 Backup SRI ran identical software, had same failure – Assumes that errors are random and shutdown is a good solution Conversion was not checked because in Ariane 4 values were indeed much smaller

NASA Loses Mars Climate Orbiter Orbiter Launched in 1998, reached Mars in 1999 Supposed to orbit at km, but went as low as 57km, causing excessive stress and friction Cause: computer controlling the thrusters underestimated their power by a factor of 4.45 Root cause: not converting metric units specified by NASA to Imperial units used by software

LA Air Traffic Loses Radio Contact 14 Sep 2004 afternoon Air traffic controllers lose radio contact with ~400 planes, backup fails within 1 minute System uses touch screen to create voice channels between controller and airplane or other controller Upon failure controllers couldn’t alert pilots about necessary course changes Several near collisions avoided by on-board collision avoidance systems that alerted pilots

LA Air Contact Lose Causes Technicians did not perform 30-day reboot – System looked OK Reboot regulation instated after previous failures occurred after 49.7 days Cause of failures is a 32-bit millisecond timer used for continuous self test (and other things) When counter reaches 0 system crashes

Knight Trading loses $440M 1 Aug 2012 at 9:30-10:15 AM Repeatedly trade about 140 securities, buying them at the (high) ask price and selling at the (low) bid price Repeat ~40 times per second for 45 minutes Example: in security where price difference is 15 cents/share, lose $6/sec = $360/min or $16,200 in the 45 minutes for each share This was part of testing new software