Software Fault Injection for Survivability Jeffrey M. Voas & Anup K. Ghosh Presented by Alison Teoh.

Slides:

Advertisements

Similar presentations

Test process essentials Riitta Viitamäki,

Advertisements

Abhinn Kothari, 2009CS10172 Parth Jaiswal 2009CS10205 Group: 3 Supervisor : Huzur Saran.

Software testing.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 23 Slide 1 Software testing.

Software Testing. Overview Definition of Software Testing Problems with Testing Benefits of Testing Effective Methods for Testing.

Page 1 Building Reliable Component-based Systems Chapter 10 - Predicting System Trustworthiness Chapter 10 Predicting System Trustworthiness.

Why Security Testing Is Hard by Herbert H. Thompson presented by Carlos Hernandez.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 23 Slide 1 Software testing.

1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.

OHT 3.1 Galin, SQA from theory to implementation © Pearson Education Limited 2004 The need for comprehensive software quality requirements Classification.

Software Fault Injection Kalynnda Berens Science Applications International Corporation NASA Glenn Research Center.

09/18/06 1 Software Security Vulnerability Testing in Hostile Environment Herbert H. Thompson James A. Whittaker Florence E. Mottay.

SIMULATING ERRORS IN WEB SERVICES International Journal of Simulation: Systems, Sciences and Technology 2004 Nik Looker, Malcolm Munro and Jie Xu.

Introduction to Software Testing

Issues on Software Testing for Safety-Critical Real-Time Automation Systems Shahdat Hossain Troy Mockenhaupt.

INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.

TEST CASE DESIGN Prepared by: Fatih Kızkun. OUTLINE Introduction –Importance of Test –Essential Test Case Development A Variety of Test Methods –Risk.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 23 Slide 1 Software testing.

Software Testing Verification and validation planning Software inspections Software Inspection vs. Testing Automated static analysis Cleanroom software.

Dr. Pedro Mejia Alvarez Software Testing Slide 1 Software Testing: Building Test Cases.

Software Faults and Fault Injection Models --Raviteja Varanasi.

CSCE 548 Secure Software Development Risk-Based Security Testing.

Software Quality Assurance Lecture #8 By: Faraz Ahmed.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 23 Slide 1 Software testing Slightly adapted by Anders Børjesson.

 Prototype for Course on Web Security ETEC 550.  Huge topic covering both system/network architecture and programming techniques.  Identified lack.

Weaponizing Wireless Networks: An Attack Tool for Launching Attacks against Sensor Networks Thanassis Giannetsos Tassos Dimitriou Neeli R. Prasad.

Computer Security and Penetration Testing

1 Software testing. 2 Testing Objectives Testing is a process of executing a program with the intent of finding an error. A good test case is in that.

Testing Basics of Testing Presented by: Vijay.C.G – Glister Tech.

Software Testing Testing types Testing strategy Testing principles.

OBJECT ORIENTED SYSTEM ANALYSIS AND DESIGN. COURSE OUTLINE The world of the Information Systems Analyst Approaches to System Development The Analyst as.

Dr. Tom WayCSC Testing and Test-Driven Development CSC 4700 Software Engineering Based on Sommerville slides.

Defending Browsers against Drive-by Downloads:Mitigating Heap-Spraying Code Injection Attacks Authors:Manuel Egele, Peter Wurzinger, Christopher Kruegel,

BE-SECBS FISA 2003 November 13th 2003 page 1 DSR/SAMS/BASP IRSN BE SECBS – IRSN assessment Context application of IRSN methodology to the reference case.

Introduction to Software Testing. Types of Software Testing Unit Testing Strategies – Equivalence Class Testing – Boundary Value Testing – Output Testing.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 22 Slide 1 Software Verification, Validation and Testing.

Building Dependable Distributed Systems Chapter 1 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

APPLICATION PENETRATION TESTING Author: Herbert H. Thompson Presentation by: Nancy Cohen.

1 ITGD 2202 Supervision:- Assistant Professor Dr. Sana’a Wafa Al-Sayegh Dr. Sana’a Wafa Al-SayeghStudent: Anwaar Ahmed Abu-AlQumboz.

Testing Techniques Software Testing Module ( ) Dr. Samer Hanna.

Software quality factors

1 Introduction to Software Testing. Reading Assignment P. Ammann and J. Offutt “Introduction to Software Testing” ◦ Chapter 1 2.

Chapter 8 Lecture 1 Software Testing. Program testing Testing is intended to show that a program does what it is intended to do and to discover program.

Software Engineering1  Verification: The software should conform to its specification  Validation: The software should do what the user really requires.

PROGRAMMING TESTING B MODULE 2: SOFTWARE SYSTEMS 22 NOVEMBER 2013.

HNDIT23082 Lecture 09:Software Testing. Validations and Verification Validation and verification ( V & V ) is the name given to the checking and analysis.

Detecting Hardware Trojans in Unspecified Functionality Using Mutation Testing Nicole Fern K.-T. Tim Cheng UC Santa Barbara 1.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 23 Slide 1 Software testing.

Mutation Testing Breaking the application to test it.

Testing Overview Software Reliability Techniques Testing Concepts CEN 4010 Class 24 – 11/17.

Lecturer: Eng. Mohamed Adam Isak PH.D Researcher in CS M.Sc. and B.Sc. of Information Technology Engineering, Lecturer in University of Somalia and Mogadishu.

UC Marco Vieira University of Coimbra

UC Marco Vieira University of Coimbra

ISQB Software Testing Section Meeting 10 Dec 2012.

CMSC 345 Defensive Programming Practices from Software Engineering 6th Edition by Ian Sommerville.

CSCE 548 Secure Software Development Risk-Based Security Testing

Testing Tutorial 7.

Integration Testing.

Security Testing Methods

Software Security ITGD 2202 Supervision:- Assistant Professor

Chapter 8 – Software Testing

Security Engineering.

Verification & Validation

Fault Injection: A Method for Validating Fault-tolerant System

Software testing strategies 2

Lecture 09:Software Testing

Software testing.

Dynamic Program Analysis

Chapter 7 Software Testing.

Luca Simoncini PDCC, Pisa and University of Pisa, Pisa, Italy

Presentation transcript:

Software Fault Injection for Survivability Jeffrey M. Voas & Anup K. Ghosh Presented by Alison Teoh

Goals of Software Testing Correctness Reliability Usability Robustness Performance

Goals of Software Testing Correctness Reliability Usability Robustness Performance

Goals of Software Testing Correctness Reliability Usability Robustness Performance Survivability

Outline Basic definitions and Testing Technique Overview Algorithm for Fault Injection Analysis Fault Injection Security Tool (FIST) Interface Propagation Analysis (IPA) Conclusions

Some Basic Definitions Information Survivability: “The ability of a system to continue to operate in the presence of faults, anomalous system behaviour, or malicious attack.” Fault Injection: “The process of perturbing program behaviour by corrupting a program state during program execution.”

Three Primary Threats to Survivability: Software Flaws Malicious Attacks Anomalous Behaviour of Third Party Software

Three Primary Threats to Survivability: Software Flaws – We don’t know where the actual errors are – Simulate random flaws Malicious Attacks – Subject software to well-known attacks Anomalous Behaviour of Third Party Software – Libraries and COTS components may be flawed – Simulate component failure

Algorithm P = Program under analysis S = State of the system x = Input value l = Location in P PRED = Security violation predicate (assertion) for P and S

Algorithm 1 – Execute P on selected input x 2 – Instrument code to determine each l in P that is exercised by x. 3 – Determine the outcome of an unperturbed run of P 4 – Alter some variable at location l (inject a fault) 5 – If security predicate (assertion) was violated, record location l 6 – Repeat steps 1-5 until coverage goals met 7 – Use recorded locations in code as basis of further analysis (code inspection, verification, etc)

FIST (Fault Injection Security Tool) Implementation of fault injection analysis algorithm C/C++ Allows developer to: – Randomly perturb program states – Append or truncate strings – Attempt Buffer Overflows – Perform other fault injection functions

FIST

Miscellaneous Reasons FIST is effective: – Always attempts to overflow buffers Most tools only target specific, vulnerable functions StackGuard, Fuzz – Allows users to specify “security violations” for individual applications under analysis Choose from predefined assertions Create your own assertions based on any C expression – Capable of external assertion monitoring

FIST FIST Analysis was performed over a variety of network service daemons Several potentially exploitable locations were identified Security violation identified in WU-FTPD was later independently discovered and reported by CERT-CC

IPA (Interface Propagation Analysis) Simulates component/subsystem failures Start from worst case assumptions, observe system-wide effects Unit performance is unimportant unless it affects the integrity of the entire system

IPA IPA uses two fault injection algorithms: Propagation From Propagation Across

IPA Propagation From Corrupts data exiting a component to observe the types of system failures that ensue. Provides information regarding semantic interactions between components as a measure of tolerance

IPA Propagation Across Corrupts data entering a component Simulates input failure to gauge component’s robustness Mimic human operator errors, hardware failures, or failures from other subsystems

Conclusions Fault Injection Analysis can be used in an unconventional way to test survivability in several different scenarios: – Software flaws in program source code – Malicious attacks – Anomalous behaviour from third party software By identifying problem components and functions automatically, drastically reduce areas that require manual analysis

Questions?