Software Security David Wagner University of California at Berkeley.

Slides:

Advertisements

Similar presentations

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?

Advertisements

Modeling and Simulation By Lecturer: Nada Ahmed. Introduction to simulation and Modeling.

Javascript Code Quality Check Tools Javascript Code Quality Check Tools JavaScript was originally intended to do small tasks in webpages, but now JavaScript.

Designed-in Security Some Major Challenges Security Group Department of Computer Science University of California, Santa Barbara Trustworthy.

Vulnerability Analysis. Formal verification Formally (mathematically) prove certain characteristics Proves the absence of flaws in a program or design.

LIFE CYCLE MODELS FORMAL TRANSFORMATION

Nine Steps to Delivering Defect-Free Software By: Terence M. Colligan Presented by: Isaac Bailey.

Engineering Secure Software. The Power of Source Code  White box testing Testers have intimate knowledge of the specifications, design, Often done by.

Security and Open Source: the 2-Edged Sword Crispin Cowan, Ph.D WireX Communications, Inc wirex.com.

VM: Chapter 5 Guiding Principles for Software Security.

OWASP Principles for GIS Data Security Keeping your GIS data secure.

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

1 Static Analysis Methods CSSE 376 Software Quality Assurance Rose-Hulman Institute of Technology March 20, 2007.

Type-Safe Programming in C George Necula EECS Department University of California, Berkeley.

#1 The Future of Software Security David Wagner U.C. Berkeley.

Programmability with Proof-Carrying Code George C. Necula University of California Berkeley Peter Lee Carnegie Mellon University.

MOPS MOdelchecking Security Properties David Wagner U.C. Berkeley.

Simple Source Auditing Tools Roy INSA. Outline FLAWFINDER RATS.

COMP 2007 R J Walters. COMP Remember - Documentation Defines your Engineering process Includes Requirements Design Testing User manuals Other.

1 Security and Software Engineering Steven M. Bellovin AT&T Labs – Research

CQual: A Tool for Adding Type Qualifiers to C Jeff Foster et al UC Berkeley OSQ Retreat, May

Operating System Security Chapter 9. Operating System Security Terms and Concepts An operating system manages and controls access to hardware components.

Towards High-Assurance Hypervisors Jason Franklin Joint with Anupam Datta, Sagar Chaki, Ning Qu, Arvind Seshadri.

Software security patches Audit, deployment and hot update Nicolas Loriant, Marc Ségura-Devillechaise, Jean-Marc Menaud, Obasco Group EMN/INRIA Workshop.

The Impact of Programming Language Theory on Computer Security Drew Dean Computer Science Laboratory SRI International.

CS527: (Advanced) Topics in Software Engineering Overview of Software Quality Assurance Tao Xie ©D. Marinov, T. Xie.

CSCE 548 Secure Software Development Risk-Based Security Testing.

1. Topics to be discussed Introduction Objectives Testing Life Cycle Verification Vs Validation Testing Methodology Testing Levels 2.

1 Setuid Demystified Hao Chen David Wagner UC Berkeley Drew Dean SRI International.

CPIS 357 Software Quality & Testing

 Protect customers with more secure software  Reduce the number of vulnerabilities  Reduce the severity of vulnerabilities  Address compliance requirements.

CMSC 414 Computer (and Network) Security Lecture 14 Jonathan Katz.

Introduction to Software Testing Chapter 9.1 Challenges in Testing Software – Testing for Emergent Properties: Safety and Security Paul Ammann & Jeff Offutt.

Operating System Security. OS manages and controls access to hardware components Older OSs focused on ensuring data confidentiality Modern operating systems.

Administrative: Objective: –Tutorial on Risks –Phoenix recovery Outline for today.

Introduction to Software Testing. Types of Software Testing Unit Testing Strategies – Equivalence Class Testing – Boundary Value Testing – Output Testing.

Software Assurance Session 13 INFM 603. Bugs, process, assurance Software assurance: quality assurance for software Particularly assurance of security.

Yazd University, Electrical and Computer Engineering Department Course Title: Advanced Software Engineering By: Mohammad Ali Zare Chahooki 1 Machine Learning.

Software Testing and Maintenance 1 Code Review  Introduction  How to Conduct Code Review  Practical Tips  Tool Support  Summary.

Writing Systems Software in a Functional Language An Experience Report Iavor Diatchki, Thomas Hallgren, Mark Jones, Rebekah Leslie, Andrew Tolmach.

COMPUTER SOFTWARE Management Information Systems.

Software Debugging, Testing, and Verification Presented by Chris Hundersmarck November 10, 2004 Dr. Bi’s SE516.

Computer Security Status Update FOCUS Meeting, 28 March 2002 Denise Heagerty, CERN Computer Security Officer.

1 Setuid Demystified Hao Chen David Wagner UC Berkeley Drew Dean SRI International Proceedings of the 11th USENIX Security Symposium San Francisco, California,

The Digital Crime Scene: A Software Perspective Written By: David Aucsmith Presented By: Maria Baron.

Version 02U-1 Computer Security: Art and Science1 Correctness by Construction: Developing a Commercial Secure System by Anthony Hall Roderick Chapman.

CS533 Concepts of Operating Systems Jonathan Walpole.

1 Proving program termination Lecture 5 · February 4 th, 2008 TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: A.

1 Model Checking One Million Lines of C Code Hao Chen, UC Berkeley Drew Dean, SRI International David Wagner, UC Berkeley.

Lectures 2 & 3: Software Process Models Neelam Gupta.

MOPS: an Infrastructure for Examining Security Properties of Software Authors Hao Chen and David Wagner Appears in ACM Conference on Computer and Communications.

CS223: Software Engineering Lecture 21: Unit Testing Metric.

By Ramesh Mannava.  Overview  Introduction  10 secure software engineering topics  Agile development with security development activities  Conclusion.

What is a software? Computer Software, or just Software, is the collection of computer programs and related data that provide the instructions telling.

Security Development Lifecycle. Microsoft SDL 概觀 The SDL is composed of proven security practices It works in development organizations regardless of.

1  Carnegie Mellon University Overview of the CERT/CC and the Survivable Systems Initiative Andrew P. Moore CERT Coordination Center.

The PLA Model: On the Combination of Product-Line Analyses 강태준.

Software Security Q: What does it mean to say that a program is secure? A: There is a sufficient amount of trust that the program maintains _____________,

Operating System Security

CSCE 548 Secure Software Development Risk-Based Security Testing

Testing and Debugging PPT By :Dr. R. Mall.

Software Testing An Introduction.

Chapter 27 Security Engineering

CSCE 813 Internet Security Fall 2012

White Box testing & Inspections

Code vulnerabilities Vulnerabilities are mistakes, errors or weaknesses in a piece of software’s source code that can be directly used by a hacker to perform.

Albeado - Enabling Smart Energy

MOPS: an Infrastructure for Examining Security Properties of Software

Presentation transcript:

Software Security David Wagner University of California at Berkeley

Critical infrastructure is dependent on computer security

Security break-ins are all too prevalent Internet security incidents reported to CERT

Typical cause: Security defects in our software Software vulnerabilities reported to CERT

Talk Outline Why is our software so buggy? What can we do about software security?

What makes simple mechanical systems predictable? Linearity(or, piecewise linearity) Continuity(or, piecewise continuity) Small, low-dimensional statespaces Systems with these properties are (1) easier to analyze, and (2) easier to test. x y

Computers enable highly complex systems And today’s software is taking advantage of this –Highly non-linear behavior; large, high-dim. state spaces

Problem Summary Complexity breeds bugs and unpredictable behavior Bugs and unpredictability are the bane of security

Mitigating the Risks How can we improve software security? 1.Correctness by construction (e.g., K.I.S.S., defensive coding, least privilege) 2.Automated analysis of software, new models of software behavior 3.Formal verification: proving programs free of defects

Mitigating the Risks How can we improve software security? 1.Correctness by construction (e.g., K.I.S.S.) 2.Automated analysis of software 3.New models of software behavior 4.Formal verification: proving programs free of defects In this talk

Tools for Software Security If secure programming is hard, let’s build tools that make it easier to get security right –MOPS: scanning for bugs using software model checking –CQual: security-typed programming discipline –We’re finding--and fixing--vulnerabilities in open-source applications (Linux kernel, sendmail, Apache, wu-ftpd, …) Buggy, insecure application Warnings about undisciplined code MOPS Hard-working programmer

Conclusion Computer security problems are endemic. Our software is a weak spot. Network-layer defenses must make up for software inadequacies. The problem will likely remain with us as long as users value features (complexity) over security (simplicity).

And remember to look out for rakes… Questions?