QinetiQ Proprietary www.QinetiQ.com AN ISO standard for high integrity software.

Slides:

Advertisements

Similar presentations

For SIGAda Conference, 2005 November, Atlanta 1 A New Standards Project on Avoiding Programming Language Vulnerabilities Jim Moore Liaison Representative.

Advertisements

Blue Pilot Consulting, Inc. 1 A new type of Working Group used for a new SC22 Working Group OWG: Vulnerability John Benito JTC 1/SC 22 WG14.

© Copyright QinetiQ limited 2006 Objectives of Coding Standards & MISRA C++ Clive Pygott, Systems Assurance Group, QinetiQ Chris Tapp, Keylevel Consultants.

For C Language WG, 2006 March, Berlin 1 A New Standards Project on Avoiding Programming Language Vulnerabilities Jim Moore Liaison Representative from.

1 OWG: Vulnerability ISO working group on Guidance for Avoiding Vulnerabilities through language selection and use. ISO/IEC JTC 1/SC 22/ OWGV N0139.

1 ISO/IEC JTC 1/SC 22/WG 23 ISO working group on Guidance for Avoiding Vulnerabilities through language selection and use John Benito, Convener Jim Moore,

Starting Planning for the 2010 Policy Key Issues Notes for the TAC Executive Committee April 8, 2009 Phil Hattis, AIAA VP for Public Policy.

ITU WORKSHOP ON STANDARDS AND INTELLECTUAL PROPERTY RIGHTS (IPR) ISSUES Session 5: Software copyright issues Dirk Weiler, Chairman of ETSI General Assembly.

Child Safeguarding Standards

Writing a funding bid Alan Lawrie Mellor & Lawrie Management.

Project Proposal.

How to Document A Business Management System

Screen 1 of 24 Reporting Food Security Information Understanding the User’s Information Needs At the end of this lesson you will be able to: define the.

1 Certification Chapter 14, Storey. 2 Topics  What is certification?  Various forms of certification  The process of system certification (the planning.

Your Project Proposal.

Overview of Software Requirements

COMP8130 and 4130Adrian Marshall 8130 and 4130 Test Management Adrian Marshall.

Chapter 24 - Quality Management 1Chapter 24 Quality management.

Taking care of our people Being good neighbours

RC14001 ® Update GPCA Responsible Care Committee September 23, 2013.

Chapter 24 - Quality Management

1 Canadian Celiac Association Governance Workshop May 2009.

Information Security Management BS 7799 now ISO 17799:2000 Paul M Kane nic.AC wwTLD Meeting Argentina April 2005.

S/W Project Management

OHIO SOLID WASTE MANAGEMENT REVIEW UPDATE TO SWAC August 15, Ohio Solid Waste Management Review9/7/2015.

ISO/IEC JTC 1 Special Working Group on Accessibility (SWG-A) JTC 1 SWG-A N Document Type: SWG-A Meeting Document Title: Task Group 2/Break.

المحاضرة الثالثة. Software Requirements Topics covered Functional and non-functional requirements User requirements System requirements Interface specification.

1 ©equinox limited 2005 What the hell is Configuration Management anyway? Martin White Equinox Software Architects August 2005.

January 23, 2014 Kim Wiita. Activities Completed Task Group has met 3 times since the Summer 2013 meeting: August 26, 2013 October 8, 2013 November 11,

SENG521 (Fall SENG 521 Software Reliability & Testing Software Product & process Improvement using ISO (Part 3d) Department.

“SAFETY AND CORPORATE CRIMINAL ACCOUNTABILITY IN SCOTLAND : DIRECTORS’ RESPONSIBILITIES ” CCA CONFERENCE 23 OCTOBER 2003 GLASGOW NEAL STONE POLICY GROUP.

A GENERIC PROCESS FOR REQUIREMENTS ENGINEERING Chapter 2 1 These slides are prepared by Enas Naffar to be used in Software requirements course - Philadelphia.

Software Life-Cycle Models Somnuk Keretho, Assistant Professor Department of Computer Engineering Faculty of Engineering, Kasetsart University

A Strategy… Nancy N. Soreide NOAA/PMEL NOAA WebShop 2004 July 27-29, 2004, Philadelphia, PA For improving the security of Web and Internet applications.

TETRA MoU Association and its Regional Forums John Cox Chief Executive Officer.

1 EPSRC Fellowships Dr Tracy Hanlon Research Capability Imperial College London 17 th July 2008.

Why Software Developers Should Support a New, Limited Patent Dr. Lee A. Hollaar Professor, School of Computing University of Utah

Discussion of Unpaid Claim Estimate Standard  Raji Bhagavatula  Mary Frances Miller  Jason Russ November 13, 2006 CAS Annual Meeting San Francisco,

Randy Beavers CS 585 – Computer Security February 19, 2009.

Security Vulnerabilities Linda Cornwall, GridPP15, RAL, 11 th January 2006

Problem Solving – 4 Stages

SECURITY IN CLOUD COMPUTING By Bina Bhaskar Anand Mukundan.

University of Minnesota Internal\External Sales “The Internal Sales Review Process” An Overview of What Happens During the Review.

COBIT®. COBIT® - Control Objectives for Information and related Technology. C OBI T was initially created by the Information Systems Audit & Control Foundation.

SAMI & IMCA MARITIME CYBER SECURITY WORKSHOP

API 17N (and Q) Subsea Production System Reliability, Integrity, and Technical Risk Management.

Department of Education Race to the Top Assessment Program January 14, 2009 Public Meeting Procurement Issues Mark D. Colley 555 Twelfth Street, NW. Washington,

CS223: Software Engineering Lecture 2: Introduction to Software Engineering.

Commission Guidance on inland waterway development in the context of the EU Birds and Habitats Directives Kerstin Sundseth, Ecosystems LTD.

Requirements Engineering Requirements Management Lecture-25.

Now what? 1.  I have short-listed projects I am interested in  I know the types of projects I would like to pursue  I have an idea of the resources.

High Assurance Products in IT Security Rayford B. Vaughn, Mississippi State University Presented by: Nithin Premachandran.

Journals and Manuscript Submissions

INSE lecture 17  Standards  Quality. SE-related Standards Why? Who? What?

Summary of HEP SW workshop Ian Bird MB 15 th April 2014.

Metadata Working Group Charter Update Jennifer Carlino, Acting Chair FGDC OS/USGS June 13, 2012 Coordination Group Meeting.

Cloud Industry Forum Code of Practice: Differentiate yourself in a crowded market 27 April 2016, 13:00 GMT Presented by Jason Wyatt (Cloud Industry Forum)

Department of Computer Science Introduction to Information Security Chapter 8 ISO/IEC Semester 1.

The heart of health and safety. Meaning business: The key elements for a compelling business case and annual report Liz Skelton Principal Consultant System.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.

Ian Bird, CERN WLCG Project Leader Amsterdam, 24 th January 2012.

Status report on the activities of TF-CS/OTA

Our Understanding of Institution/Capacity Building

The challenging role of internal audit

Marine Strategy Framework Directive (MSFD)

Status report on the activities of TF-CS/OTA

Chapter 8 Software Evolution.

Non-Assurance Services

CEng progression through the IOM3

Presentation transcript:

QinetiQ Proprietary AN ISO standard for high integrity software

QinetiQ Proprietary ISO OWGV “Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use” The intent is to produce guidance a type 2 technical report, not strictly an ISO standard Begs the questions: What is a vulnerability? How will it address language selection? How will it address language use?

QinetiQ Proprietary Scope Paraphrased from latest draft document In Scope: Applicable to the computer languages covered in the document (Ada, C/C++, Fortran, MUMPS) Applicable to software production review and maintenance Applicable where assured behaviour is required security, safety, mission/business criticality Out of Scope: Software engineering and management issues, e.g. Code design, configuration control, managerial processes

QinetiQ Proprietary What is a vulnerability? During the first meeting two distinct views on vulnerabilities emerged: The US view is primarily concerned with security and lead by DHS The ‘keynote’ speaker was Joe Jarzombek, DHS The chair and vice chair are funded by DHS A major contributor was CERT – with a DHS funded research programme into security issues The UK view was more based on: safety concerns (self and Rod Chapman, Praxis) General ‘computer science’ concerns (Brian Wichmann ex-NPL, Derek Jones – UK convener) As can be seen in the scope statement, we were successful in arguing that both need to be considered

QinetiQ Proprietary Why this is important! Benefits from a strong and agreed international standard (should be): Easier international purchasing suppliers and customers working to the same standards Potentially easier international sales developed to standards recognised by the customer Prevent/Reduce arguments with suppliers over what is necessary for high integrity software but…

QinetiQ Proprietary Risks If too narrowly focused – say principally on security – may lead to the argument ‘this has been developed to ISO24772, so that should be good enough’ Hence important that all significant issues get incorporated

QinetiQ Proprietary Strategy from first meeting The first meeting was a gathering of ideas Representatives from national bodies: US, UK, and Canada ISO language standards: Ada, C, MUMPS, Fortran Others: DHS The chair’s desire was to identify and provide mitigations for all popular/represented software languages The main aim was seen as to ‘raise the floor’ for all software development – particularly for those that are not aware that they are writing critical code (e.g. an application that has no critical function, but which contains a flaw that can be exploited by an attacker, because it is co-located with a critical system)

QinetiQ Proprietary Strategy from first meeting #2 The aim would be aim to provide potential users (who may be company software policy/guideline writers, rather than programmers) with a list of issues (the vulnerabilities) and possible mitigations for each language, from which they can form policy It is not intended that the standard would say: For this sort of application use language X For this sort of application, don’t use language Y

QinetiQ Proprietary ‘Challenges’ to first meeting strategy Given the effort that has gone into SPARK Ada, MISRA C/C++ etc., is ISO really capable of not only duplicating that effort – but extending it to more languages Where issues are already addressed in subsets, such as SPARK or MISRA, how does ISO develop sensible guidance that doesn’t infringe IPR? How do you get developers to adopt the guidelines, given that there is already a lot of guidance out there that isn’t being used (certainly enough to ‘raise the floor’)

QinetiQ Proprietary Revised strategy Develop a generic list of vulnerabilities based around predictable execution Provide annexes for each supported language that shows how the vulnerabilities manifest – together with an outline of what is necessary to avoid them This addresses the level of effort required and IPR issues (by not trying to provide complete solutions within the guidelines) – but still making it clear that language X is going to cause you far more problems than language Y As far as adoption is concerned, one possible US approach is to insist that all software purchased for federal programmes is compliant.

QinetiQ Proprietary Process and Timescales Submissions through national bodies – UK’s organised by BSI Membership of the UK panel is open to all Submissions can be position papers, discussion documents or specific proposed words for the final document When agreed by the UK panel – added to the international panel database for consideration at that panel International meetings planned: July, Ottawa October, Kona Hawaii December, Pittsburgh 2008 (sometime) Netherlands Originally planned for a draft release January 2008 – mid/late 2008 more realistic?

QinetiQ Proprietary Getting involved Via the UK (BSI) feeder panel contact the convener to get put on the mailing list Useful URLs: ISO OWGV website CERT have draft C and C++ guidance: