Professional Documents
Culture Documents
Introduction To Software Security
Introduction To Software Security
Introduction To Software Security
Acknowledgment: Most of these slides have been adopted from Core Software Security by James Ransome and Anmol
Misra book for our course. Additional slides have been added from the mentioned references in the syllabus
Outline
o Introduction to Secure Software Development
o Insecure Design
o Vulnerability, Threat, and Risk
o Software Security
o Quality Versus Secure Code
Introduction to Secure
Software Development
Introduction to Secure Software
Development
o What really causes a majority of the information security problems we have today?
▪ Insecure code and unaware users.
o What has quickly become the highest unnecessary cost to software development?
▪ It is flawed, arising from insecure code already released to the market.
▪ Such code must be fixed when discovered that it should have been fixed during the development of
the product.
Cont’d
o Have you ever written software where security mattered?
o The UK defense Dept. identified Cyber Software Security Design as a TOP priority area. US
Government formed a new branch of the military: the US Cyber Command (May 2010)
o Malware can bring down real-world infrastructure, and present dangers, e.g. Stuxnet
malware was responsible for damaging Iran’s nuclear computer system in 2010
Insecure Design
o A study by the National Institute of Standards and Technology (NIST) – found:
o Software errors cost the U.S. economy an estimated $59.5 billion annually.
o The same study notes that more than one-third of these costs, or some $22.2 billion,
could be eliminated by an improved Design and testing infrastructure that enables
earlier and more effective identification and removal of software defects.
Cont’d
o Software engineers must be trained to be security-conscious.
▪ Security Awareness
▪ Fail to use parameterized SQL queries → SQL injection
▪ Forget to validate all input → Cross-site scripting
▪ Security knowledge
▪ How to implement parameterized SQL queries
▪ How to validate all input
▪ Do real security tasks
▪ Launch SQL Injection attack
▪ Launch Cross-site scripting attack
It is the total sum of the vulnerabilities in a given system that is accessible to an attacker. The
Attack attack surface describes different points where an attacker could get into a system and where
Surface they could get data out of the system.
The mechanism that is used to leverage a vulnerability to compromise an asset. Exploits may
be remote or local. A remote exploit works over the network without prior access to the target
Exploit system. In a local exploit, the threat actor has some type of user or administrative access to
the end system. It does not necessarily mean the attacker has physical access to the end
system.
Risk The likelihood that a particular threat will exploit a particular vulnerability of an asset and
result in an undesirable consequence.
Attacker A person or process that attempts to access data, functions, or other restricted areas of the
system without authorization, potentially with malicious intent. An actor or agent that is a
source of danger, capable of violating confidentiality, availability, or integrity of information
assets
Vulnerability, Threat, and Risk
Exploit, Threat, Vulnerability Protection
o Protect against exploits?
▪ Anti-virus, intrusion detection, firewalls, etc.
o Even if you are using a security library, know how to use it properly
o Proofs, access control rules, and verification are helpful, but inherently incomplete
Cont’d
o Software security is a reality that everyone must face. Not just developers, all
stakeholders
o A learnable mindset for software engineers
o The ability to prevent unintended functionality
▪ At all layers of the stack
▪ In all parts of your system
Cont’d
Risk management is important, but students would:
o Denial
I don’t have to think about this. Let me just code.
Leave it to the experts.
I could never understand this anyway.
o Irrational fear
Everything is possible now!!!
Every mitigation is necessary!!!
Cont’d
o Bag of Tricks
Let’s just try these tricks that worked in the past
We’ve done these 10 things. That’s a lot. Close enough, right?
o You cannot have quality without security or security without quality. These two
attributes complement each other.