David P. Gilliam

Reducing software security risk through an integrated approach

The paper presents joint work by the California Institute of Technologys Jet Propulsion Laboratory and the University of California at Davis (UC Davis) sponsored by the National Aeronautics and Space Administration Goddard Independent Verification and Validation Facility to develop a security assessment instrument for the software development and maintenance life cycle. The paper presents research on the generation of a software security assessment instrument to aid developers in assessing and assuring the security of software in the development and maintenance lifecycles.

Development of a software security assessment instrument to reduce software security risk

The paper discusses joint work by the California Institute of Technologys Jet Propulsion Laboratory and the University of California at Davis (CC Davis) sponsored by the National Aeronautics and Space Administration to develop a security assessment instrument for the software development and maintenance life cycle. The assessment instrument is a collection of tools and procedures to support development of secure software. Specifically, the instrument offers a formal approach for engineering network security into software systems and application throughout the software development and maintenance life cycle. The security assessment instrument includes a Vulnerability Matrix (VMatrix) with platform/application, and signature fields in a database. The information in the VMatrix has become the basis for the Database of Vulnerabilities, Exploits, and Signatures (DOVES) at UC Davis. The instrument also includes a set of Security Assessment Tools (SAT), including the development of a property-based testing tool by UC Davis, to slice software code looking for specific vulnerability properties. A third component of the research is an investigation into the verification of software designs for compliance to security properties. This is based on innovative model checking approaches that will facilitate the development and verification of software security models.

Addressing software security and mitigations in the life cycle

Traditionally, security is viewed as an organizational and information technology (IT) systems function comprising of firewalls, intrusion detection systems (IDS), system security settings and patches to the operating system (OS) and applications running on it. Until recently, little thought has been given to the importance of security as a formal approach in the software life cycle. The Jet Propulsion Laboratory has approached the problem through the development of an integrated formal software security assessment instrument (SSAI) with six foci for the software life cycle.

Application of lightweight formal methods to software security

Formal specification and verification of security has proven a challenging task. There is no single method that has proven feasible. Instead, an integrated approach which combines several formal techniques can increase the confidence in the verification of software security properties. Such an approach which specifies security properties in a library that can be re-used by 2 instruments and their methodologies developed for the National Aeronautics and Space Administration (NASA) at the Jet Propulsion Laboratory (JPL) are described herein The flexible modeling framework (FMF) is a model based verification instrument that uses Promela and the SPIN model checker. The property based tester (PET) uses TASPEC and a test execution monitor (TEM). They are used to reduce vulnerabilities and unwanted exposures in software during the development and maintenance life cycles. These instruments are currently being piloted with a COTS server-agent application.

Security risks: management and mitigation in the software life cycle

A formal approach to managing and mitigating security risks in the software life cycle is requisite to developing software that has a higher degree of assurance that it is free of security defects, which pose risk to the computing environment and the organization. Due to its criticality, security should be integrated as a formal approach in the software life cycle. Both a software security checklist and assessment tools should be incorporated into this life cycle process and integrated with a security risk assessment and mitigation tool. The current research at JPL addresses these areas through the development of a Software Security Assessment Instrument (SSA1) and integrating it with a Defect Detection and Prevention (DDP) risk management tool.

Integrating a flexible modeling framework (FMF) with the network security assessment instrument to reduce software security risk

The network security assessment instrument is a comprehensive set of tools that can be used individually or collectively to ensure the security of network aware software applications and systems. Using the various tools collectively provide a distinct advantage for assuring the security of software and systems. Each tools resulting output provides feedback into the other tools. Thus, more comprehensive assessment results are attained through the leverage each tool provides to the other when they are employed in concert. Previous portions of this work were presented at the IEEE Wet Ice 2000 and 2001 Workshops and are printed in those proceedings. This paper presents a portion of an overall research project on the generation of the network security assessment instrument to aid developers in assessing and assuring the security of software in the development and maintenance lifecycles. This portion, the flexible modeling framework (FMF), focuses on modeling requirements and early lifecycle designs to discover vulnerabilities that result from interaction between system components that are either under development in a new system or proposed as additions to an existing system. There are early indications that this new approach, the flexible modeling framework (FMF), has promise in the areas of network security as well as other critical areas such as system safety. Information about the overall research effort regarding network security is available at http://security.jpl.nasa.gov/rssr.

Managing Information Technology Security Risk

Information Technology (IT) Security Risk Management is a critical task for the organization to protect against the loss of confidentiality, integrity, and availability of IT resources and data. Due to system complexity and sophistication of attacks, it is increasingly difficult to manage IT security risk. This paper describes a two-pronged approach for managing IT security risk: 1) an institutional approach, that addresses automating the process of providing and maintaining security for IT systems and the data they contain; and 2) a project life cycle approach that addresses providing semi-automated means for integrating security into the project life cycle. It also describes the use of a security template with a risk reduction/mitigation tool, the Defect Detection and Prevention (DDP) tool developed at the Jet Propulsion Laboratory (JPL).

Self port scanning tool: providing a more secure computing environment through the use of proactive port scanning

Secure computing is a necessity in the hostile environment that the Internet has become. Protection from nefarious individuals and organizations requires a solution that is more a methodology than a one time fix. One aspect of this methodology is having the knowledge of which network ports a computer has open to the world. These network ports are essentially the doorways from the Internet into the computer. An assessment method which uses the nmap software to scan ports has been developed to aid system administrators (SAs) with analysis of open ports on their system(s). Additionally, baselines for several operating systems have been developed so that SAs can compare their open ports to a baseline for a given operating system. Further, the tool is deployed on a Web site where SAs and users can request a port scan of their computer. The results are then emailed to the requester. This tool aids users, SAs, and security professionals by providing an overall picture of what services are running, what ports are open, potential trojan programs or back doors, and what ports can be closed.

Deployment of anti‐virus software: a case study

The growth of Inter‐ and intranets and the sharing of software have led to a rise in the transmission of viruses, especially among the PC and MAC platforms. However, maintaining virus protection software and pattern updates for any large organization is a monumental problem, especially when the organization supports multiple platforms and operating systems. The Jet Propulsion Laboratory (JPL) and other National Aeronautics and Space Administration (NASA) Centers have had problems maintaining current virus protection software and pattern files, and so NASA asked the JPL Network and Computer Security (NCS) Group to lead an effort to search for a comprehensive solution. This paper puts forward a study, analysis and recommendations concerning anti‐virus software solutions, problems encountered and their resolutions. One of the key issues was finding a single‐source anti‐virus software solution. Selection and deployment of single‐source anti‐virus software were successful. The lessons learned in the deployment of a software product site‐wide may benefit other organizations facing a similar situation.

ST Workshop Final Report

The Securities Technologies (ST) Workshop for WETICE 2007 accepted three papers as full papers for this years workshop. The committee received and accepted only a limited number of papers for the ST workshop. However, the papers did cover quite interesting topics and provided some good discussion.