result management system report for college project
Echelon_Sibcon-2016
1. Procedure for Substantiated
Development of Measures to Design
Secure Software for Automated
Process Control Systems
Alexander Barabanov, Alexey Markov, Valentin Tsirlov,
2. Presentation Plan
2
1. Purpose and Objectives
2. Analysis of Current Secure Software
Development Models
3. Basic Set of Requirements for Secure
APCS Software Development and
Procedure of Selecting Secure Software
Development Controls
4. Study Purpose and Objectives
4
Purpose: to create a framework that allows APCS software developers
to create multiple secure APCS software development controls and to
assess together with independent companies the compliance of the
applicable controls with the secure software development requirements
1. To analyze current controls
aimed at minimizing the number of
vulnerabilities in the APCS software
under development
2. To create a basic set of
requirements for secure APCS
software development
3. To develop a procedure for substantiated development of controls to
secure APCS software development
5. Results of Analysis of Current Secure Software
Development Models
5
Microsoft
SDL
ISO/IEC
15408
IEC
62443-4-1
OWASP
CLASP
ISO/IEC
27034
ISO/IEC
TR 24772
6. Suggested Expression Format
6
Requirements for secure software
development
Requirement name
Unique requirement ID
Reference to process as to ISO/IEC 12207
Objectives to be achieved
Developer action elements
Content and presentation of evidence elements
Evaluator action elements
7. Results of basic set of requirements
development: list (1)
7
Life cycle process as per
ISO/IEC 12207
Suggested requirements
Software requirements analysis
process
Defining software requirements
Software architecture design
and detailed design process
Information security threat modeling
Developing software architecture based on results of
threat modeling
Software construction and
integration processes
Identification of software development tools
Use of a Secure Coding Standards
Source code static analysis
Source code review
Creating software with regard to the developed
software architecture
8. Results of basic set of requirements
development: list (2)
8
Life cycle process as per
ISO/IEC 12207
Suggested requirements
Software qualification testing
process
Functional software testing
Penetration testing
Dynamic analysis of software code
Fuzz testing
Software problem resolution
process
Tracking and correction of detected software
vulnerabilities and software errors
Software documents and
configuration process
Use of configuration management system
9. Results of basic set of requirements
development: list (3)
9
Life cycle process as per
ISO/IEC 12207
Suggested requirements
Infrastructure management
process
Protection of configuration elements against
unauthorized access
Back-up and recovery of configuration elements
Audit
Human resources management
process
Employee training
10. Example
10
Parameter Parameter description
Name Source Code Statistic Analysis
Requirement ID KK-4
Software lifecycle
process
Software construction and integration processes
Goal - Detect and eliminate potentially vulnerable structures in the software source code;
- Generation of source data for performance of dynamic analysis tasks and penetration testing within the
framework of software qualification testing.
Elements of the
developer’s actions
Software developer shall perform static analysis of the software source code to detect potentially vulnerable structures
in the software source code. Static analysis of the software source code should be performed in relation to the
software components borrowed from a third-party developer if the software source code is available to them. The
software may be upgraded based on the results of the static analysis of the source code. If such upgrade is not
required or impossible, the developer should substantiate this fact.
Elements of the
certificate content
and provision of
documented
certificates
Documented certificates of the software source code analysis shall contain:
- Information about the frequency of the software source code static analysis;
- Name and identification features of the tools used for static analysis for the software source code;
- List of detected potentially vulnerable structures in the software source code (if any), description of actions aimed at
their elimination, or reasons for impossibility or lack of necessity in the software upgrade.
Elements of the
assessor’s actions
1. The Assessor shall study the submitted certificates and confirm that they meet the set requirements.
2. The Assessor shall make independent findings, that the developer performs static analysis of the software source
code by interviewing the employees of the software developer, who are engaged in the software development,
analysis of the software development framework.
Notes Static analysis of the software source code should be performed by the software developer or a third-party company
that is competent in detection of software vulnerabilities for the up-to-date version of the software code. The static
analysis of the software source code allows for finding potentially vulnerable structures in the source code, which may
lead to software vulnerabilities, and to verify the conformance of the software source code to the standard adopted by
the company for execution of the software source code.
12. Summary
12
1. Based on analysis of existing research we designed a basic
set of requirements for secure APCS software
development.
2. We suggested a procedure for selecting secure APCS
software development controls, which ensures a possibility
for substantiated selection of secure software development
controls and is consistent with the of the Common Criteria
standards.