owg v l owg vulnerability bili
play

OWG V l OWG: Vulnerability bili ISO working group on Guidance for - PowerPoint PPT Presentation

Oct 07, 2022 •362 likes •628 views

ISO/IEC JTC 1/SC 22/ OWGV N0140 OWG V l OWG: Vulnerability bili ISO working group on Guidance for Avoiding Vulnerabilities through language selection and use John Benito, Convener Jim Moore, Secretary 19 June 2008 1 OWG: Vulnerability Summary

  1. ISO/IEC JTC 1/SC 22/ OWGV N0140 OWG V l OWG: Vulnerability bili ISO working group on Guidance for Avoiding Vulnerabilities through language selection and use John Benito, Convener Jim Moore, Secretary 19 June 2008 1

  2. OWG: Vulnerability Summary � We are making progress! � meetings scheduled out over a year � Participation is good and is made up of a wide variety of technical expertise variety of technical expertise. � Have passed initial SC22 ballot. � On track to publish in 2009 � On track to publish in 2009. � HOWEVER… � We need the assistance of language working groups � We need the assistance of language working groups to develop language ‐ specific annexes 2

  3. The Problem � Any programming language has constructs that are imperfectly defined implementation are imperfectly defined, implementation dependent or difficult to use correctly. � As a result, software programs sometimes � As a result, software programs sometimes execute differently than intended by the writer. � In some cases, these vulnerabilities can be exploited by hostile parties. � – Can compromise safety, security and privacy. � � – Can be used to make additional attacks. Can be used to make additional attacks 3

  4. Complicating Factors � The choice of programming language for a project is not solely a technical decision and is j t i t l l t h i l d i i d i not made solely by software engineers. � Some vulnerabilities cannot be mitigated by � S l biliti t b iti t d b better use of the language but require mitigation by other methods e g review static analysis by other methods, e.g. review, static analysis. 4

  5. An example � While buffer overflow examples can be rather complex, it is possible to have very simple, yet still exploitable, stack based buffer y p y p overflows: � An Example in the C programming language: #include <string.h> #define BUFSIZE 256 int main(int argc, char **argv) { i t i (i t h ** ) { char buf[BUFSIZE]; strcpy(buf, argv[1]); py( , g [ ]); } 5

  6. Example � Buffer overflows generally lead to the application halting or crashing. li ti h lti hi � Other attacks leading to lack of availability are possible, that can include putting the program ibl th t i l d tti th into an infinite loop. � Buffer overflows often can be used to execute � Buffer overflows often can be used to execute arbitrary code, which is usually outside the scope of a program ʹ s implicit security policy. scope of a program s implicit security policy. 6

  7. OWG:Vulnerability Product � A type III Technical Report � A document containing information of a different kind from that which A d i i i f i f diff ki d f h hi h is normally published as an International Standard � Project is to work on a set of common mode j failures that occur across a variety of languages � Not all vulnerabilities are common to all languages, that is, some manifest in just a language manifest in just a language � The product will not contain normative statements, but information and suggestions gg 7

  8. OWG:Vulnerability Product � No single programming language or family of programming languages is to be singled out i l i t b i l d t � As many programming languages as possible should be involved be involved � Need not be just the languages defined by ISO Standards 8

  9. Approach to Identifying Vulnerabilities � Empirical approach: Observe the vulnerabilities th t that occur in the wild and describe them, e.g. i th ild d d ib th buffer overrun, execution of unvalidated remote content content � Analytical approach: Identify potential vulnerabilities through analysis of programming vulnerabilities through analysis of programming languages � This just might help in identifying tomorrows j g p y g vulnerabilities. 9

  10. Audience � Safety : Products where it is critical to prevent behavior which might lead to human injury and it is justified to which might lead to human injury, and it is justified to spend additional development money � Security : Products where it is critical to secure data or y access, and it is justified to spend additional development money � Mission Critical : Products where it is important to � Mission ‐ Critical : Products where it is important to prevent behaviour that can lead to losses � Modeling and Simulation : Products which require unusual g q reliability because the cost of computation is high 10 10

  11. OWG: Vulnerability Progress � Eight meetings have been held, hosted by � US � Italy � Canada � UK � Netherlands � Netherlands � Meetings planned through 2008, hosted by � US (editors meeting) � Germany � E ‐ Mail reflector, Wiki and Web site are used during and between meetings � More information � http://aitc.aitcnet.org/isai/ � http://aitc.aitcnet.org/isai/ 11 11

  12. OWG: Vulnerability Participants � Canada � Germany � Italy I l � Japan � France � United Kingdom g USA – CT 22 � � SC 22/WG 9 � SC 22/WG14 � � MDC (Mumps) MDC (Mumps) � SC 22/WG 5, INCITS J3 (Fortran) � SC 22/WG 4, INCITS J4 (Cobol) � ECMA (C#, C++CLI) � RT/SC Java � RT/SC Java � MISRA C/C++ � CERT 12 12

  13. OWG: Vulnerability Status � Response to NP Ballot comments is completed, see SC 22 N4027 SC 22 N4027 � Project is organized and on schedule to produce a document in 2009 d t i 2009 � Current draft passed the first SC 22 ballot (PDTR registration) registration) � The project has two officers � – Convener/Project Editor, John Benito Convener/Project Editor John Benito � � – Secretary, Jim Moore 13 13

  14. Measure of Success � Provide guidance to users of programming languages that: � Assists them in improving the predictability of the execution of their software even in the presence of an attacker � Informs their selection of an appropriate programming language for their job for their job � Provide feedback to programming language standardization groups, resulting in the improvement of programming language standards programming language standards. 14 14

  15. Vulnerability Template � The body of Technical Report describes vulnerabilities in a generic manner, including: g , g � Brief description of application vulnerability � Cross ‐ reference to enumerations and other classifications, e.g. CWE � Description of failure mechanism, i.e. how coding problem D i i f f il h i i h di bl relates to application vulnerability � Applicable language characteristics � Avoiding or mitigating the vulnerability � Avoiding or mitigating the vulnerability � Implications for standardization � Annexes will provide language ‐ specific treatments of each vulnerability. each vulnerability. � The following slides provide an example using XZH, the Off ‐ by ‐ One Error 15 15

  16. Description of application vulnerability � A product uses an incorrect maximum or minimum value that is 1 more or 1 less than the correct value This that is 1 more or 1 less than the correct value. This usually arises from one of a number of situations where the bounds as understood by the developer differ from the design, such as; � Confusion between the need for “<” and “<=” or “>” and “>=” in a test. � Confusion as to the index range of an algorithm, such as beginning an algorithm at 1 when the underlying structure is indexed from 0, beginning an algorithm at 0 when the underlying structure is indexed from 1 (or some other start point) or using the length of a structure as the bounds instead of the sentinel values the bounds instead of the sentinel values. � Failing to allow for storage of a sentinel value, such as the ‘\0’ string terminator that is used by the C and C++ programming languages. 16 16

  17. Continued… � These issues arise from mistakes in mapping the design into a particular language, in moving between languages (such as between C-based languages where all arrays start at 0 and C 0 other languages where arrays often start at 1), and when exchanging data between languages with different default array sentinel values. array sentinel values. � The issue also can arise in algorithms where relationships exist between components, and the existence of a sentinel value changes the conditions of the test. � The existence of this possible flaw can also be a serious security hole as it can permit someone to surreptitiously provide an unused location (such as 0 or the last element) that can be used for undocumented features or hidden that can be used for undocumented features or hidden channels). 17 17

  18. Cross ‐ reference to enumerations � CWE: � 193. Off ‐ by ‐ one Error � [May add MISRA C and C++, CERT, JSF, others] 18 18

  19. Mechanism of Failure � An off-by-one error could lead to. � an out of bounds access to an array (buffer overflow) � an out-of bounds access to an array (buffer overflow), � an incomplete comparisons and calculation mistakes, � a read from the wrong memory location, or � an incorrect conditional � an incorrect conditional. � Such incorrect accesses can cause cascading errors or references to illegal locations, resulting in potentially unbounded behaviour. � Off-by-one errors are not often exploited in attacks because they are difficult to identify and exploit because they are difficult to identify and exploit externally, but the cascading errors and boundary- condition errors can be severe. 19 19

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

OWG V l OWG: Vulnerability bili ISO working group on Guidance for Avoiding Vulnerabilities

OWG V l OWG: Vulnerability bili ISO working group on Guidance for Avoiding Vulnerabilities

ISO/IEC JTC 1/SC 22/ OWGV N0139 OWG V l OWG: Vulnerability bili ISO working group on Guidance for Avoiding Vulnerabilities through language selection and use. 1 John Benito JTC 1/SC 22 WG14 Convener INCITS CT 22 Vice Chairman INCITS CT 22

374 views • 21 slides
Vulnerability Management Spring 2020 Jay Chen What is a vulnerability? A vulnerability is a

Vulnerability Management Spring 2020 Jay Chen What is a vulnerability? A vulnerability is a

Vulnerability Management Spring 2020 Jay Chen What is a vulnerability? A vulnerability is a cybersecurity flaw in a system that leave it open to attack. A vulnerability may also refer to any type of weakness in a computer system

407 views • 16 slides
Arjun Surendra SaciWATERs Vulnerability Vulnerability is the propensity to suffer a

Arjun Surendra SaciWATERs Vulnerability Vulnerability is the propensity to suffer a

Arjun Surendra SaciWATERs Vulnerability Vulnerability is the propensity to suffer a significant shock that brings welfare below a socially accepted level (Khl, 2003) Vulnerability increases when there is uncertainty with respect to

529 views • 21 slides
Contents What is vulnerability? Why conduct vulnerability assessments? Defining

Contents What is vulnerability? Why conduct vulnerability assessments? Defining

6/19/2015 Vulnerability and Capacity Assessment Index (VCAI) for Climate Change Adaptation SVRK Prabhakar USAID ADAPT Asia-Pacific Presented at NABARD Training Workshop, Mumbai on 18 June 2015 Contents What is vulnerability? Why

705 views • 21 slides
Vulnerability Assessm ent 2 0 0 4 Luanda, 2 5 June 2 0 0 4 Vulnerability Assessment 2004 - p1

Vulnerability Assessm ent 2 0 0 4 Luanda, 2 5 June 2 0 0 4 Vulnerability Assessment 2004 - p1

Vulnerability Analysis and Food Aid W orking Group Chaired by W FP/ VAM Unit Vulnerability Assessm ent 2 0 0 4 Luanda, 2 5 June 2 0 0 4 Vulnerability Assessment 2004 - p1 Overview 1 . Methodology of the VA 2 0 0 4 2 . Highlights of

703 views • 28 slides
Vulnerability Screening Tool Identifying and addressing vulnerability: A tool for asylum and

Vulnerability Screening Tool Identifying and addressing vulnerability: A tool for asylum and

Vulnerability Screening Tool Identifying and addressing vulnerability: A tool for asylum and migration systems Purpose Intended to guide &amp; inform frontline workers &amp; decision makers on the relevance of vulnerability factors to

507 views • 19 slides
Earthquake Vulnerability Earthquake Vulnerability Vulnerability Assessment &amp; EVR measures

Earthquake Vulnerability Earthquake Vulnerability Vulnerability Assessment &amp; EVR measures

Earthquake Vulnerability Earthquake Vulnerability Vulnerability Assessment &amp; EVR measures Islamabad Pakistan Assessment and Vulnerability Assessment and Vulnerability Reduction Measures Reduction Measures adpc Asian Disaster

702 views • 46 slides
Special Needs Planning in Divorce: P Preserving Disability Benefits i Di bili B fi Special

Special Needs Planning in Divorce: P Preserving Disability Benefits i Di bili B fi Special

Presenting a live 90 minute webinar with interactive Q&amp;A Special Needs Planning in Divorce: P Preserving Disability Benefits i Di bili B fi Special Needs Trusts, Child Support and Alimony Considerations in Settlement Agreements and

604 views • 48 slides
Introduction What is Disaster vulnerability? Vulnerability is the inability to resist a

Introduction What is Disaster vulnerability? Vulnerability is the inability to resist a

Vulnerability to Disasters: A Gendered Analysis on Water Availability and Livelihoods in Nadu Colony, Kovalam, Chennai, India Group No: 02 Sumaia Kashem Shreeya Lohani Shanmuga Priya. G Meththa Prabodhani Menike

834 views • 40 slides
Web vulnerability scanning and exploitation tools Scaling vulnerability scanning Companies

Web vulnerability scanning and exploitation tools Scaling vulnerability scanning Companies

Web vulnerability scanning and exploitation tools Scaling vulnerability scanning Companies with 1000+ web applications running Move to m -services architectures making things worse Huge shortage of skilled security engineers to

732 views • 48 slides
Books Promote Brands Promote Bili Bilingual Lit Literacy NICHE: multicultural marketing +

Books Promote Brands Promote Bili Bilingual Lit Literacy NICHE: multicultural marketing +

Books Promote Brands Promote Bili Bilingual Lit Literacy NICHE: multicultural marketing + #LatinoLit + educational needs for our STEM &amp; success stories Graciela Tiscareo-Sato Gracefully Global Group LLC www.GracefullyGlobal.com

303 views • 14 slides
The Maldives Population Distribution Vulnerability Indicators Vulnerability Indicators

The Maldives Population Distribution Vulnerability Indicators Vulnerability Indicators

The Maldives Population Distribution Vulnerability Indicators Vulnerability Indicators (excluding Male') Highest elevation 1.5m Population: 298,968 above sea level less than 1000 97% of all inhabited 59 % Total number of

357 views • 4 slides
Tre Treas asur ure e Is Isla land nd Mo Mobi bili lity ty Management Management

Tre Treas asur ure e Is Isla land nd Mo Mobi bili lity ty Management Management

Tre Treas asur ure e Is Isla land nd Mo Mobi bili lity ty Management Management Program Program Recommend Approval Toll Exemption for Current Residents TREASURE ISLAND Dece cember r 3, 2019 MOBILITY MANAGEMENT AGENCY TIDA CAB

296 views • 10 slides
1 Vulnerability in WPA2 Hole196 Hole196 Vulnerability in WPA2 Presenters: Anthony Paladino,

1 Vulnerability in WPA2 Hole196 Hole196 Vulnerability in WPA2 Presenters: Anthony Paladino,

1 Vulnerability in WPA2 Hole196 Hole196 Vulnerability in WPA2 Presenters: Anthony Paladino, Managing Director, Systems Engineering Dr. Kaustubh Phanse, Principal Wireless Architect Md. Sohail Ahmad, Senior Security Researcher Moderator: Della

314 views • 29 slides
Quantitative Security Colorado State University Yashwant K Malaiya CS 559 Vulnerability Life

Quantitative Security Colorado State University Yashwant K Malaiya CS 559 Vulnerability Life

Quantitative Security Colorado State University Yashwant K Malaiya CS 559 Vulnerability Life Cycle CSU Cybersecurity Center Computer Science Dept 1 1 Topics Vulnerability Life Cycle Vulnerability Discovery models 2 Vulnerability

805 views • 46 slides
CA CAPA PABI BILI LITI TIES ES 1 CO COMPANY NY OVERVIEW Founded in 1966 1300

CA CAPA PABI BILI LITI TIES ES 1 CO COMPANY NY OVERVIEW Founded in 1966 1300

CA CAPA PABI BILI LITI TIES ES 1 CO COMPANY NY OVERVIEW Founded in 1966 1300 Employees 18 Locations Over 5 Million S. Ft. Over 125 Trucks Over 300 Trailers Contract Packaging Warehousing

627 views • 34 slides
Better Language Models and Their Implications (GPT-2) Joey Lim List of Artificial Intelligence

Better Language Models and Their Implications (GPT-2) Joey Lim List of Artificial Intelligence

Better Language Models and Their Implications (GPT-2) Joey Lim List of Artificial Intelligence in Films A collection of 113 films from 1927-2019 that features some form of Artificial intelligence. This list is further divided into two

573 views • 15 slides
Presentation Emmanuel Benoist email: emmanuel.benoist(at)bfh.ch CS Basics Office: N671 (Villa

Presentation Emmanuel Benoist email: emmanuel.benoist(at)bfh.ch CS Basics Office: N671 (Villa

Presentation Emmanuel Benoist email: emmanuel.benoist(at)bfh.ch CS Basics Office: N671 (Villa Security) K urtzel: BIE1 0) Presentation Homepage: http://www.benoist.ch/ PhD at the University of Caen (France) E. Benoist &amp; C.

1.01k views • 3 slides
BRAIN INTELLIGENCE CONFERENCE Presented by Guinness Book of Record Holders Algirdas Karalius,

BRAIN INTELLIGENCE CONFERENCE Presented by Guinness Book of Record Holders Algirdas Karalius,

BRAIN INTELLIGENCE CONFERENCE Presented by Guinness Book of Record Holders Algirdas Karalius, Howard Berg &amp; Dave Farrow 24-25 August 2019 Organized By AIM inlines &amp; AIM Training Co., Ltd. Introduction Maximize Your Brain Potential You

697 views • 42 slides
Lift: a Data-Parallel Language for High-Performance Parallel Pattern Code Generation Christophe

Lift: a Data-Parallel Language for High-Performance Parallel Pattern Code Generation Christophe

Lift: a Data-Parallel Language for High-Performance Parallel Pattern Code Generation Christophe Dubach SCALEW, Cambridge 14 th July 2016 Michel Steuwer Thibaut Lutz Toomas Remmelg ... Postdoc former Postdoc PhD student (now at Nvidia)

900 views • 56 slides
MASSIVE TIME-LAPSE POINT CLOUD RENDERING IN VIRTUAL REALITY Markus Schuetz, 2016.07.26

MASSIVE TIME-LAPSE POINT CLOUD RENDERING IN VIRTUAL REALITY Markus Schuetz, 2016.07.26

MASSIVE TIME-LAPSE POINT CLOUD RENDERING IN VIRTUAL REALITY Markus Schuetz, 2016.07.26 Why? Performance and Rendering Techniques AGENDA Rendering Quality Interaction in Virtual Reality 2 NVIDIAS NEW HEADQUARTER

236 views • 20 slides
AN INTEGRATED UNDERGRADUATE DYNAMIC SYSTEMS TEACHING METHODOLOGY UTILIZING ANALYTICAL AND

AN INTEGRATED UNDERGRADUATE DYNAMIC SYSTEMS TEACHING METHODOLOGY UTILIZING ANALYTICAL AND

ASEE Conference June 2007 Hawaii AN INTEGRATED UNDERGRADUATE DYNAMIC SYSTEMS TEACHING METHODOLOGY UTILIZING ANALYTICAL AND EXPERIMENTAL APPROACHES FIRST &amp; SECOND ORDER SYSTEMS DIGITIAL DATA ACQUISITION SIGNAL CONDITIONER RISE

649 views • 22 slides
Automatic Predicate Abstraction of C Programs Presented by Xuankang Lin Outline Main

Automatic Predicate Abstraction of C Programs Presented by Xuankang Lin Outline Main

Automatic Predicate Abstraction of C Programs Presented by Xuankang Lin Outline Main contribution Introduction to C2BP Challenges of Predicate Abstraction in C Conclusion Main Contribution Model checkers typically operate on

428 views • 24 slides
CAS ASA upd update tes 2018 2018 Recent Progress and Future Plans of CASA and Pipeline

CAS ASA upd update tes 2018 2018 Recent Progress and Future Plans of CASA and Pipeline

CAS ASA upd update tes 2018 2018 Recent Progress and Future Plans of CASA and Pipeline Takeshi Nakazato (NAOJ) on behalf of CASA and Pipeline teams CASA clean/tclean mosaic issues Announcement to ALMA users

399 views • 13 slides

More recommend