| 1. |
- Byers, David, 1971-
(författare)
-
Improving Software Security by Preventing Known Vulnerabilities
- 2013
-
Doktorsavhandling (övrigt vetenskapligt/konstnärligt)abstract
- From originally being of little concern, security has become a crucial quality factor in modern software. The risk associated with software insecurity has increased dramatically with increased reliance on software and a growing number of threat agents. Nevertheless, developers still struggle with security. It is often an afterthought, bolted on late in development or even during deployment. Consequently the same kinds of vulnerabilities appear over and over again.Building security in to software from its inception and constantly adapting processes and technology to changing threats and understanding of security can significantly contribute to establishing and sustaining a high level of security.This thesis presents the sustainable software security process, the S3P, an approach to software process improvement for software security that focuses on preventing known vulnerabilities by addressing their underlying causes, and sustaining a high level of security by adapting the process to new vulnerabilities as they become known. The S3P is designed to overcome many of the known obstacles to software process improvement. In particular, it ensures that existing knowledge can be used to its full potential and that the process can be adapted to nearly any environment and used in conjunction with other other software security processes and security assurance models.The S3P is a three-step process based on semi-formal modeling of vulnerabilities, ideally supported by collaborative tools. Such proof-of-concept tools were developed for all parts of the process as part of the SHIELDS project.The first two steps of the S3P consist in determining the potential causes of known vulberabilities at all stages of software development, then identifying measures that would prevent each individual cause. These steps are performed using visual modeling languages with well-defined semantics and a modeling workflow. With tool support, modeling effort can be progressively reduced through collaboration and use of pre-existing models.Next, the costs of all potential measures are estimated using any suitable method. This thesis uses pairwise comparisons in order to support qualitative judgements. The models and costs yield a boolan optimization problem that is solved using a search-based heuristic, to identify the best set of measures to prevent selected vulnerabilities.Empirical evaluation of the various steps of the process has verified a number of key aspects: the modeling process is easy to learn and apply, and the method is perceived by developers as providing value and improving security. Early evaluation results were also used to refine certain aspects of the S3P.The modeling languages that were introduced in the S3P have since been enhanced to support other applications. This thesis presents security goal models (SGMs), a language that subsumes several security-related modeling languages to unify modeling of threats, attacks, vulnerabilities, activities, and security goals. SGMs have formal semantics and are sufficiently expressive to support applications as diverse as automatic run-time testing, static analysis, and code inspection. Proofof-concept implementations of these applications were developed as part of the SHIELDS project.Finally, the thesis discusses how individual components of the S3P can be used in situations where the full process is inappropriate.
|
|
| 2. |
- Kapferer-Seebacher, Ines, et al.
(författare)
-
Periodontal Ehlers-Danlos Syndrome Is Caused by Mutations in C1R and C1S, which Encode Subcomponents C1r and C1s of Complement
- 2016
-
Ingår i: American Journal of Human Genetics. - : Cell Press. - 0002-9297 .- 1537-6605. ; 99:5, s. 1005-1014
-
Tidskriftsartikel (refereegranskat)abstract
- Periodontal Ehlers-Danlos syndrome (pEDS) is an autosomal-dominant disorder characterized by early-onset periodontitis leading to premature loss of teeth, joint hypermobility, and mild skin findings. A locus was mapped to an approximately 5.8 Mb region at 12p13.1 but no candidate gene was identified. In an international consortium we recruited 19 independent families comprising 107 individuals with pEDS to identify the locus, characterize the clinical details in those with defined genetic causes, and try to understand the physiological basis of the condition. In 17 of these families, we identified heterozygous missense or in-frame insertion/deletion mutations in C1R (15 families) or C1S (2 families), contiguous genes in the mapped locus that encode subunits C1r and C1s of the first component of the classical complement pathway. These two proteins form a heterotetramer that then combines with six C1q subunits. Pathogenic variants involve the subunit interfaces or inter-domain hinges of C1r and C1s and are associated with intracellular retention and mild endoplasmic reticulum enlargement. Clinical features of affected individuals in these families include rapidly progressing periodontitis with onset in the teens or childhood, a previously unrecognized lack of attached gingiva, pretibial hyperpigmentation, skin and vascular fragility, easy bruising, and variable musculoskeletal symptoms. Our findings open a connection between the inflammatory classical complement pathway and connective tissue homeostasis.
|
|
| 3. |
|
|
| 4. |
- Lorenzen, Eline D., et al.
(författare)
-
Species-specific responses of Late Quaternary megafauna to climate and humans
- 2011
-
Ingår i: Nature. - : Springer Science and Business Media LLC. - 0028-0836 .- 1476-4687. ; 479:7373, s. 359-364
-
Tidskriftsartikel (refereegranskat)abstract
- Despite decades of research, the roles of climate and humans in driving the dramatic extinctions of large-bodied mammals during the Late Quaternary period remain contentious. Here we use ancient DNA, species distribution models and the human fossil record to elucidate how climate and humans shaped the demographic history of woolly rhinoceros, woolly mammoth, wild horse, reindeer, bison and musk ox. We show that climate has been a major driver of population change over the past 50,000 years. However, each species responds differently to the effects of climatic shifts, habitat redistribution and human encroachment. Although climate change alone can explain the extinction of some species, such as Eurasian musk ox and woolly rhinoceros, a combination of climatic and anthropogenic effects appears to be responsible for the extinction of others, including Eurasian steppe bison and wild horse. We find no genetic signature or any distinctive range dynamics distinguishing extinct from surviving species, emphasizing the challenges associated with predicting future responses of extant mammals to climate and human-mediated habitat change.
|
|
| 5. |
- Ardi, Shanai, 1977-, et al.
(författare)
-
How can the developer benefit from security modeling?
- 2007
-
Ingår i: The Second International Conference on Availability, Reliability and Security (ARES'07). - : IEEE Computer Society. - 9780769527758 - 0769527752 ; , s. 1017-1025
-
Konferensbidrag (refereegranskat)abstract
- Security has become a necessary part of nearly every software development project, as the overall risk from malicious users is constantly increasing, due to increased consequences of failure, security threats and exposure to threats. There are few projects today where software security can be ignored. Despite this, security is still rarely taken into account throughout the entire software lifecycle; security is often an afterthought, bolted on late in development, with little thought to what threats and exposures exist. Little thought is given to maintaining security in the face of evolving threats and exposures. Software developers are usually not security experts. However, there are methods and tools available today that can help developers build more secure software. Security modeling, modeling of e.g., threats and vulnerabilities, is one such method that, when integrated in the software development process, can help developers prevent security problems in software. We discuss these issues, and present how modeling tools, vulnerability repositories and development tools can be connected to provide support for secure software development
|
|
| 6. |
- Ardi, Shanai, 1977-, et al.
(författare)
-
Towards a Structured Unified Process for Software Security
- 2006
-
Ingår i: SESS '06: Proceedings of the 2006 international workshop on Software engineering for secure systems. - New York, NY, USA : ACM. - 9781595934116 ; , s. 3-10
-
Konferensbidrag (refereegranskat)abstract
- Security is often an afterthought when developing software, and is often bolted on late in development or even during deployment or maintenance, through activities such as penetration testing, add-on security software and penetrate-and patch maintenance. We believe that security needs to be built in to the software from the beginning, and that security activities need to take place throughout the software lifecycle. Accomplishing this effectively and efficiently requires structured approach combining a detailed understanding on what causes vulnerabilities, and how specific activities combine to prevent them.In this paper we introduce key elements of the approach we are taking: vulnerability cause graphs, which encode information about vulnerability causes, and security activity graphs, which encode information about security activities. We discuss how these can be applied to design software development processes (or changes to processes) that eliminate software vulnerabilities.
|
|
| 7. |
- Byers, David, 1971-, et al.
(författare)
-
A Cause-Based Approach to Preventing Software Vulnerabilities
- 2008
-
Ingår i: Third International Conference on Availability, Reliability and Security, 2008. - : IEEE Computer Society. - 9780769531021 ; , s. 276-283
-
Konferensbidrag (refereegranskat)abstract
- Security is often an afterthought in software development, sometimes even bolted on during deployment or in maintenance through add-on security software and penetrate-and-patch maintenance. We think that security needs to be an integral part of software development and that preventing vulnerabilities by addressing their causes is as important as detecting and fixing them. In this paper we present a method for determining how to prevent vulnerabilities from being introduced during software development. Our method allows developers to select the set of activities that suits them best while being assured that those activities will prevent vulnerabilities. Our method is based on formal modeling of vulnerability causes and is independent of the software development process being used.
|
|
| 8. |
- Byers, David, et al.
(författare)
-
A systematic evaluation of disk imaging in EnCase® 6.8 and LinEn 6.1
- 2009
-
Ingår i: Digital Investigation. - : Elsevier BV. - 1742-2876. ; 6:1-2, s. 61-70
-
Tidskriftsartikel (refereegranskat)abstract
- Tools for disk imaging (or more generally speaking, digital acquisition) are a foundation for forensic examination of digital evidence. Therefore it is crucial that such tools work as expected. The only way to determine whether this is the case or not is through systematic testing of each tool. In this paper we present such an evaluation of the disk imaging functions of EnCase 6.8® and LinEn 6.1, conducted on behalf of the Swedish National Laboratory of Forensic Science. Although both tools performed as expected under most circumstances, we identified cases where flaws that can lead to inaccurate and incomplete acquisition results in LinEn 6.1 were exposed. We have also identified limitations in the tool that were not evident from its documentation. In addition summarizing the test results, we present our testing methodology, which has novel elements that we think can benefit other evaluation projects.
|
|
| 9. |
- Byers, David, et al.
(författare)
-
Contagious errors : Understanding and avoiding issues with imaging drives containing faulty sectors
- 2008
-
Ingår i: Digital Investigation. The International Journal of Digital Forensics and Incident Response. - : Elsevier BV. - 1742-2876 .- 1873-202X. ; 5:1, s. 29-33
-
Tidskriftsartikel (refereegranskat)abstract
- When using certain tools to image drives that contain faulty sectors, the tool may fail to acquire a run of sectors even though only one of the sectors is really faulty. This phenomenon, which we have dubbed "contagious errors was reported by James Lyle and Mark Wozar in a recent paper presented at DFRWS 2007 [Lyle, J., Wozar, M. Issues with imaging drives containing faulty sectors. Digital Investigation 2007; 4S: S13-5.]. Their results agree with our own experience from testing disk imaging software as part of our work for the Swedish National Laboratory of Forensic Science. We have explored the issue further, in order to determine the cause of contagious errors and to find ways around the issue. In this paper we present our analysis of the cause of contagious errors as well as several ways practitioners can avoid the problem. In addition we present our insights into the problem of consistently faulty drives in forensic tool testing.
|
|
| 10. |
- Byers, David, 1971-, et al.
(författare)
-
Design of a Process for Software Security
- 2007
-
Ingår i: Second International Conference on Availability, Reliability and Security, 2007. - : IEEE Computer Society. - 9780769527758 - 0769527752 ; , s. 301-309
-
Konferensbidrag (refereegranskat)abstract
- Security is often an afterthought when developing software, and is often bolted on late in development or even during deployment or maintenance, through activities such as penetration testing, add-on security software and penetrate-and-patch maintenance. We believe that security needs to be built in to the software from the beginning, and that security activities need to take place throughout the software lifecycle. Accomplishing this effectively and efficiently requires structured approach combining a detailed understanding on what causes vulnerabilities, and how to prevent them. In this paper we present a process for software security that is based on vulnerability cause graphs, a formalism we have developed for modeling the causes of software vulnerabilities. The purpose of the software security process is to evolve the software development process so that vulnerabilities are prevented. The process we present differs from most current approaches to software security in its high degree of adaptability and in its ability to evolve in step with changing threats and risks. This paper focuses on how to apply the process and the criteria that have influenced the process design
|
|
