Abstract Need

Secure Software Verification, Validation, and Evaluation

 Objectives

• Identify the concepts for testing. 
• Understand how security testing is different from testing for functionality or performance.
• Learn various techniques for security testing
• Understand the purpose of static analysis techniques especially for security assurance.

Topics

Testing; Dynamic Analysis; Static Analysis; Differences between Validation & Verification

OERs

• DHS. (2007). Software Assurance: A Curriculum Guide to the Common Body of Knowledge to Produce, Acquire, and Sustain Secure Software. Retrieved from:  https://learn.umgc.edu/content/enforced/313879-M_022073-01-2185/Common_Body_of_Knowledge2007.pdf?_&d2lSessionVal=yHNXTIp6y56ZPEX8jKq29unVQ&ou=313879
  • Chapter 8 Secure Software Verification, Validation, and Evaluation Pages 127 - 141
• Wheeler, D. (2016). Secure Software Design & Programming  Lecture 9: Analysis Approaches & Tools.Retrieved from: http://www.dwheeler.com/secure-class/presentations/Secure-Software-9-Tools.ppt.
• OWASP. (2016). Static Code Analysis.Retrieved from: https://www.owasp.org/index.php/Static_Code_Analysis. 

Review Questions

• What is fuzz (brute force or random) testing? Why is fuzz testing important from the security perspective?
• What is reliability testing? What aspect of security does it address?
• What is static code analysis? What types of errors does it catch?
• What is code review/inspection? Is it manual?
• How do you test for software resiliency?
• What is the importance of fault injections?

(These questions are intended to be a self-test of your comprehension of this session's material; answers to these questions do not need to be turned in.)

Session Notes

 This session introduces various static and dynamic techniques for ensuring software being developed meets the functional and assurance requirements. Dynamic techniques usually refer to executing the software or its models.  Two common dynamic techniques are testing and prototyping. Static techniques do not execute the code and they include code inspection and review, code analysis using automated analysis tools and compilers.

Testing is perhaps the most common activity for assurance and it does not ensure absence of vulnerabilities or bugs, but its purpose is to uncover them, if they exist. The absence of vulnerabilities or bug during testing does not mean they do not exist, it only means we have not uncovered them.  There are variety of testing techniques some of them are relevant for security testing.  They include random or fuzz testing, attack-oriented testing,  and fault injection testing.

One main purpose of prototyping is to verify whether all requirements especially security requirements have been captured. By showing a quickly developed prototype to various stakeholder, we can  ascertain whether the requirements are reasonably complete and accurate. 

The Wheeler's presentation discusses various approaches to static analysis including type checkers, and security weakness analyser (e.g., Is there  a path that will lead to buffer overrun?) and the architecture of static analysis tools. The presentation also provides tool information sources. 

There are also formal tools such as model checkers that were discussed in Session 3. This session focuses only on less formal tools and techniques for assurance, but which are more commonly employed. 

____________________________________________________________________________

© 2020 University of Maryland Global Campus.