Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
employed <strong>in</strong> security-critical applications … whose behavioral attributes <strong>in</strong><br />
relationship to security are largely unknown.” [95]<br />
Despite this, a variety of previous studies have proposed process extensions (e.g., references 40,<br />
41, 73-75, and 95-97) us<strong>in</strong>g automated test<strong>in</strong>g mechanisms at various stages of the development<br />
process to identify security vulnerabilities with<strong>in</strong> software targeted for network environments.<br />
This study concurs with those studies that development processes need to <strong>in</strong>clude tests that<br />
exam<strong>in</strong>e the actual implemented product to verify that its development processes did <strong>in</strong>deed<br />
produce the expected results. Various mechanisms to improve the current process have been<br />
proposed <strong>in</strong>clud<strong>in</strong>g:<br />
• Us<strong>in</strong>g of model checkers on abstractions derived automatically from source code [40].<br />
• Software fault <strong>in</strong>jection <strong>in</strong>to software to force anomalous program states dur<strong>in</strong>g software<br />
execution and observ<strong>in</strong>g their correspond<strong>in</strong>g effects on system security [95].<br />
• S<strong>in</strong>ce a certa<strong>in</strong> class of exploits relies upon buffer overflow vulnerabilities, various<br />
studies [96] have also recommended specific development mechanisms and tools for<br />
reduc<strong>in</strong>g that vulnerability dur<strong>in</strong>g software development. Each of these approaches has a<br />
certa<strong>in</strong> amount of overhead that may or may not be acceptable given specific<br />
implementation requirements. Regardless, these ideas nevertheless po<strong>in</strong>t out the<br />
desirability of understand<strong>in</strong>g the root cause of the specific vulnerability and tak<strong>in</strong>g steps<br />
to correct it.<br />
However, while these additional tests are helpful, they cannot ensure that the result<strong>in</strong>g software<br />
is of a high quality. Tests only identify the presence of specific problems. Software test<strong>in</strong>g<br />
alone cannot guarantee the absence of flaws that were not addressed by the test suite. Creat<strong>in</strong>g<br />
test suites to address all of the possible flaws that may exist <strong>in</strong> airborne software is an<br />
unachievable goal due to the myriad of potential problems that may arise. The goals of software<br />
test<strong>in</strong>g should be solely viewed as<br />
“The approach described <strong>in</strong> this paper does not purport to f<strong>in</strong>d the needle <strong>in</strong> the<br />
haystack, but rather to reduce the size of the haystack significantly …” [95]<br />
There is no exist<strong>in</strong>g security theory or process that can extend test<strong>in</strong>g systems to produce<br />
guaranteed high-assurance results for networked environments. This is a significant certification<br />
issue. Until this key miss<strong>in</strong>g certification element has been fixed, no networked system can<br />
currently be guaranteed to be as safe as nonnetworked airborne systems. Fortunately, this<br />
problem is partially mitigated by hav<strong>in</strong>g code <strong>in</strong>spection be a constituent part of the certification<br />
process for higher assurance software (e.g., see DO-178B, Section 6.3.4 and Table A-5).<br />
In conclusion, this study recommends that the <strong>FAA</strong> study the viability of enhanc<strong>in</strong>g current<br />
DO-178B processes with the specific process extensions and tests suggested by previous studies<br />
[40, 41, 73-75, and 95-98].<br />
97