implement secure coding with sei cert c...coding standards), techniques (for example, best...
TRANSCRIPT
Implement secure coding with SEI CERT C
Michael Fuhrmann, Senior Field Application Engineer
AgendaThe rising security threatsStatic code analysisStatic code analysis with C-STATDemo
The rising security threats
The rising security threats
Device complexity ensures vulnerabilities
He was aided, he says, by an unexpected leak of the company's source code he found on Github
ARM's "mbed TLS" software can be tricked into an authentication bypass and needs a patch.
Human error Complex standards Technological inheritance
The eight Bluetooth-related vulnerabilities affect an estimated 5.3 billion Android, iOS, Linux, and Windows devices
Security legislation todayEurope• GDPR is in effect with fines up to €20M or 4% global revenue• ENISA gives baseline security recommendations for IoT devices *)• ….
North America• USA: NIST evolving cybersecurity act• California passed IoT security law, effective from January 1st, 2020• …Asia• Japan scheduled a law for devices with global IP for April 1st, 2020• China released official standards by government-sponsored working group• …
*) https://www.enisa.europa.eu/publications/baseline-security-recommendations-for-iot
Threats to security risingHelp is on the way…UK Government (DCMS) published 13 codes of practice for consumer IoT securityhttps://www.gov.uk/government/publications/code-of-practice-for-consumer-iot-security-international-versions
1. No default passwords2. Implement a vulnerability disclosure policy3. Keep software updated4. Securely store credentials and security-sensitive data5. Communicate securely6. Minimize exposed attack surfaces7. Ensure software integrity8. Ensure that personal data is protected9. Make systems resilient to outages10. Monitor system telemetry data11. Make it easy for consumers to delete personal data12. Make installation and maintenance of devices easy13. Validate input data
Static code analysis
Static code analysis
Wikipedia definition:Static program analysis is the analysis of computer software that is performed without actually executing programs, in contrast with dynamic analysis, which is analysis performed on programs while they are executing. In most cases the analysis is performed on some version of the source code, and in the other cases, some form of the object code.
The term is usually applied to the analysis performed by an automated tool, with human analysis being called program understanding, program comprehension, or code review. Software inspections and software walkthroughs are also used in the latter case.
https://en.wikipedia.org/wiki/Static_program_analysis
Static code analysis in the security context
IEC 62443 – Industrial communication networks – Network and system securityPart 4-1 covers Secure product development lifecycle requirements:
e.g. 5.6.2 Rationale and supplemental guidance… This includes knowledge not only of security, but also for the use of any security-related standards (for example, coding standards), techniques (for example, best practices), and tools (for example, static analysis tools)…
e.g. 5.13.2 Rationale and supplemental guidance… This would include issues found in all phases such as design review, code review, verification and validation testing, use of static analysis tools, etc. …
C-STAT
C-STATIAR Systems C-STAT static code analysis- Complete static analysis tool fully integrated in IAR
Embedded Workbench
- Intuitive and easy-to-use settings with flexible rule selection
- Support for export/import of selected checks
- Support for command line execution
- Extensive and detailed documentation
C-STATIAR Systems C-STAT static code analysis- Checks compliance with:
- MISRA C:2004- MISRA C:2012- MISRA C++:2008
- Includes the following additional checks:- ~210 specific checks for C-STAT- ~40 checks covering issues related to CWE- ~180 checks covering issues related to CERT
This is including the rules defined in the SEI CERT-CCoding Standard, 2016 Edition
C-STATSEI CERT-C Coding Standard, 2016 EditionSupported groups:
- PRE Preprocessor- DCL Declarations and initialization- EXP Expressions- INT Integers- FLP Floating Point- ARR Arrays- STR Characters and Strings- MEM Memory Management- FIO Input Output- ENV Environment- SIG Signals- ERR Error handling- MSC Miscellaneous
C-STATSEI CERT-C Coding Standard, 2016 EditionA set of rules focusing on C programming but it might also be useful for C++ programmers, after some of the covered issues affect also C++ programs.
The goal of these rules is to develop reliable, safe and secure systems, for example by ruling out the undefined behavior that is included in the C language and that can lead to exploitable vulnerabilities or undefined program behavior.
Conformance to these rules is necessary but not sufficient to ensure the safety, reliability and security of software systems.
Demo
Summary• Security threats for IoT systems are rising• SEI CERT-C is a set of rules to improve
safety, security and reliability of software systems
• C-STAT is covering SEI CERT-C