Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Software, Security, and the Public Good

Software, Security, and the Public Good

As engineers, our first and most important obligation is to serve the public good. The code that we write, impenetrable to most outside our industry, is finding its way deeper and deeper into peoples' every day lives. We simply must create software that safeguards the public's trust, to the best of our abilities, yet for most us, security is an afterthought. In this session, we'll learn to think like hackers while we learn how to mitigate harm and build applications that are safer and more resilient to attack.

Samantha Quiñones

May 24, 2017
Tweet

More Decks by Samantha Quiñones

Other Decks in Technology

Transcript

  1. Software, Security, and
    The Public Good
    Samantha Quiñones
    php[tek] 2017

    View full-size slide

  2. We are a community of
    Qualified Engineers

    View full-size slide

  3. Time for...
    Audience participation

    View full-size slide

  4. Therac-25: What Went Wrong?
    The software contained an integer overflow bug (CWE-190)
    When an operator provided input during an overflow condition, the interlock failed
    This failure could allow the 25 MeV beam to activate without the target and collimator
    Patients received 100x the intended dose of radiation
    Patients suffered severe radiation burns and poisoning
    Three patients died

    View full-size slide

  5. Therac-25: What Could Have Helped?
    Code review
    Review of code reused from earlier models to test assumptions
    Unit testing
    Integration testing
    Hardware interlocks

    View full-size slide

  6. Mars Climate Orbiter

    View full-size slide

  7. Mars Climate Orbiter: What Went Wrong?
    Launched 11 December 1998
    On 15 September 1999, an orbital insertion maneuver was performed
    Navigators had reported discrepancies between the reported and measured position
    Approach would bring the probe to 150-170km altitude, possibly lower, than expected 226km
    On 23 September 1999, the probe occulted Mars and lost radio contact. Contact was never
    reestablished.
    Postmortem found that one piece of ground software produced thrust values in pound-seconds
    (US Customary) rather than newton-seconds (SI)

    View full-size slide

  8. Mars Climate Orbiter: What Could Have Helped?
    Specification review
    Integration testing
    Commitment to investigate error reports

    View full-size slide

  9. Volkswagen Emissions Scandal

    View full-size slide

  10. Volkswagen: What Went Wrong?
    Engineers at VW developed code to detect emissions tests and alter engine behavior
    This code was intentionally hidden and referred to as “acoustic condition”

    View full-size slide

  11. Volkswagen: What Could Have Helped?
    Whistleblower-supporting culture
    Personal engineering ethics

    View full-size slide

  12. Heartbleed: What Went Wrong?
    Improper input validation bug allows out-of-bounds memory access (CWE-135)
    Exploitation of the heartbeat mechanism allows extracting secure information from
    vulnerable servers without authorization.

    View full-size slide

  13. Heartbleed: What Could Have Helped?
    Code review
    Security review
    Adequate funding of open-source projects

    View full-size slide

  14. Security is a guarantee that
    software will perform predictably
    regardless of input.

    View full-size slide

  15. Software is Everywhere

    View full-size slide

  16. Ethics & Engineering
    (inspired by the ACM)

    View full-size slide

  17. Obligations to the Public
    To take responsibility for our work.
    To balance our interests with those of our clients, employers, and users.
    To ship code we believe to be safe, tested, and built according to specifications.
    To disclose actual or potential dangers to the user, the public, or the environment.
    To avoid deception.
    To consider the abilities of users and conditions of users.
    To volunteer our skills to good causes and contribute to public education.

    View full-size slide

  18. Obligations to our Clients & Employers
    To be honest about our areas of competence.
    To honor software licenses.
    To honor the property and secrets of the client or employer.
    To disclose the likelihood of failure, cost overrun, violation of law, or damage.
    To identify and disclose issues of social concern.
    To not work against the interests of the client or employer, unless ethics are being
    compromised.

    View full-size slide

  19. Obligations to the Product
    To balance quality, cost, and schedule while clearly communicating trade-offs.
    To identify and disclose economic, ethical, cultural, environmental, and legal issues.
    To employ methods appropriate to the task at hand.
    To understand the specifications of the product.
    To test, debug, review, and document all code.
    To collect, store, and use only data that has been derived by ethical means.
    To maintain what we build.

    View full-size slide

  20. Obligations to Our Colleagues
    To develop a professional environment and culture that encourages acting ethically.
    To promote public knowledge and education of software engineering.
    To participate in professional organizations, meetings, conferences, and publications.
    To communicate one’s obligations to one’s employers and clients.
    To assist others in their professional development.
    To give credit to the work of others.

    View full-size slide

  21. Obligations to Ourselves
    To develop our technical, management, and interpersonal skills continuously.
    To advocate for our users in an honest and thoughtful way.
    To share our knowledge and experience freely.
    To recognize our prejudices and not give unfair treatment because of them.

    View full-size slide

  22. Let’s Get Practical
    Commit the OWASP Top 10 to heart (https://www.owasp.org/index.php/OWASP_Top_Ten_Cheat_Sheet)
    Embrace the CWE (https://cwe.mitre.org/index.html)
    Give better code reviews
    Demand better code reviews
    Become the local expert on compliance/security/testing/debugging
    Discover and honor your ethical boundaries

    View full-size slide

  23. We are responsible for the
    work we put into the world.

    View full-size slide