Security and Dependability in Software System

System dependability

• For many computer-based systems, the most important system property is the dependability of the system.
• The dependability of a system reflects the user’s degree of trust in that system. It reflects the extent of the user’s confidence that it will operate as users expect and that it will not ‘fail’ in normal use.
• Dependability covers the related systems attributes of reliability, availability, safety, and security. These are all inter-dependent.

Importance of dependability

• Systems that are not dependable and are unreliable, unsafe or insecure are likely to be rejected by their users
• The costs of system failure may be very high if the failure leads to economic losses or physical damage
• Undependable systems may cause information loss with a high consequent recovery cost

Causes of failure

Hardware failure

• Hardware fails because of design and manufacturing errors or because components have reached the end of their natural life

Software failure

• Software fails due to errors in its specification, design or implementation

Principal dependability properties

Availability

• The probability that the system will be up and running and able to deliver useful services to users

Reliability

• The probability that the system will correctly deliver services as expected by users

Safety

• A judgment of how likely it is that the system will cause damage

Security

• A judgment of how likely it is that the system can resist accidental or deliberate intrusions

Other dependability properties

Repairability

• Reflects the extent to which the system can be repaired in the event of a failure

Maintainability

• Reflects the extent to which the system can be adapted to new requirements

Survivability

• Reflects the extent to which the system can deliver services whilst under hostile attack

Error tolerance

• Reflects the extent to which user input errors can be avoided and tolerated

Dependability achievement

• Avoid the introduction of accidental errors when developing the system
• Design V & V processes that are effective in discovering residual errors in the system
• Design protection mechanisms that guard against external attacks
• Include recovery mechanisms to help restore normal system service after a failure

Dependability attribute dependencies

A system may be unreliable because its data has been corrupted by an external attack

Denial of service attacks on a system are intended to make it unavailable

If a system is infected with a virus, you cannot be confident in its reliability or safety

Dependability costs

Dependability costs tend to increase exponentially as increasing levels of dependability are required

There are two reasons for this:

• The use of more expensive development techniques and hardware that are required to achieve the higher levels of dependability
• The increased testing and system validation that is required to convince the system client and regulators that the required levels of dependability have been achieved

Reliability terminology

Term	Description
Human error or mistake	Human behavior that results in the introduction of faults into a system.
System fault	A characteristic of a software system that can lead to a system error.
System error	An erroneous system state that can lead to system behavior that is unexpected by system users.
System failure	An event that occurs at some point in time when the system does not deliver a service as expected by its users.

Security terminology

Term	Definition
Asset	Something of value which has to be protected. The asset may be the software system itself or data used by that system.
Exposure	Possible loss or harm to a computing system. This can be loss or damage to data, or can be a loss of time and effort if recovery is necessary after a security breach.
Vulnerability	A weakness in a computer-based system that may be exploited to cause loss or harm.
Attack	An exploitation of a system’s vulnerability. Generally, this is from outside the system and is a deliberate attempt to cause some damage.
Threats	Circumstances that have potential to cause loss or harm. You can think of these as a system vulnerability that is subjected to an attack.
Control	A protective measure that reduces a system’s vulnerability. Encryption is an example of a control that reduces a vulnerability of a weak access control system