Conferences and supporting programme
Finding Safety Defects and Security Vulnerabilities by Static Analysis
In safety-critical systems tools for static analysis are widely used. Safety standards like ISO-26262, DO-178B/C, IEC-61508 require safety-critical software to be developed in accordance to coding guidelines, e.g., MISRA C. In addition, they require to identify potential functional and non-functional hazards and to demonstrate that the software does not violate the relevant safety goals. Examples of safety-relevant non-functional programming errors that can be detected by static analysis are violations of resource bounds, especially stack overflows and deadline violations, as well as run-time errors and data races. Making sure that no such errors can occur in the final system not only improves safety, but also improves availability – a particularly important aspect for higher levels of automatic driving which need fail-operational behavior. The increasing connectivity of safety-critical systems causes security concerns to become much more critical than they were before: security can be considered a prerequisite for functional safety. In recent years dedicated coding standards have been developed that focus on security aspects, examples are SEI CERT Secure C, the MITRE Common Weakness Enumeration, and ISO/IEC TS 27961:2013. Many of the CERT and CWE rules do not really apply to safety-critical systems, but there is a significant overlap with safety-relevant properties. As an example, many security-relevant exploits build on undefined behaviors of the programming language like buffer overflows, or non-terminated strings. Since many of these properties can be automatically checked by static analysis, one and the same static analysis tool can be used for the purpose of safety and security validation. In addition to safety hazards directly caused by security exploits (cf. the Jeep Hack of 2015) also the trustworthiness of data is an increasing concern. Corrupted data, e.g., provided by a corrupted cloud service may have an indirect impact on the safety of the system . Static analysis techniques like taint analysis and program slicing can provide a valuable contribute to satisfying data safety requirements. This talk gives an overview of static analysis applied to safety and security properties, and discusses practical experience.  Data Safety Guidance, Version 2.0. The Data Safety Initiative Working Group (DSIWG), SCSC-217B. The Safety Critical Systems Club, ISBN-13:978-1540887481.
--- Date: 28.02.2018 Time: 11:30 AM - 12:00 PM Location: Conference Counter NCC Ost