Prioritization of Weapon System Software Assurance Assessment

The cost and timeliness of weapons-software deployment may benefit from including shareware, freeware, open-source, and COTS components. However, Air Force"s critical, safety-of-flight, and sensitive-data applications require higher assurance than that provided by commercial components. To make their use cost-effective, technical assurance of software quality (and assessment of risk in its deployment) requires automation. Unfortunately, no existing tool captures the broad spectrum of security vulnerabilities that need to be analyzed to assess security risk. Also, precise security-analysis techniques do not scale to today"s software systems. Finally, these techniques generally analyze source code, which precludes evaluating components available as binaries only. We propose a risk-assessment solution based on a hierarchy of analysis techniques that provide varying levels of detail about the analyzed software. The coarser (and computationally cheaper) techniques will provide rough estimates of risk; their answers will inform the choice of finer (and computationally more expensive) techniques that will yield more precise estimates of risk. The proposed solution will provide the ability to analyze binary components, making it applicable to shareware, freeware, and COTS components. Furthermore, it will incorporate a technique for mitigating certain security vulnerabilities, providing a path for accepting a component that is not deemed to be flawless. BENEFIT: Organizations that develop software are looking for ways to manage complexity while reducing development time and cost. Many organizations are making extensive use of open-source, shareware, freeware, and commercial-off-the-shelf (COTS) components. Because few of these components have been developed for use in high-security and high-reliability systems, using them in such environments is problematic. Organizations must assess the quality and security of components, but tool support for this task remains poor. New technology is needed that helps organizations prioritize and perform reviews. The product resulting from this SBIR research will be a suite of tools that helps organizations examine security and reliability properties of software, especially software developed by other parties. The suite will: (i) examine open-source, shareware, freeware, and COTS executables (i.e., binaries) and recommend specific analyses for particular code, based on criticality and risk, (ii) apply a variety of analysis techniques to binary code (and also source code, if available) to pinpoint specific security and reliability problems, and (iii) where possible and appropriate, perform automated vulnerability patching and remediation on codeincluding binary code.