Monday, May 4, 2015

Protecting the integrity of software


Breakdowns, security, hazards, etc are all over the place these days, and so Matthew Squair's presentation on Software Partitioning Integrity is very timely. He subtitles it "A short tutorial on the basic architectural principles of integrity level partitioning"

You'll learn pithy things like this:
If You Can Keep Them Separate (Partitioning)
Then You Can Bring Them Together (Composition)
Greve & Wilding HCSS 03
Of course in the world of system engineering, we talk about decoupling and coupling, the former to manage the propagation of risk and provide for independence of action; the latter to create a means for integrating actions.

And, at an even higher level, these principles are applicable to portfolios, and the way projects, scope, and security is partitioned among portfolio constituents.

A few definitions are helpful, especially when looking at the system either in terms of safety or security (perhaps attention to aircraft cockpit security could benefit by this):
Strict Protection
– Component X can be said to be strictly protected from Y if any behavior of
Y has no effect on the operation of X
Safety Protection
– Component X can be said to be safely protected from Y if any behavior of
Y has no effect on the safety properties of X
 Two-way (symmetric) protection
– Component X is protected from Y, and Y is protected from X
 One-way (asymmetric) protection
– Component X is protected from Y, but component Y is not protected from
X
Beyond software
This presentation actually goes beyond software to the very top of the architecture, to include hardware, and the interactions of hardware and software vis a vis safety, isolation, and protection.

If you're in this business (and actually who is not thinking of security these days) this is a good read.

Read in the library at Square Peg Consulting about these books I've written
Buy them at any online book retailer!
http://www.sqpegconsulting.com
Read my contribution to the Flashblog

No comments:

Post a Comment