Security has always been a very hot topic, and it seems like every week we hear news about how such and such a company was hacked and the data of millions of users was leaked.
Part of the reason we see so many security issues is because of the way we treat security: Security is often considered an afterthought, something added to a device at the end of development. However, complex systems, especially embedded systems, have a large attack surface, which allows attackers to exploit and find holes in their armor. If you study the ways in which most hackers attempt to break into systems, you'll quickly discover that their favorite tool in their arsenal is to find and exploit software vulnerabilities in devices.
If software vulnerabilities are an entry point for hackers to exploit, then we need to improve our code quality to solve this problem. But how serious is the problem, and what can we do to solve it?
Code vulnerabilities are easy targets for hackers
Poor code quality is actually a widespread problem, and there's quite a bit of evidence to support the claim that poor coding directly leads to vulnerabilities. While many software engineering experts have been preaching this for years, the first real realization of it was perhaps 2001, when the Code Red worm imposed a buffer on Microsoft's Internet Information Services (IIS) Overflow attack. [1] Although the first documented buffer overflow attack occurred in 1988, targeting the Unix finger instruction, the impact on ordinary people was very limited and therefore did not make headlines.
As Code Red caused massive Internet slowdowns and was splashed across the news, suddenly we were seeing an increase in buffer overflow attacks everywhere, and it seemed that security researchers and hackers were attacking all kinds of systems, including These vulnerabilities are found everywhere in embedded systems. Using a buffer overflow attack, a hacker can run any code they want on the affected system, targeting anything that uses a fixed-length buffer to hold text or data. The hacker fills the buffer space to the maximum and then writes executable code at the end of the legitimate buffer space. The compromised system will then execute the code at the end of the buffer, which in many cases allows the attacker to do whatever they want. [2]
This type of attack became an emergency because coding to check and enforce buffer limits was not common at the time, but is now recommended by many coding standards, such as mitre.org's Common Weakness Enumeration (CWE) Check the buffer for this type of vulnerability. [3] Unfortunately, developers generally do not look for this problem when writing code. Code analysis tools are usually needed to find these problems, so that developers will realize the problem exists and fix it. A simple code quality improvement like this can greatly improve the security of your code by eliminating one of the most common tactics used by hackers. Therefore, it is good coding to check and enforce the buffer length in your code.
Not just a buffer overflow
However, the problem isn't just about buffer overflows, it's actually a systemic problem, with sloppy coding often leading to countless security holes that hackers can exploit to break into the system. A paper published by the Software Engineering Institute (SEI) makes this point very clear:
"...Quality performance metrics provide a basis for determining high-quality products and predicting safety and security outcomes. Many items in the Common Weakness List (CWE), such as improper use of programming language constructs, buffer overflows, validated input Value failures, etc., may be related to low-quality coding and development processes. Improving code quality is a necessary condition for solving some software security problems.”[4]
The paper also points out that because many security problems are caused by software vulnerabilities, security problems can be treated just like more common coding vulnerabilities, and you can apply traditional quality assurance techniques to help solve at least part of the security problem.
Since normal software quality assurance processes allow us to estimate the number of vulnerabilities remaining in a system, can the same be done for security vulnerabilities? While the SEI does not confirm a mathematical relationship between code quality and security, they do state that between 1% and 5% of software vulnerabilities are security vulnerabilities, and go on to note that their evidence shows that when security vulnerabilities are tracked, they can accurately Estimating the level of code quality in the system. [4] This ultimately shows that code quality is a necessary (but not sufficient) condition for security, truly defeating the idea that security can be viewed as something added to the device at the end of development. Instead, security must run through the DNA of the project, from design to coding, all the way to production.
Coding standards can help a lot
Many of the most common security vulnerabilities are addressed in coding standards such as mitre.org's Common Defect List, and point out other areas to focus on, such as divide-by-zero errors, data injection, loop irregularities, null pointer exploits, and character String parsing error. MISRA C and MISRA C++ also promote coding security and reliability to prevent security vulnerabilities from seeping into your code. While these coding standards can catch many common vulnerabilities, developers must think longer term when writing code: How could a hacker exploit the code I just wrote? Where is the vulnerability? Have I made assumptions about what the inputs will look like and how the outputs will be used? A good rule of thumb is that if you are making assumptions, those assumptions should be turned into code to ensure that what you are expecting is actually what you are getting. If you don't, hackers will take action.
But what about open source software? The typical argument for using open source components in design relies on a "proven in use" argument: so many people use it, it must be good. The same SEI paper also has some elaboration on this issue:
"Besides being free, one of the touted benefits of open source is the idea that 'having a lot of people paying attention to the source code means security issues can be discovered quickly and anyone can fix them without relying on the vendor.' However, the reality is What happens is that without a disciplined and consistent focus on eliminating vulnerabilities, security holes and other vulnerabilities will appear in the code.”[4]
In other words, SEI believes that the "proven in use" argument is meaningless and is reminiscent of the story of Anybody, Somebody, Nobody, and Everybody when applying quality assurance to open source code. Furthermore, your tests are not enough to prove that the code is satisfactory. The SEI says that code quality standards like CWE can uncover problems in your code that are often not discovered in standard tests and are usually only discovered when hackers exploit vulnerabilities. [4] To prove this, in May 2020, researchers at Purdue University demonstrated 26 vulnerabilities in the open source USB stack used in Linux, macOS, Windows, and FreeBSD. [5] So, when it comes to security, code quality is key, and all code matters.
Code analysis tools help with standards compliance
In addressing code quality issues, what can we do to improve the security of our applications? The simple answer is to use code analysis tools. There are two basic types of these tools: static analysis tools, which only look at the source code of the application, and runtime (or dynamic) analysis tools, which instrument the code. , looking for vulnerabilities such as null pointers and data injection methods. IAR can provide both tools, including the static analysis tool IAR C-STAT and the runtime analysis tool IAR C-RUN, both of which are fully integrated in the IAR Embedded Workbench development environment. High-quality code analysis tools include checks for CWE, MISRA, and CERT C. CERT C is another coding standard designed to promote coding security. Together, these three rule sets form a premium combination for coding that promotes security: some rulesets overlap with others, but also provide unique features that can help ensure that your code Has a high degree of security. Using these standards will also help ensure you have the highest quality code and may even uncover some potential vulnerabilities in your code.
High-quality code is safe code
Ensuring code quality ensures code security. Don't put the responsibility for code quality on others, because other people's vulnerabilities may cause you a security nightmare. But there is hope, because code analysis tools can help you quickly find bugs before they cause trouble. The road to security always passes through code quality.
Previous article:The 30th anniversary of e-sports, you shine the brightest!
Next article:Dalian Shiping Group launches BCM development board solution based on Xinchi Technology products
- Popular Resources
- Popular amplifiers
- Analysis of the application of several common contact parts in high-voltage connectors of new energy vehicles
- Wiring harness durability test and contact voltage drop test method
- Sn-doped CuO nanostructure-based ethanol gas sensor for real-time drunk driving detection in vehicles
- Design considerations for automotive battery wiring harness
- Do you know all the various motors commonly used in automotive electronics?
- What are the functions of the Internet of Vehicles? What are the uses and benefits of the Internet of Vehicles?
- Power Inverter - A critical safety system for electric vehicles
- Analysis of the information security mechanism of AUTOSAR, the automotive embedded software framework
- Brief Analysis of Automotive Ethernet Test Content and Test Methods
Professor at Beihang University, dedicated to promoting microcontrollers and embedded systems for over 20 years.
- LED chemical incompatibility test to see which chemicals LEDs can be used with
- Application of ARM9 hardware coprocessor on WinCE embedded motherboard
- What are the key points for selecting rotor flowmeter?
- LM317 high power charger circuit
- A brief analysis of Embest's application and development of embedded medical devices
- Single-phase RC protection circuit
- stm32 PVD programmable voltage monitor
- Introduction and measurement of edge trigger and level trigger of 51 single chip microcomputer
- Improved design of Linux system software shell protection technology
- What to do if the ABB robot protection device stops
- Learn ARM development(14)
- Learn ARM development(15)
- Analysis of the application of several common contact parts in high-voltage connectors of new energy vehicles
- Wiring harness durability test and contact voltage drop test method
- From probes to power supplies, Tektronix is leading the way in comprehensive innovation in power electronics testing
- From probes to power supplies, Tektronix is leading the way in comprehensive innovation in power electronics testing
- Sn-doped CuO nanostructure-based ethanol gas sensor for real-time drunk driving detection in vehicles
- Design considerations for automotive battery wiring harness
- Do you know all the various motors commonly used in automotive electronics?
- What are the functions of the Internet of Vehicles? What are the uses and benefits of the Internet of Vehicles?
- In these years in the forum
- Supercapacitor constant power charging and voltage regulation
- Design of low power consumption, wireless type wireless sensor network
- Boss, what's your home WIFI password? ——Qorvo~Wi-Fi 6
- [RVB2601 Creative Application Development] 2 Realize long press and short press
- When BLE meets MEMS——attitude calculation
- Routine program for controlling stepper servo motor with single chip microcomputer and xc1004 four-axis SPI motion control chip
- How to operate hardware setting
- Lazy voice-controlled lamp based on Gizwits Cloud
- Take the test on TI.com.cn and enjoy 10% off!