This thesis has examined all phases of waterfall methodology from security point of view. Requirement analysis phase proved to be elaborated and we did not have anything to add. However, design, implementation, verification, deployment and maintenance phases presented areas for improvement and we analyzed them in this thesis. This thesis is a valuable resource for further advancements in secure application development.
11.1. Results
Security traits and robustness of software can be increased in huge amount with correct decision in design phase. Similarly, a bad design can render otherwise good security tools useless. Even worse, bad design can cause to false sense of security, which is only good for attackers. Even the oldest technologies can present new usage platforms if they have sound design. Design patterns research showed us that good security is another aspect of good design and must be taken account always; usage of design patterns may support a good structural design, but it cannot guarantee secure design. Secure design is another subject that academics are still working on.
Researches in implementation phase showed us that even smallest part of code could cause big vulnerabilities. Furthermore, it proved usage of static code analyzers to prevent detectable code defects. A research about formatting and commenting of source code revealed that even high caliber developers tend to omit these good habits, yet they want to have them. That survey also revealed that there is high benefit with keeping code readable.
Verification phase of software lifecycle is supported with many tools; most useful of them is examined in this thesis. Apparently, many software companies are not using them effectively, because they could have prevented many of the vulnerabilities. We consider this fact as a result that demonstrates unstructured approach to security practices.
Deployment phase proved to be least researched area of waterfall methodology. Discovery of this fact is probably because of the unique approach of this thesis. Contribution of this thesis is examination of compiler switches from security point of view.
This thesis put the sometimes-overlooked importance of maintenance phase in front of the eyes of researchers. A research of Microsoft Corporation security bulletins revealed that even software a giant like Microsoft Corporation is suffering from regressions. That research also showed that security initiatives are really helping Microsoft Corporation to reduce the number of successful attacks and to increase company reputation. This thesis described important points to prevent regressions from happening.
This thesis also presented a checklist to ensure coverage of new topics that are unique to this thesis. Furthermore, there was a chapter about retrofitting existing applications in a time-limited environment. This structured approach has been very helpful in authors personal projects’ security pushes.
11.2. Further Research Areas
Security of applications is still fertile and fruitful area of computer science. Further researches in that area will contribute in trustworthy computing environments, which we believe is one of the main building blocks of advanced integrated computing systems. Although each technologic advancement has its own place, we still think that without proper security countermeasures, they will be rendered practically useless.
One of the biggest advancements in security point of view could be done with articles that present information about advanced code analyzing tools. There are some tools in the public domain, but they just analyze code statically. Static analyze means statistically analyzing without actually executing and further interpreting the code. Dynamic analyzing methods can help defining security vulnerabilities and understanding possible weakest links. They can especially contribute in society by analyzing nested code, code relation, data flow, binary representation and execution flow. These areas are weakest areas of static analyzers.
Another code execution analyzer advancements can be in variable usage area. Each variable in each scope becomes different values throughout its lifetime. Some of them can reach or exceed bit limits of values. Even approaching to limits can be alarming. A smart analyzer should understand value assignment trend. Moreover, it should understand what type of operations causes generation of values for assignment. That way, analyzer can deduct which values are actual limits for variables. For example, if a variable holds values of a multiplication, it can grow exponentially and even slightest trend for increase in its values can be proved to be a threat.
Deployment is the least worked on phase of waterfall methodology. We strongly believe that there is a good opportunity for further advancements in that area. We especially suggest methods for hot patching binaries in the memory. This way, it will be possible to apply patches without restarting processes or the system. Biggest advantage will be the ability to install latest security patches without any delays (for instance waiting for server maintenance schedules etc).
We also would like to see advancements in tools that automatically track changes that are performed by the applications during their lifetimes. This information can then be used to uninstall applications in a way that they were never existed. The biggest challenge we see in development of such tools is its performance and transparency. Accuracy is another challenge, but can be resolved with cooperation of applications.
As research in regression section shows, industry needs a way to reduce number of regressions caused from vulnerabilities. Increased size of code base and number of supported platforms makes this need high priority. Regressions can be decreased in several ways. One of them is improving maintenance processes. This is generally more costly approach, because it involves new hires or organizational changes. On the other hand, designing software to be maintenance aware could be very cost efficient. Although we are not aware of such an academic paper, some companies (especially Microsoft in order to support its aging operating system Windows) implement some methods. An academic research could help the industry in a broader perspective.