• No results found

CHAPMAN & HALL/CRC INNOVATIONS IN SOFTWARE ENGINEERING AND SOFTWARE DEVELOPMENT. Software Test Attacks to Break Mobile and Embedded Devices

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "CHAPMAN & HALL/CRC INNOVATIONS IN SOFTWARE ENGINEERING AND SOFTWARE DEVELOPMENT. Software Test Attacks to Break Mobile and Embedded Devices"

Copied!
6
0
0

Loading.... (view fulltext now)

Download now ( 6 Page )

Full text

(1)

CHAPMAN & HALL/CRC INNOVATIONS IN

SOFTWARE ENGINEERING AND SOFTWARE DEVELOPMENT

Software Test Attacks to Break

Mobile and Embedded Devices

Jon Duncan Hagar

(g)

CRC Press

Taylor & Francis Group

Boca Raton London New York CRC Press is an imprint of the

Taylor & Francis Croup an informa business

(2)

Contents

Foreword by Dorothy Graham, xi Foreword by Lisa Crispin, xiii Preface, xv

Acknowledgments, xvii

Copyright and Trademarks Declaration Page, xix Introduction, xxi

Author, xxxiii

CHAPTER 1 • Setting the Mobile and Embedded Framework 1

OBJECTIVES OF TESTING MOBILE A N D EMBEDDED SOFTWARE SYSTEMS 1

WHAT IS EMBEDDED SOFTWARE? 2 WHAT ARE "SMART" HANDHELD A N D MOBILE SYSTEMS? 3

WHY MOBILE A N D EMBEDDED ATTACKS? 5

FRAMEWORK FOR ATTACKS 6 BEGINNING YOUR TEST STRATEGY 6

ATTACKS O N MOBILE A N D EMBEDDED SOFTWARE 8

IF YOU ARE NEW TO TESTING 9 AN ENLIGHTENED TESTER MAKES A BETTER TESTER 10

CHAPTER 2 • Developer Attacks: Taking the Code Head O n 13

ATTACK 1: STATIC CODE ANALYSIS 14 ATTACK 2: FINDING WHITE-BOX DATA COMPUTATION BUGS 21

(3)

vi • Contents

CHAPTER 3 • Control System Attacks 33

ATTACK 4: FINDING HARDWARE-SYSTEM UNHANDLED

USES IN SOFTWARE 33 ATTACK 5: HARDWARE-TO-SOFTWARE A N D

SOFTWARE-TO-HARDWARE SIGNAL INTERFACE BUGS 39 ATTACK 6: LONG-DURATION CONTROL ATTACK RUNS 45 ATTACK 7: BREAKING SOFTWARE LOGIC AND/OR CONTROL LAWS 49

ATTACK 8: FORCING THE UNUSUAL BUG CASES 54

CHAPTER 4 • Hardware Software Attacks 59

ATTACK 9: BREAKING SOFTWARE WITH HARDWARE

A N D SYSTEM OPERATIONS 59 SUB-ATTACK 9.1: BREAKING BATTERY POWER 65

ATTACK 10: FINDING BUGS IN HARDWARE-SOFTWARE

COMMUNICATIONS 66 ATTACK 11: BREAKING SOFTWARE ERROR RECOVERY 69

ATTACK 12: INTERFACE AND INTEGRATION TESTING 74 SUB-ATTACK 12.1: CONFIGURATION INTEGRATION EVALUATION 80

ATTACK 13: FINDING PROBLEMS IN SOFTWARE-SYSTEM

FAULT TOLERANCE 80

CHAPTER 5 • M o b i l e and Embedded Software Attacks 89

ATTACK 14: BREAKING DIGITAL SOFTWARE COMMUNICATIONS 89

ATTACK 15: FINDING BUGS IN THE DATA 94 ATTACK 1 6: BUGS IN SYSTEM-SOFTWARE COMPUTATION 97

ATTACK 17: USING SIMULATION A N D STIMULATION TO DRIVE

SOFTWARE ATTACKS 101 CHAPTER 6 • Time Attacks: "It's about T i m e " 107

ATTACK 18: BUGS IN TIMING INTERRUPTS

A N D PRIORITY INVERSIONS 108 STATE MODELING EXAMPLE 114 ATTACK 19: FINDING TIME-RELATED BUGS 116

ATTACK 20: TIME-RELATED SCENARIOS, STORIES, A N D TOURS 121

ATTACK 2 1 : PERFORMANCE TESTING INTRODUCTION 125

SUPPORTING CONCEPTS 139 COMPLETING A N D REPORTING THE PERFORMANCE ATTACK 140

(4)

CHAPTER 7 • Human User Interface Attacks: "The Limited

(and Unlimited) User Interface" 143

H O W TO GET STARTED—THE Ul 144 ATTACK 22: FINDING SUPPORTING (USER)

DOCUMENTATION PROBLEMS 146 SUB-ATTACK 224 : CONFIRMING INSTALL-ABILITY 149

ATTACK 23: FINDING MISSING OR WRONG ALARMS 149

ATTACK 24: FINDING BUGS IN HELP FILES 153

CHAPTER 8 • Smart and/or M o b i l e Phone Attacks 159

GENERAL NOTES A N D ATTACK CONCEPTS APPLICABLE TO MOST

MOBILE-EMBEDDED DEVICES 159 ATTACK 25: FINDING BUGS IN APPS 161

ATTACK 26: TESTING MOBILE A N D EMBEDDED GAMES 165 ATTACK 27: ATTACKING APP CLOUD DEPENDENCIES 170

CHAPTER 9 • Mobile/Embedded Security 177

THE CURRENT SITUATION 178 REUSING SECURITY ATTACKS 178 ATTACK 28: PENETRATION ATTACK TEST 180

ATTACK 28.1: PENETRATION SUB-ATTACKS:

AUTHENTICATION—PASSWORD ATTACK 186 ATTACK 28.2: SUB-ATTACK FUZZTEST 188 ATTACK 29: INFORMATION THEFT—STEALING DEVICE DATA 189

ATTACK 29.1: SUB-ATTACK—IDENTITY SOCIAL ENGINEERING 193

ATTACK 30: SPOOFING ATTACKS 194 ATTACK 30.1: LOCATION AND/OR USER PROFILE SPOOF SUB-ATTACK 199

ATTACK 30.2: GPS SPOOF SUB-ATTACK 200 ATTACK 3 1 : ATTACKING VIRUSES O N THE RUN IN FACTORIES OR PLCS 201

CHAPTER 10 • Generic Attacks 209

ATTACK 32: USING COMBINATORIAL TESTS 209 ATTACK 33: ATTACKING FUNCTIONAL BUGS 215 CHAPTER 11 • Mobile and Embedded System Labs 221

INTRODUCTION TO LABS 221

(5)

viii • Contents

WHY SHOULD A TESTER CARE? 224 WHAT PROBLEM DOES A TEST LAB SOLVE? 225

STAGED EVOLUTION OF A TEST LAB 227 SIMULATION ENVIRONMENTS 227 PROTOTYPE A N D EARLY DEVELOPMENT LABS 228

DEVELOPMENT SUPPORT TEST LABS 228

INTEGRATION LABS 230 PRE-PRODUCT A N D PRODUCT RELEASE (FULL TEST LAB) 230

FIELD LABS 230 OTHER PLACES LABS CAN BE REALIZED 232

DEVELOPING LABS: A PROJECT INSIDE OF A PROJECT 233

PLANNING LABS 233 REQUIREMENT CONSIDERATIONS FOR LABS 234

FUNCTIONAL ELEMENTS FOR A DEVELOPER SUPPORT LAB 234 FUNCTIONAL ELEMENTS FOR A SOFTWARE TEST LAB 235

TEST LAB DESIGN FACTORS 236 LAB IMPLEMENTATION 238 LAB CERTIFICATION 238 OPERATIONS A N D MAINTENANCE IN THE LAB 239

LAB LESSONS LEARNED 240 AUTOMATION CONCEPTS FOR TEST LABS 241

TOOLING TO SUPPORT LAB WORK 241

TEST DATA SET-UP 243 TEST EXECUTION: FOR DEVELOPER TESTING 244

TEST EXECUTION: GENERAL 245 PRODUCT A N D SECURITY ANALYSIS TOOLS 247

TOOLS FOR THE LABTEST RESULTS RECORDING 247

PERFORMANCE ATTACK TOOLING 248 BASIC A N D GENERIC TEST SUPPORT TOOLS 250

AUTOMATION: TEST ORACLES FOR THE LAB USING

MODELING TOOLS 251 SIMULATION, STIMULATION, A N D MODELING IN THE LAB TEST BED 253

CONTINUOUS REAL-TIME, CLOSED-LOOP SIMULATIONS TO SUPPORT

(6)

DATA COLLECTION, ANALYSIS, A N D REPORTING 260

POSTTEST DATA ANALYSIS 262 POSTTEST DATA REPORTING 265 WRAP UP: N-VERSION TESTING PROBLEMS IN LABS A N D MODELING 267

FINAL THOUGHTS: INDEPENDENCE, BLIND SPOTS,

A N D TEST LAB STAFFING 268

CHAPTER 12 • Some Parting Advice 273

ARE WE THERE YET? 273 WILL YOU GET STARTED TODAY? 273

ADVICE FOR THE "NEVER EVER" TESTER 273 BUG DATABASE, TAXONOMIES, A N D LEARNING FROM YOUR HISTORY 274

LESSONS LEARNED A N D RETROSPECTIVES 275 IMPLEMENTING SOFTWARE ATTACK PLANNING 275

REGRESSION A N D RETEST 277 WHERE DO YOU GO FROM HERE? 278

APPENDIX A: MOBILE AND EMBEDDED ERROR TAXONOMY: A SOFTWARE ERROR TAXONOMY (FOR TESTERS), 279

APPENDIX B: MOBILE AND EMBEDDED CODING RULES, 289

APPENDIX C: QUALITY FIRST: "DEFENDING THE SOURCE CODE SO THAT ATTACKS ARE NOT SO EASY," 293

APPENDIX D: BASIC TIMING CONCEPTS, 299

APPENDIX E: DETAILED MAPPING OF ATTACKS, 303

APPENDIX F: UI/GUI A N D GAME EVALUATION CHECKLIST, 307 APPENDIX G: RISK ANALYSIS, FMEA, A N D BRAINSTORMING, 313 REFERENCES 319

References

Download now ( PDF - 6 Page - 1.80 MB )

Related documents

Cash and Futures Price Relationships

The level of price does change, and it changes almost continually, so that at any given time the nature of change in cash grain prices is twofold: price level change and

Oesterreichische Nationalbank

Our results indicate that higher replacement rates, a higher tax wedge and a higher degree of union density significantly increase the impact of monetary policy on

Screening reservoir systems by considering the efficient trade-offs-informing infrastructure investment decisions on the Blue Nile

The objectives include minimizing the storage size of new infrastructures, maximizing firm monthly and average annual energy generation from the proposed dams and maximizing

Study on Blended Instruction in Automotive Technology for Secondary Education Students

For this study, blended online learning was used within a face-to-face automotive technology course that was offered as content enhancement for high school students and it

The Moderating Effects Of Protective And Risk Factors On Outcomes For Behavioral Smoking Cessation Treatment

(3) The relationship between social support and smoking cessation outcomes (change in cotinine scores, cigarette use, withdrawal, urges, motivations for quitting smoking, and LDA

Coatings for saltwater pipelines

performance of the fusion-bonded epoxy coatings can be improved by advanced composite coatings reinforced with nanomaterials (Saliba, Mansur, & Mansur, 2016) [39]. These

Effects of Work Life Balance on Employee Loyalty in Private Commercial Banks of Bangladesh

The study examines employee loyalty’s relationship with work life balance opportunities in private commercial banking sector of Bangladesh.The specific objectives of

Responding to Sovereign Funds: Are We Looking in the Right Place?

In summary, if we take foreign individual investors as the relevant class with which to compare the tax position of SWFs, it’s difficult to ignore the prevalence of home