A software assurance framework for mitigating the risks of malicious software in embedded systems used in aircraft
11Sep_Ginn.pdf (607.2Kb)Abstract
techniques that can be used to detect malicious code in individual aircraft Weapons Replaceable Assemblies (WRAs) risks and mitigation strategies related to a generic aircraft software development process system level techniques to prevent embedded malicious software from causing harm in aircraft and a technique for documenting Software Assurance (SwA) arguments being made about the system and the individual WRAs. Malicious software represents a significant and growing threat to Defense systems. Threats to airborne systems in particular can be characterized not by system vulnerability to Internet based exploits but rather by the risk posed by malicious code already present in the system's software. Although there are software techniques to detect and prevent certain types of attacks, a Systems Engineer has access to system level information and system design techniques that can quantify and in many cases mitigate the risks posed by potential malicious code present in the system. These techniques are especially applicable to malicious code in embedded airborne system although they can be applied to other systems that share certain traits. This thesis provides an overview of the types of threat involved
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.Related items
Showing items related by title, author, creator and subject.
-
Assessing the Consequence of Cyber and Physical Malicious Attacks in Complex, Cyber-Physical Systems During Early System Design
(IEEE, 2018);This research contributes to the lifecycle assessment of complex cyber-physical systems (CCPSs) to better understand and mitigate risks of malicious attacks through design. This assessment capability is proposed during the ... -
An approach for detecting malicious emails using runtime monitoring with hidden data
(Monterey, California: Naval Postgraduate School, 2016-09);Computer systems continue to be at risk of attack by malicious software that are attached to email. Email has been determined to be the cause of 80% of computer virus infections. Millions of dollars are lost yearly due to ... -
Total Ownership Cost—System Software Impacts
(Monterey, California. Naval Postgraduate School, 2017-04); NPS-CE-17-042Department of Defense (DoD) software-intensive systems and the software content in other systems will continue to grow and may dominate total ownership costs (TOC) in the future. These costs are exacerbated by the fact ...
