Assuring Trustworthiness via Structured Assurance Cases
Artifacts
Detection Methods
Coverage
Design Review
CONOPS
Requirements
Architecture
Code Review
Attack Surface Analysis
Which tools and
techniques will find the
CWEs or CVEs I care
about?
Static Analysis Tool A
Design
Process
Code
Static Analysis Tool B
Most
Important
Weaknesses
Dynamic Analysis Tool C
Binary
Running Binary Fuzz Testing
Environment of System Pen Testing
Use of Mission Software Blue Teaming
Red Teaming
Figure 13: Matching Coverage to Weaknesses of Interest
about are addressed/detected. Identifying
multiple techniques instead of one for a
multitude of weaknesses will provide
greater coverage.
As an example, if we revisit our focus on
automotive and think about the attack
surface for cars, there is a constrained
number of approaches for attacking a car 32 :
You can attack through the services by trying
to interrupt them and perform a man-in-the-
middle attack; you can exploit software
vulnerabilities in the actual commercial and
open source software being used; you can
try to retrieve data through sniffing attacks;
you can go after the mobile devices or
compromise physical components to
infiltrate software; and you can try to attack
the updates and download malware or
malicious software.
W HEN A SSURANCE A CTIVITIES A RE
N OT A LIGNED
In an organization, different parties that are
responsible for security, safety and reliability
should be aligned along similar principles.
For example, using CWE and CAPEC can be
thought of as a list of those attacks that
should be considered and the different kinds
of weaknesses that should be looked for to
help make sure the analysis is as complete as
possible, whether it is an analysis of the
software’s architecture, design, code, or the
way the code is deployed.
For an assurance effort, we need to figure
out how to address these threats and
remove as much of the attack surface as
32
Kaspersky Lab, “Connected cars: Secure by design,” June 2017, https://www.kaspersky.com/blog/connected-cars-secure-by-
design/16947/
September 2018
- 56 -