CHAPMAN & HALL/CRC INNOVATIONS IN SOFTWARE ENGINEERING AND SOFTWARE DEVELOPMENT. Software Test Attacks to Break Mobile and Embedded Devices



Similar documents
SOFTWARE TESTING AS A SERVICE

RESILIENT. SECURE and SOFTWARE. Requirements, Test Cases, and Testing Methods. Mark S. Merkow and Lakshmikanth Raghavan. CRC Press

Cloud Computing. and Scheduling. Data-Intensive Computing. Frederic Magoules, Jie Pan, and Fei Teng SILKQH. CRC Press. Taylor & Francis Group

Development and Management

Implementation. Business-Driven IT-Wide Agile (Scrum) and Kanban (Lean) Andrew T. Pham and David K. Pham. An Action Guide for Business and IT Leaders

Ctfo MANAGEMENT SECURITY PATCH. Felicia M. Nicastro. Second Edition. CRC Press. VC#*' J Taylor & Francis Group / Boca Raton London New York

Implementing the Project Management Balanced Scorecard

Networking. Cloud and Virtual. Data Storage. Greg Schulz. Your journey. effective information services. to efficient and.

ANDROID SECURITY ATTACKS AND DEFENSES ABHISHEK DUBEY I ANMOL MISRA. ( r öc) CRC Press VV J Taylor & Francis Group ^ "^ Boca Raton London New York

Information Technology and Organizational Learning

Advances in Network Management

Grid Computing FUNDAMENTALS OF. Theory, Algorithms and Technologies. Frederic Magoules. Edited by. CRC Press

Management. Project. Software. Ashfaque Ahmed. A Process-Driven Approach. CRC Press. Taylor Si Francis Group Boca Raton London New York

Computer Security Literacy

Management. ITIL Release. Dave Howard. A Hands-on Guide. CRC Press. Taylor & Francis Group. Taylor St Francis Croup, an Informa business

Engineering Design. Software. Theory and Practice. Carlos E. Otero. CRC Press. Taylor & Francis Croup. Taylor St Francis Croup, an Informa business

Effective Methods for Software and Systems Integration

Quality Management. Theory and Application PETER D. MAUCH. Ltfi) CRC Press. \ V J Taylor & Francis Group. ^ ^ Boca Raton London New York

THE COMPLETE PROJECT MANAGEMENT METHODOLOGY AND TOOLKIT

Study Guide. ScrumMaster. The. James Schiel. CRC Press. Taylor & Francis Croup, an Inform* business AN AUERBACH BOOK. CRC Press (s an imprint of the

Customer and Business Analytic

Detection. Perspective. Network Anomaly. Bhattacharyya. Jugal. A Machine Learning »C) Dhruba Kumar. Kumar KaKta. CRC Press J Taylor & Francis Croup

Improving Business Process Performance

Introduction to Supply Chain Management Technologies

Networking. Systems Design and. Development. CRC Press. Taylor & Francis Croup. Boca Raton London New York. CRC Press is an imprint of the

Data Center Storage. Hubbert Smith. Implementation, and Management »C) Cost-Effective Strategies, CRC Press J Taylor & Francis Group

SOFTWARE TESTING. A Craftsmcm's Approach THIRD EDITION. Paul C. Jorgensen. Auerbach Publications. Taylor &. Francis Croup. Boca Raton New York

Mining. Practical. Data. Monte F. Hancock, Jr. Chief Scientist, Celestech, Inc. CRC Press. Taylor & Francis Group

CLINICAL DATA MANAGEMENT

The Green and Virtual Data Center

CREATING A THIRD EDITION DAVID MANN

SECOND EDITION THE SECURITY RISK ASSESSMENT HANDBOOK. A Complete Guide for Performing Security Risk Assessments DOUGLAS J. LANDOLL

Schneps, Leila; Colmez, Coralie. Math on Trial : How Numbers Get Used and Abused in the Courtroom. New York, NY, USA: Basic Books, p i.

Requirements Engineering for Software

Cloud Computing. Implementation, Management, and Security. John W. Rittinghouse James F. Ransome

Supply Chain Risk. An Emerging Discipline. Gregory L. Schlegel. Robert J. Trent

A Simulation-Based lntroduction Using Excel

Parallel Computing for Data Science

Open Source Data Warehousing and Business Intelligence

GFSU Certified Cyber Crime Investigator GFSU-CCCI. Training Partner. Important dates for all batches

Warning Signs and the Red Flag System

for Research and Guiding Innovation for Positive R&D Outcomes Lory Mitchell Wingate

Green Project Management

Security Metrics. A Beginner's Guide. Caroline Wong. Mc Graw Hill. Singapore Sydney Toronto. Lisbon London Madrid Mexico City Milan New Delhi San Juan

Expert Oracle Application. Express Security. Scott Spendolini. Apress"

Lean Management System LMS:2OI2

BIOTECHNOLOGY OPERATIONS

Business Architecture

Development. Resilient Software. Secure and. Mark S. Merkow Lakshmikanth Raghavan. CRC Press. Taylor& Francis Croup. Taylor St Francis Group,

Dealer Tutorial. Uplink Customer Service UPLINK 2010 Uplink Security, LLC. All rights reserved.

Introduction to Financial Models for Management and Planning

BUSINESS ANALYSIS FDR INTELLIGENCE

EFFECTIVE NON-PROFIT MANAGEMENT

Business Information Systems and Technology

TOYOTA. by TOYOTA. Reflections from the Inside Leaders on the Techniques That Revolutionized the Industry. Edited by Samuel Obara and Darril Wilburn

The Unified Software Development Process

METHODS IN MEDICAL INFORMATICS

Contents. Introduction and System Engineering 1. Introduction 2. Software Process and Methodology 16. System Engineering 53

The Software. Audit Guide. ASQ Quality Press. Milwaukee, Wisconsin. John W. Helgeson

Delivery. Enterprise Software. Bringing Agility and Efficiency. Global Software Supply Chain. AAddison-Wesley. Alan W. Brown.

INNOVATION MANAGEMENT

Deliuery Networks. A Practical Guide to Content. Gilbert Held. Second Edition. CRC Press. Taylor & Francis Group

Software Factories: Assembling Applications with Patterns, Models, Frameworks, and Tools

1 Introduction Services and Applications for HSPA Organization of the Book 6 References 7

Contents. iii. ix xi xi xi xiii xiii xiii xiv xv xvi xvii xix

Governance Simplified

Design of Enterprise Systems

Winning the Hardware-Software Game

Network Security: A Practical Approach. Jan L. Harrington

Training Guide: Configuring Windows8 8

Computer-Aided Multivariate Analysis

Customer Relationship Management

Workflow Administration of Windchill 10.2

Location-Based Information Systems

MOBILE VIDEO WITH MOBILE IPv6

The Geography of International terrorism

"Charting the Course to Your Success!" MOC D Windows 7 Enterprise Desktop Support Technician Course Summary

Project Management Concepts, Methods, and Techniques

How To Understand The Pharmacology Of The Pharmaceutical Industry

Encrypting with BitLocker for disk volumes under Windows 7

Beginning Nokia Apps. Development. Qt and HTIVIL5 for Symbian and MeeGo. Ray Rischpater. Apress. Daniel Zucker

Exploratory Data Analysis with MATLAB

1 of 7 31/10/ :34

Green Energy Technology, Economics and Policy

Cyber Attacks. Protecting National Infrastructure Student Edition. Edward G. Amoroso

Managing Data in Motion

Open Source Toolkit. Penetration Tester's. Jeremy Faircloth. Third Edition. Fryer, Neil. Technical Editor SYNGRESS. Syngrcss is an imprint of Elsevier

Computing. Federal Cloud. Service Providers. The Definitive Guide for Cloud. Matthew Metheny ELSEVIER. Syngress is NEWYORK OXFORD PARIS SAN DIEGO

External Supplier Control Requirements

Securing the Cloud. Cloud Computer Security Techniques and Tactics. Vic (J.R.) Winkler. Technical Editor Bill Meine ELSEVIER

Tuning Tips & Techniques

Transcription:

CHAPMAN & HALL/CRC INNOVATIONS IN SOFTWARE ENGINEERING AND SOFTWARE DEVELOPMENT Software Test Attacks to Break Mobile and Embedded Devices Jon Duncan Hagar (g) CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Croup an informa business A CHAPMAN & HALL BOOK

Contents Foreword by Dorothy Graham, xi Foreword by Lisa Crispin, xiii Preface, xv Acknowledgments, xvii Copyright and Trademarks Declaration Page, xix Introduction, xxi Author, xxxiii CHAPTER 1 Setting the Mobile and Embedded Framework 1 OBJECTIVES OF TESTING MOBILE AND EMBEDDED SOFTWARE SYSTEMS 1 WHAT IS EMBEDDED SOFTWARE? 2 WHAT ARE "SMART" HANDHELD AND MOBILE SYSTEMS? 3 WHY MOBILE AND EMBEDDED ATTACKS? 5 FRAMEWORK FOR ATTACKS 6 BEGINNING YOUR TEST STRATEGY 6 ATTACKS ON MOBILE AND EMBEDDED SOFTWARE 8 IF YOU ARE NEW TO TESTING 9 AN ENLIGHTENED TESTER MAKES A BETTER TESTER 10 CHAPTER 2 Developer Attacks: Taking the Code Head On 13 ATTACK 1: STATIC CODE ANALYSIS 14 ATTACK 2: FINDING WHITE-BOX DATA COMPUTATION BUGS 21 ATTACK 3: WHITE-BOX STRUCTURAL LOGIC FLOW COVERAGE 25 TEST COVERAGE CONCEPTS FOR WHITE-BOX STRUCTURAL TESTING 28 NOTE OF CONCERN IN MOBILE AND EMBEDDED ENVIRONMENTS 29

vi Contents CHAPTER 3 Control System Attacks 33 ATTACK 4: FINDING HARDWARE-SYSTEM UNHANDLED USES IN SOFTWARE 33 ATTACK 5: HARDWARE-TO-SOFTWARE AND SOFTWARE-TO-HARDWARE SIGNAL INTERFACE BUGS 39 ATTACK 6: LONG-DURATION CONTROL ATTACK RUNS 45 ATTACK 7: BREAKING SOFTWARE LOGIC AND/OR CONTROL LAWS 49 ATTACK 8: FORCING THE UNUSUAL BUG CASES 54 CHAPTER 4 Hardware Software Attacks 59 ATTACK 9: BREAKING SOFTWARE WITH HARDWARE AND SYSTEM OPERATIONS 59 SUB-ATTACK 9.1: BREAKING BATTERY POWER 65 ATTACK 10: FINDING BUGS IN HARDWARE-SOFTWARE COMMUNICATIONS 66 ATTACK 11: BREAKING SOFTWARE ERROR RECOVERY 69 ATTACK 12: INTERFACE AND INTEGRATION TESTING 74 SUB-ATTACK 12.1: CONFIGURATION INTEGRATION EVALUATION 80 ATTACK 13: FINDING PROBLEMS IN SOFTWARE-SYSTEM FAULT TOLERANCE 80 CHAPTER 5 Mobile and Embedded Software Attacks 89 ATTACK 14: BREAKING DIGITAL SOFTWARE COMMUNICATIONS 89 ATTACK 15: FINDING BUGS IN THE DATA 94 ATTACK 1 6: BUGS IN SYSTEM-SOFTWARE COMPUTATION 97 ATTACK 17: USING SIMULATION AND STIMULATION TO DRIVE SOFTWARE ATTACKS 101 CHAPTER 6 Time Attacks: "It's about Time" 107 ATTACK 18: BUGS IN TIMING INTERRUPTS AND PRIORITY INVERSIONS 108 STATE MODELING EXAMPLE 114 ATTACK 19: FINDING TIME-RELATED BUGS 116 ATTACK 20: TIME-RELATED SCENARIOS, STORIES, AND TOURS 121 ATTACK 21: PERFORMANCE TESTING INTRODUCTION 125 SUPPORTING CONCEPTS 139 COMPLETING AND REPORTING THE PERFORMANCE ATTACK 140 WRAPPING UP 140

Contents vii CHAPTER 7 Human User Interface Attacks: "The Limited (and Unlimited) User Interface" 143 HOW TO GET STARTED THE Ul 144 ATTACK 22: FINDING SUPPORTING (USER) DOCUMENTATION PROBLEMS 146 SUB-ATTACK 224 : CONFIRMING INSTALL-ABILITY 149 ATTACK 23: FINDING MISSING OR WRONG ALARMS 149 ATTACK 24: FINDING BUGS IN HELP FILES 153 CHAPTER 8 Smart and/or Mobile Phone Attacks 159 GENERAL NOTES AND ATTACK CONCEPTS APPLICABLE TO MOST MOBILE-EMBEDDED DEVICES 159 ATTACK 25: FINDING BUGS IN APPS 161 ATTACK 26: TESTING MOBILE AND EMBEDDED GAMES 165 ATTACK 27: ATTACKING APP CLOUD DEPENDENCIES 170 CHAPTER 9 Mobile/Embedded Security 177 THE CURRENT SITUATION 178 REUSING SECURITY ATTACKS 178 ATTACK 28: PENETRATION ATTACK TEST 180 ATTACK 28.1: PENETRATION SUB-ATTACKS: AUTHENTICATION PASSWORD ATTACK 186 ATTACK 28.2: SUB-ATTACK FUZZTEST 188 ATTACK 29: INFORMATION THEFT STEALING DEVICE DATA 189 ATTACK 29.1: SUB-ATTACK IDENTITY SOCIAL ENGINEERING 193 ATTACK 30: SPOOFING ATTACKS 194 ATTACK 30.1: LOCATION AND/OR USER PROFILE SPOOF SUB-ATTACK 199 ATTACK 30.2: GPS SPOOF SUB-ATTACK 200 ATTACK 31: ATTACKING VIRUSES ON THE RUN IN FACTORIES OR PLCS 201 CHAPTER 10 Generic Attacks 209 ATTACK 32: USING COMBINATORIAL TESTS 209 ATTACK 33: ATTACKING FUNCTIONAL BUGS 215 CHAPTER 11 Mobile and Embedded System Labs 221 INTRODUCTION TO LABS 221 TO START 222 TEST FACILITIES 223

viii Contents WHY SHOULD A TESTER CARE? 224 WHAT PROBLEM DOES A TEST LAB SOLVE? 225 STAGED EVOLUTION OF A TEST LAB 227 SIMULATION ENVIRONMENTS 227 PROTOTYPE AND EARLY DEVELOPMENT LABS 228 DEVELOPMENT SUPPORT TEST LABS 228 INTEGRATION LABS 230 PRE-PRODUCT AND PRODUCT RELEASE (FULL TEST LAB) 230 FIELD LABS 230 OTHER PLACES LABS CAN BE REALIZED 232 DEVELOPING LABS: A PROJECT INSIDE OF A PROJECT 233 PLANNING LABS 233 REQUIREMENT CONSIDERATIONS FOR LABS 234 FUNCTIONAL ELEMENTS FOR A DEVELOPER SUPPORT LAB 234 FUNCTIONAL ELEMENTS FOR A SOFTWARE TEST LAB 235 TEST LAB DESIGN FACTORS 236 LAB IMPLEMENTATION 238 LAB CERTIFICATION 238 OPERATIONS AND MAINTENANCE IN THE LAB 239 LAB LESSONS LEARNED 240 AUTOMATION CONCEPTS FOR TEST LABS 241 TOOLING TO SUPPORT LAB WORK 241 TEST DATA SET-UP 243 TEST EXECUTION: FOR DEVELOPER TESTING 244 TEST EXECUTION: GENERAL 245 PRODUCT AND SECURITY ANALYSIS TOOLS 247 TOOLS FOR THE LABTEST RESULTS RECORDING 247 PERFORMANCE ATTACK TOOLING 248 BASIC AND GENERIC TEST SUPPORT TOOLS 250 AUTOMATION: TEST ORACLES FOR THE LAB USING MODELING TOOLS 251 SIMULATION, STIMULATION, AND MODELING IN THE LAB TEST BED 253 CONTINUOUS REAL-TIME, CLOSED-LOOP SIMULATIONS TO SUPPORT LAB TEST ENVIRONMENTS 256 KEYWORD-DRIVEN TEST MODELS AND ENVIRONMENTS 259

Contents ix DATA COLLECTION, ANALYSIS, AND REPORTING 260 POSTTEST DATA ANALYSIS 262 POSTTEST DATA REPORTING 265 WRAP UP: N-VERSION TESTING PROBLEMS IN LABS AND MODELING 267 FINAL THOUGHTS: INDEPENDENCE, BLIND SPOTS, AND TEST LAB STAFFING 268 CHAPTER 12 Some Parting Advice 273 ARE WE THERE YET? 273 WILL YOU GET STARTED TODAY? 273 ADVICE FOR THE "NEVER EVER" TESTER 273 BUG DATABASE, TAXONOMIES, AND LEARNING FROM YOUR HISTORY 274 LESSONS LEARNED AND RETROSPECTIVES 275 IMPLEMENTING SOFTWARE ATTACK PLANNING 275 REGRESSION AND RETEST 277 WHERE DO YOU GO FROM HERE? 278 APPENDIX A: MOBILE AND EMBEDDED ERROR TAXONOMY: A SOFTWARE ERROR TAXONOMY (FOR TESTERS), 279 APPENDIX B: MOBILE AND EMBEDDED CODING RULES, 289 APPENDIX C: QUALITY FIRST: "DEFENDING THE SOURCE CODE SO THAT ATTACKS ARE NOT SO EASY," 293 APPENDIX D: BASIC TIMING CONCEPTS, 299 APPENDIX E: DETAILED MAPPING OF ATTACKS, 303 APPENDIX F: UI/GUI AND GAME EVALUATION CHECKLIST, 307 APPENDIX G: RISK ANALYSIS, FMEA, AND BRAINSTORMING, 313 REFERENCES 319 GLOSSARY, 323 INDEX, 329

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information