Software Configuration Management Improvement and Security - Report Example

?Software configuration management improvement and security School of Computing Sciences, UEA, Norwich. NR4 7TJ. E-mail] Abstract Changes are eminent during the production of a product. It is how we manage those changes is what really matters. Software configuration management helps companies understand how to manage change without compromising on the quality or function of the software. This paper would discuss how to improve the management of change without compromising on the security of institutions. This paper would particularly discuss the research paper of I. Hsin Chou1 and his proposed methods to implement change in a nuclear power plant without compromising on the security of the system. In a nuclear power plant security is given utmost priority. Any lapse in security could have serious consequences. To ensure that there is no lapse in security during the implementation of any change regarding the software of the system some steps, related to security, needs to be included in the system development life cycle. 1. Introduction Software configuration management is the study of managing and tracking changes during the development of software. The main purpose of software configuration management is to provide coordination among individuals working on a change regarding particular software through a series of managerial and technical decisions2. 1.1 Importance of change management Proper change management could help increase the coordination between different departments and employees. Change management also reduces the chances of errors and bugs in a program. The project manager is provided with complete knowledge, from the resources needed to the time of completion that the team needs to complete the change3. 1.2 Importance of tracking change As mentioned before software configuration helps with the management and tracking of the changes in software. It is understandable why there is a need to manage change but why track it. Tracking of change helps keep the project manager informed about the status of the change or what phase is the change going through, providing a general idea about the completion of the software4. 2. Use Of Software Configuration Management to Develop Nuclear Safety Software The difference between the development of commercial software and nuclear safety software is the increase in the risk factors. A fault in the safety system of a nuclear power plant could have dire economic and physical consequences. With so much at risk there is practically no room for error and the authorities responsible must be vigilante and make sure that no errors are left unchecked when it comes to nuclear safety. However safety during the development of nuclear based software has been ignored. 2.1 Problem As mentioned above software configuration helps manage change. The first step to configuration management is identifying the configuration items. Configuration items are the basic structural units of a configuration management system. These configuration items can range from the tools being used to the models being followed. After identifying the configuration items the next step is to bring about the required changes to these configuration items. In most of the cases these configuration items are controlled by the operations department. The software related incidents in nuclear power plants caused the loss of more than 1.6 million MW-hours5. However the use of software and hardware products available in the market can lead to a lapse in the security and would make nuclear power plants an easy target for hackers. A recent attack on Iran’s Nuclear power plant is an example of such attacks. The power plant was attacked by the Stuxnet worm, a bug that hinders the working of the Uranium enriching machine6. From software configuration point of view there are three main threats to the system7. The first threat is from unauthorized users working from outside the system. These personnel are neither employees of the power plant nor are they working with the development team. The main goals of such users are either to obtain restricted information or alter the working of the power plant. The second threat is from authorized users who have privileges. The software configuration management should have the authority to restrict their access and must only be allowed to use the files that they need. The third threat is from individuals who have authorized access but use that access to purposely cause harm to the files of the system. These users might use their privileges to insert viruses and different malicious programs to destroy the software. These types of individuals are highly skilled in their field and usually cover their tracks very well. To secure the system from such attacks certain precautions using some modifications in the software configuration management techniques can be taken. 2.2 phases Phase 1 The first phase is the preparation for the software configuration management. This phase includes different trainings that can be given to employees and the complete environment is created for the start of software configuration management. Two teams should be formed and representatives from each team should be chosen. The first team’s responsibility would be to administer any change in the software and manage that change properly. The second team’s objective would be to record any changes made to the program and must document all changes that are to be made. All tools required for the change management must be provided and an environment must created where there are regular checks made on the working of the software and the changes made to it. Training should be made mandatory for all team members. Phase 2 A separate security team must be established that would be responsible for overseeing the security measures during the phases of software configuration management. The team’s main responsibility would be to analyze the effect the change is going to have on the system and what risks would the company have to take after the implementation of the new change. The team would also asses the vulnerable points during each phase of the system development life cycle. The team would follow the risk analysis and management for critical asset protection usually used for institutions where sensitive information is used or stored. Phase 3 The third phase would focus on the planning and design for the software configuration management. Different processes regarding the planning of software configuration management would be described in this phase. The first process in the planning phase would be to identify all rules and regulation that are needed to be followed while working on a plan. Each team and member would be assigned a responsibility and different tasks that they would be expected to perform. Tasks and activities that would be required for the entire process, the tools, manpower and the departments that would have to coordinate among themselves would be defined as well. This phase would also cover the items required for analyzing the security of the system. When talking about the safety program of a nuclear power plant one usually tends to think of safety procedures provided by the administration of the plant to the employees. However in terms of software configuration management security is concerned with the safety of the data and of the system controlling the power plant. Phase 4 This phase is concerned with baselines and their maintenance. A baseline is like a reference point that is used in the system development life cycle. A baseline provides an idea of how much progress has been made regarding the completion of the project8. First the baselines for the project will be created and a storage space for these baselines will also be defined. A report must be created regarding the storage space of the baselines which defines the procedures and methods that are going to be used to create the storage space. The report would be evaluated to make sure that the creation of the report is according to the requirement. The baseline storage space will function as an archive which will help in all stages of the software development life cycle. Consultation of with the security team regarding the creation of the baseline would be very important. The security team would make sure there are no lapses when it comes to the storage space for baselines. Phase 5 This phase is the most important phase regarding the software configuration management. Any change must be reported to the two teams, mentioned in the first phase. The teams must perform the necessary checks to change and monitor their effect on the system. Specialists can be hired from outside the system to get a second opinion on the change made. The resulting status of the approval of change would be then forwarded to the team leaders. A proper report of the change must be created which must include all methods that were used to obtain the results of the report. If the change is related to the security of the system then a separate report must be formed by the management teams and the security team. Once the change has been approved the developers must be provided information regarding the change that has to be made. Then the final product provided by the developers must be analyzed by all teams to ensure that the resulting software fulfils the requirements approved and is not vulnerable to any attacks from within or outside the system. Phase 6 This phase is concerned with the security evaluation of the change made. The security team would work with the teams responsible for managing change and would test the change from every aspect for the possibility of an attack. The team should carry out an impact analysis of the system and if required the evaluation of the code can also be carried out. Impact analysis basically helps figure out how a particular change would affect the system overall9 and code evaluation would help out in locating malicious pieces of codes that might have been entered along with the code for the change10. To help the security teams carry out their evaluation and find vulnerabilities in the system, they should be provided with static analysis tools. Static analysis provides the short term results of a change brought on to the system11. The security team would now check if the security specifications of the end product meet the security specifications provided in the designs. They would be required to check the code and match the designs with the actual product. The security teams would also oversee the integration testing and the factory acceptance test. Phase 7 Tasks related to the audit and accounting will be dealt with in this phase. The first task would be the physical configuration audit. The physical configuration audit compares the product with its specifications on paper12. The software configuration management team must ensure that all tools and items required must be present in the baseline. The team must also ensure that items and tools match the requirement. The versions and their function are up to the task. The team would also be responsible for ensuring that the actual products match the products specified in the baseline. The second step would be the functional configuration audit. Functional configuration audit is basically the examination of each item on the configuration list and making sure that it meets the requirement of the baseline13. The functional configuration audit would be to give a confirmation that the items mentioned in the baseline have in fact been tested and are working properly. The functional configuration audit and physical configuration audit is a written guarantee provided by the developers to the user or organization that the product is ready and can be used for its intended purposes. The software configuration teams would also produce a report on a regular basis to keep the software configuration management team informed about any updates and if any defects are found in the change. The security team needs to make sure that the software configuration team has carried out security related tests on the product. 3. Summary In most cases, software engineers are not aware of the vulnerability of software because they rarely deal with security and do not consider it to be an important factor during the development of software. With the modernization of every department in every organization around the world, security should be given utmost priority. Lapses in the security have caused companies millions in the past and some modifications in the software configuration methods can help prevent such losses. Bibliography AEC. "Nuclear power plants low level radioactive waste storage status." Atomic Energy Council (AEC). January 2013. http://gamma1.aec.gov.tw/fcma/english/waste_2.asp (accessed March 16, 2013). Atluri, V., and C. Diaz. Computer Security – ESORICS 2011. New York: Springer, 2011. Berczuk, Stephen P., and B. Appleton. Software Configuration Management Patterns: Effective Teamwork, Practical Integration. Boston: Addison-Wesley Professional, 2003. Chou, I.H. "Secure Software Configuration Management Processes for nuclear safety." Annals of Nuclear Energy 38, no. 10 (2010): 2174-2179. Conradi, R. Software Configuration Management. New York: Springer, 1997. Daughtrey, Taz. Fundamental Concepts for the Software Quality Engineer. Milwaukee: ASQ Quality Press, 2002. Maledevic, I. Stuxnet was Sabotaging Iran’s Nuclear Plant a Year Earlier than Assumed. February 27, 2013. http://topnews.us/content/253592-stuxnet-was-sabotaging-iran-s-nuclear-plant-year-earlier-assumed (accessed March 16, 2013). Mall, R. Fundamentals of Software Engineering. New Delhi: PHI Learning, 2009. Mette, Hass Anne J. Guide to Advanced Software Testing. Norwood: Artech House, 2008. O'Regan, G. Introduction to Software Process Improvement. New York: Springer, 2011. Pfleeger, Charles P., and Shari L. Pfleeger. Security in Computing. New Jersey: Prentice Hall Professional, 2003. Tsui, Frank F. Managing Software Projects. London: Jones & Bartlett Learning, 2004. Westfall, L. The Certified Software Quality Engineer Handbook. Milwaukee: ASQ Quality Press, 2009. Read More