4 - Secure Software Design

Question 1

Attack Vectors

Answer 1

a way for attackers to enter a network or system

Question 2

MQTT Backend vulnerability

Answer 2

It did not require authentication so hackers could get in

Question 3

ABB ChargerSync vulnerability

Answer 3

Bypass of PIN Code Provisioning.
File Access and Data leakage
- Unauthenticated OCPP Access

Question 4

Security By Design

Answer 4

Anticipating malicious behaviour and attacks during the design

Question 5

Dev Life: Requirement Analysis (1)

Answer 5

Find the info to be stored and if it is going to be protected.

Question 6

Dev Life: Design (2)

Answer 6

Consider access control and lock down each entry point

Question 7

Dev Life: Implementation (3)

Answer 7

Set up any new HW or SQ as well as coding new SW.

• Stop gathering requirements and practice secure coding

Question 8

Dev Life: TEsting (4)

Answer 8

Test the security of your app using correct, incorrect and malicious inputs/actions

Question 9

Dev Life: Install and maintain (5/6)

Answer 9

Think about upgrades and software end of life etc

Question 10

How to prevent password cracking?

Answer 10

• Enforce strong passwords
• Force password changes
• Change default passwords
• Stronger auth methods. Certs, challenge/response, smartcard
• Monitor and track password attacks, lock the account after number of attemps
• Rename root, admin etc and protect

Question 11

functions in stack memory

Answer 11

1. return address, stack frame pointer and variables are added to stack
2. return address has a higher address in the buffer

During the buffer overflow the return address is overwritten

Question 12

Shellcode with buffer overflow

Answer 12

Hacker would want to overwrie data with shellcode with a return address pointing to the start of it - the payload.

Question 13

Buffer overflow protections

Answer 13

• Choice of programming languages
• Buffer overflow protection (detect them)
• Address space layout randomisation (randomly arrange locations in mem)
  = Executable space protection (mark mem as non-executable)
• Bounds Checking (check variable size)
• Static code analysis (code scans)

Question 14

Shellcode

Answer 14

Injected code in buffer overflow which can achieve goal for hacker.H

Question 15

Heartbleed attack

Answer 15

Affected OpenSSL (via TLS)

Overread. Hackers could read more data than intended by asking for a return value longer than the test message they sent.

Question 16

XSS Cross Site Scripting

Answer 16

Attacker injects malicious code into web pages to gain info.

PHP, JS, VBScript etc

Question 17

Defence measures for software design

Answer 17

• Consider security in design/requirements
• Secure coding
• Secure environment (OS, network, database)

Question 18

Secure coding best practices

Answer 18

• Conventions
• Safe functions only
• Code analysis
• Data handled safely
• Handle errors
• Manage security risk inherent in the use of 3rd party components
• Testing and validation