Security in software has become a major concern. Every week we hear of hacks, intrusions and completely avoidable bugs being found in critical software systems, from cars to medical devices, cryptographic products, and the growing list of connected devices we use every day. Governments and regulators have come to realize that the current approaches for developing secure software systems are not working and have promised to intervene.
In addition to the obvious dangers and direct costs associated with software security breaches, organizations and developers face additional risks such as loss of reputation, litigation and liability (even at a personal level) and delay and cost in regulatory approval for their products.
Is your development team ready to meet these challenges?
“Security” in software cuts across all industries – not just traditional regulated applications like rail and avionics. Systems must be developed that can operate in a connected and openly malicious environment and, worse, in an environment where the attackers are smarter than you, and have more time and more money than you. Engineering in such an environment requires a world-class combination of people, languages, tools and processes.
A “Zero Tolerance” Approach to Software Development
History shows that a traditional “test and patch” approach is a first step but only a bandaid solution at best. What’s needed is a lean methodology focused on disciplines that aim to prevent all the defects and vulnerabilities. AdaCore technologies, such as SPARK Pro and CodePeer generate verifiable evidence that the job is done right, beyond the usual “tested it lots”. This approach also reduces risk and cost by reducing dependence on the most expensive activities such as integration test and (ultimately) failure of product in the field.
The Ada programming language has always placed an emphasis on software quality and security by its very design. Our approach takes that further, with the most advanced compilers and verification tools on the market.
Common Weakness Enumeration
“CWE™ is a community-developed list of common software security weaknesses. It serves as a common language, a measuring stick for software security tools, and as a baseline for weakness identification, mitigation, and prevention efforts.” - mitre.org
Through the Ada language and AdaCore tools, a number of the most dangerous SANS Top 25 CWE can be detected and corrected early in the software development cycle before they become active vulnerabilities.
AdaCore Technologies for Cybersecurity
by Roderick Chapman and Yannick Moy
Download this free book that shows how AdaCore tools and technology can help address some of the most serious challenges associated with software and Security.
GNAT Pro Assurance
GNAT Pro Assurance is a complete Ada solution for projects with the most stringent security requirements, geared toward developers of security-critical applications that need to meet domain-specific standards such as DO-326A / ED-202A and DO-356A / ED-203A for airworthiness security.
The solution also helps developers track and mitigate vulnerabilities by providing vulnerability reports and Software Bills of Materials (SBOMs) to be incorporated into customers’ vulnerability management and reporting systems.
SPARK 2014 offers the pre-eminent language design and static verification toolset for secure systems. Based on Ada’s strengths, SPARK adds a design discipline and a suite of static verification tools that prevent most security vulnerabilities once and for all. SPARK is designed to offer verification evidence that can be trusted by you, your customer and your regulator. SPARK can guarantee absence of some of the SANS Top 25 CWE (buffer overflows in particular). Messages related to CWE are specially identified for better review. SPARK can also detect all unintended data flows in your program. SPARK has been assessed by the U.S. National Institute for Standards and Technology (NIST) as being more secure than many other commonly used programming languages.
CodePeer works on full Ada, analyzing every line of code and considering every possible input and every path through the program. The tool can be applied early in the development life-cycle to identify problems when they are much less costly to repair, and can also be used retrospectively on existing code bases to detect latent vulnerabilities. CodePeer can be tuned for usage at various levels, based on whether the priority is on maximizing the number of potential errors that are reported or on minimizing the number of false alarms.
Customer Projects: Security
Smartward has adopted the GNAT Pro development environment, along with several complementary tools to implement a state-of-the-art patient care management system. Ada was chosen as the implementation language because of the benefits in reliability, safety, and security.
Rockwell Collins successfully used SPARK Pro and GNAT Pro High-Security in the development of the SecureOne™ Guard, a high assurance cross domain guard for military tactical systems.
EADS CASA is using the GNAT Pro High-Integrity Edition to implement the data exchange and air-to-ground data links systems for the nEUROn Unmanned Combat Air Vehicle (UCAV) demonstrator.
To develop a robust multi-level security workstation, Secunet Security Networks chose the SPARK Pro development environment. The security station concurrently handles information of different security domains, maintains confidentiality and integrity of all processed data, and enforces Multiple Independent Levels of Security (MILS) on a single hardware platform.