Lecture
Software security definition:

Software that cannot be intentionally subverted or forced to fail. It remains correct and predictable

Isolate, contain, and limit the damage resulting from any failures caused by attack-triggered faults that the software was unable to resist or tolerate, and recover as quickly as possible from those failures.

Safety relevant faults are stochastic/random and security relevant faults are intentionally created

Causes for vulnerable software:

• Lack of motivation/incentives
  
• Lack of Knowledge
  
• Lack of Technology (tools/automation/management)
  

Sources of attacks:

• External
  
• Internal intentional
  
• Internal unintentional
  

Security requirements:

• Fault threat attack trees
  
• Failure to impact analysis (FMEA)
  
• Threat modeling
  
• Misuse cases
  
• Legal requirements
  

System design:

• Prevent (avoid, compartmentalization)
  
• Detect and recover: Transit to safe state and logging
  

Testing: Issues with developer vs attacker bias and concurrency (race conditions and limited resources when upscaling)

Presentation
Only one of the 3 scheduled students showed up and presented:

.NET security:

• A framework for mobile code, windows, windows phone X-Box and OS X, iPhone and PS3 via Mono
  
• Large library of code (Large class library)
  
• Memory management
  
• Role based security: User groups allowed to call functions
  
• Code access security: Code signing and sand-boxing, desktop applications are run as fully trusted and is not affected by CAS