A Formal Model for A System's Attack Surface
Manadhata, Pratyusa K.; Wing, Jeannette M.
Keyword(s): attack surface; attack surface metric; io automata; security metrics;
Abstract: Practical software security metrics and measurements are essential for secure software development. In this chapter, we introduce the measure of a software system's attack surface as an indicator of the system's security. The larger the attack surface, the more insecure the system. We formalize the notion of a system's attack surface using an I/O automata model of the system and introduce an attack surface metric to measure the attack surface in a systematic manner. Our metric is agnostic to a software system's implementation language and is applicable to systems of all sizes. Software developers can use the metric in multiple phases of the software development process to improve software security. Similarly, software consumers can use the metric in their decision making process to compare alternative software.
Additional Publication Information: Submitted as a book chapter to Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats.
External Posting Date: August 6, 2011 [Fulltext]. Approved for External Publication
Internal Posting Date: August 6, 2011 [Fulltext]