The strategies compiled in a new U.S. National Institute of Standards and Technology (NIST) publication can lead to software with 100 times fewer vulnerabilities, according to computer scientists at the agency. They recommend coders adopt the approaches in the 60-page document, NIST Interagency Report (NISTIR 8151: Dramatically Reducing Software Vulnerabilities.
The report is an official response to a request for methods from the White House's Office of Science and Technology Policy. NIST's Paul E. Black and colleagues compiled the ideas while working with software assurance experts from private companies in the computer industry as well as several federal government agencies that generate a lot of code, including the U.S. Department of Defense and the National Aeronautics and Space Administration.
The approaches include using math-based tools to verify the code will work properly, breaking up a computer's programs into modules so that the program does not crash if one part fails, connecting analysis tools for code that currently operates in isolation, using appropriate programming languages for the task that the code attempts to execute, and developing evolving and changing tactics for protecting code that is the target of cyberattacks.
From National Institute of Standards and Technology
View Full Article
Abstracts Copyright © 2016 Information Inc., Bethesda, Maryland, USA
No entries found