See edit history of this section
Post feedback on this section
- 1. Requirement
- 2. Rationale
- 3. Guidance
- 4. Small Projects
- 5. Resources
- 6. Lessons Learned
- 7. Software Assurance
1. Requirements
3.11.8 The project manager shall identify software requirements for the collection, reporting, and storage of data relating to the detection of adversarial actions.
1.1 Notes
Monitoring of key software observables (e.g., number of failed login attempts, performance changes, internal communication changes) is needed to detect adversarial actions that threaten mission success. When an adversarial action occurs, it should be reported. Raw event data should be further analyzed to determine whether an anomalous event represents an attack and if so, the nature of the attack.
1.2 History
1.3 Applicability Across Classes
Class A B C D E F Applicable?
Key: - Applicable | - Not Applicable
2. Rationale
To provide the capability to monitor key software observables (e.g. number of failed login attempts, performance changes, internal communication changes) to detect adversarial actions that threaten mission success.
3. Guidance
It is important to understand the scope of what it means for software to resist adversity:
- What critical capabilities/services must the software continue to provide despite disruptions?
- What types of adversities can disrupt the delivery of these critical capabilities (i.e., what adverse events and conditions must the software be able to tolerate)?
- What are the types and levels of harm to what assets can cause these disruptions?
See also SWE-154 - Identify Security Risks, SWE-157 - Protect Against Unauthorized Access, Topic 8.04 - Additional Requirements Considerations for Use with Safety-Critical Software.
3.1 Detection of Adversarial Actions PAT-012
Click on the image to preview the file. From the preview, click on Download to obtain a usable copy.
3.2 Additional Guidance
Additional guidance related to this requirement may be found in the following materials in this Handbook:
Related Links |
---|
3.3 Center Process Asset Libraries
SPAN - Software Processes Across NASA
SPAN contains links to Center managed Process Asset Libraries. Consult these Process Asset Libraries (PALs) for Center-specific guidance including processes, forms, checklists, training, and templates related to Software Development. See SPAN in the Software Engineering Community of NEN. Available to NASA only. https://nen.nasa.gov/web/software/wiki 197
See the following link(s) in SPAN for process assets from contributing Centers (NASA Only).
SPAN Links |
---|
4. Small Projects
No additional guidance is available for small projects.
5. Resources
5.1 References
- (SWEREF-197) Software Processes Across NASA (SPAN) web site in NEN SPAN is a compendium of Processes, Procedures, Job Aids, Examples and other recommended best practices.
5.2 Tools
NASA users find this in the Tools Library in the Software Processes Across NASA (SPAN) site of the Software Engineering Community in NEN.
The list is informational only and does not represent an “approved tool list”, nor does it represent an endorsement of any particular tool. The purpose is to provide examples of tools being used across the Agency and to help projects and centers decide what tools to consider.
5.3 Process Asset Templates
(PAT-012 - )
SWE-210, tab 3,
6. Lessons Learned
There are currently no Lessons Learned identified for this requirement.
7. Software Assurance
7.1 Tasking for Software Assurance
1. Confirm that the software requirements exist for collecting, reporting, and storing data relating to the detection of adversarial actions.
7.2 Software Assurance Products.
- SA analysis of software volatility measures over time.
Objective Evidence
- Evidence that confirmation of Task 1. has been completed, including identifying any risks or issues.
- Evidence that confirmation of Task 1. has been completed, including identifying any risks or issues.
7.3 Metrics
- # of requirements specified relating to detection of adversarial actions vs. # of requirements related to detection of adversarial actions actually implemented
See also Topic 8.18 - SA Suggested Metrics.
7.4 Guidance
Confirm that the software requirements include requirements for detecting adversarial actions. This should be done as a part of the software requirements assessment process.
See also 8.04 - Additional Requirements Considerations for Use with Safety-Critical Software.
7.5 Additional Guidance
Additional guidance related to this requirement may be found in the following materials in this Handbook:
0 Comments