Chapter 11
Dependability and Security
11.4 Giving reasons for your answer, suggest which dependability attributes are likely to be most critical for the following systems:
An internet server provided by an ISP with thousands of customers
*Availability would be the critical attribute needed here. With thousands of customers relying on this internet server, the services need to be accessible all day everyday or the customers will leave their provider...attention Comcast.
A computer-controlled scalpel used in keyhole surgery
*Safety is the critical attribute in this situation. This scalpel needs to ensure safety to keep patients safe throughout the procedure. Since we are dealing with a persons life/body- safety is important here.
A directional control system used in a satellite launch vehicle
*I think reliability is most important during a satellite launch. I'm assuming that a satellite launch is very expensive- so you want to use a system that will successfully launch the satellite vehicle into orbit the first time.
An internet-based personal finance management system
*Security is the number one attribute needed in this system. If this financial system is hacked, it can be very costly since it contains a lot of personal financial information.
11.7 In a medical system that is designed to deliver radiation to treat tumors, suggest one hazard that may arise and propose one software feature that may be used to ensure that the identified hazard does not result in an accident.
This medical system might deliver too much radiation to the patient, not only endangering/potentially killing the patient, but also healthcare workers. In this case, I'm considering human error- the wrong amount of radiation was entered into the machine.
One way nurses try to prevent human error is having another nurse check medications/dosages/etc with them before administering. There could be a check in the software where nurses would show the amount of radiation to be administered to another nurse and check that against the doctor's orders, and have that nurse sign off on the radiation machine (enter their Id number/ scan their badge)- that way two sets of eyes have reviewed and confirmed that this is the right dosage.
11.9 Using the MHC-PMS as an example, identify three threats to this system (in addition to threat shown in in Figure 11.8). Suggest controls that might be put in place to reduce the changes of a successful attack based on these threats.
#1 Threats to the confidentiality of the system and its data- so an unauthorized person has gained access to the system by guessing the username and password and now plans to find personal information on a well paid sports star and potentially expose it to the media.
Control: The unauthorized user tries to find personal information on patient, but it is detected and put to a stop. Also if you have a celebrity in the hospital, you can have extra security measures...an alias name, another password to get into patients file, etc.
#2 Threats to the integrity of the system and its data. The unauthorized user has gained access to sports stars' personal file, but there isn't enough "juicy" material. So the unauthorized user adds/deletes/ changes this data, positive that this will make a much better story for the gossip columns.
Control: Software that detects data modification and stops further access while alerting the proper people.
#3 Threats to the availability of the system and its data. Access to patient files is essential when working in a hospital setting. Not being able to access these is a major issue and could potentially harm the patient.
Control: There needs to be a way for the authorized user to get into the system another way...a Plan B...a back-up plan (I'm not sure how realistic that is).
No comments:
Post a Comment