How to defuse vulnerabilities at their roots
Threats have humans as an initiating factor. Either a malicious programmer or a programmer with good intention who makes a mistake is enough to initiate the exploitation cycle.
A bug which can affect the security of a system is the trigger point of an attack which is waiting for a perpetrator to uncover it and make your system vulnerable. And yes, there is a way to minimize the number of bugs in a system. Either purposefully or by error, formally verified designs are bug free.
Formal verification is the process of examining whether a design does exactly what it was indented to do, nothing more and nothing else and it is uses mathematical models to achieve that. As a side note any methodology which has mathematics as its foundation is inherently solid.
So why aren’t designs being formally verified?
Well formal verification is a very time consuming and expensive procedure which makes it very unattractive in terms of profit for corporations who design systems. In fact just a very small percentage ranging from 1-2% of systems worldwide, at the time of writing this article, use formal verification to ensure the correctness of their systems and as you probably guessed these are government agencies, safety critical systems like for example, nuclear reactors and airspace navigation systems.
But when do bugs become dangerous?
There are two main types of bugs; the ones that are known and the ones that are unknown also called zero days.
Bugs become dangerous based on the factor of who discovers them.
If the bugs are found by someone with good intentions then this is good news. The designers of the system are creating patches which are corrections in the code in order to eliminate these vulnerabilities. These patches translate into updates for you as a user (home or corporate). Thus, anyone who patches their systems with updates is protected against those bugs.
When the bugs are not discovered by the creators of a system or someone who has good intentions, meaning that user is reporting back to them about the bug he / she found it is much harder to protect against. Due to the lack of information, there is no patch to apply thus, the results of such bugs are extremely destructive. You might have heard of the term “zero days”. This term refers to exactly that type of bug. Attacks can be initiated without warning in terms of time or type so that you are caught unprepared for them and in turn have no way to defend yourself by means of traditional updates. This does not mean though that you are helpless. In such a case a technique called compensating control is used in order to avoid the compromising of your system. Compensating control refers to all alternative methodologies used to diffuse zero days.
If you want to know what that factor is at the system level that makes cyber attacks possible read my article “The root to your security problem” here
Formal verification should always be part of any process. So true.