Immunity

Definition

Immunity

the software integrity quality subfactor representing the degree to which the malicious corruption of software by infection (i.e., malicious corruption) by malware (e.g., viruses, worms, Trojan horses, and adware) is properly handled

Objectives

The typical objectives of immunity are to:

• Ensure that security in general (and immunity in particular) properly addresses the harm that can be caused by malicious infection (i.e., malicious corruption) by malware (e.g., viruses, worms, Trojan horses, and adware) of valuable software
• Model the degree to which malicious infection of software is:
  • Prevented
  • Detected
  • Reacted to
  • Adapted to
• Support the analysis and specification of integrity requirements

Measures

Immunity is typically measured in terms of:

• [Number/percentage] of [software components of a given type] that are corrupted [in a given way] [to a given degree] [per unit of time] [when under attack [of a given type] [of a given level of sophistication]]
• [Number/percentage] of attacks [of a given type] [of a given level of sophistication] that [succeed/fail] [per unit of time]
• [Number/percentage] of malicious programs [identified/prevented from causing infection/cured (e.g., removed from infected machine)]

Mechanisms

Typical mechanisms for implementing support for immunity include:

• Commercial-off-the-shelf (COTS) antivirus programs (including scanning, disinfection, repair, and updating of virus definitions)
• Firewalls
• Prohibition of type-unsafe languages (e.g., C) that may allow buffer overflows that contain malicious scripts
• Programming standards (e.g., for ensuring type safety and array bounds checking)
• Prohibition of less safe operating systems

Guidelines

The following guidelines have been found to be useful with regard to immunity:

• Personnel integrity deals with the following security concepts:
  
  

  Security Concept	Value
  Valuable Asset	Software
  Malicious Harm	Unauthorized infection of software
  Security Incident(s)	Software infecting attacks (e.g., virus, work, Trojan horse, logic bomb)
  Threat	Existence of attacker(s) with means and motive to infect software
  Security Risk	Can be low or high depending on the number and types of malicious software programs, the number of motivated attackers and their profiles, the appropriate security countermeasures, and and vulnerabilities that can be exploited by attack