return to ICG Spaces home    ICG Risk Blog    discussions    newsletters    login    

ICG Risk Blog - [ Risk amelioration for software creation, subversion, and diversion ]

Risk amelioration for software creation, subversion, and diversion


Software design for weapons systems -- who does it, where do they do it, what tools do they use under what design rigor -- is a consistent concern in our supply chain infrastructure risk assessment.

With the Telrad (Israeli) penetration of the White House phone system never far from mind, the presence of foreign contractors in the F-35 Joint Strike Fighter aircraft is a concern and the prime's (Lockheed Martin) contention that "98 percent of the F-35's software was "U.S.-sourced" and two percent came from abroad" offers no solace when a few lines of malicious code can prejudice aircraft stability, avionics, or weapons.

What good does it do to have an aircraft that can turn sideways on a dime if someone can turn off its fly-by-wire system. It would be the singular software trapdoor of a future air superiority engagement. Were I a bad guy, it would rank high on my penetration list.

An excellent, and highly recommended, article on inappropriateness of Linux (along with Windows and Solaris) for "control systems for tanks, bombs, missiles and defense aircraft" drew my attention as one of its salient charges is that Linux contains "many elements of unknown origin," and that just a few lines of subversive code could "cause a major malfunction." What goes for operating systems goes for suppliers.

"Software subversion," in which adversaries add a few lines of code that can cause a major system to malfunction, is a concern of security experts... In such applications, developers need to use "high-assurance" operating systems with the smarts to prove that subverting code doesn't exist. Linux is not one of them."

As an aside, the "many eyes" concept of open-source development and peer review is not sufficient for national security apps as a "subtle flaw could be included in the system and missed by all those eyes, because they may not have the training or motivation to look for the right problems." (Remember that an attempt to deliberately add a security flaw to Linux was only recently averted and both the Unix and Linux kernels have had serious flaws.) A forthcoming independent security report will show that ""Linux is worse" [than Microsoft software] with about 10% more flaws uncovered."

With a history of diverting US technology, Israel recently joined the eight JSF full partner countries as a lower "security cooperation participant" (SCP).  As late as mid-2002, the US was still resisting Israeli participation requests due to concern that classified technology might be leaked to unfriendly countries, notably the PRC. 

"Unlike the other full partners, Israel will not be able to impact JSF requirements or have a presence in the JSF program office. However, Israeli industry will be able to compete for SDD [system development and demonstration] work on the JSF like the other full partners."

While the researchers' Congressional testimony focused on software, their comment that the programming community must "get past issues of cost, corporate politics and technological "religion" when dealing with matters of national security" has wide applicability:

"The problem occurs when a vendor decides to adopt software because of cost or because of familiarity to their current programmers," he said. "They end up making a decision that involves risk, and they don't have the appropriate background to make that decision."

That should apply to every vendor across the JSF supply chain. It is no longer enough to deal with direct cost, time, and delivery/availability risk. The risk amelioration for creation is not enough to address the risks of subversion and diversion. Yes, there will be an added direct cost to dealing with these longer range risks, but we forego it at our peril.

Linux: unfit for national security?
By Charles J. Murray, EE Times
April 19, 2004 (11:29 AM EDT)

U.S. lawmakers to weigh Pentagon's foreign-software use
Reuters, 01.08.04, 2:15 PM ET
By Jim Wolf

FBI Probes Espionage at Clinton White House - suspected telecommunications espionage

by J. Michael Waller,  Paul M. Rodriguez

Insight on the News

May 29, 2000

Original scrolled off


Gordon Housworth

Cybersecurity Public  InfoT Public  Strategic Risk Public  


  discuss this article

<<  |  May 2020  |  >>
view our rss feed