URI: P.A.HP-iT.5
Package: Network
< prev | next >
Description: Software bug crashes Process: a software bug in process Process causes it to crash, compromising availability.
Threat Type: Primary Threat
Matching Pattern:
Finds a non-trivial Process and its Host, and optionally the host manager and the interactive user of the process.
(empty)
Unavailable process Process cannot create stored copy of Data on Host: if process Process is not available, then it cannot create a local stored copy of Data on Host, so that copy will not be available.
Unavailable process Process cannot update stored copy of Data: if process Process is not available, then it cannot update a local stored copy of Data on Host, which will become out of date.
CSG-AutomatedProcessFaultRecovery
Faulty instances of the process Process can be detected by monitoring, halted, and a replacement provisioned automatically.
CSG-BugFixingAtHost
Use a systematic procedure for regular updating of software used (including hosted processes) on device Host, and have a contingency plan included in the system operating policies and practices for HostManager to manually apply updates immediately should the need for them become urgent.
CSG-BugFixingAtHost-Implementation
Represents a situation in which software patches have been applied manually by HostManager to address functional bugs in device Host. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. Note that this should only be considered if a suitable software patch is available. To implement this at runtime, signal the responsible user HostManager. Then deselect the SoftwarePatched control and restore the asserted Intrinsic TWL of Host once the update has been confirmed.
CSG-ManagerProcessFaultRecovery
The process Process is monitored for reliability and availability, and if problems are found, the manager HostManager of its host device Host can take corrective action while waiting for updated software. This strategy represents a contingency plan included in the operating policies and practices if certain threats should arise, e.g. to roll back software to an older but more reliable version.
CSG-ManagerProcessFaultRecovery-Implementation-Runtime
The process Process was found to have reliability or availability issues, and action has been taken by the manager HostManager of its host device to correct the problem. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. To implement the plan at runtime, signal HostManager that the problem was detected with Process.
CSG-SoftwareTestingOfProcess
The software for process Process has been independently tested and verified to meet functional requirements. The process is therefore unlikely to contain bugs that cause a malfunction. This does not prevent bugs that are present from causing problems, so this is a prior mitigation only which is ignored in current (run-time) risk calculations.