11.4 – Giving reasons for your
answer, suggest which dependability attributes are likely to be most
critical for the following systems:
An Internet server provided by an ISP
with thousands of customers – Availability and reliability so that
the thousands of customers can get the services they pay for.
A computer-controlled scalpel used in
keyhole surgery – Safety, reliability, and security so that when
the scalpel does perform, it does so correctly and does not cause
damage. Security is involved in this so that the system is not
compromised and used to murder patients.
A directional control system used in
satellite launch vehicle – Availability, reliability, and security
are paramount. This is so that the satellite can be moved out of the
way of debris at any time without worrying about malfunctions, and
security so that it isn't used for terrorist purposes.
An Internet-based personal finance
management system – Security and reliability are the most
important. The finances should not be compromised at any cost, and
accidents involving the finances should not occur.
11.7 – In a medical system that is
designed to deliver radiation to treat tumors, suggest one hazard
that may arise and propose one software feature that may be used to
ensure that the identified hazard does not result in an accident.
An example of a hazard in this
situation is that the sensor that measure how much radiation is to be
released may stop working. In this situation the software should not
allow the treatment to proceed until it is fixed.
11.9 – Using the MHC-PMS as an
example, identify three threats to this system (in addition to the
threat shown in Figure 11.8). Suggest controls that might be put in
place to reduce the chances of a successful attack based on these
threats.
An unauthorized user will gain access to
the system by infecting an access terminal and stealing login
credentials.
An unauthorized user will harass and
clog the system in an attempt to cause a denial of service.
An unauthorized user will bypass login
terminals and inject malicious software into servers in order to
change or steal confidential information.
No comments:
Post a Comment