CERT-SEI

Mobile Standards and Analysis

The Mobile Standards and Analysis research extends CERT Secure Coding Standards and our software analysis (SCALe) research and development to mobile platforms, including Android, iOS (iPhone and iPad), and Windows Phone 8. Most of our work so far has been for the Android platform.

Android

Mobile Standards and Analysis research began with a focus on the Android platform, because it dominates the worldwide smartphone market. Our approach includes research and development of secure coding rules and guidelines for Android apps, plus research and development of compliance-checkers with respect to secure coding rules and guidelines.

Our team is currently enhancing an Android app set analyzer we developed that looks for taint flows, where a data source is sensitive, and a dataflow containing it can reach a sink. The research challenge we focus on is to develop an analysis to determine taint flow endpoints with the following (sometimes conflicting) goals in mind: precision, soundness, speed, and conservation of memory/disk space.

As part of the work on the taint flow checker, we designed and implemented a novel taint flow analyzer for sets of apps. It combines and augments the existing Android dataflow analyses of FlowDroid (which analyzes for intra-component taint flows) and Epicc (which analyzes inter-component intent communication) to track both inter-component and intra-component dataflow in a set of Android applications. The two phases of the analysis are

  1. Given a set of applications, we determine the data flows enabled individually by each application and the conditions under which these are possible.
  2. We then build on these results to enumerate the potentially dangerous data flows enabled by the set of applications as a whole.

Our paper, Android Taint Flow Analysis for App Sets, in the SOAP 2014 workshop, describes our analysis method, implementation, and experimental results. The analysis method is described in extended detail in Amar Bhosale's Master's thesis, Precise Static Analysis of Taint Flow for Android Application Sets. Our taint flow analyzer prototype for static analysis of sets of Android apps, DidFail (Droid Intent Data flow Analysis for Information Leakage), was completed in March 2014. Our team is continuing to do research and development with this analyzer with a special focus on methods to efficiently increase precision.

We are continuing to develop and improve the Android app set taint flow checker; if you are interested, please contact us for more information.

Some characteristics of the Android operating system and apps are listed below. These and many additional characteristics of this mobile platform must be considered to securely code for the platform.

  • Linux-based operating system (written in C)
  • Apps are written in Java using Android software development kit (SDK)
  • Apps may be written in C or C++ using the Android Native Development Kit (NDK)

iOS (iPhone and iPad)

We were recently awarded a grant for a new research project for iOS that will start in Fall 2014. In this research project, we will extend our mobile platform work to iOS by developing additional analysis for the static analyzer associated with Clang to check for violations of a prioritized list of secure coding rules. Clang has been integrated into Apple's XCode IDE, which is the primary tool for developing software for iOS and OS X. Catching rule violations early would prevent these errors from propagating throughout the code base and would allow developers to learn secure coding techniques while programming. New checkers would be submitted into the main trunk of Clang and integrated into XCode (as well as any other IDEs that support Clang integration) improving software security for all developers who use Clang.

Separately from that funded project, in the future we also would like to develop more analyses against unchecked guidelines in The CERT Oracle Secure Coding Standard for Java and integrate many of these analyses into Eclipse and/or Oracle JDeveloper so that analysis results would be immediately available to Android platform developers.

We are poised to expand this research; if you are interested, please contact us for more information.

Some characteristics of the iOS (iPhone and iPad) operating system and its apps are listed below. These and many additional characteristics of this mobile platform must be considered to create securely coded apps for it.

  • Objective-C
  • iOS

Windows Phone 8

We've proposed a new research project for Windows Phone 8 and are poised to begin if possible. In this research project, we would extend our mobile platform work to Windows 8 mobile devices, with an initial focus on secure development of Windows 8 mobile device development in C#/XAML and JavaScript/HTML5.

The outcome of this project would be a vetted set of secure coding rules and guidelines on the CERT Secure Coding Wiki for development of Windows 8 mobile device apps in two coding standards: C#/XAML and JavaScript/HTML5. By helping developers securely develop these types of Windows Store apps, our project would increase Windows 8 smartphone security, which advances our overall goal of making mobile software more secure. Moreover, many of the secure coding standards this project would develop for the Windows smartphone platform would be useful for a wide range of Microsoft Windows 8 devices, and for the large group of additional platforms and software that use C#/XAML and JavaScript/HTML5.

Potential collaborators and others interested in Windows Phone 8 secure coding research projects are invited to contact us.

Some characteristics of the Windows Phone 8 operating system and its apps are listed below. These and many additional characteristics of this mobile platform must be considered to securely code for it.

  • Five different application models for building Windows mobile device apps, which use different language combinations:
    • JavaScript and HTML5
    • C# and Extensible Application Markup Language (XAML)
    • Microsoft Visual Basic and XAML
    • Visual C++ component extensions (C++/CS) and XAML
    • C++/CX and Microsoft DirectX
  • Microsoft .NET Framework