In engineering , a requirement is a condition that must be satisfied for the output of a work effort to be acceptable. It is an explicit, objective, clear and often quantitative description of a condition to be satisfied by a material, design, product, or service.
104-648: A specification or spec is a set of requirements that is typically used by developers in the design stage of product development and by testers in their verification process. With iterative and incremental development such as agile software development , requirements are developed in parallel with design and implementation. With the waterfall model , requirements are completed before design or implementation start. Requirements are used in many engineering fields including engineering design , system engineering , software engineering , enterprise engineering , product development , and process optimization. Requirement
208-660: A RAND Corporation task force report published under DARPA sponsorship by J.P. Anderson and D.J. Edwards in 1970. While initially targeting the computer vision domain, backdoor attacks have expanded to encompass various other domains, including text, audio, ML-based computer-aided design, and ML-based wireless signal classification. Additionally, vulnerabilities in backdoors have been demonstrated in deep generative models , reinforcement learning (e.g., AI GO), and deep graph models. These broad-ranging potential risks have prompted concerns from national security agencies regarding their potentially disastrous consequences. A backdoor in
312-589: A bill of materials . This type of specification is a collaborative effort between a specification writer and a quantity surveyor . This approach is unusual in North America, where each bidder performs a quantity survey on the basis of both drawings and specifications. In many countries on the European continent, content that might be described as "specifications" in the United States are covered under
416-412: A functional specification (also, functional spec or specs or functional specifications document (FSD) ) is the set of documentation that describes the behavior of a computer program or larger software system . The documentation typically describes various inputs that can be provided to the software system and how the system responds to those inputs. Web services specifications are often under
520-577: A standard which is often referenced by a contract or procurement document, or an otherwise agreed upon set of requirements (though still often used in the singular). In any case, it provides the necessary details about the specific requirements. Standards for specifications may be provided by government agencies, standards organizations ( SAE , AWS , NIST , ASTM , ISO / IEC , CEN / CENELEC , DoD , etc.), trade associations , corporations , and others. A memorandum published by William J. Perry , U.S. Defense Secretary , on 29 June 1994 announced that
624-677: A "Structured Product Label" which drug manufacturers must by mandate use to submit electronically the information on a drug label. Recently, the ISO has made some progress in the area of food and drug standards and formal specifications for data about regulated substances through the publication of ISO 11238. In many contexts, particularly software, specifications are needed to avoid errors due to lack of compatibility, for instance, in interoperability issues. For instance, when two applications share Unicode data, but use different normal forms or use them incorrectly, in an incompatible way or without sharing
728-691: A backdoor was discovered in certain Samsung Android products, like the Galaxy devices. The Samsung proprietary Android versions are fitted with a backdoor that provides remote access to the data stored on the device. In particular, the Samsung Android software that is in charge of handling the communications with the modem, using the Samsung IPC protocol, implements a class of requests known as remote file server (RFS) commands, that allows
832-423: A backdoor. Although some are secretly installed, other backdoors are deliberate and widely known. These kinds of backdoors have "legitimate" uses such as providing the manufacturer with a way to restore user passwords. Many systems that store information within the cloud fail to create accurate security measures. If many systems are connected within the cloud , hackers can gain access to all other platforms through
936-563: A combination of the two. The theory of asymmetric backdoors is part of a larger field now called cryptovirology . Notably, NSA inserted a kleptographic backdoor into the Dual EC DRBG standard. There exists an experimental asymmetric backdoor in RSA key generation. This OpenSSL RSA backdoor, designed by Young and Yung, utilizes a twisted pair of elliptic curves, and has been made available. A sophisticated form of black box backdoor
1040-444: A covert backdoor becomes unveiled. Even direct admissions of responsibility must be scrutinized carefully if the confessing party is beholden to other powerful interests. Many computer worms , such as Sobig and Mydoom , install a backdoor on the affected computer (generally a PC on broadband running Microsoft Windows and Microsoft Outlook ). Such backdoors appear to be installed so that spammers can send junk e-mail from
1144-435: A covert rootkit running in the photomask etching equipment could enact this discrepancy unbeknown to the photomask manufacturer, either, and by such means, one backdoor potentially leads to another. In general terms, the long dependency-chains in the modern, highly specialized technological economy and innumerable human-elements process control-points make it difficult to conclusively pinpoint responsibility at such time as
SECTION 10
#17327877356151248-411: A high-level, and elaborating detail on a just-in-time or last responsible moment basis. Requirements are usually written as a means for communication between the different stakeholders. This means that the requirements should be easy to understand both for normal users and for developers. One common way to document a requirement is stating what the system must do. Example: 'The contractor must deliver
1352-411: A login system might take the form of a hard coded user and password combination which gives access to the system. An example of this sort of backdoor was used as a plot device in the 1983 film WarGames , in which the architect of the " WOPR " computer system had inserted a hardcoded password-less account which gave the user access to the system, and to undocumented parts of the system (in particular,
1456-402: A major investment has been made in actually implementing the design. An alternative approach is to use provably correct refinement steps to transform a specification into a design, and ultimately into an actual implementation, that is correct by construction. In (hardware, software, or enterprise) systems development, an architectural specification is the set of documentation that describes
1560-463: A material, design, product, or service. A specification is often a type of technical standard . There are different types of technical or engineering specifications (specs), and the term is used differently in different technical contexts. They often refer to particular documents, and/or particular information within them. The word specification is broadly defined as "to state explicitly or in detail" or "to be specific". A requirement specification
1664-639: A minimum set of interoperability specification, errors and data loss can result. For example, Mac OS X has many components that prefer or require only decomposed characters (thus decomposed-only Unicode encoded with UTF-8 is also known as "UTF8-MAC"). In one specific instance, the combination of OS X errors handling composed characters, and the samba file- and printer-sharing software (which replaces decomposed letters with composed ones when copying file names), has led to confusing and data-destroying interoperability problems. Applications may avoid such errors by preserving input code points, and normalizing them to only
1768-536: A modified version of the Unix C compiler that would put an invisible backdoor in the Unix login command when it noticed that the login program was being compiled, and would also add this feature undetectably to future compiler versions upon their compilation as well. As the compiler itself was a compiled program, users would be extremely unlikely to notice the machine code instructions that performed these tasks. (Because of
1872-494: A move to "greater use of performance and commercial specifications and standards" was to be introduced, which Perry saw as "one of the most important actions that [the Department of Defense] should take" at that time. The following British standards apply to specifications: A design/product specification does not necessarily prove a product to be correct or useful in every context. An item might be verified to comply with
1976-468: A number of cloak and dagger considerations that come into play when apportioning responsibility. Covert backdoors sometimes masquerade as inadvertent defects (bugs) for reasons of plausible deniability . In some cases, these might begin life as an actual bug (inadvertent error), which, once discovered are then deliberately left unfixed and undisclosed, whether by a rogue employee for personal advantage, or with C-level executive awareness and oversight. It
2080-406: A part of the standard library and compiles it. After that, every program compiled by that Delphi installation will contain the virus. An attack that propagates by building its own Trojan horse can be especially hard to discover. It resulted in many software vendors releasing infected executables without realizing it, sometimes claiming false positives. After all, the executable was not tampered with,
2184-399: A product requirement. For example, a maximum development cost requirement (a process requirement) may be imposed to help achieve a maximum sales price requirement (a product requirement); a requirement that the product be maintainable (a product requirement) often is addressed by imposing requirements to follow particular development styles (e.g., object-oriented programming ), style-guides, or
SECTION 20
#17327877356152288-425: A requirement is: This definition is based on IEEE 610.12-1990: IEEE Standard Glossary of Software Engineering Terminology. Requirements can be said to relate to two fields: Product and process requirements are closely linked; a product requirement could be said to specify the automation required to support a process requirement while a process requirement could be said to specify the activities required to support
2392-616: A review/inspection process (process requirements). Requirements are typically classified into types produced at different stages in a development progression, with the taxonomy depending on the overall model being used. For example, the following scheme was devised by the International Institute of Business Analysis in their Business Analysis Body of Knowledge (see also FURPS and Types of requirements ). The characteristics of good requirements are variously stated by different writers, with each writer generally emphasizing
2496-419: A series of automated acceptance tests . Scope creep may occur from requirements moving over time. In Requirements management the alteration of requirements is allowed but if not adequately tracked or preceding steps (business goals then user requirements) are not throttled by additional oversight or handled as a cost and potential program failure, then requirements changes are easy and likely to happen. It
2600-551: A specific list of products, or "open" allowing for substitutions made by the constructor. Most construction specifications are a combination of performance-based and proprietary types, naming acceptable manufacturers and products while also specifying certain standards and design criteria that must be met. While North American specifications are usually restricted to broad descriptions of the work, European ones and Civil work can include actual work quantities, including such things as area of drywall to be built in square meters, like
2704-494: A specific material type (concrete) or a work product (steel door) of the construction work. A specific material may be covered in several locations, depending on the work result: stainless steel (for example) can be covered as a sheet material used in flashing and sheet Metal in division 07; it can be part of a finished product, such as a handrail, covered in division 05; or it can be a component of building hardware, covered in division 08. The original listing of specification divisions
2808-402: A specification or stamped with a specification number: this does not, by itself, indicate that the item is fit for other, non-validated uses. The people who use the item ( engineers , trade unions , etc.) or specify the item ( building codes , government, industry, etc.) have the responsibility to consider the choice of available specifications, specify the correct one, enforce compliance, and use
2912-489: A system has been compromised with a backdoor or Trojan horse, such as the Trusting Trust compiler, it is very hard for the "rightful" user to regain control of the system – typically one should rebuild a clean system and transfer data (but not executables) over. However, several practical weaknesses in the Trusting Trust scheme have been suggested. For example, a sufficiently motivated user could painstakingly review
3016-416: A variant where the system initialization code is modified to insert a backdoor during booting , as this is complex and poorly understood, and call it an "initialization trapdoor"; this is now known as a boot sector virus . This attack was then actually implemented by Ken Thompson , and popularized in his Turing Award acceptance speech in 1983, "Reflections on Trusting Trust", which points out that trust
3120-497: A video game-like simulation mode and direct interaction with the artificial intelligence ). Although the number of backdoors in systems using proprietary software (software whose source code is not publicly available) is not widely credited, they are nevertheless frequently exposed. Programmers have even succeeded in secretly installing large amounts of benign code as Easter eggs in programs, although such cases may involve official forbearance, if not actual permission. There are
3224-415: Is a compiler backdoor , where not only is a compiler subverted—to insert a backdoor in some other program, such as a login program—but it is further modified to detect when it is compiling itself and then inserts both the backdoor insertion code (targeting the other program) and the code-modifying self-compilation, like the mechanism through which retroviruses infect their host. This can be done by modifying
Requirement - Misplaced Pages Continue
3328-460: Is a mathematical description of software or hardware that may be used to develop an implementation . It describes what the system should do, not (necessarily) how the system should do it. Given such a specification, it is possible to use formal verification techniques to demonstrate that a candidate system design is correct with respect to that specification. This has the advantage that incorrect candidate system designs can be revised before
3432-412: Is a documented requirement , or set of documented requirements, to be satisfied by a given material, design, product, service, etc. It is a common early part of engineering design and product development processes in many fields. A functional specification is a kind of requirement specification, and may show functional block diagrams. A design or product specification describes the features of
3536-553: Is a process for dealing with observations that are out-of-specification. The United States Food and Drug Administration has published a non-binding recommendation that addresses just this point. At the present time, much of the information and regulations concerning food and food products remain in a form which makes it difficult to apply automated information processing, storage and transmission methods and techniques. Data systems that can process, store and transfer information about food and food products need formal specifications for
3640-566: Is a relatively broad concept that can describe any necessary or desired function, attribute, capability, characteristic, or quality of a system for it to have value and utility to a customer, organization, user, or other stakeholder. The term requirement has been in use in the software engineering community since at least the 1960s. According to the Guide to the Business Analysis Body of Knowledge® version 2 from IIBA (BABOK),
3744-695: Is a typically covert method of bypassing normal authentication or encryption in a computer, product, embedded device (e.g. a home router ), or its embodiment (e.g. part of a cryptosystem , algorithm , chipset , or even a "homunculus computer"—a tiny computer-within-a-computer such as that found in Intel's AMT technology ). Backdoors are most often used for securing remote access to a computer, or obtaining access to plaintext in cryptosystems. From there it may be used to gain access to privileged information like passwords, corrupt or delete data on hard drives, or transfer information within autoschediastic networks. In
3848-456: Is also possible for an entirely above-board corporation's technology base to be covertly and untraceably tainted by external agents (hackers), though this level of sophistication is thought to exist mainly at the level of nation state actors. For example, if a photomask obtained from a photomask supplier differs in a few gates from its photomask specification, a chip manufacturer would be hard-pressed to detect this if otherwise functionally silent;
3952-566: Is by test. If this is not the case, another verification method should be used instead (e.g. analysis, demonstration, inspection, or review of design). Certain requirements, by their very structure, are not verifiable. These include requirements that say the system must never or always exhibit a particular property. Proper testing of these requirements would require an infinite testing cycle. Such requirements must be rewritten to be verifiable. As stated above all requirements must be verifiable. Non-functional requirements, which are unverifiable at
4056-415: Is common for one organization to refer to ( reference , call out , cite ) the standards of another. Voluntary standards may become mandatory if adopted by a government or business contract. In engineering , manufacturing , and business , it is vital for suppliers , purchasers , and users of materials, products, or services to understand and agree upon all requirements. A specification may refer to
4160-560: Is currently less fruitful and not yet put forward as an urgent agenda due to the tight restrictions of regional or national constitution. Specifications and other standards can be externally imposed as discussed above, but also internal manufacturing and quality specifications. These exist not only for the food or pharmaceutical product but also for the processing machinery , quality processes, packaging , logistics ( cold chain ), etc. and are exemplified by ISO 14134 and ISO 15609. The converse of explicit statement of specifications
4264-476: Is easy for requirement changes to occur faster than developers are able to produce work, and the effort to go backwards as a result. There are multiple taxonomies for requirements depending on which framework one is operating under. (For example, the stated standards of IEEE, vice IIBA or U.S. DoD approaches). Differing language and processes in different venues or casual speech can cause confusion and deviation from desired process. A process being run by humans
Requirement - Misplaced Pages Continue
4368-557: Is much harder to inspect, as it is designed to be machine-readable, not human-readable. These backdoors can be inserted either directly in the on-disk object code, or inserted at some point during compilation, assembly linking, or loading—in the latter case the backdoor never appears on disk, only in memory. Object code backdoors are difficult to detect by inspection of the object code, but are easily detected by simply checking for changes (differences), notably in length or in checksum, and in some cases can be detected or analyzed by disassembling
4472-414: Is not covered by the above standards , it can be evaluated by the additional source of pharmacopoeias from other nations, from industrial specifications, or from a standardized formulary such as A similar approach is adopted by the food manufacturing, of which Codex Alimentarius ranks the highest standards, followed by regional and national standards. The coverage of food and drug standards by ISO
4576-486: Is often verified by analysis at the system level. Avionics software with its complicated safety requirements must follow the DO-178B development process. Activities that lead to the derivation of the system or software requirements. Requirements engineering may involve a feasibility study or a conceptual analysis phase of the project and requirements elicitation (gathering, understanding, reviewing, and articulating
4680-535: Is owned by the Royal Institute of British Architects (RIBA) through their commercial group RIBA Enterprises (RIBAe). NBS master specifications provide content that is broad and comprehensive, and delivered using software functionality that enables specifiers to customize the content to suit the needs of the project and to keep up to date. UK project specification types fall into two main categories prescriptive and performance. Prescriptive specifications define
4784-431: Is relative, and the only software one can truly trust is code where every step of the bootstrapping has been inspected. This backdoor mechanism is based on the fact that people only review source (human-written) code, and not compiled machine code ( object code ). A program called a compiler is used to create the second from the first, and the compiler is usually trusted to do an honest job. Thompson's paper describes
4888-448: Is subject to human flaws in governance, where convenience or desires or politics may lead to exceptions or outright subversion of the process and deviations from the textbook way the process is supposed to proceed. Examples include: Within the U.S. Department of Defense process, some historical examples of requirements issues are Specification A specification often refers to a set of documented requirements to be satisfied by
4992-517: The federal government and its agencies stipulates that a copy of the drawings and specifications must be kept available on a construction site. Specifications in Egypt form part of contract documents. The Housing and Building National Research Center ( HBRC ) is responsible for developing construction specifications and codes. The HBRC has published more than 15 books which cover building activities like earthworks , plastering, etc. Specifications in
5096-477: The public and private sectors. Example organization types include a corporation , a consortium (a small group of corporations), a trade association (an industry-wide group of corporations), a national government (including its different public entities, regulatory agencies , and national laboratories and institutes), a professional association (society), a purpose-made standards organization such as ISO , or vendor-neutral developed generic requirements. It
5200-437: The revision control system . In this case, a two-line change appeared to check root access permissions of a caller to the sys_wait4 function, but because it used assignment = instead of equality checking == , it actually granted permissions to the system. This difference is easily overlooked, and could even be interpreted as an accidental typographical error, rather than an intentional attack. In January 2014,
5304-513: The solutions for the Requirement Specification, referring to either a designed solution or final produced solution. It is often used to guide fabrication/production. Sometimes the term specification is here used in connection with a data sheet (or spec sheet ), which may be confusing. A data sheet describes the technical characteristics of an item or product, often published by a manufacturer to help people choose or use
SECTION 50
#17327877356155408-720: The structure , behavior , and more views of that system . A program specification is the definition of what a computer program is expected to do. It can be informal , in which case it can be considered as a user manual from a developer point of view, or formal , in which case it has a definite meaning defined in mathematical or programmatic terms. In practice, many successful specifications are written to understand and fine-tune applications that were already well-developed, although safety-critical software systems are often carefully specified prior to application development. Specifications are most important for external interfaces that must remain stable. In software development ,
5512-416: The 50 division format, which was adopted in both the United States and Canada starting in 2004. The 16 division format is no longer considered standard, and is not supported by either CSI or CSC, or any of the subscription master specification services, data repositories, product lead systems, and the bulk of governmental agencies. The United States' Federal Acquisition Regulation governing procurement for
5616-580: The Constraints section of the Requirements document. The contrasting view is that this perspective fails on two points. First, the perspective does not recognize that the user experience may be supported by requirements not perceivable by the user. For example, a requirement to present geocoded information to the user may be supported by a requirement for an interface with an external third party business partner. The interface will be imperceptible to
5720-685: The Construction Specifications Institute and the Registered Specification Writer (RSW) through Construction Specifications Canada. Specification writers may be separate entities such as sub-contractors or they may be employees of architects, engineers, or construction management companies. Specification writers frequently meet with manufacturers of building materials who seek to have their products specified on upcoming construction projects so that contractors can include their products in
5824-604: The UK are part of the contract documents that accompany and govern the construction of a building. They are prepared by construction professionals such as architects , architectural technologists , structural engineers , landscape architects and building services engineers . They are created from previous project specifications, in-house documents or master specifications such as the National Building Specification (NBS). The National Building Specification
5928-523: The United States and are usually subscription based. Specifications can be either "performance-based", whereby the specifier restricts the text to stating the performance that must be achieved by the completed work, "prescriptive" where the specifier states the specific criteria such as fabrication standards applicable to the item, or "proprietary", whereby the specifier indicates specific products, vendors and even contractors that are acceptable for each workscope. In addition, specifications can be "closed" with
6032-527: The United States and updated every two years. While there is a tendency to believe that "specifications overrule drawings" in the event of discrepancies between the text document and the drawings, the actual intent must be made explicit in the contract between the Owner and the Contractor. The standard AIA (American Institute of Architects) and EJCDC (Engineering Joint Contract Documents Committee) states that
6136-425: The United States, the 1994 Communications Assistance for Law Enforcement Act forces internet providers to provide backdoors for government authorities. In 2024, the U.S. government realized that China had been tapping communications in the U.S. using that infrastructure for months, or perhaps longer; China recorded presidential candidate campaign office phone calls —including employees of the then-vice president of
6240-478: The application's preferred normal form for internal use. Such errors may also be avoided with algorithms normalizing both strings before any binary comparison. However errors due to file name encoding incompatibilities have always existed, due to a lack of minimum set of common specification between software hoped to be inter-operable between various file system drivers, operating systems, network protocols, and thousands of software packages. A formal specification
6344-423: The attacker who plants it, even if the full implementation of the backdoor becomes public (e.g. via publishing, being discovered and disclosed by reverse engineering , etc.). Also, it is computationally intractable to detect the presence of an asymmetric backdoor under black-box queries. This class of attacks have been termed kleptography ; they can be carried out in software, hardware (for example, smartcards ), or
SECTION 60
#17327877356156448-472: The backdoor operator to perform via modem remote I/O operations on the device hard disk or other storage. As the modem is running Samsung proprietary Android software, it is likely that it offers over-the-air remote control that could then be used to issue the RFS commands and thus to access the file system on the device. Harder to detect backdoors involve modifying object code , rather than source code—object code
6552-400: The backdoor, for example detecting that the subverted binary is being checksummed and returning the expected value, not the actual value. To conceal these further subversions, the tools must also conceal the changes in themselves—for example, a subverted checksummer must also detect if it is checksumming itself (or other subverted tools) and return false values. This leads to extensive changes in
6656-524: The building code or municipal code. Civil and infrastructure work in the United States often includes a quantity breakdown of the work to be performed as well. Although specifications are usually issued by the architect 's office, specification writing itself is undertaken by the architect and the various engineers or by specialist specification writers. Specification writing is often a distinct professional trade, with professional certifications such as "Certified Construction Specifier" (CCS) available through
6760-458: The characteristics most appropriate to their general discussion or the specific technology domain being addressed. However, the following characteristics are generally acknowledged. There are many more attributes to consider that contribute to the quality of requirements. If requirements are subject to rules of data integrity (for example) then accuracy/correctness and validity/authorization are also worthy attributes. Traceability confirms that
6864-480: The compiler recompiled from original source with the compromised compiler executable: the backdoor has been bootstrapped. This attack dates to a 1974 paper by Karger and Schell, and was popularized in Thompson's 1984 article, entitled "Reflections on Trusting Trust"; it is hence colloquially known as the "Trusting Trust" attack. See compiler backdoors , below, for details. Analogous attacks can target lower levels of
6968-597: The compiler was. It is believed that the Induc-A virus had been propagating for at least a year before it was discovered. In 2015, a malicious copy of Xcode, XcodeGhost , also performed a similar attack and infected iOS apps from a dozen of software companies in China. Globally, 4,000 apps were found to be affected. It was not a true Thompson Trojan, as it does not infect development tools themselves, but it did prove that toolchain poisoning can cause substantial damages. Once
7072-443: The compiler, this in turn can be fixed by recompiling the compiler, removing the backdoor insertion code. This defense can in turn be subverted by putting a source meta-backdoor in the compiler, so that when it detects that it is compiling itself it then inserts this meta-backdoor generator, together with the original backdoor generator for the original program under attack. After this is done, the source meta-backdoor can be removed, and
7176-450: The compiler-under-test. That source, compiled with both compilers, results in two different stage-1 compilers, which however should have the same behavior. Thus the same source compiled with both stage-1 compilers must then result in two identical stage-2 compilers. A formal proof is given that the latter comparison guarantees that the purported source code and executable of the compiler-under-test correspond, under some assumptions. This method
7280-661: The drawings and specifications are complementary, together providing the information required for a complete facility. Many public agencies, such as the Naval Facilities Command (NAVFAC) state that the specifications overrule the drawings. This is based on the idea that words are easier for a jury (or mediator) to interpret than drawings in case of a dispute. The standard listing of construction specifications falls into 50 Divisions , or broad categories of work types and work results involved in construction. The divisions are subdivided into sections, each one addressing
7384-463: The estimates leading to their proposals. In February 2015, ArCHspec went live, from ArCH (Architects Creating Homes), a nationwide American professional society of architects whose purpose is to improve residential architecture. ArCHspec was created specifically for use by licensed architects while designing SFR (Single Family Residential) architectural projects. Unlike the more commercial CSI/CSC (50+ division commercial specifications), ArCHspec utilizes
7488-800: The industry are the IEEE and the IIBA. Both of these groups have different but similar definitions of what a requirement is. Many projects have succeeded with little or no agreement on requirements. Some evidence furthermore indicates that specifying requirements can decrease creativity and design performance Requirements hinder creativity and design because designers become overly preoccupied with provided information. More generally, some research suggests that software requirements are an illusion created by misrepresenting design decisions as requirements in situations where no real requirements are evident. Meanwhile, most agile software development methodologies question
7592-594: The infected machines. Others, such as the Sony/BMG rootkit , placed secretly on millions of music CDs through late 2005, are intended as DRM measures—and, in that case, as data-gathering agents , since both surreptitious programs they installed routinely contacted central servers. A sophisticated attempt to plant a backdoor in the Linux kernel , exposed in November 2003, added a small and subtle code change by subverting
7696-474: The item correctly. Validation of suitability is necessary. Public sector procurement rules in the European Union and United Kingdom require non-discriminatory technical specifications to be used to identify the purchasing organisation's requirements. The rules relating to public works contracts initially prohibited "technical specifications having a discriminatory effect" from 1971; this principle
7800-460: The machine code of the untrusted compiler before using it. As mentioned above, there are ways to hide the Trojan horse, such as subverting the disassembler; but there are ways to counter that defense, too, such as writing a disassembler from scratch. A generic method to counter trusting trust attacks is called diverse double-compiling . The method requires a different compiler and the source code of
7904-458: The more concise 16 traditional Divisions, plus a Division 0 (Scope & Bid Forms) and Division 17 (low voltage). Many architects, up to this point, did not provide specifications for residential designs, which is one of the reasons ArCHspec was created: to fill a void in the industry with more compact specifications for residential projects. Shorter form specifications documents suitable for residential use are also available through Arcom, and follow
8008-484: The most vulnerable system. Default passwords (or other default credentials) can function as backdoors if they are not changed by the user. Some debugging features can also act as backdoors if they are not removed in the release version. In 1993, the United States government attempted to deploy an encryption system, the Clipper chip , with an explicit backdoor for law enforcement and national security access. The chip
8112-482: The nation– and of the candidates themselves. A backdoor may take the form of a hidden part of a program, a separate program (e.g. Back Orifice may subvert the system through a rootkit ), code in the firmware of the hardware, or parts of an operating system such as Windows . Trojan horses can be used to create vulnerabilities in a device. A Trojan horse may appear to be an entirely legitimate program, but when executed, it triggers an activity that may install
8216-436: The need for rigorously describing software requirements upfront, which they consider a moving target. Instead, extreme programming for example describes requirements informally using user stories (short summaries fitting on an index card explaining one aspect of what the system should do), and considers it the developer's duty to directly ask the customer for clarification. Agile methodologies attempt to capture requirements in
8320-479: The needs of the stakeholders ) and requirements analysis , analysis (checking for consistency and completeness), specification (documenting the requirements) and validation (making sure the specified requirements are correct). Requirements are prone to issues of ambiguity, incompleteness, and inconsistency. Techniques such as rigorous inspection have been shown to help deal with these issues. Ambiguities, incompleteness, and inconsistencies that can be resolved in
8424-486: The object code. Further, object code backdoors can be removed (assuming source code is available) by simply recompiling from source on a trusted system. Thus for such backdoors to avoid detection, all extant copies of a binary must be subverted, and any validation checksums must also be compromised, and source must be unavailable, to prevent recompilation. Alternatively, these other tools (length checks, diff, checksumming, disassemblers) can themselves be compromised to conceal
8528-406: The organisation's current corporate objectives or priorities. Sometimes a guide or a standard operating procedure is available to help write and format a good specification. A specification might include: Specifications in North America form part of the contract documents that accompany and govern the drawings for construction of building and infrastructure projects. Specifications describe
8632-493: The original exploit in 2002, and, in 2009, Wheeler wrote a historical overview and survey of the literature. In 2023, Cox published an annotated version of Thompson's backdoor source code. Thompson's version was, officially, never released into the wild. However, it is believed that a version was distributed to BBN and at least one use of the backdoor was recorded. There are scattered anecdotal reports of such backdoors in subsequent years. In August 2009, an attack of this kind
8736-633: The product no later than xyz date.' Other methods include use cases and user stories . Requirements generally change with time. Once defined and approved, requirements should fall under change control . For many projects, requirements are altered before the system is complete. This is partly due to the complexity of computer software and the fact that users don't know what they want before they see it. This characteristic of requirements has led to requirements management studies and practices. There are several competing views of what requirements are and how they should be managed and used. Two leading bodies in
8840-425: The products. A data sheet is not a technical specification in the sense of informing how to produce. An " in-service " or " maintained as " specification , specifies the conditions of a system or object after years of operation, including the effects of wear and maintenance (configuration changes). Specifications are a type of technical standard that may be developed by any of various kinds of organizations, in both
8944-473: The quality and performance of building materials, using code citations and published standards, whereas the drawings or building information model (BIM) illustrates quantity and location of materials. The guiding master document of names and numbers is the latest edition of MasterFormat . This is a consensus document that is jointly sponsored by two professional organizations: Construction Specifications Canada and Construction Specifications Institute based in
9048-414: The rather voluminous commercial style of specifications too lengthy for most residential projects and therefore either produce more abbreviated specifications of their own or use ArCHspec (which was specifically created for residential projects). Master specification systems are available from multiple vendors such as Arcom, Visispec, BSD, and Spectext. These systems were created to standardize language across
9152-503: The representations of data about food and food products in order to operate effectively and efficiently. Development of formal specifications for food and drug data with the necessary and sufficient clarity and precision for use specifically by digital computing systems have begun to emerge from some government agencies and standards organizations: the United States Food and Drug Administration has published specifications for
9256-440: The requirement set satisfies the need (no more - and no less than what is required). To the above some add Externally Observable, that is, the requirement specifies a characteristic of the product that is externally observable or experienced by the user. Such advocates argue that requirements that specify internal architecture, design, implementation, or testing decisions are probably constraints, and should be clearly articulated in
9360-437: The requirements phase typically cost orders of magnitude less to correct than when these same issues are found in later stages of product development. Requirements analysis strives to address these issues. There is an engineering trade off to consider between requirements which are too vague, and those which are so detailed that they Agile approaches evolved as a way of overcoming these problems, by baselining requirements at
9464-476: The requirements using generic or proprietary descriptions of what is required, whereas performance specifications focus on the outcomes rather than the characteristics of the components. Specifications are an integral part of Building Information Modeling and cover the non-geometric requirements. Pharmaceutical products can usually be tested and qualified by various pharmacopoeias . Current existing pharmaceutical standards include: If any pharmaceutical product
9568-399: The second task, the compiler's source code would appear "clean".) What's worse, in Thompson's proof of concept implementation, the subverted compiler also subverted the analysis program (the disassembler ), so that anyone who examined the binaries in the usual way would not actually see the real code that was running, but something else instead. Karger and Schell gave an updated analysis of
9672-480: The software level, must still be kept as a documentation of customer intent. However, they may be traced to process requirements that are determined to be a practical way of meeting them. For example, a non-functional requirement to be free from backdoors may be satisfied by replacing it with a process requirement to use pair programming . Other non-functional requirements will trace to other system components and be verified at that level. For example, system reliability
9776-480: The source code, and the resulting compromised compiler (object code) can compile the original (unmodified) source code and insert itself: the exploit has been boot-strapped. This attack was originally presented in Karger & Schell (1974), which was a United States Air Force security analysis of Multics , where they described such an attack on a PL/I compiler, and call it a "compiler trap door". They also mention
9880-452: The system and tools being needed to conceal a single change. As object code can be regenerated by recompiling (reassembling, relinking) the original source code, making a persistent object code backdoor (without modifying source code) requires subverting the compiler itself—so that when it detects that it is compiling the program under attack it inserts the backdoor—or alternatively the assembler, linker, or loader. As this requires subverting
9984-467: The system to bypass security facilities and permit direct access to data. The use of the word trapdoor here clearly coincides with more recent definitions of a backdoor. However, since the advent of public key cryptography the term trapdoor has acquired a different meaning (see trapdoor function ), and thus the term "backdoor" is now preferred, only after the term trapdoor went out of use. More generally, such security breaches were discussed at length in
10088-612: The system, such as the operating system, and can be inserted during the system booting process; these are also mentioned by Karger and Schell in 1974, and now exist in the form of boot sector viruses . A traditional backdoor is a symmetric backdoor: anyone that finds the backdoor can in turn use it. The notion of an asymmetric backdoor was introduced by Adam Young and Moti Yung in the Proceedings of Advances in Cryptology – Crypto '96 . An asymmetric backdoor can only be used by
10192-433: The umbrella of a quality management system . These types of documents define how a specific document should be written, which may include, but is not limited to, the systems of a document naming, version, layout, referencing, structuring, appearance, language, copyright, hierarchy or format, etc. Very often, this kind of specifications is complemented by a designated template. Backdoor (computing) A backdoor
10296-460: The user, though the presentation of information obtained through the interface certainly would not. Second, a constraint limits design alternatives, whereas a requirement specifies design characteristics. To continue the example, a requirement selecting a web service interface is different from a constraint limiting design alternatives to methods compatible with a Single Sign-On architecture. All requirements should be verifiable. The most common method
10400-495: Was applied by its author to verify that the C compiler of the GCC suite (v. 3.0.4) contained no trojan, using icc (v. 11.0) as the different compiler. In practice such verifications are not done by end users, except in extreme circumstances of intrusion detection and analysis, due to the rarity of such sophisticated attacks, and because programs are typically distributed in binary form. Removing backdoors (including compiler backdoors)
10504-460: Was based on the time sequence of construction, working from exterior to interior, and this logic is still somewhat followed as new materials and systems make their way into the construction process. Each section is subdivided into three distinct parts: "general", "products" and "execution". The MasterFormat and SectionFormat systems can be successfully applied to residential, commercial, civil, and industrial construction. Although many architects find
10608-467: Was discovered by Sophos labs. The W32/Induc-A virus infected the program compiler for Delphi , a Windows programming language. The virus introduced its own code to the compilation of new Delphi programs, allowing it to infect and propagate to many systems, without the knowledge of the software programmer. The virus looks for a Delphi installation, modifies the SysConst.pas file, which is the source code of
10712-435: Was extended to public supply contracts by the then European Communities' Directive 77/62/EEC coordinating procedures for the award of public supply contracts, adopted in 1976. Some organisations provide guidance on specification-writing for their staff and partners. In addition to identifying the specific attributes required of the goods or services being purchased, specifications in the public sector may also make reference to
10816-471: Was unsuccessful. Recent proposals to counter backdoors include creating a database of backdoors' triggers and then using neural networks to detect them. The threat of backdoors surfaced when multiuser and networked operating systems became widely adopted. Petersen and Turn discussed computer subversion in a paper published in the proceedings of the 1967 AFIPS Conference. They noted a class of active infiltration attacks that use "trapdoor" entry points into
#614385