МОДЕЛЬ БЕЗОПАСНОГО ФУНКЦИОНИРОВАНИЯ ПРОГРАММНОГО ОБЕСПЕЧЕНИЯ, ФОРМАЛИЗУЮЩАЯ КОНТРОЛЬ ИСПОЛЬЗОВАНИЯ ПАМЯТИ И ОБРАЩЕНИЙ К НЕЙ ПРОЦЕССОРА

Abstract

In the absence of software source codes, it is necessary to use technically complex procedures, including decompilation, reverse engineering, etc. At the same time, in practice, the decision on whether the software belongs to the class of legitimate programs or not should be made promptly, which imposes a limit on the decision-making time. Also, modern information and industrial system often include a significant number of components with low computing power, which is why it is important to minimize the consumption of computing resources for software security analysis. Solving the problem of security analysis is also complicated by the fact that full automation of this process is not possible due to the high complexity of the subject area. To improve the efficiency of solving this problem in conditions of limited time and computing resources, as well as the lack of open source software, a model of secure software functioning is proposed, which includes a hypervisor and takes into account the features of malicious software manifestations in the system. This paper presents a model that describes the secure operation of software in terms of the processes and functions it performs. The peculiarity of the proposed model is that it takes into account the specifics of malware operation and is suitable for implementation in systems with limited computing resources.