Факторний аналіз ризиків на прикладі інциденту з програмним забезпеченням реєстру глобальної маршрутизації

Abstract

When designing and developing software systems of any complexity, project risk management is important and necessary. Every software development project contains elements of uncertainty known as a project risk. The success of a software development project depends on the amount of risk that corresponds to each project activity.The introduction of new RPKI technologies for Internet routing registry stakeholders has led to the emergence of a new single point of failure in the global Internet routing system. The issue of risk management, namely risk identification and classification during the development and operation of software for global routing registries, was not given enough attention to result in a global security incident. Errors in the management of project risk in the process of developing and updating the software of the European database of the routing registry led to the fact that the incident with the routes hijack by Rostelecom on April 1, 2020 became global. After unsuccessful software upgrade critical data was deleted from routing registry database and there was no comprehensive monitoring measures and response plan to prevent the increasing spread of the issue globally. The risk management errors, namely incorrect assessment of impact factors and further factor analysis is analyzed. Factor analysis demonstrated that the main security concerns of the software development and operation cycle were insufficient monitoring and the absence or inadequacy of a risk mitigation program. In result, on a several small steps of the security incident, the risk owner failed to avoid risk, control it or perform its transfer.In our example, there was added a FAIR approach as well-situated complementary method for risk decomposition. This way the main risk is described as a set of smaller, easily recognizable risks which management already has described by known avoidance steps and mitigation measures. On an example of decomposition of data security, it is shown the reasonable points for risk identification, classification and prioritization for this security incident. Tabl.: 3. Refs: 9 titles.