White Paper: Untrusted Developers - Code Integrity in a Distributed Development Environment

by Courtney Cavness, Helmut Kurth and Stephan Mueller.

It is becoming commonplace for organizations to use third-parties to develop or test their source code (including using third party libraries) for business reasons, such as reducing development costs. But when the code is developed or modified by unknown and untrusted developers, how can an organization have confidence that the third-party code used in their product is not malicious and does not inadvertently introduce vulnerabilities? The authors analyzed the intent of the personnel and physical security requirements for the development environment in the Common Criteria (CC) standard and propose a solution for this scenario, which is for vetted employee(s) of the organization to perform an acceptance procedure of the code. The acceptance procedure must include a manual review to look for malicious code, unintentional vulnerabilities, and back doors, and otherwise attempt to ensure that the third-party code performs the expected — and only the expected — functionality before it is integrated into the product. The CC should be updated to include the specification and definition of an acceptance procedure to reflect the growing trend of organizations that routinely receive source code development and/or test services on components included in their products.

You can download the White Paper "Untrusted Developers" from our website.