What is the relationship between Software Lines of Code and Security Bugs ?

Our world today is more connected than ever. We have our pacemakers, 3D printers, Insulin pumps and even cars connected to the internet. Moore's law states that the number of transistors on integrated circuits would double every two years. Or in simple terms, the processing speed will double every two years or 18 months or 12 months.

With the drastic growth in processing powers, we saw a steep increase in the internet connected systems and software. The millennials are too dependent on internet and apps for personal data storage, banking, studies and even employment. The source code of Apollo 11 Guidance system that took the US to the moon and back was published on GitHub. It contains 145,000 Lines of Code (LOC). Now compare that with a space shuttle that uses a 400,000 LOC, curiosity (rover) 2.5 Million LOC, Android 12 Million LOC and Google services which is at a whopping 2 Billion LOC.

Many researches state that, on average, there are around 30 to 50 bugs in 1000 LOC. Now if we do the math, that is nearly 1.5 to 2.5 Million Software bugs for 50 Million Lines of Code. As a result, we see a high increase in security vulnerabilities since the codebases are on a rapid increase.

End of Moore's Law

Most industry experts suggest that the Moore's Law has reached its end. Moore's Law has been driving the digital revolution for more than half a century. There are few new technological architecture emerging which will be commercialized within 10 to 15 years. The growth of Quantum computers and neuromorphic computing will threaten the current technologies such as PKI systems which is used for encrypting our internet traffic.

Ever-Increasing Vulnerability on technologies and software products

The graph below shows that the rate of increase in publicly disclosed vulnerabilities (CVE) each year. If you notice, the year 2017 has the maximum number of vulnerabilities disclosed. This is due to multiple factors such as the increase in Internet connected devices and technologies.

Software companies and developers must focus on the real problem of fixing security bugs on their system rather than focusing on the background noise.

Reference:
CVE Details: http://www.cvedetails.com/
Image Source: https://www.itworld.com/article/2725085/big-data/curiosity-about-lines-of-code.html

Comments

Digital Dark Age: Information Explosion and Data Risks

“Old formats of documents that we’ve created or presentations may not be readable by the latest version of the software because backwards compatibility is not always guaranteed,” says Vint Cerf, Google’s Vice President and one the fathers of the Internet. Digital dark age describes the belief that the rapid evolution of technology will eventually make storage formats obsolete, and data will not be accessible to generations to come. It’s easy to assume that the data we store will somehow be preserved forever. Vint Cerf calls this phenomenon as ‘ bit rot ‘. Evolution of Digital Storage Magnetic tape was the first storage medium that revolutionized the digital industry. It was first introduced in the year 1928. Over the years, magnetic tape can suffer from deterioration called sticky-shed syndrome , caused by absorption of moisture into the binder of the tape, rendering the tape unusable. Storage of 1024 bits of information was successfully implemented in 1948 using electrostati

Will Quantum Computers Threaten Modern Cryptography?

Modern cryptography, including elliptic curve cryptography , is being used extensively for securing our internet payments, banking transactions, emails and even phone conversations. The majority of today’s cryptographic algorithms are based on public-key encryption, which is considered to be secure against attacks from modern computers. Quantum computing can simply break this security by reverse computing private keys faster than a conventional computer. RISK OF QUANTUM COMPUTING Although quantum computers are still in their infancy and non-operational, with publicly known experimental quantum computers too small to attack conventional cryptographic algorithms, many national governments and organizations have begun to understand the risk involved when this technology becomes a practical reality. Military agencies and leading technology companies have already increased fundings and accelerated processes in developing quantum computers because of the fact that it can process

Shower your loved ones with affection

John Dewey, one of America's most profound philosopher said that the deepest urge in human nature is "the desire to be important." Lincoln once began a letter saying: "Everybody likes a compliment." William James said: "The deepest principle in human nature is the craving to be appreciated." Dewey and James said something similar, the desire to be important and the craving to be appreciated. Craving is a strong desire for something. Everybody wants to be a great human. We got to to keep one thing in mind, nothing can be achieved by criticizing, condemning or complaing others. Showing love and respect to others will help in yielding a healthy relationship Instead of condemning people, let's try to understand them. Let's try to figure out why they do. That's a lot more profitable and intriguing than criticism, and it breeds sympathy, tolerance and kindness. "To know all is to forgive all"- Nixon Waterman Bob Hoover, a

Search This Blog