Information Assurance Aspects of Rapid Software Reprogramming

Abstract

Anyone who administers a personal computer, either on the job or at home, is familiar with the concept of rapid software reprogramming (RSR). Operating system and many application software vendors perform reprogramming via electronically-delivered patches, service packs, or similar means. In the battlefield, RSR extends to embedded systems, both hand-held and vehicle-mounted, as well as to the military applications of conventional computers. All of these systemspsila missions have changed during the decades that software has been used in combat and, without reprogramming, the systems would be quickly obsolete. The growing use of RSR emphasizes the need to perform software updates securely. This paper describes RSR in the context of a general vulnerability management cycle (VMC), familiarizes the reader with the applicable information assurance (IA) properties, and discusses how to use existing technologies and practices to meet RSRpsilas IA needs.