Enhancing Security Testing Software for Systems that Cannot be Subjected to the Risks of Penetration Testing Through the Incorporation of Multi-threading and and Other Capabilities

Abstract

The development of a system vulnerability analysis tool (SVAT) for complex mission critical systems (CMCS) produced the software for operation and network attack results review (SONARR). This software builds upon the Blackboard Architecture and uses its a rule-fact logic to assess model networks to identify potential pathways that an attacker might take through them via the exploitation of vulnerabilities within the network. The SONARR objects and algorithm were developed previously; however, performance was insufficient for analyzing large networks. This paper describes and analyzes the performance of a multi-threaded SONARR algorithm and other enhancements which were developed to increase SONARR's performance and facilitate the analysis of large networks.