Secure Systems Engineering, Fall 2024

Project Check-In 2

Introduction

Your group has had some time to implement your code. It now is time to start thinking about how you will hide two backdoors into your implementation.

Discuss each question with your group. Then, distill your discussion into 2-3 sentences, and write up a response. Submit your responses to all questions to Blackboard. Your responses to these questions are not binding, but give them some thought as you talk among each other.

Status questions

This first set of questions pertains to your current status in your implementation.

  1. Describe your current progress on your code. How many features of the voting machine implementation (not including backdoors) have you implemented? What is remaining?
  2. Have you tested your implementation? If so, what are your results?
  3. Do you feel like you are behind in terms of progress on the project?

Planning questions

This second set of questions are designed to help you start thinking about your backdoors.

  1. Based on lecture on backdoors, what kinds of backdoors are you considering for this project? Why would they be appropriate?
  2. The project description mentions that the backdoors need to “change the outcome of the election”. What are some ways the outcome of an election can be changed by a voting machine? Think about ways other than changing the vote totals.
  3. What parts of your codebase handles the outcome of an election?
  4. How can you change your codebase to allow someone to change the outcome of an election?
  5. The project description also mentions that the backdoors need to “surreptitious” and hidden from a regular user. How could you hide the backdoor in your user interface without alerting a user to its presence?
  6. What are some ways you can make your backdoors will be hard to identify and exploit by the red team? You may have to do some outside research for this.
  7. Do you have any additional questions about the backdoors portion of the project?

What to turn in

Upload the following to Blackboard before the due date above:

Only one submission per group is necessary. Blackboard is set up with your project groups for this check-in.