Software Vulnerability Vs. Critical Infrastructure - A Case Study of Antivirus Software
During the last decade, the realisation of how vulnerable critical infrastructures are due to their inter-dependencies has hit home with more gravity than ever. The abundance of vulnerabilities in the software that is widely used in critical systems could have escalating consequences. In this paper, the authors used the PROTOS MATINE model to systematically examine the scope of software systems used in critical infrastructure. Dependency analysis methods indicated antivirus software as a critical subject to study, as its use is mandated and as it processes data from malicious sources. They determined that antivirus software is by nature susceptible to various risks and has exhibited significant vulnerability, but the issue is neither widely recognized nor reported.