How The Update Framework Improves Software Distribution Security

In recent years that there been multiple cyber-attacks that compromised a software developer's network to enable the delivery of malware inside of software updates. That's a situation that Justin Cappos, founder of The Update Framework (TUF) open-source project, has been working hard to help solve.

Cappos, an assistant professor at New York University (NYU), started TUF nearly a decade ago. TUF is now implemented by multiple software projects, including the Docker Notary project for secure container application updates and has implementations that are being purpose-built to help secure automotive software as well. 

In a video interview with eWEEK, Cappos explains why TUF is important in the modern threat landscape and how it is continuing to evolve.

"TUF helps to make sure that the software your organization has decided it should sign, gets securely to (end-user) parties," Cappos said.

TUF defines an system in which software updates are cryptographically signed and secured in a validated way to help minimize the risk of software tampering. There have been multiple incidents in recent years, including one involving cCleaner, in which attackers were able to infiltrate and compromise development systems to send malicious updates to users.

TUF a Cloud Native Computing Foundation project

TUF became a Cloud Native Computing Foundation (CNCF) project in October 2017, alongside the Notary project. The CNCF is a Linux Foundation Collaborative Project and is home to multiple technology projects including the Kubernetes container orchestration system. Cappos said that being part of the CNCF has helped to advance the TUF project, in terms of having proper governance and validation. The CNCF also helps to promote TUF and the work that the project is doing.

Cappos strongly believes that having a secure updating mechanism for software should be a requirement for security compliance. He emphasized that having secure updates is about more than just digitally signing updates, but having a mechanism, like TUF, that validates the signatures and the integrity of the software that is being delivered.

Of particular concern for software updates right now, according to Cappos, are Internet of Things (IoT) technologies, notably medical devices and the power grid, which could have a critical impact if malicious updates are delivered to these systems.

"If these issues are not fixed in these domains (IoT), people will die," Cappos said.

Watch the full video with Justin Cappos above.

Sean Michael Kerner is a senior editor at eWEEK and Follow him on Twitter @TechJournalist.