...
Software developers can avoid the vulnerability or mitigate its ill effects in the following ways:
- A strategy for fault handling should be decided. Consistency in fault handling should be the same with respect to critically similar parts.
- A multitiered approach of fault prevention, fault detection, and fault reaction should be used.
- System-defined components that assist in uniformity of fault handling should be used when available. For one example, designing a "runtime constraint handler" (as described in ISO/IEC TR 24731-1) permits the application to intercept various erroneous situations and perform one consistent response, such as flushing a previous transaction and restarting at the next one.
- When there are multiple tasks, a fault-handling policy should be specified whereby a task may
- halt, and keep its resources available for other tasks (perhaps permitting restarting of the faulting task)
- halt, and remove its resources (perhaps to allow other tasks to use the resources so freed, or to allow a recreation of the task)
- halt, and signal the rest of the program to likewise halt
Risk
...
Assessment
Failure to adopt and implement a consistent and comprehensive error-handling policy is detrimental to system survivability and can result in a broad range of vulnerabilities depending on the operational characteristics of the system.
...