Description
The software contains code that is designed to disrupt the legitimate operation of the software (or its environment) when a certain time passes, or when a certain logical condition is met.
When the time bomb or logic bomb is detonated, it may perform a denial of service such as crashing the system, deleting critical data, or degrading system response time. This bomb might be placed within either a replicating or non-replicating Trojan horse.
Modes of Introduction:
– Architecture and Design
Related Weaknesses
Consequences
Other, Integrity: Varies by Context, Alter Execution Logic
Potential Mitigations
Phase: Installation
Description:
Always verify the integrity of the software that is being installed.
Phase: Testing
Description:
Conduct a code coverage analysis using live testing, then closely inspect any code that is not covered.