This is one of 4681 IT projects that we have successfully completed with our customers.How can we support you?
Macro Signing
Brief description
For historical reasons, the global trading company uses numerous MS Office macros to map its business processes. These macros are usually created and maintained decentrally by the departments themselves (IDV applications). Some of these macros support essential business-relevant processes and are of corresponding importance. Due to the decentrally maintained applications, the control of security standards by the central IT is severely limited, which, in addition to the general security problems of Office macros / VBA, leads to a significant risk. In order to reduce this risk, all macros used in the company are subjected to a security assessment by central IT. If the security assessment is passed successfully, these macros are digitally signed. From a certain point in time, only these signed macros can be executed by users on all customer systems and unsigned macros are blocked by policy.
Supplement
Since the scope of the macro applications used worldwide includes a quantity structure of several hundred thousand files, the security check is carried out automatically. There is a web portal into which users can upload their macros to be checked or track the processing status. The files are subjected to a two-stage security check. In level 1, the files are opened in a secure sandbox and examined for possible malicious code by various virus/malware scanners. In the second step, machine code analysis takes place in an individually created application. Here we check for conspicuous or risky VBA code (e.g. access to the file system). Depending on the criticality of the code, a corresponding score is determined, which is accumulated at the level of a macro file. If the score exceeds a certain threshold, the file undergoes a manual code review. If the score is below the threshold, it is signed automatically.
Subject description
The task of PTA is to further develop machine or static code analysis. This application is created in Java and breaks down the entire code of a macro into automatically identifiable blocks (e.g. functions, variables, IF-THEN-ELSE blocks, etc.). This decomposition is supported by the ANTLR parser generator (so-called grammar of the code). The result is a logical code tree of the entire macro in memory, which is analyzed by the Java program for potential code risks. The individual statements are checked against a comprehensive set of rules, with each rule containing a corresponding score. Since the code of all macros supplied is not predictable and arbitrary code combinations can therefore arise, it is often the case that certain constructs are not yet covered by the (configurable) ANTLR grammar. In these cases, the problem must be analyzed and the grammar or the processing Java code adapted.
Overview
- Industries trade
- Specialist tasks dispatch, pricing, procurement, procurement organization, sales scheduling, stock of inventory, store
- DV tasks customised software support
- System environment PC systems/networks, Service-Oriented Architecture (SOA)
- Procedure model customer standard
- Databases Prometheus
- Development/ test tools ANTLR, Azure DevOps, Git, JetBrains IntelliJ IDEA
Project start14.05.2024
Have we sparked your interest?
Contact
PTA GmbH Head Office
Weberstraße 2-4
D-68165 Mannheim
Service
Industries
© Copyright 2025 PTA GmbH | All rights reserved | Imprint | Privacy | Legal notice | Values & Code of Conduct
