Secure Software Development

< استفاده از مطالب سایت فراکنش با ذکر منبع مجاز است.>

Software Security

Software security as part of the larger problem of developing robust, reliable code

Describe the relationship between software security and:

• Corporate information security policies

• Corporate risk strategies

Why is most software insecure?

Many developers don’t know how to develop secure software

—•Most universities don’t have it in their syllabi

Or it’s optional graduate level, not required in undergrad

—•Programming books/courses don’t teach it

—•Some common operations intrinsically dangerous (esp. C)

—•Most developers don’t think like an attacker

“How could this be attacked?”

—•Developers don’t learn from others’ security mistakes

Most vulnerabilities caused by same mistakes over 40+ years

Customers can’t easily evaluate software security

Managers don’t always resource/train adequately

What is “Software Security”?

NOT just a set of features

Secure software > Security software

Although tools and experts are helpful,

—•You can’t just deploy a magical tool and expect all vulnerabilities to disappear

—•You can’t outsource all of your security knowledge

Even if you are using a security library, know how to use it properly

NOT just a set of features

NOT a problem for just mathematicians

NOT just using Cryptography


– Is important and needed

        – Cannot solve all of your security problems

Proofs, access control rules, and verification are helpful, but inherently incomplete

NOT a problem for just networking and operating systems

Software had security problems long before we had the internet

If you left a window open in your house, would you try to fix the roads?

A reality that everyone must face

—- Not just developers, all stakeholders

A learnable mindset for software engineers

The ability to prevent unintended functionality

—- At all layers of the stack

—- In all parts of your system


Security is only required in the OS

—- 15% are OS vulns

I only need a good patch strategy

—- Mean time to attack: 330 days -> 2 weeks

I have a firewall, AntiVirus and IDS

—- 92% of vulns are software, not network

Functional testing finds security defects

—- Good practices from design to deploy are required

I use tested components in Java (or .NET)

—- Only helps with some classes of problem

I use cryptography

—- Helps with some threats, but just one tool in the toolbox

Which Approach?

Defense in depth: Having multiple defense mechanisms (“layers”) in place, so that an attacker has to defeat multiple mechanisms to perform a successful attack

Defense in breadth: Applying approaches to develop secure software throughout the lifecycle

Developing secure software requires actions throughout lifecycle

—- “Defense-in-breadth”

Traditional Software Engineering

Many years of software development experience created a well defined application software development lifecycle


There are many software development methodologies (ex. XP, waterfall, etc) they all have these basic steps

Capability Maturity Model for Software (SW-CMM), is used to measure quality of methodologies employed

ادامه مطلب و دانلود مقاله


David Wheeler, Secure Software Design & Programming, SWE 681/ISA 681, George Mason University, Jan 2015.

SE 331- Engineering Secure Software,  Rochester Institute of Technology, May 2014.

Dimitry Averin, Security Engineering for Software , CS996 – Information Security Management, NYU Polytechnic School of Engineering, 2005.

Pascal Meunier, Secure Software Engineering, Purdue University

Security Development Lifecycle, Microsoft.