Software Development Security

Describe the importance of security activities throughout the system development life cycle (SDLC) to implement secure systems

  • Understand the requirements of the system
  • Analyze the requirements in detail until the detailed business model is complete
  • Determine the appropriate technology for the system based on its purpose and use
  • Identify and design program functions
  • Code the programs
  • Test the programs individually and collectively
  • Install the system into a secure “production” environment

Describe the tasks and activities within each phase of the SDLC needed for an overall secure software program

  • Phase Zero (Project inspection) — security policy — review legal issue –HIPPA — PCI-DSS
  • System Requirements — Threats, Application and Potential Vulnerability
  • System Design — Security measures — Control needed. Legal and regulatory — Which API
  • Development — Code scanning — Code review
  • Test — Subsystem — Module — Full System testing — Vulnerability — Errors — Bugs — Behavior checking
  • Deployment — remediation plan — response plan 

Understand the major industry models for measuring the maturity of a secure software development program

  • Microsoft’s Secure Development Lifecycle (SDL)
    • Requirements gathering and analysis
      • Organizational security policies and standards
      • Organizational privacy policy (which might have varying requirements in different places)
      • Regulatory requirements (Sarbanes-Oxley, HIPAA, and so on)
      • Relevant other industry standards (PCI DSS, ANSI-X9 for banks, and so on)
      • The NFRs are then mapped against these critical security and resilience goals:
      • Confidentiality and privacy
      • Integrity
      • Availability
      • Nonrepudiation
      • Auditing
  • Systems design and detail designs –Threat modeling and design reviews
    • Functional decomposition –data flow diagrams– understand the boundaries of untrusted and trusted components, for a better understanding of the attack surface of an application that an attacker might want to exploit.
    • Categorizing threats
      • Even though attackers’ goals vary, understanding the different types of threat agents and their potential impacts on an organization is important.
    • Ranking threats
      • Ranking potential threats for a software system requires a fair amount of subjective judgment. The level of damage a successful exploit can cause varies significantly, depending on various factors.
    • Mitigation planning
      • With a list of ranked threats, you can document a high-level mitigation plan by mapping them to the potential vulnerabilities in the software system.
  • Software coding and reviews
    • Bug finding (quality perspective)
    • Style checks
    • Type checks
    • Security vulnerability review
    • Peer review
    • Unit Testing
  • Testing steps
    • critical for discovering vulnerabilities that were not discovered and fixed earlier
    • Dynamic and Manual testing, SQL injection, Cross site scripting, etc.
  • Deployment steps
    • change advisory board CAB
    • Final Review
    • Response and remediation
  • Waterfall
  • Agile
  • Extreme Programming [XP]

Security Training provides best practices and guidelines for developing high-quality software

Open Software Assurance Maturity Model (OpenSAMM)

  • OpenSAMM comes as a PDF file with detailed descriptions of each core activity and corresponding security processes

Building Security in Maturity Model (BSIMM)

  • BSIMM can help you determine where your organization stands with respect to real-world software security initiatives and what steps can be taken to make your approach more effective.