This article is taken from US-CERT
External faults that threaten the software’s dependable operation are seen as a security issue when (1) the faults result from malicious intent or (2) the faults, regardless of their cause, make the software vulnerable to threats to its security. According to Bruce Schneier in Beyond Fear [Schneier 06], “Security is about preventing adverse consequences from the intentional and unwarranted actions of others.”
Enhancing the Development Life Cycle to Produce Secure Software [DHS/DACS 08] defines secure software as follows:
To be considered secure, software must exhibit three properties:
- Dependability: Dependable software executes predictably and operates correctly under all conditions, including hostile conditions, including when the software comes under attack or runs on a malicious host.
- Trustworthiness: Trustworthy software contains few if any vulnerabilities or weaknesses that can be intentionally exploited to subvert or sabotage the software’s dependability. In addition, to be considered trustworthy, the software must contain no malicious logic that causes it to behave in a malicious manner.
- Survivability (also referred to as “Resilience”): Survivable—or resilient—software is software that is resilient enough to (1) either resist (i.e., protect itself against) or tolerate (i.e., continue operating dependably in spite of) most known attacks plus as many novel attacks as possible, and (2) recover as quickly as possible, and with as little damage as possible, from those attacks that it can neither resist nor tolerate.
The objective of secure software development is to design, implement, configure, and sustain software systems in which security is a necessary property from the beginning of the system’s life cycle (i.e., needs and requirements definition) to its end (retirement). Experience has taught that the most effective way to achieve secure software is for its development life cycle processes to rigorously conform to secure development, deployment, and sustainment principles and practices. Organizations that have adopted a secure software development life cycle (SDLC) process have found almost immediately upon doing so that they have begun finding many more vulnerabilities and weaknesses in their software early enough in the SDLC that they are able to eradicate those problems at an acceptable cost. Moreover, as such secure practices become second nature over time, these same developers start to notice that they seldom introduce such vulnerabilities and weaknesses into their software in the first place.
This article is taken from US-CERT you can read more from
No comments:
Post a Comment