Skip to content

Chapter 1 - Secure Software Systems

Development goals

  • Software should be free of errors
    • Some errors may be nearly undetectable
      • Design Errors
      • Conceptualization errors
      • Integration errors
      • Security errors
  • Development methods leading toward security should be studied, documented, and applied systematically

SDLC Model steps

sdlc_graph

Initiation

The concept for the system has been formalized into a definable, described system. It does not necessarily have to be fully defined or fully described

Defining and Planning

An attempt to determine any inhibitions, applications, and requirements. Intends to capture the business alignment of the project.

Design and Decision

Turns the requirements into architecture. Keeps in mind vulnerabilities that may emerge at any given point. Determines what technology and hardware is needed.

Development

Includes low level design and unit testing as necessary throughout the stage. Security should also be discussed throughout this stage.

Test and Evaluation

Specifically refers to integration testing. Ensures that the modules and system perform their tasks correctly (verification, functional testing), securely (security testing), and completely as specified (validation). May be performed by a different team than the developers.

Deployment

Usually details how existing systems will be replaced and/or transferred to the product being developed. Includes various types of implementation types.

Acceptance testing

Runs the system through a simulated environment which attempts to closely replicate the production environment.

Dev-Ops

Utilizes developers who are also experienced in operations and administration to resolve issues immediately as they are discovered during migration

Beta testing

Gives users restricted terms like liability limitations and lowered expectations. Attempts to get close to a production environment but carries elevated risk while in beta.

Cutover

A disaster situation where an old system breaks and a new system must replace it to resolve the disaster. If the old system is unrecoverable or unable to be migrated back into production, the cutover will be made to the new system. Usually involves data loss and may prolong the recovery time.

Operations and Maintenance

Once the system has been fully integrated, it must be maintained throughout its lifespan. As requirements grow and use cases broaden, vulnerabilities may surface or new previously working components may break. As hardware changes, new errors may surface necessitating changes to harden the system. Security must be revisited as new features are added, new use cases develop, and new systems are integrated.

Retirement

Details migration to new systems, long term data archival, and data destruction on retired hardware.

SDLC Model variations

Spiral

Involves repeating certain steps in a similar order to the original model. Usually involves limiting the scope to allow features to make it through the new spiral quicker.

Prototyping

It may be beneficial to develop a small model of the system designed to simulate user interactions and test scenarios before making a concrete design. This may induce the risk of a system being determined to be "good enough" and put into production before design and testing decisions can be made on the prototype.

SDLC Methodologies

When a team picks a model, it may follow a certain methodology closer than others. Agile and Extreme methodologies often leave out design since they are centered around the developers making high level design choices during development. Linear models may be considered part of a waterfall methodology while recursive or spiral models will be closer to Agile.

Five Ps

  • Process
  • Program
  • Project
  • Product
  • Portfolio

Portfolio and Product

A portfolio is a group of software systems that provide a range of capabilities in support of an organization and are managed as a comprehensive set. May contain overlapping functionality, but is set to not work cross purpose. Portfolio management is focused on the organization as a consumer or user of software systems. Product management on the other hand is focused on the organization as a supplier or implementer of software systems.

Project

A project is a task or set of tasks with a specific beginning and an end and set upon accomplishing a specific goal or set of goals

Program

A collection of interconnected related projects.

Process

Processes are tasks that are performed in an organization on a repetitive basis.

Definitions and acronyms

  • Software Development LifeCycle (SDLC)
    • "a series of stages, development/life phases, epics, sprints, or some such thing that a software system passes through on its way from idea to retirement"
  • Vulnerabilities
    • Unlike defects, are weaknesses rather than errors.
    • Can be exploited In the right set of circumstances