Software Security Development Process

The emergence of software engineering is to deal with the "software crisis" of software development due to the large increase in software demand. The so-called software engineering refers to software development by referring to traditional engineering methods. The classic software development process in software engineering includes several stages, namely requirement analysis, general design, detailed design, coding, testing, operation and maintenance.

The emergence of software engineering has made it normal to develop quality and cost-effective software products, and the problem of "software crisis" has been solved. However, with the further widespread use of software, the status of software products in people's production and life More and more important, a new problem has emerged, that is, software security. However, the original engineering process of software development cannot solve software security problems well.

Based on the original software development process in software engineering, and referring to the existing software security development process SDL, a new software security development process is proposed through appropriate transformation.

1. Existing software security development process

1. Introduction to SDL

With the popularization of software use, some people of insight have researched on software security issues, and have some usable results. Among them, the software security development process has also emerged as the times require. So far, the most popular software security development process is the software security development cycle proposed by Microsoft—SDL. A process for security work can also greatly improve software security. The following is a brief description of SDL. In a complete software SDL implementation process, it can be divided into 13 stages.

(1) Security education and security awareness raising; (2) Project initiation; (3) Define and follow design best practices; (4) Product risk assessment; (5) Product risk analysis; (6) Create security documents for customers, Tools; (7) Secure Coding Strategy; (8) Security Testing Strategy; (9) Security Promotion Activities; (10) Final Product Security Review; (11) Security Response Plan; (12) Product Release; (13) Execute Security Response .

SDL can effectively improve software security and reduce software security problems. According to relevant data provided by Microsoft, the security holes discovered by Windows Vista developed with SDL are 45% less than that of Windows Xp without SDL; the security holes discovered by SQL Server 2005 developed with SDL are reduced by 91% compared with SQL Server 2000 without SDL .

SDL has some obvious advantages. It can be used as a whole or at a certain stage, with high flexibility, and it matches the general development process, so it is very practical. In addition, SDL is not only suitable for Microsoft platforms, but also for multiple platforms; SDL has relatively sufficient tool support, such as threat modeling and static source code analysis tools; SDL is developed by Microsoft, and the required documents are very detailed.

2. Current status of SDL application

Through the survey data on the combination of software development process and security at the RSA conference in San Francisco in 2010, it was found that current software companies have begun to pay attention to software security issues, and more than 50% of the survey participants expressed concern about SDL. But further survey data show that only 13% of the participants actually applied SDL in the development process.

Survey participants who did not use a software security development process also gave their reasons, mainly for their time cost, resource cost, and temporary security awareness. From this point of view, even though the attention paid to the software security development process is getting higher and higher, its actual usage is still not ideal. Through the survey, it is found that the size of the enterprise is one of the important factors affecting whether to use the security development process. Large enterprises can undertake greater resource investment to ensure the cost of security tools and security activities, while some small and medium-sized enterprises have certain concerns about the investment.

2. Improvements to SDL

A large amount of data proves that the later the software security testing is involved, the more effort is required. Fixing security vulnerabilities after software release costs at least 30 times as much as fixing them at the software design and coding stage.

The emergence of SDL is to solve the above problems, but the existing SDL has certain limitations. In order to improve the applicable objects of SDL and reduce its economic requirements, SDL has been properly transformed. The core of the reformed software security development process is the security knowledge base, which is always valid in the software life cycle and plays different roles. In order to make the software development process more flexible, the software development cycle is simplified into four stages: requirements, design, testing, and maintenance. In these 4 phases, different activities are taken to improve software security.

1. Software security knowledge base

In the modified software development process, the security knowledge base is the core existence, and it can contain many contents, including product risk database, software security vulnerability database, software security development design rules, security tools, and even some corresponding security knowledge training.

Product risk library: including the demand risk and the assessed risk at the beginning of the project. Security tools: including network security testing tools and white box security testing tools. For example AppScan, Sninffer; white box security testing tools include Fortify or CheckMarx. Security knowledge document: The security experience document or training document accumulated by the project. Security Vulnerability Library: The related product security vulnerabilities that can be collected, including network and code levels. Secure Design Rules: Fundamentals of secure development, such as coding rules. The security knowledge base plays an extremely important role in the software security development process, and the content in the security knowledge base can be used at each development stage.

2. Software development requirements stage

The main work of the requirements phase is requirements collection and requirements analysis. At this stage, the product requirements can be analyzed according to the product risk database of the security knowledge base, and the requirements for hidden security risks can be redesigned, or the losses caused by not carrying out security activities for certain functions or processes can be calculated.

3. Software security design stage

The design phase is divided into outline design and detailed design. The general design stage will mainly focus on software architecture design and software module function definition. At this stage, it is necessary to refer to the product risk library and vulnerability library to pre-process some known security issues, especially for some network software. Design accordingly for a well-known attack method.

The work in the detailed design stage is mainly code writing. At this time, it is necessary to code according to the vulnerability library---mainly white-box security vulnerabilities and security design rules. For white-box security vulnerabilities, there is now a relatively mature definition, such as fortify’s classification and definition of white-box security vulnerabilities, refer to these vulnerability classifications, and carry out detailed design work in combination with relatively mature coding rules to ensure coding quality.

4. Software security testing phase

Software security testing is mainly divided into three types. The first is fuzz testing: the principle of this testing is to send unexpected inputs to the target system and observe the results to find software vulnerabilities. Generally, a large amount of abnormal data is set to be parsed, and the test of problem codes generated by network protocols and untrusted access is included. The second is penetration testing: This type of testing is a mechanism to demonstrate that network defenses are functioning as expected. It is mainly used to test the operating configuration of the network and the host system and the degree of repair of the patch. Most of them use simulated attacks to discover loopholes in the information system and system vulnerabilities. The third type is run-time verification: verifying running problems is used to complete routine running tests and analyze problem logs. You can use the defect classification table or the risk classification table to count the tested defects, and use the corresponding test method to repair the found defects.

At this stage, a large number of security tools can be used for testing, such as the security of network software, using some penetration testing tools for testing (such as ActivePerl, Sniffer); code-level security testing mainly relies on some static testing tools and Dynamic testing tools, such as forti-fy and CheckMarx, which specialize in code static security testing; there are also some security testing for software usage environments and overall software systems, such as the US security software nessus. Now, there are more and more software security testing tools, and many mature or characteristic commercial or open source software security testing tools have emerged. There are also some good software security tools in China, such as Venus Star Mirror or Anhua Mingjian. Both provide convenience for the implementation of software security testing. At this stage, from cost considerations, a large number of open source tools is a priority.

5. Software maintenance phase

The work in the maintenance phase is mainly to deal with the security problems that have occurred and collect the problems and solutions into the security knowledge base to provide knowledge reserves for future software security development.

The simplified software security development process only includes four stages: requirements, design, testing, and maintenance. These four stages all need to use the security knowledge base, so the core of the established process is still the security knowledge base. The modified software security development process is more flexible, but it can adapt to different development processes. Once the security knowledge base is established, software security development can also be carried out at different stages to reduce security costs.

Summarize

The application of the software security development life cycle is mainly to reduce security vulnerabilities and reduce the impact of security vulnerabilities. However, software development is only based on the current optimal security solutions, and new attack methods emerge in an endless stream, so security issues and software vulnerabilities cannot be completely eliminated.

Software security work is now more reflected in security testing, and work on software security development is still scarce, which has something to do with the high cost and complexity of the existing software development process. By simplifying the existing software security development process SDL to meet the needs of small and medium-sized enterprises, it can also be used as some agile development or development with simple processes. The optimized software development process mainly has the following advantages: the development time is more flexible, the use of security tools including free tools is emphasized, the process is simplified, and the cost is reduced.

The above is the research on the software security development process introduced by Shenzhen Zuchuang Microelectronics Co., Ltd. for you. If you have software and hardware function development needs for smart electronic products, you can rest assured to entrust them to us. We have rich experience in customized development of electronic products, and can evaluate the development cycle and IC price as soon as possible, and can also calculate PCBA quotations. We are a number of chip agents at home and abroad, including MCU, voice IC, Bluetooth IC and modules, wifi modules. We have hardware design and software development capabilities. Covering circuit design, PCB design, single-chip microcomputer development, software custom development, APP custom development, WeChat official account development, voice recognition technology, Bluetooth wifi development, etc. It can also undertake the research and development of smart electronic products, the design of household appliances, the development of beauty equipment, the development of Internet of Things applications, the design of smart home solutions, the development of TWS solutions, the development of Bluetooth audio, the development of children's toys, and the development of electronic education products.