Computing - 12 Secure Software Architecture

Computing

Secure Software Architecture

Introduction

Code vulnerabilities

Minimising threats when designing software solutions

Secure Software Architecture

Data confidentiality

Steps in and benefits of developing secure software

Security be design

Strategies to evaluate and manage code security

Introduction

We made it. Welcome to SSA. This is a crunchy topic indeed. There is a lot going on and a lot of learning to do. Let's start with a more gentle introduction.

In Grok Academy (free registration required, and your teacher may need to enrol you in the course), complete the Modelling Cyber Threats course. The aim is to get students to think about security, without thinking of coding just yet. That's to come.

After that is a shared resource that outlines in very broad terms the ideas and concepts that are to be studies.

Modelling Cyber ThreatsHow do experts know the security risks they face in digital systems?

1b. Introduction to SSA

Code vulnerabilities

Hacksplaining.com is a website that teaches you about vulnerabilities that can drastically affect coded solutions including PWAs. Registration is free via a google / school account.

The worksheet give students a chance to keep notes and results of work.

1b. Learing about code vulnerabilities

Minimising threats when designing software solutions

No surprises here, you need to know where the threats could lie so that you can code a solution for them. The following 15 slide decks were developed in class by the original Software Engineering class of 2025 to learn and better understand where threats exist so as to better understand how to code security into a solution.

2a Cybersecurity overview

2b Data security

2c Web and application security

2d Attack types

2e Distributed Denial-of-Service (DDoS)

2f Bots

2g Data

2h Cloud security

2i Testing and assessment

2j Regulation and compliance

2k Network management

2l Incident response and management

2m Authentication and access control

2n Cybersecurity solutions and tools

2o Industries

Designing a secure PWA is no easy task, as can be seen from the slide decks above. To summarise and consolidate that information, consider the following worksheet that provides some scenario based questions and concepts to ponder.

The worksheet has many components to complete and a quiz at the end to consider whether you as the end user are a "secure" web user.

3 Designing a secure PWA

Secure Software Architecture

This worksheet looks at SSA adn how different conponents of security can be implements in a PWA.

This is a very long document with a good summary of different components of a PWA that could be compromised.

4 Secure Software Architecture PWA 2025 Edition

And if that's too long to read, here is the executive summary

5a SSA Single Slide Summary

Data confidentiality

This is a worksheet with a learning teachique built in. The data confidentiality bit is important and should be treated as such. Let me explain the Five Why's technique.

It's pretty simple - give your answer, then, behaving like an inquisitive three year old, ask But Why?

Five.

Times.

It prompts you to think deeper than the simple answer and delve deeper into your thinking and knowledge / research. It's a good technique. Use it often.

5b. The importance of data confidentiality

Steps in and benefits of developing secure software

6a. Describe the benefits of developing secure software

6b. Interpret and apply fundamental software development steps to develop secure code

Security be design

7. Explore fundamental software design security concepts when developing programming code

9. Use and explain the cryptography and sandboxing

8. Apply security features incorporated into software

10. the ‘privacy by design’ approach

Strategies to evaluate and manage code security

11b. Apply and evaluate strategies to manage security of code

11a. Apply and evaluate strategies to manage security of code

11b. Apply and evaluate strategies to manage security of code

12. code using defensive data input handling practices

Page updated

Report abuse