Security
Secure Software Development and Maintenance
SWEBOK Ch. 13 Section 17
Resources
Secure Software Development and Maintenance
To design security into software, one must take into consideration every stage of the software development lifecycle. In particular, secure software development involves software requirements security, software design security, software construction security, and software testing security.
Software Development Life Cycle
Stages / Processes
Planning / Requirements / Specification
cost benefits
Design
Building / Implementation / Construction
Testing / Validation
Deployment
Maintenance / Evolution
Models
SWEBOK Ch. 13 Section 3.1 The Programming Process
Analogy to Math: Appendix B - Figure A1
Other Computer Security Concerns
Basic Computer Security: How to Protect Yourself from Viruses, Hackers, and Thieves
Social Engineering csoonline
What Happens When You Dare Expert Hackers To Hack You (11:34)
Anti-virus software
AV Comparatives independent tests
uBlock Origin - free and open-source, cross-platform browser extension for content-filtering, including ad-blocking
Tor Browser - web broswer that anonymizes your web traffic, making it easy to protect your identity online
Security
Information Security - wikipedia
Working with Computers and Devices
4. Keeping Your Computer Secure and Updated
17. Secure Software Development and Maintenance
17.1. Software Requirements Security
17.2. Software Design Security
17.3. Software Construction Security
17.4. Software Testing Security
17.5. Build Security into Software Engineering Process
17.6. Software Security Guidelines
1. Validate input.
2. Heed compiler warnings.
Compile code using the highest warning level available for your compiler and eliminate warnings by modifying the code.
Use static and dynamic analysis tools to detect and eliminate additional security flaws.
3. Architect and design for security policies.
4. Keep it simple.
5. Default deny.
6. Adhere to the principle of least privilege.
7. Sanitize data sent to other software.
8. Practice defense in depth.
9. Use effective quality assurance techniques.
10. Adopt a software construction security standard.