Abstract Need

Secure Software Design and Secure Construction

 

Objectives

• Learn secure design principles.
• Learn common  vulnerabilities in code and coding practices to minimize such vulnerabilities.

Topics

Principles and Guidelines for Designing Secure Software; Construction of Code; Coding against Common Vulnerabilities.

OERs

• DHS. (2007). Software Assurance: A Curriculum Guide to the Common Body of Knowledge to Produce, Acquire, and Sustain Secure Software. Retrieved from:https://learn.umgc.edu/content/enforced/313879-M_022073-01-2185/Common_Body_of_Knowledge2007.pdf?_&d2lSessionVal=yHNXTIp6y56ZPEX8jKq29unVQ&ou=313879 .
  • Chapter 6 Secure Software Design Pages 89 - 107
  • Chapter 7  Secure Software Construction Pages 109 - 125
•  OWASP. (2010). Secure Coding Practices. Retrieved from:  https://www.owasp.org/images/0/08/OWASP_SCP_Quick_Reference_Guide_v2.pdf.
• Carnegie-Mellon University CERT. (n.d.). SEI CERT Coding Standards (n.d.).Retrieved from:  https://www.securecoding.cert.org/confluence/display/seccode/SEI+CERT+Coding+Standards. 
•  Microsoft. (n.d.).  Secure Coding Guidelines. Retrieved from: https://msdn.microsoft.com/en-us/library/d55zzx87%28v=vs.90%29.aspx

Review Questions

• What are secure design principles?
• How can documentation assist secure development and enhancement?
• Why good coding practices are important? What are they?

(These questions are intended to be a self-test of your comprehension of this session's material; answers to these questions do not need to be turned in.)

Session Notes

Chapters 6 and 7 of CBK provide guidelines and techniques how to design and code a complex system so the resulting system will be secure.

Chapter 6 (Chapter 6.3) touches upon several important design principles, many of which you have already encountered in the last section, including Information hiding and encapsulation, separation of policy and mechanism, retaining minimal state,  least privilege, mediation of every access, default deny, separation of duties and privilege, isolation, diversity in defenses, fail secure, and supporting forensics,  and software architecture principles including layering, compartmentalization and reference monitor. Documenting not only various artifacts (e.g., specifications, design, test plans), but also design rationale at every stage of development is essential, so system can be maintained and enhanced by developers other than the original developers. There is a need to document assumptions made, threats considered, not considered, etc. Reviews should include reviews for security features.. There is is a wealth of information in Chapter 6.

Chapter 7 focuses on code (implementation) with a particular emphasis on common vulnerabilities in software code that includes buffer overflow, race condition, and violation of trust by end user (the programmer's code should compensate for this breach). This chapter also discusses safe coding practices to minimize these vulnerabilities (e.g., coding standards, input validation).

There are three OERs listed above on coding standards from three organizations:  OWASP, CMU CERT and Microsoft. Session 10 Discussion Session will focus on these coding standards.

____________________________________________________________________________

© 2020 University of Maryland Global Campus.