ABSTRACT
In this chapter we will describe the SDL activities for the design and develop ment (A4) phase of our security development lifecycle (see Figure 6.1). This phase can be mapped to the “readiness” phase in a typical software development lifecycle. We start with the continuation of policy compliance analysis for this phase and then move on to describe the elements of security test case execution. Building on the proper process for security testing that should have already been created, documented, and tested, analysis will continue until necessary tuning is identified in order to accomplish the required security level. We then describe the use of automated tools such as static, dynamic, and fuzz test tools to help automate and enforce security practices efficiently and effectively at a low cost. Static analysis analyzes the source code prior to compiling, provides a scalable method of security code review, and helps ensure that secure coding policies are being followed. Dynamic analysis monitors application behavior and ensures that the software functionality works
as designed. Fuzz testing induces program failure by deliberately introducing malformed or random data to an application and can be used as an effective and low-cost way of finding potential security issues prior to release and potentially throughout the SDL process. Fuzz testing is a specialized form of dynamic analysis. By using the latest version of these automated tools, the latest known automated security analysis, vulnerabilities, and recommended protections will be identified. After these multiple automated tools have been used to quickly analyze the flaws and vulnerabilities in the software, the code is then reviewed manually, every issue validated, and the code inspected to overcome the limitations of automated tools and techniques. As part of this process, attack surface and threat model reviews will ensure that any new attack vectors that have been created by any design or implementation changes have been identified and mitigated. Finally, we discuss the need, value, and process for privacy validation and remediation to be conducted during this phase of the SDL.
