9781418065478_PPT_ch02 - Scf

lumpysteerDéveloppement de logiciels

2 déc. 2013 (il y a 3 années et 11 mois)

216 vue(s)

Secure Software Development:
A Security Programmer’s
Guide

Chapter 2

Coding in the SDLC:

Not a Solitary Practice

Secure Software Development: A Security Programmer’s Guide, First Edition

2

Objectives


Work with principles associated with software
engineering


Identify standards and methodologies involved in the
development of efficient, secure, and reusable code


Know the roles of the programmer and systems
analyst

Secure Software Development: A Security Programmer’s Guide, First Edition

3

Secure Software Development
Process


Today, we are seeing a need for security in
software development where security
requirements, design, and defensive principles
have to be worked into the traditional SDLC
(software development life cycle)


This includes making smarter code compilers


Working security quality gates into the development
process


Choosing a development process



Secure Software Development: A Security Programmer’s Guide, First Edition

4

Secure Software Development Process
(continued)


A secure software development process includes
three main ingredients:


SDLC in the industry


SDLC in the organization


SDLC in the cube



Secure Software Development: A Security Programmer’s Guide, First Edition

5

Secure Software Development Process
(continued)


SDLC in the Industry


The industry has defined software development as
an engineering practice with a “systematic,
disciplined, quantifiable approach to the
development, operation, and maintenance of
software”


Examples of industry standards:


Standard development life cycle

IEEE 12207


Capability Maturity Model Integration


Secure Software Development: A Security Programmer’s Guide, First Edition

6

Secure Software Development Process
(continued)


SDLC in the Industry (continued)


Standard development life cycle

IEEE 12207


The ISO/IEEE 12207 standard provides the industry with standard
activities each software project
must
follow to be compliant


The ISO/IEEE 12207 can be looked at as the standard of all
standards


System requirements analysis


System design


Software architectural design


Software detailed design


Software coding


Software testing


Software installation


Software acceptance


Software maintenance


Secure Software Development: A Security Programmer’s Guide, First Edition

7

Secure Software Development Process
(continued)


SDLC in the Industry (continued)


CMMI


The SEI (Software Engineering Institute) CMMI
(Capability Maturity Model Integration), which is part of
Carnegie Mellon University, defines industry
standards with government organizations, businesses,
and academia to improve the process of software
development


CMMI defines how effective organizations are at
following a formal development process by classifying
the organizations into maturity levels



Secure Software Development: A Security Programmer’s Guide, First Edition

8

Secure Software Development Process
(continued)


SDLC in the Industry (continued)


CMMI (continued)


There are five levels of effectiveness


Initial:
Processes are usually nonexistent


Managed:
Processes are planned and executed


Defined:
Adhere to standards, procedures, and
tools


Quantitatively managed:
Processes are measured
in statistical terms


Optimizing:
Processes continue to improve



Secure Software Development: A Security Programmer’s Guide, First Edition

9

Secure Software Development Process
(continued)


SDLC in the Organization


Developing software in an organization is no
different than creating any other product


Organizations implement industry standards in their
processes


A
software methodology
is a set of methods,
procedures, and rules that can be repeatedly carried
out to produce software



Secure Software Development: A Security Programmer’s Guide, First Edition

10

Secure Software Development Process
(continued)


SDLC in the Organization (continued)


Why do you need a methodology?


Methodology is important because it produces
consistency


Teams that follow the “
no methodology
” methodology
usually find themselves relying on the heroics of just a
few really great developers


Who picks the methodology depends on the
organization



Secure Software Development: A Security Programmer’s Guide, First Edition

11

Secure Software Development Process
(continued)


SDLC in the Organization (continued)


Evaluating traditional methodologies


By the early 1970s, programmers started adopting
these methodologies as part of their everyday work
activity, and these traditional methods still stand today


The traditional methodologies include the following:


Waterfall


Iterative


Spiral


Secure Software Development: A Security Programmer’s Guide, First Edition

12

Secure Software Development Process
(continued)


SDLC in the Organization
(continued)


Waterfall



Secure Software Development: A Security Programmer’s Guide, First Edition

13

Secure Software Development Process
(continued)


SDLC in the Organization (continued)


Waterfall (continued)


The waterfall methodology is a way to develop
software following through each phase of the life cycle
from one to the next in a
very
sequential manner


The waterfall gets its name because of how the
process flows down from one phase to the next like a
stream of falling water



Secure Software Development: A Security Programmer’s Guide, First Edition

14

Secure Software Development Process
(continued)


SDLC in the Organization (continued)


Waterfall (continued)


Drawbacks to this methodology include the following:


This methodology is too restrictive and forces the
developers to complete each phase before moving
on


It is also very rare that the users know exactly
what they want


Poor communication and false assumptions are
prevalent in this approach

Secure Software Development: A Security Programmer’s Guide, First Edition

15

Secure Software Development Process
(continued)


SDLC in the Organization
(continued)


Iterative


Secure Software Development: A Security Programmer’s Guide, First Edition

16

Secure Software Development Process
(continued)


SDLC in the Organization (continued)


Iterative (continued)


Great for moderate to large applications with varying
degrees of complexity


Allows the users and developers more time to focus
on building one requirement/feature at a time


The iterative methodology is the one most often used
in the field


Secure Software Development: A Security Programmer’s Guide, First Edition

17

Secure Software Development Process
(continued)


SDLC in the Organization (continued)


Iterative (continued)


Drawbacks to this methodology include the following:


The iterative process tends to be too constrictive for
teams that have been working together closely for
years


Because the iterative process really concentrates on
one feature at a time, some mature teams do not like
the pace


End users and customers cannot afford to spend the
amount of time needed to test each new feature as it’s
launched


Secure Software Development: A Security Programmer’s Guide, First Edition

18

Secure Software Development Process
(continued)


SDLC in the Organization

(continued)


Spiral


Secure Software Development: A Security Programmer’s Guide, First Edition

19

Secure Software Development Process
(continued)


SDLC in the Organization (continued)


Spiral (continued)


In each phase, or quadrant, the objectives and
associated risks are defined and analyzed through
the use of prototypes


If the risk is deemed acceptable, the requirement will
be designed and developed


This spiral process allows developers and users to
analyze each requirement and apply appropriate
what
-
if
questions


Secure Software Development: A Security Programmer’s Guide, First Edition

20

Secure Software Development Process
(continued)


SDLC in the Organization (continued)


Spiral (continued)


Drawbacks to this methodology include the following:


It takes a lot of development time to produce and
analyze prototypes


End users and customers cannot afford to spend the
amount of time needed to test each new feature as it’s
launched


Feedback and/or discovered problems are slow to
filter to the developer’s desk


Secure Software Development: A Security Programmer’s Guide, First Edition

21

Secure Software Development Process
(continued)


SDLC in the Organization (continued)


Advanced Methodologies


Security development lifecycle (SDL)


Team software process (TSP)


Agile development: Extreme programming


Touchpoints


Secure Software Development: A Security Programmer’s Guide, First Edition

22

Secure Software Development Process
(continued)


SDLC in the Organization (continued)


Advanced Methodologies (continued)


Security Development Lifecycle (SDL)


Microsoft has adopted Security Development Lifecycle
(SDL)


Aimed at developing secure software


The first goal is to reduce the number of security
vulnerabilities and privacy problems


This process is based on 13 stages of activities



Secure Software Development: A Security Programmer’s Guide, First Edition

23

Secure Software Development Process
(continued)


SDLC in the Organization (continued)


Advanced Methodologies (continued)


Team Software Process (TSP)


The Software Engineering Institute’s Team Software
Process


TSP provides a
framework
, a set of processes and
disciplined methods for producing quality and security
principles in software


Software Process (PSP) helps the developer to do the
following:

»
Ensure quality software products

»
Create secure software products

»
Improve process management in an organization




Secure Software Development: A Security Programmer’s Guide, First Edition

24

Secure Software Development Process
(continued)


SDLC in the Organization (continued)


Advanced Methodologies (continued)


Agile Development


Agile methods also emphasize working software as
the primary measure of progress


Extreme programming (XP) is an example of an agile
development process


With XP, the developers buddy up next to one another
and share the responsibility of coding


XP is a great choice if the development team is split
into two groups: experienced and entry/mid level


Secure Software Development: A Security Programmer’s Guide, First Edition

25

Secure Software Development Process
(continued)


SDLC in the Organization (continued)


Advanced Methodologies (continued)


Touchpoints


Touchpoints are activities that the development team
needs to do during a particular phase of the software
development life cycle


The Touchpoints methodology strictly focuses on
security designs, principles, and features of a software
application


Touchpoint method will focus on
how
that software
requirement can make the application vulnerable to
security risks if implemented (abuse case)


Secure Software Development: A Security Programmer’s Guide, First Edition

26

Secure Software Development Process
(continued)


SDLC in the Organization (continued)


Advanced Methodologies (continued)


Touchpoints (continued)


Secure Software Development: A Security Programmer’s Guide, First Edition

27

Secure Software Development Process
(continued)


SDLC in the Organization (continued)


Advanced Methodologies (continued)


Hybrid Situation


Choosing to go from one methodology to another as
the team develops


In a hybrid methodology, you might start with an
iterative methodology


As time goes on and familiarity with the system and
requirements sets in, you might switch to a waterfall


Secure Software Development: A Security Programmer’s Guide, First Edition

28

Secure Software Development Process
(continued)


SDLC in the Organization (continued)


Advanced Methodologies (continued)


Hybrid Situation (continued)



Secure Software Development: A Security Programmer’s Guide, First Edition

29

Secure Software Development Process
(continued)


SDLC in the Cube


All development methodologies share one common
element: people


If software quality and security are not high on their list of
objectives when they work, chances are their product won’t
be secure or high quality


If your heart is not in your coding, you risk buggy code


The developer is the one who will be going through all the
SDLC activities and methodology procedures in the cube




Secure Software Development: A Security Programmer’s Guide, First Edition

30

Secure Software Development Process
(continued)


SDLC in the Cube (continued)


If you want to make a difference and become the go
-
to
person on the team, you need to learn the art of:


Communicating effectively


Encouraging discussions




Secure Software Development: A Security Programmer’s Guide, First Edition

31

Secure Software Development Process
(continued)


SDLC in the Cube (continued)


Communicating Effectively


The art of communication is lost in this field


Because of language barriers, cultural differences,
lack of understanding, fear of public speaking

the
list goes on


Developers like to work with computers, not people


You need to be able to convey your thoughts and
ideas very clearly





Secure Software Development: A Security Programmer’s Guide, First Edition

32

Secure Software Development Process
(continued)


SDLC in the Cube (continued)


Encouraging SDLC Discussions


Learning from our experiences in software
development is another great way to improve the
process and then change what doesn’t work


Encourage discussions with your coworkers about
the development process, methodologies, and
what works versus what doesn’t


Discuss work flow and how processes will reinforce
understanding




Secure Software Development: A Security Programmer’s Guide, First Edition

33

The Development Team


Team dynamics are important when looking at a secure
development process


Because of the vast knowledge and skills needed for
secure programming, it is too complex of a job for one
person


A secure software development process should have the
appropriate team structure with qualified personnel to
make the work flow




Secure Software Development: A Security Programmer’s Guide, First Edition

34

The Development Team


(continued)


A good team structure includes:


Key players of a development team


Defined roles and responsibilities for the team


Defined ways in which team members interact with each
other



Secure Software Development: A Security Programmer’s Guide, First Edition

35

The Development Team


(continued)


Makeup of a Development Team


1. Project manager (PM)

»
This person has strong management skills and is keenly
aware of the SDLC

»
He or she is likely a
PMP
(project management
professional) certified to manage an IT project

»
The PM is fully aware of the security needs and policies of
the current project


2. Business analyst (BA)

»
A business analyst is someone who knows and understands
the business side of the application

»
This person takes customer requests and translates them
into software requirements


Secure Software Development: A Security Programmer’s Guide, First Edition

36

The Development Team


(continued)


Makeup of a Development Team (continued)


3. Tech lead (lead developer)

»
This person is very efficient in the technology used on the
project

»
Aware of the security needs of the application

»
Required to know secure design principles and
methodologies and how to apply threat modeling and threat
analysis


4. Testers

»
A tester is someone with a thorough understanding of the
system’s requirements

»
Knows how the system was designed and developed

»
Knows how to break software


Secure Software Development: A Security Programmer’s Guide, First Edition

37

The Development Team


(continued)


Makeup of a Development Team (continued)


5. Customer/user

»
An end user is someone with a thorough understanding of
the system’s requirements

»
Knows how the software will be used by the masses


Secure Software Development: A Security Programmer’s Guide, First Edition

38

The Development Team


(continued)


Accountability


Roles and Responsibilities of the Team


Secure Software Development: A Security Programmer’s Guide, First Edition

39

The Development Team


(continued)


Accountability (continued)


Roles and Responsibilities of the Team


The complexity of team dynamics in
communication, knowledge base, and experience
makes it imperative for all team members to play
their part in software development


Like an orchestra, all individual instruments make a
unique sound, but when playing together they
create beautiful music


It is the job of the PM to define roles and
responsibilities, but all too often, the roles and
responsibilities are
assumed
instead of
defined


Secure Software Development: A Security Programmer’s Guide, First Edition

40

The Development Team


(continued)


Team Interaction


Everyone is going to be your boss

your customers (they
pay the bills), the project manager, and, if you’re a
contractor, employees of the organization will be your boss
as well


You are going to have to deal with many people wanting
status reports, updates, and basic project information


You need to know how to interact with everyone


Secure Software Development: A Security Programmer’s Guide, First Edition

41

The Development Team


(continued)


Team Interaction (continued)


The following are some pitfalls you need to be aware of and
avoid


Cliques


Talking to the same “gang” of people day in and day
out forms alliances


Cliques are bad and not appropriate at the office


Office politics


Office politics: bad to participate, impossible to avoid


To be successful, you not only have to code great
software, but you also have to be seen and heard


Be savvy with your communication and socialization


Secure Software Development: A Security Programmer’s Guide, First Edition

42

Summary


A secure software development process
encompasses industry standards, development
methodologies, and best practices


Industry standards define
what
needs to be done in
software development


The ISO/IEEE 12207 defines the primary phases of
traditional software development

Secure Software Development: A Security Programmer’s Guide, First Edition

43

Summary (continued)


Software methodologies provide the development
team with a set of directions on how to carry out
activities within each phase of software
development


Software methodologies and standards play a key
role in how efficient, secure, and reusable the code
is


Software methodologies focus the activities and
tasks that need to be carried out on a daily basis

Secure Software Development: A Security Programmer’s Guide, First Edition

44

Summary (continued)


At the end of the day, it all comes down to people


No matter how defined the process is or how rigid
the procedures are, if the development team is not
working together as a whole, the project can fail


A good team produces good software