Roles in Producing Safe Software

Instructor: Lyna Griffin

Lyna has tutored undergraduate Information Management Systems and Database Development. She has a Bachelor's degree in Electrical Engineering and a Masters degree in Information Technology.

In this lesson, we will examine and understand the security roles and responsibilities associated with every stage of the Software Development Life Cycle (SDLC). We will understand how risks and vulnerabilities are identified, and the measures put in place to curtail them.

Software development is the process of designing software using a series of defined processes in an organized manner. Today, security in software development forms one of the main foundation pillars of successful software. Security ensures the designing, building, and testing of the software is proactive, enabling the software to prevent problems and attacks automatically. The development of the software involves different stages, and ensuring security at each stage is important. This involves different roles and different security activities. In this lesson, we will examine the roles and activities involved during the SDLC (Software Development Life Cycle), and post-development phase (maintenance).

SDLC: Security Roles

In all of the stages of the SDLC, security is a priority, but this can be neglected when the development team is up against tight timelines.

Planning

Planning entails defining the general details and scope of the software. The scope of the project will be key to determining the most common threats and associated vulnerabilities that need to be considered. Third-party and peer-reviewed resources can provide up-to-date information on critical risks associated with their project scope.

Requirements and Analysis

This is the stage in the development process when the detailed requirements and goals of the software are stipulated. At this early stage, security must consider and guard against possible problems and vulnerabilities and factor in measures to resolve them. A lot of time and money can be saved when security is taken seriously at this stage, compared to having to revise software in the later stages of development. At this stage, decisions about technology, programming languages, and frameworks are considered, and it is very important that the security teams identify any associated vulnerabilities. This will play a key factor later in the design and development stages.

Architecture and Design

The risks and vulnerabilities associated with the programming languages and frameworks identified in the requirements and analysis stages will help the security and development teams map out the necessary architecture and design strategies, as well as guidelines geared to adequately combat the said vulnerabilities. These preventive measures at the design stage make for a robust and resilient software. In addition, a number of security training courses may be needed for members of the team. These may include training on Threat Modelling and Architecture Risk Analysis, which will produce a better quality security support environment over time.

Testing

The specific vulnerabilities and security risks identified in the earlier development stages are tested during this stage. The system is subject to attack using various simulations, and its behavior and response evaluated. Testing tools developed in-house as well as reputable third-party tools can be used to scan for flaws in the code that may be undetected by the developers. These third-party tools are a huge asset at the testing stage as developers strive for safe and secure software. However, adequate training in utilizing these tools is essential for efficient use. This eliminates false positive results while identifying the real threats.

To unlock this lesson you must be a Study.com Member.
Create your account

Register to view this lesson

Are you a student or a teacher?

Unlock Your Education

See for yourself why 30 million people use Study.com

Become a Study.com member and start learning now.
Become a Member  Back
What teachers are saying about Study.com
Try it risk-free for 30 days

Earning College Credit

Did you know… We have over 200 college courses that prepare you to earn credit by exam that is accepted by over 1,500 colleges and universities. You can test out of the first two years of college and save thousands off your degree. Anyone can earn credit-by-exam regardless of age or education level.

To learn more, visit our Earning Credit Page

Transferring credit to the school of your choice

Not sure what college you want to attend yet? Study.com has thousands of articles about every imaginable degree, area of study and career path that can help you find the school that's right for you.

Create an account to start this course today
Try it risk-free for 30 days!
Create an account
Support