Mitigating the Risk of Software Vulnerabilities by Adopting a Secure Software Development Framework (SSDF)

A software development life cycle (SDLC) is a formal or informal methodology for designing, creating, and maintaining software (which includes code built into hardware). There are many models for SDLCs, including waterfall, spiral, agile, and development and operations (DevOps). Few SDLC models explicitly address software security in detail, so secure software development practices usually need to be added to and integrated within each SDLC model. Regardless of which SDLC model is used to develop software, secure software development practices should be integrated throughout it for three reasons: to reduce the number of vulnerabilities in released software, to mitigate the potential impact of the exploitation of undetected or unaddressed vulnerabilities, and to address the root causes of vulnerabilities to prevent future recurrences. Most aspects of security can be addressed at multiple places within an SDLC, but in general, the earlier in the SDLC that security is addressed, the less effort and cost is ultimately required to achieve the same level of security. This principle, also known as shifting left, is critically important regardless of the SDLC model.

There are many existing documents on secure software development practices, including those listed in the References section. This white paper does not introduce new practices or define new terminology; instead, it describes a subset of high-level practices based on established standards, guidance, and secure software development practice documents. These practices, collectively called a secure software development framework (SSDF), should be particularly helpful for the target audiences to achieve secure software development objectives. Note that these practices are limited to those that bear directly on secure software development (e.g., securing the development infrastructure or pipeline itself is out of scope).

This white paper is intended to be a starting point for discussing the concept of an SSDF and therefore does not provide a comprehensive view of SSDFs. Future work may expand on the material in this white paper, potentially covering topics such as how an SSDF may apply to and vary for different software development methodologies and how an organization can transition from using just their current software development practices to also incorporating the practices specified by the SSDF. It is likely that future work will primarily take the form of use cases so that the insights will be more readily applicable to certain types of development environments.

This white paper expresses secure software development practices but does not prescribe exactly how to implement them. The focus is on implementing the practices rather than on the tools, techniques, and mechanisms used to do so…Download the whitepaper to read more.