The Software Engineering Process - The requirements phase is the most important part of the software engineering process since it outlines the project’s future requirements, thus defining its scope and limitations.
- Security is built into the software by including security concerns and reviews throughout the software development process.
- Regardless of the specific software engineering process model used, security can be included in the normal process by being input as requirements.
Good Practices - The commonest coding error is buffer overflow conditions.
- Code injection errors can result in undesired code execution as defined by the end user.
- Input validation is the best method of ensuring against buffer overflows and code injection type errors.
- Early testing helps resolve errors at an earlier stage and results in cleaner code.
- Security-related use-cases can be used to test for specific security requirements.
|
