53Cyber Security
Category Action Completed
Limit privileges to authorized administrators for
most system-related tools
Install and congure
additional security controls
Install and congure software to provide
additional controls not available in the OS
Test the security of the OS
Test OS after initial installation for vulnerabilities
Periodically test OS for new vulnerabilities
3.8 Software Development Security
To develop and maintain software free from security problems is no easy task.
It is one of the many nonfunctional requirements a software engineer needs
to design into software, (e.g., usability, maintainability, scalability, avail-
ability, extensibility, security, and portability). But, in this era, special atten-
tion needs to be paid to the security requirement. This can be achieved by
building security into applications during the development process (Khan
and Zulkernine 2008). However, two of the difculties software developers
face are the lack of application security knowledge and schedule pressures
(Payne 2009). The eight-step process developed by Talukder etal. (2009) to
elicit both functional and nonfunctional security requirements can be part
of the solution where the security issues of the application are analyzed up
front. Following is the summarized version of the eight steps:
1. Functional requirements: Capture requirements using UML analy-
sis artifacts.
2. Identication of assets: Identify the critical assets of the organiza-
tion and categorize them by their perceived value and loss impact.
3. Security requirements: Determine possibilities (diagram a misuse
case; see the example in Figure3.5) for attacks (e.g., denial of service
[DOS], data tampering) and tampering with the data characteristics
(e.g., condentiality, integrity, and availability).
4. Threat and attack tree: Analyze each misuse case and determine
the threat path.
5. Rating of risks: Assign values to each threat/risk to determine the
highest risk.
6. Decision on in vivo versus in vitro: Determine which threats need
to be addressed within the application (in vivo). This is done by com-
paring the threats to the assets.