WIBU-SYSTEMS

Perfection in Protection, Licensing, and Security

{{ moduleLabel }}
{{ label }}

A Fresh Look at Secure Software Development

MarketingWIBU-SYSTEMS AG on May 9, 2019 at 2:02 PM

Software-driven innovations are being fueled by the emergence of smart things - devices, automobiles, factories, cities - all of which impact nearly every aspect of our personal lives and businesses. The connected economy offers tremendous economic and social benefits. However, it also introduces an unprecedented level of security risks, from theft of personal data to threats to human lives. While software itself is becoming increasingly complex, the onus is on software developers to build secure applications that can withstand ubiquitous hacking attempts and ensure that it can be securely maintained throughout its lifecycle.

The dangers that lurk within the realm of software security have received global attention, yet it has been difficult for the industry to agree upon a set of best practices and common development standards. Several organizations, including, BSIMMOWASP, and National Institute of Standards and Technology, have put forth documents outlining their proposals for development standards. On the industrial side, the Industrial Internet Consortium published the Industrial Internet Security Framework, a common security outline and an approach to assess cybersecurity in Industrial Internet of Things systems.

Just recently, BSA | The Software Alliance published their own viewpoint with The BSA Framework for Secure Software: A New Approach to Securing the Software Lifecycle. Before diving into the report, it is helpful to understand their definition of software security:

Software security encompasses what a software development organization does to protect a software product and the associated critical data from vulnerabilities, internal and external threats, critical errors, or misconfigurations that can affect performance or expose data.

The organization says that the Framework is intended to establish an approach to software securitythat is flexible, adaptable, outcome-focused, risk-based, cost-effective, and repeatable. The document provides a common organization and structure to capture multiple approaches to software security by identifying standards, guidelines, and practices that can help software development organizations achieve desired security outcomes while accounting for the wide spectrum of intended uses, risk profiles, and technological solutions among software products.

The guidelines are applicable to the entire spectrum of (1) software development organizations and vendors, from the individual entrepreneur to large-scale, multi-national businesses; (2) software development methods, from traditional to DevOps; and (3) software products, from simple IoT sensors to complex Artificial Intelligence algorithms.

Specifically, the BSA states that the goals of the Framework are to help software development organizations:

  1. Describe the current state of software security in individual software products.
  2. Describe the target state of software security in individual software products.
  3. Identify and prioritize opportunities for improvement in development and lifecycle management processes.
  4. Assess progress toward the target state.
  5. Communicate among internal and external stakeholders about software security and security risks.

The Framework identifies best practices relating to both organizational processes and product capabilities across the entire software lifecycle. It is organized into six columns: Functions, Categories, Subcategories, Diagnostic Statements, Implementation Notes, and Informative References.

If you are a software developer, you will find the 40-page document to be a good read and a mechanism for assessing your own software security practices.

You might also be interested in our upcoming Webinar on May 15, The Fastest Way to Protect Your Know-How, which will provide an overview of our complete family of IP protection tools that you can integrate easily into your software

Login or register now and enjoy all the benefits of a community!

To get the whole functionality of IndustryArena Forum you need to login or register. This process is absolutely free.

Password forgotten?
Contact request
Guest Photo
Your message
The controller within the meaning of Art. 4(7) GDPR is: IndustryArena GmbH, Schneiderstr. 6, 40764 Langenfeld, Germany.
You may reach our data protection officer under [email protected].

Purpose of processing
We process your personal data concerning the use of the contact form and the communication with the company of the newsroom as well as the transmission of your data to this company in accordance to Art. 6 (1a) GDPR. This constitutes a legitimate interest for us in accordance to Art. 6 (1f) GDPR.

Recipient of the data
Within our organization, those units gain access to your data, which are necessary to fulfil the above purposes.
Personal data will only be transmitted to third parties if this is necessary for the aforementioned purposes or if another legal basis exists. If necessary, we conclude the corresponding data protection agreements with third parties, in particular pursuant to Art. 28 GDPR.

Data storing
Your data will be transmitted to the company of the newsroom for further processing. The period of storing is the duration of the processing of your request by the respective company.

Select contact person

Newsroom Logo

Design options

  • Title text color:
  • Content background:
  • Content text color:
  • Navigation background:
  • Tab text color:
  • Active tab text color:
  • Link text color:
  • Active link text color:
  • Background image Background color:

    How do you want to position the background-image?

    Please note: Banners and skyscrapers are only saved for the current language. For other languages, change the language using the button at the top right.

    Set the link for the background image

  • Banner

    How do you like to align the banner?

    Please note: Banners and skyscrapers are only saved for the current language. For other languages, change the language using the button at the top right.

    Set the link for the banner

  • Skyscraper

    Set the link for the skyscraper

Please note:

Banners and skyscrapers are only saved for the current language. For other languages, change the language using the button at the top right.