The National Institute of Standards and Technology (NIST) recently circulated a draft white paper discussing recommended security practices to be adopted throughout the various phases of software development. The white paper provides three overarching reasons for integrating secure development practices throughout the software development lifecycle (SDLC) regardless of the development model (e.g., waterfall, agile), namely, “to reduce the number of vulnerabilities in released software, to mitigate the potential impact of the exploitation of undetected or unaddressed vulnerabilities, and to address the root causes of vulnerabilities to prevent future recurrences.”
The white paper discusses the following four secure software development practices, and breaks down each topic by (1) practices, (2) tasks, (3) implementation examples, and (4) references.
Prepare the Organization
In order to prepare an organization for possible security incidents, the white paper recommends that policies should be reviewed both on a regular basis and following a security incident, and should be modified based on the latest updates in secure development practices. According to the white paper, the organization may also need to create new roles relating to secure software development, as well as alter existing roles to ensure that security responsibilities are met throughout the entire SDLC.
Protect the Software
Software protection encompasses not only intentional security incidents but also unintentional security incidents. The white paper suggests using the principle of least privilege, which is the practice of limiting access rights for users to the bare minimum permissions they need to perform their work, in order to minimize potential harm to software. Security considerations do not end once software is distributed to consumers, and the white paper recommends that the organization offer a way for consumers to verify that the software is legitimate.
Produce Well-Secured Software
Well-secured software requires careful forethought and threat analysis in order to build strong defenses against potential security incidents. The white paper recommends using threat and attack modeling, which can help identify weak points in the software to be adjusted before it becomes available for use. The white paper also proposes that third-party software be vetted in the context of its expected use.
Respond to Vulnerability Reports
Responding to vulnerability reports is a crucial aspect of secure development software, as it allows an organization the opportunity to minimize a future security incident. The white paper suggests that organizations analyze the information provided in vulnerability reports to identify patterns and the potential impact of different vulnerabilities.
For lawyers and sourcing professionals, the NIST white paper can serve as a valuable checklist of key scope and performance obligations when developing software—it is a must read!