1 / 22

Microsoft Trustworthy Computing Security Development Lifecycle

Microsoft Trustworthy Computing Security Development Lifecycle. Presented by Jonathan Howell. Source. “The Trustworthy Computing Security Development Lifecycle” http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnsecure/html/sdl.asp Authors Steve Lipner Michael Howard.

luisa
Download Presentation

Microsoft Trustworthy Computing Security Development Lifecycle

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Microsoft Trustworthy Computing Security Development Lifecycle Presented by Jonathan Howell

  2. Source • “The Trustworthy Computing Security Development Lifecycle” • http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnsecure/html/sdl.asp • Authors • Steve Lipner • Michael Howard

  3. Outline • Source • Introduction • SD3 + C • Processes • SDL Phases • SDL at Microsoft • Conclusion

  4. Introduction • Need more secure software with less patching • Provided through a repeatable process with measurable results • Requires: • Repeatable process • Engineer education • Metrics and Accountability

  5. SD3+ C • Secure by Design • Secure by Default • Secure in Deployment • Communications

  6. Processes Figure 1. Baseline process and SDL Improvements

  7. SDL Phases • Requirements Phase • Design Phase • Implementation Phase • Verification Phase • Release Phase • Support and Servicing Phase

  8. Requirements Phase • Request Security Advisor • Security Milestones • Exit Criteria • Documentation • Security Feature Requirements

  9. Design Phase • Define security architecture and design guidelines • Document the elements of the software attack surface • Conduct threat modeling • Define supplemental ship criteria

  10. Implementation Phase • Apply coding and testing standards • Apply security-testing tools including fuzzing tools • Apply static-analysis code scanning tools • Conduct code reviews

  11. Verification Phase • “Security push” • Security reviews • Testing of high priority code

  12. Release Phase • Final security review • Independent Review • Performed by central security team • Penetration testing • Not pass/fail!

  13. Support and Servicing Phase • Evaluate Reports • Release Security Advisories • Issue updates to fix problems • Update code scanning tools

  14. SDL at Microsoft • Mandatory application • Mandatory education • Metrics for product team • Role of central security team

  15. Mandatory Application • Mandatory for software: • processing personal or sensitive information • used in an enterprise or other organization • connected to a network or the internet • Platform security

  16. Mandatory Education • Security changes constantly • Annual security education • Books: • Threat Modeling • Secure Design

  17. Metrics • “can’t manage what you can’t measure” • Proxy metrics • Aggregate metrics for executives

  18. Central Security Team • Secure Windows Initiative (SWI) • Develop, maintain, enhance SDL • Develop, enhance, deliver engineer education • Provide “security advisors” • Subject matter experts • Execute Final Security Reviews

  19. Results at Microsoft

  20. Observations at Microsoft • Threat modeling • Code reviews, automated tools, fuzz testing • Penetration testing • Investments

  21. Conclusion • Appear to see improvements • Iterative cycle • Initially expensive • Worth the cost!

  22. Questions?

More Related