The Security Development Lifecycle
The software industry has been struggling with how to create and release software that is more security-enhanced and reliable—the Security Development Lifecycle (SDL) provides a methodology that works. Adapted from Microsoft’s standard development process, SDL is a critical way to help reduce the number of security defects in code at every stage of the development process, from design to release. In addition to a brief history of the methodology, this book details each stage of the SDL methodology and discusses its implementation across a range of Microsoft software, including Microsoft Windows Server 2003, Microsoft SQL Server 2000 Service Pack 3, and Microsoft Exchange Server 2003 Service Pack 1, to help measurably improve security features. Co-authored by Michael Howard and Steve Lipner, you get direct access to insights from Microsoft’s security team and lessons that are repeatable and applicable to software development processes worldwide, whether on a small-scale or large-scale. This book includes a CD featuring videos of developer training classes.
Review By: Garry Archer
06/28/2010"The Security Development Lifecycle" is a must read for designers, managers, and—contrary to what the book recommends—developers. I expect the shelf life for this book to be long, if not forever, since the security of the electronic world is still in its infancy and I see no magic potion that will put an end to hackers and viruses any time soon.
I like the way Michael Howard and Steve Lipner show the start and progress of the SDL concept within the Microsoft Corporation. What better company to use than the largest of all software corporations worldwide. The useful examples are understandable to the layman allowing for a general reading audience vs. the expert; though there is a section or two dabbed with code which are aimed at the experts in the crowd. I loved the model diagrams and can appreciate the bulleted best practices items. There is even a CD with the book that holds video information, reference files, a security risk document, testing policies, and more.
This book has opened my eyes to security items I was unaware of. To me, it was always the same old "put up the firewall, put in a password, and away you go." I was unaware of certain C library functions that are "recommended as banned" API functions.
All of the author's claims are referenced and documented. The references frequently include links to an appropriate Microsoft URL from which the user can access the information. I have been fortunate, or should I say, unfortunate enough to have worked through some of the referenced virus attacks, so this was really a case of show-and-tell. Like the old carpenter rule "Measure twice cut once," the message here is brainstorm it, check it, then check it again, then test it, and check it again.
All areas of development—from the design to testing, to the creation of a disaster recovery plan and customer support—are covered in detail with recommendations from the authors. After reading this book, you will be aware of and armed with ample firepower to guide you through the trials and tribulations of a new program development.
I truly found the chapter on security response planning the most interesting. Creating a security response center and working proactively with the consumers during a security breach is a refreshing change from the times when it was a "fend for yourself" environment.
The bottom line is you will never write the perfectly secure program. Follow best practices by educating your staff about security as it relates to all aspects of the development cycle and methods they should adopt to create more secure code. Plan ahead and create disaster recovery and response plans. I wouldn't change any of the book's content, but then again this was my first dunk into the subject of SDL. Overall, it is a great read and will serve as a cache of valuable information in my arsenal of ever expanding computer and software libraries.
Review By: Gerry Thompson
06/28/2010In the early years of the 21st century, several core Microsoft products were viewed as vulnerable to malicious security threats launched through the Internet. Industry magazines were recommending avoidance of Microsoft products that had been compromised by several infamous viral attacks.
"The Security Development Lifecycle" shares lessons learned by Microsoft developers as the company became a leader in producing secure software. The authors, Microsoft insiders, offer a detailed approach for implementing the Security Development Lifecycle (SDL) process. The book includes a detailed, thirteen-step guide for implementing the SDL process within a software development organization. The book includes a CD that contains a training video that introduces the SDL process concepts.
Security threats are real for virtually any software program. Education is the first steps to achieving buy-in for implementing the SDL process. All members of a software development team must be cognizant of how security threats can be manifested in software programs.
The authors promote creating a security group that will address security issues during software development. Working in conjunction with the software development team, the security team helps in designing products with best practices in mind. Risks must be evaluated, and appropriate steps must be taken to ensure proper development methods are employed. Security implementation measures must be present in design, coding, and testing phases of development. Since security breaches may appear after a product is released, an appropriate response to threats must be planned in advance. Handling threats as they occur, post release, is a critical component of the SDL process. The ability to write secure software involves all phases of development--from requirements writing through development and testing, onto release and monitoring of reports from the field of product vulnerabilities. The detailed steps outlined in the SDL process chapters provide managers the tools to develop the SDL process and deal with internal politics within an organization.
The final chapters of the book offer real-world examples gathered from the experiences of the authors listing potential program routines and "banned" applications that have been shown to lead to security vulnerabilities. Other useful reference materials include cryptographic standards, tools to aid in finding vulnerabilities, suggested compiler options, and several threat tree patterns.
The battle ground of software security is in an escalating "arms" race with malicious programmers developing ever more sophisticated methods for compromising computer program security. "The Security Development Lifecycle" is a valuable asset providing solid advice and procedures from folks who have worked in the trenches implementing cutting edge software security measures at Microsoft.