Software Security; A Vulnerability Activity Revisit

This paper attempts to introduce a method for developing secure software based on the vulnerabilities which are already known. In the proposed method, the most prevalent vulnerabilities are selected. For each vulnerability its location of appearance within the software development process, as well as methods of mitigation through design-level or implementation- level activities is discussed. Mapping vulnerabilities to design and implementation within software development process not only results to a better understanding of vulnerability emergence, but also allows countermeasures to be applied during initial steps of vulnerability creation, and thus better software security. This mapping shows that choosing a suitable programming language and enforcing the least privileges are the most vital design time decisions. Also, security code review and server side input validation are implementation-level activities assumed to cover most of the vulnerabilities.