The IEEE Center for Secure Design cybersecurity initiative has released a report titled "Avoiding the Top 10 Software Security Design Flaws". Based on real-world data, the report welcomed experts from a diverse group of organizations to discuss software security design flaws that they had identified in their own internal design reviews.
What resulted was a list of the top 10 most significant software security design flaws and the design techniques to avoid them. Practical advice ranges from encouraging the correct use of applied cryptography to validating each individual bit of data.
"Bugs and flaws are two very different types of security defects," said participant Gary McGraw, chief technology officer at Cigital. "We believe there has been quite a bit more focus on common bugs than there has been on secure design and the avoidance of flaws, which is worrying since design flaws account for 50% of software security issues. The IEEE Center for Secure Design allows us a chance to refocus, to gather real data, and to share our results with the world at large."
The following list of recommendations was born from the workshop to help developers avoid the top security design flaws (each technique is described in detail in the report):
- Earn or give, but never assume, trust
- Use an authentication mechanism that cannot be bypassed or tampered with
- Authorize after you authenticate
- Strictly separate data and control instructions, and never process control instructions received from untrusted sources
- Define an approach that ensures all data are explicitly validated
- Use cryptography correctly
- Identify sensitive data and how they should be handled
- Always consider the users
- Understand how integrating external components changes your attack surface
- Be flexible when considering future changes to objects and actors