V. V. Kulyamin, A. K. Petrenko, E. A. Rudina, “Software security by design”, Proceedings of ISP RAS, 2024, Volume 36, Issue 5,Pages <nobr>7

Software security by design

V. V. Kulyamin^abc, A. K. Petrenko^cab, E. A. Rudina^d

^a Lomonosov Moscow State University
^b National Research University Higher School of Economics
^c Ivannikov Institute for System Programming of the RAS
^d AO Kaspersky Lab

Abstract: Security-by-Design is an important approach to ensure software security and reliability. It has been developing already for more than 50 years, but its principles and techniques are still not well known among wide society of software developers. To make the approach more familiar and popular we need to reestablish its goals and problems, to classify and explain its techniques, and formulate trends of its future development. This paper reformulates the main principles of Security-by-Design, provides some examples of security design patterns and anti-patterns, and also explores relations between the approach and software architecture analysis methods, hardening techniques, and safe programming languages.

Keywords: software security, attack prevention methods, secure software design, software architecture styles and patterns, hardening, software architecture modeling, software architecture analysis, safe programming languages.

DOI: 10.15514/ISPRAS-2024-36(5)-1