Secure software engineering processes

Security is a serious problem and, if present trends continue, could be much worse in the future. At its core, the value of a software is derived not only from its ability to increase productivity and efficiencies, but also from its resiliency to attack and always performing at needed levels during times of both crisis and normal operations. Until yet, no processes or practices have been shown to consistently produce secure software. However, some available development practices are capable of substantially improving the security of software systems including having exceptionally low defect rates. As a long-term multifaceted problem, improving software security and safeguarding the Information Technology requires multiple solutions and the application of resources throughout the lifecycle. In this paper, we start by presenting the secure software engineering challenges, then we identify the secure software life-cycle models phases and we end by presenting our approach in supporting NATURE for developing secure software.