Hello, Michael Howard here, from the Microsoft Cybersecurity team. It’s hard to imagine that Steve Lipner and I wrote The Security Development Lifecycle: A Process for Developing Demonstrably More Secure Software (Microsoft Press, 2006) a decade ago. Even though much has changed in the intervening years, it’s amazing how the simple fundamentals still hold true.
In the book we talk of “banned functionality,” or functionality that is dangerous and should never be used, and we still talk about the topic today, even though some of the specifics are a little different. Threat modeling, which has a dedicated chapter in the book and which is a cornerstone of the Microsoft Security Development Lifecycle (SDL), is a critical component of any application architecture today.
Sure, the book doesn’t mention “IoT” or “cloud” and the word “mobile” rarely gets mentioned, but banned functionality, threat modeling, and numerous other core SDL tenets—such as a static analysis, bug bars, fuzz testing, and correct cryptographic design—apply to IoT, cloud, and mobile as much as they do to three-tier applications and websites. For example, Microsoft recently released a paper on IoT security architecture, and the first section’s title is “Security starts with a threat model.”
Microsoft’s practice of the SDL has evolved and matured over the last decade, and there’s lots of current guidance and tools available for download at the SDL website. But as I re-read our SDL book recently, I was struck by how much of it is as applicable today as it was yesterday, and it’s because of this that we’re delighted to release the book as a free download from Microsoft Press. Click here to initiate download of the PDF (20.5 MB). Click here to initiate download of the EPUB (3.3 MB). (Please note that the companion materials that were originally released on a CD with the book won’t be made available.)
We hope that more people will read The Security Development Lifecycle and make small changes to their current design, development, and testing practices so as to improve their products’ security.