Professional Documents
Culture Documents
SDL Series - Article #1: Investigating the Security Development Lifecycle at Microsoft
In 2006, Michael Howard and Steve Lipner published The Security Development Lifecycle, opening the door to Microsoft's internal methodology for producing more secure software. In this column series, we will walk through the phases of the Microsoft Security Development Lifecycle (SDL) and examine how the SDL is currently put into practice on a daily basis in the development of Microsoft's products. The goal of our effort, through interviews and research, will be to further pull back the covers on Microsoft's practices for creating software upon which millions of users (and billions of dollars) depend.
Content
Security Features vs. Security Products The SDL, In a Nutshell Proven Effective Methodology Our Methodology About the Authors
2
The SDL, in a Nutshell
While any security expert is quick to point out that no process is perfect and no product is free of vulnerabilities, the SDL is designed to obtain two specific goals. First, the SDL should reduce the number of security vulnerabilities in a product. Second, and very importantly, the SDL should reduce the severity of vulnerabilities which remain. If you've heard Microsoft people speak about the security of their products, they use terms like "attack surface area", "secure by default", and "defense in depth." As part of our investigation, we'll dig into the terminology, showing what it means, and where it fits under the umbrella of the SDL.
We can categorically state that the SDL does lead to more secure software Howard and Lipner in their book The Security Development Lifecycle
Our Methodology
In doing this investigation, we will use the book, The Security Development Lifecycle, as our guide, and focus in on the following aspects: Education and Awareness Security Team Organization Threat Modeling Automated Tools Security Response The Evolution of the SDL These chapters align with a typical software development lifecycle, as shown in Figure 1, and our investigation will walk through this lifecycle from start to finish:
For each topic, we plan to interview people on the Microsoft product teams, and find out, in their own words, how the phases of the SDL come alive on a daily basis. Our efforts will depend on the access that Microsoft provides, and the frankness of the conversations that people are willing to have. And our expectation is to provide an in-depth look at how the world's largest software vendor delivers on its promise of providing more secure products and services.