CSSLP Tutorial: Module 04,Part 01 – Secure Coding

Secure Coding

Introduction to secure coding

In previous sections, we’ve talked about requirements, design, and now we’re ready to talk about the processes associated involved with coding as well as its vulnerabilities.  So, this is the chapter over secure software coding.  In this module, we will discuss some of the architecture of a CPU, how different types of instructions move between sections of that system architecture, and then last we’ll talk about the different types of execution and the different modes of the processor.   There’s also tons of opportunities for vulnerabilities and mitigations of those vulnerabilities.

First as we begin the discussion over secure software coding, we can start with defensive coding. Defensive coding is much like defensive driving.  This is where a person can follow all the rules and makes sure that they are attentive but yet still can get into a car accident. That is because of the other drivers on the road.  So, it behooves a person to not only pay attention to what they’re doing, but also pay attention to the other drivers, defensively.  Similarly, in this module we will be looking at how to defend our system architecture.