FIBUPC

S2D2: Software Security Driven Development

escert
Description 

The growing number of data hosted in the digital world triggers the need for a methodology to manage security that can be applied to the different projects related with software development, where information, one of the most valued assets, will be hosted.

Even though, in recent years, some good praxis for specific phases of development and a few programming languages have been implemented, there still isn’t any methodology that covers the security of every stage of application development.

inLab has analysed the status, and has produced a methodology to avoid the appearance of vulnerabilities during a product’s development and to facilitate its later auditing.

A tool has been created in order to facilitate the application of this methodology to the project managers. The procedure has also been tried in different projects carried out by our teams.

Duration of the project 
September, 2014 to November, 2015
Client 
Universitat Politècnica de Catalunya (UPC)
Technology 
Entorns i suport al desenvolupament,
gatLab,
Maven,
Eclipse,
Bases de dades,
SQLite,
Llenguatges de programació,
Java,
Seguretat,
Auditoria,
Implantació/Monitorització
Areas of expertise involved in the project 
Cyber Security
Project Manager 
Manu García-Cervigón
Antonia Gómez
Antonio Rodríguez
inLab Team 
Thesis, master's or degree's final projects 
Articles and Presentations 

Segueix-nos a

Els nostres articles del bloc d'inLab FIB

         
         

inLab FIB incorporates esCert

Icona ESCERT

First LogoCSIRT Logo

inLab is member of

inLab és centre TECNIO

ACCIO