Safe and secure programs

Advanced Search

Home > ITU-T > Study Groups > Study Group 17 > Safe and secure programs

Search:

Site Navigation

A to Z of ITU-T′s Activities

Standardization

ITU-T Recommendations

WTSA

Study Groups/TSAG

Focus Groups

Joint Coordination Activities

Global Standards Initiatives

Bridging Standardization Gap

Conformity & Interoperability

Director's Corner

TSB Director's Office

Some suggestions on how to write more safe and secure programs

This paper presents a list of suggestions on how to avoid the most common pitfalls that make software less secure or Less safe than it should be. It is addressed to software developers and covers the phases of software design, implementation, and testing. It focuses on network application programs, but many of the suggestions are equally valid for other kinds of software.

Download the Document ( MS-Word )

Table of Contents

Introduction

Design

Design with security and safety in mind

Design for quality

Use formal methods and languages

Limit software complexity

Ensure that all the operations (both normal and exceptional) in your application are safe and secure

Use only well-known cryptographic algorithms

Don't assume that you can increase security by keeping the source code of your algorithms hidden

Don't rely on the users of your application to select the appropriate (more secure) security settings

Verify exchanged digital certificates and involve the user as much as possible in this process

Limit the internal data redundancy and manage the existing redundancy

Implementation

Ensure that the program doesn't try to read or write data outside an allocated memory block (buffer overflow)

Ensure that all resource allocation errors are detected and handled

Ensure that the program's stack never overflows

Check boundary conditions

Use tools for checking the correctness of the program's code

Limit use of privileged modes during program execution

When processing an input message, check that the message can be safely decoded and that its contents are valid

When processing an input message, limit the resources (memory, disk space, CPU time) used for the message.

Make generous use of assertions in your code

Use restrictive language features extensively

Compile with the highest warning level

Testing

Use system-stress simulation techniques during program testing

Use a multiprocessor computer during program testing

Ensure that the entire program code is executed during program testing

Resources

Contact for comment/discussion:

Mr. Alessandro TRIGLIA

sandro@oss.com