Abstract-With the increasing demand for developing high-quality and more reliable systems, the process of developing trustworthy computer software is a challenging one. In this paper, we review various approaches to producing more secure systems. This includes established general principles for designing secure systems. It also provides an introduction to general software quality measurements including existing software security metrics. This paper also includes a comparison of the various security metrics for developing secure systems (i.e., architectural, design, and code-level metrics). Lastly, the paper examines the approach of refactoring, illustrates its objectives, and shows how refactoring is generally used for enhancing the quality of existing programs from the perspective of information security. At the end of this paper, we provide a discussion of these three approaches and how they can be used to provide guidance for future secure software development processes.Index Terms-Security design principles, object-orientation, security metrics, secure refactoring.
I. INTRODUCTIONMuch existing software is designed with poor consideration of information security which makes it vulnerable to many threats including malicious attacks [1]. Software patches are one of the suggested solutions for many of the security attacks facing software [1] but they are expensive to develop and deploy and do not solve basic design weaknesses in the program code. Another solution to achieve a secure product is by following a trustworthy security process [2]. Security processes, in general, consider many aspects of system design, coding, testing, and auditing [2] (e.g., international security standards such as the Common Criteria [3] or the Trusted Computer Criteria [4]).Another common approach for achieving a secure computer program is by following certain coding guidelines which focus on the level of individual program statements (e.g., to avoid/detect buffer overflows [5]). However, these solutions do not always work effectively and may, in general, even introduce new vulnerabilities to existing software [1]. Adding security features to systems after they have been developed and deployed has been a major cause of many system vulnerabilities [6]. Therefore, applying security principles from the early stages of the software development life cycle (SDLC) would be a better solution [1] and allow a Manuscript received October 10, 2014; revised January 5, 2015. Bandar M. Alshammari is with Aljouf University, Saudi Arabia (e-mail: bmshammeri@ju.edu.sa).Colin J. Fidge is with Queensland University of Technology, Australia (e-mail: c.fidge@qut.edu.au).Diane Corney is with Oracle, Australia (e-mail: diane.corney@oracle.com).more coherent system to be produced [6].Developing a secure system requires a good overall design which takes security into account from the beginning. A suggested methodology by Fernandez [1] incorporates security principles into each stage of the SDLC. It makes sure that each stage complies with these principles th...