10 Commandments of Secure Engineering

 
 
By Darryl K. Taft  |  Posted 2014-08-11 Email Print this article Print
 
 
 
 
 
 
 
 

Back in May, the National Institute of Standards and Technology (NIST) released a draft publication on systems security engineering. Although well-intentioned, the document lacks the specificity and concrete guidance needed to give systems security engineers actionable steps to fully incorporate security into the systems engineering process. The NIST document exhaustingly defines systems security engineering as a specialty discipline of systems engineering. It also provides a description of the processes, activities and tasks performed by systems security engineering professionals. However, to keep things simple and practical, network security company FlowTraq developed "The 10 Commandments of Secure Engineering," which take a look at securing engineering systems in a two-pronged approach. First, developers must design systems with security in mind, building varying levels of security into the system throughout the development life cycle. Secondly, systems engineers must prepare for active defense by using the right tools to monitor, track and identify potential threats. This eWEEK slide show, with the assistance of FlowTraq, looks at 10 tenets of secure engineering.

 
 
 
  • 10 Commandments of Secure Engineering

    By Darryl K. Taft
    10 Commandments of Secure Engineering
  • Separation of Data

    When engineering secure systems, you must follow the fundamental principles of data separation and separate data by mission, objective and trust level so that only approved individuals have access to different types of data as well as different parts of your system.
    Separation of Data
  • Defense in Depth

    When designing systems, sometimes we focus so much on perimeter security that we forget to pay the same attention to building an in-depth defense posture. It is important to build sensible gates or privilege barriers throughout your systems—not just along the perimeter.
    Defense in Depth
  • Create Flood Barriers

    The saying “You’re only as secure as your weakest link” is absolutely true, which is why it’s important to isolate each part of the system, or mission, from failures and compromises in others. If one part of the system goes down, you don’t want this to affect other parts of your system, eventually taking down your entire IT infrastructure.
    Create Flood Barriers
  • Build a Kill Switch

    Engineer a secure way to shut down parts of your system that may be under compromise. This ensures that if a hacker does infiltrate one particular part of your system, you are able to stop him or her in their tracks before the consequences become widespread.
    Build a Kill Switch
  • Plan for Functionality

    Oftentimes, security requirements can become a barrier to system functionality—but they don’t have to be. Find new, creative ways to create functional systems that are also secure.
    Plan for Functionality
  • Ubiquitous Data Acquisition

    The work for creating trustworthy, resilient systems isn’t done once a system is engineered. It is equally as important to maintain a strong defense posture over time, which heavily relies on continuously monitoring as many aspects of your system as feasible and storing this data for possible forensic analysis. You must monitor multiple points within your system, and keep the data around for weeks or even months, in the event that you need to investigate historical patterns as part of a larger security analysis further down the road.
    Ubiquitous Data Acquisition
  • Accessibility of Telemetry

    Often it is difficult to obtain or understand the internal state of a system, so it’s important to make it easy to get to the telemetry and make it intuitive to understand. Only then will an operator be able to quickly understand the difference between a failure and a compromise.
    Accessibility of Telemetry
  • Track Baselines, Detect Anomalies

    Develop a set of baselines within your systems so that you can uncover deviations from normal patterns in volumes, identities, timestamps and messages within your data analysis. The ability to detect suspicious data movement is key to uncovering threats and vulnerabilities before they affect your system, and this is only accomplished when building into your system a sense of what is normal and what is abnormal.
    Track Baselines, Detect Anomalies
  • Prioritize Messages

    Assign priorities to alerts, anomalies and telemetry data and align these with possible impact on your systems. For example, if you have set up alerts to show when a particular part of your system is accessed at an irregular hour by an unauthorized user three days in a row, this should trigger a high-priority alert indicating a possible breach.
    Prioritize Messages
  • Alternate Perspectives

    Create multiple views of the same system or component, allowing a multi-perspective view. This adds an extra layer of visibility in systems or system components to improve security analysis and help you develop the proactive measures you need to ensure a fully secured system.
    Alternate Perspectives
 
 
 
 
 
Darryl K. Taft covers the development tools and developer-related issues beat from his office in Baltimore. He has more than 10 years of experience in the business and is always looking for the next scoop. Taft is a member of the Association for Computing Machinery (ACM) and was named 'one of the most active middleware reporters in the world' by The Middleware Co. He also has his own card in the 'Who's Who in Enterprise Java' deck.
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
Rocket Fuel