Skip to main content

Secure by design framework

Security-by-Design (SBD) is an approach to protecting technology systems against security threats by integrating security into every step of the software lifecycle from initiation to decommissioning. The SBD lifecycle parallels the software lifecycle phases by incorporating security considerations into each stage. It spans across all the phases as security risks will need to be identified as early as the planning phase and addressed accordingly throughout the phases. 

Software Life Cycle

The table below summarizes the security considerations at each stage of the software life cycle: ...

Initiation

During the initiation stage security risk assessment and security planning for the software proje...

Acquisition

Software can be acquired either through external procurement or in-house development. For the Gov...

Architecture & Design

This stage involves ensuring security is considered as part of the overall system architecture de...

Development

Secure coding [Mandatory] - In the development stage security requirements and design should be...

Testing

following should be considered in the Testing phase: Test planning  [Mandatory]- Planning for ...

Deployment Phase

Security configurations[Mandatory] - When deploying software, ensure appropriate security confi...

Operations and Maintenance

During this stage, the software is in production and operating. Continuous enhancements or modifi...

Upgrade /Decommission

This stage involves retiring or removing a software system from service. The software may then be...
Back to top