Avoiding the Top 10 Software Security Design Flaws
Most software built and released typically comes with a set of defects — implementation bugs and design flaws. While there has been a larger focus on finding bugs rather than on identifying flaws, this document intends to shift some of the focus in security from finding bugs to identifying design flaws in the hope that software architects can learn from others’ mistakes.
Building Code for Medical Device Software Security
This document aims to start medical device software engineers toward a building code for software security that will reduce the vulnerability of their systems to malicious attacks, just as codes for physical buildings help their designers and builders create structures that resist threats from fire, wind, water, and in some cases, malicious attacks.
IEEE Security & Privacy Magazine
IEEE Security & Privacy magazine provides articles with both a practical and research bent by the top thinkers in the field along with case studies, tutorials, columns, and in-depth interviews and podcasts for the information security industry.
WearFit: Security Design Analysis of a Wearable Fitness Tracker
In the Center for Secure Design‘s latest document, we look at how the Top 10 Software Security Design Flaws can be approached within a specific, albeit fictitious, wearable fitness tracking system: the WearFit. We base our analysis as much on real-world systems as possible, providing a broad analysis of threats facing users of wearable fitness-tracking devices.
IEEE Transactions on Dependable and Secure Computing
IEEE Transactions on Dependable and Secure Computing (TDSC) publishes archival research results focusing on foundations, methodologies, and mechanisms that support the achievement—through design, modeling, and evaluation—of systems and networks that are dependable and secure to the desired degree without compromising performance. Read the full scope here.
IEEE Symposium on Security & Privacy
Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for presenting developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field. The 2016 Symposium will mark the 37th annual meeting of this flagship conference.
The Symposium will be held on May 23-25, and the Security and Privacy Workshops will be held on May 26, 2016. Both events will be in San Jose, California at The Fairmont.
The IEEE has a limited number of travel grants for outstanding students to our academic conferences, and someday to our professional conferences.