Secure Software Design: Security Flaws, Functional vs. Non-Functional

Verified

Added on 2023/03/30

AI Summary

This assignment focuses on secure software design, addressing how poor design choices lead to security vulnerabilities and increased costs. It details three key ways poor design results in security flaws: creating bugs, susceptibility to malware attacks, and increasing the chances of hacking. The assignment also clarifies the difference between functional and non-functional requirements, explaining how each category is identified and their importance in software development. Functional requirements define what the system should do, including business rules, transaction specifications, and administrative functions. Non-functional requirements, on the other hand, specify the quality attributes of the system, such as performance, scalability, reliability, security, and usability. The provided solution offers a comprehensive overview of secure software design principles and the implications of inadequate design choices. The assignment includes references to relevant publications in the field of system analysis and design.

Secure Software Design
Secure Information Design
1

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Secure Software Design
Question- Explain at least 3 ways that poor software design results in security flaws that
will present increasing cost>2. Explain the difference between functional and
nonfunctional requirements and how each category is identified.
Solution
A good software design not only helps in providing the good functionalities to the application
but also provides high level of security to the application. The ways that poor software design
results in security flaws that will present increased cost are as follows-
 Poor software design creates many bugs – These bugs not only creates hurdles in
functioning of the software functionalities but also create problem in security like if the
bug is there in login page or in authentication system then it creates many security
problems. According to the rule of software engineering the cost of rectifying the bugs is
three times higher in comparison to release of the application.
 Poor software design is prone to malware attack easily- The software which does not
have the proper software design is also prone to the attack of the malware easily. The
poor software design does not provide proper facility for handling the malware attack,
these designs does not provide facility to secure the application from various types of
malware automatically, even these applications does not provide any alert message that
the application has been infected with malware. This obviously creates high increased
cost as the elimination of these malware requires extra concentration and cost to bear.
 Poor software design also raises chances of hacking of the application- The poor
software designed application also raises the chance of hacking especially in case of web
applications. These applications lead to the data breach through system control hacking
and other cyber attack activities. In fact the biggest risk of the poor software design is the
hacking of the application. A good software design is designed by considering all the
possible security problems and can cause many problems in the application. It also
provides the scope of changing the design of the application according to the
requirements and expected changes easily.
2

Secure Software Design
Difference between the Functional and non-Functional requirements
Functional Requirements
The functional requirements help to define the required functionality of the system and
its sub-system. It depends upon the application area of the software, its expected users
and the type and usage area of the software. In general the functional requirements
elaborate what the system is expected to do. It helps the developers to set that these
requirements are most necessary to provide in the proposed application. The main
features that are included in the functional requirements area s follows-
 It specifies the business rules to be given in the proposed application.
 Specification for transaction corrections, adjustments and cancellation.
 It specifies the administrative functions.
 It specifies the authentication rules and authorization levels.
 It specifies requirement for the audit tracking.
 Helps in specifying the external interfaces.
 Elaborates the certification requirements.
 Specifies the reporting and historical data requirements.
 It gives the Legal or regulatory requirements too.
Non-Functional Requirements
The non-functional requirements provide the mechanism for judging the overall performance of
the system. It states those features that help to determine the operation of the application. Non-
functional requirements are also considered as the “quality attributes” of the system. These
requirements help to set the quality goals of the application that are necessarily required to be
given in the system. It is also considered as the technical quality requirements too. The key
features that are considered while analyzing the non-functional requirements are as follows-
 Here the requirements for the overall performance of the application such as response
time, throughput, utilization and static volumetric feature are specified.
 The requirements for the scalability, capacity and availability of the application.
 It specifies the parameters for the reliability.
 Further it specifies the mode for the recoverability of the application.
3

Secure Software Design
 Then it defines the overall feature for the maintainability and serviceability.
 It also specifies the parameters for the security and regularity mode of the application.
 It specifies the requirements for the manageability of the proposed application.
 The requirements for the required environment are also specified in this section.
 The requirements for the data integrity are also specified in this category.
 The factors required to achieve the goals of the usability are also specified in it.
 The mechanism for defining the factors for the inter-operating is also specified in it.
Above mentioned categories can be easily categorized with the help of above mentioned
features.
4

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Secure Software Design
References
Alan. D, Barbara .H.W, Roberta M. R, (2010), Systems Analysis and Design, Wiley Publication
Charles G. Cobb, (2011), making a sense of Agile Software development, Wiley Publication
Vinod .K, S. Srivasan, (2011), Work book on System Analysis and Design, Springer Publication
Richard .A, (2010), System Analysis and Design, Pearson Education
Munuro, (2011), System Analysis and Design, Springer Publication
Garry.B, Harry.J, (2012), System analysis and design, MC Grew Hill
5