Toward Remaking Software Development to Secure It

Abstract

Modern software development depends on tools and techniques to represent implied information processing logic to the human engineer, relying chiefly on effortful human reasoning to best determine critical properties of the software system. Current conceptualization, visualization and contextualization of software in development amounts to a significant under-utilization of already limited development resources directed to optimization, prevention, and addressing fundamental security properties of the software system. As a step toward increasing such utilization as a basis for a global ecosystem of secure software, this work explores and evaluates an alternative representation of software source code for the sake of secure development, manifesting universal, critical properties of the system to enhance control of security factors while the bulk of the properties of the system are being determined and the costly skills of the developer are directed to the many aspects of the task.