Categories: Cyber-Security

After reading Secure Design Best Practices, architects who are part of a software development team may find this page useful as the weaknesses are addressed by known security tactics, helping the architect in embedding security throughout the initial design process.

Performing an Attack Surface Analysis includes analyzing the security architecture to identify and document product interfaces and surfaces that could be attacked, as well as consider if there are planned security measures that will provide enough protection against attacks on these surfaces.

To help our customers protect their critical systems and sensitive information from digital attacks security has to be built into our products.
Therefore, the Cyber Security process is an integrated part of most of the PCP R&D processes.
This page contains an overview of securityrelated activities within PCP R&D, and additional information can be found under respective process area in the QMS.

All ABB products or system offerings which are softwarerelated need to fulfill some mandatory cyber security requirements as described in the CFSCP02 Information & Cyber Security Policy.

This guide gives an overview of the suggested course path for education about the cyber security lifecycle for teams that work with ABB products, systems, or solution offerings that are software related.

User documentation should provide the necessary information to help the customer ensure that the site is as secure as possible.

Binary composition analysis is a method used to examine the components inside binary files to detect and manage security risks. This guide describes how to perform such analysis with Black Duck Binary Analysis (BDBA).

Secure coding standards are guidelines, best practices, and coding conventions that can be used by software developers to prevent security vulnerabilities and improve the overall quality of the software during the software design & development phases.

This document describes the secure coding guidelines for the .NET programming language. Some of the guidelines are generic, whereas some are specific to the .NET programming language.

This document describes the secure coding guidelines for the C programming language. Some of the guidelines are generic, whereas some of them are specific to the C programming language.

This document describes the secure coding guidelines for ReactJS. Some of the guidelines are generic, whereas others are specific to ReactJS.

This chapter gives some basic best practices for a secure software design. Assessing how security is addressed in the design of a product is one important step to ensure that the product meets the best security level and can be done at various points in a product lifecycle.

The Security Criticality Analysis is performed to identify which of the components in a product are important to pay extra attention to when trying to minimize the risk of vulnerabilities.

Introduction

This guide describes different types of software vulnerabilities and associated threats. It also describes various defense mechanisms that are typically needed to be prepared for software attacks.

After reading Secure Design Best Practices, this page describes some weaknesses around concepts that are frequently used or encountered in software development environments. This includes all aspects of the software development lifecycle including implementation.