Many people ask me what substance exists to the Trustworthy Computing Initative and specificially what changes Microsoft have made to our development process to significantly increase the resilience of code.

There's a interesting paper which was written by Steve Lipner who's a Director in the Security Engineering team at Microsoft. The article was posted to the IEEE website - it is available here.

The paper explains the changes to process and proceedure that form the Trustworthy Computing Security Development Lifecycle. Specifically the paper discusses the following areas:

  • Threat models during software design
  • Static code analysis code-scanning tools during implementation
  • Code reviews and security testing