Building Trust in the Security of Software
3 TRUSTING THE DEVELOPERS
In his COCOMO II cost estimating model, Barry Boehm [ 2 ] found that the greatest source of variability in project performance was the capability of the team assigned to the work. Similarly, Curtis( 1981) [ 5 ] reported as much as a 20 to 1 difference in performance among professional developers. Thus, one of the most critical factors in developing secure software is the knowledge and capability of the developers building or modifying the software product.
This same variability may also be true of AI coding systems that were trained on buggy code written by developers with poor knowledge of secure coding practices. Unless large language models( LLMs) receive supervised learning on security weaknesses, they will simply predict the next symbol based on their training sets and prompts. Carefully designed supervised learning is critical for avoiding insecure hallucinations.
While no certification of developers will guarantee weakness-free software, working with developers whose knowledge of security weaknesses has been examined and certified provides a strong start toward secure software. There are numerous certifications of a developer’ s knowledge of software engineering practices such as IEEE Computer Society’ s Software Engineering Body of Knowledge [ 19 ]; applications such as cloud, mobile, or business process management; languages such as Java, Python, or the Unified Modeling Language( UML). However, a critical skill for developing secure software is the ability to recognize, avoid, and repair weaknesses in the code that affect security.
There are numerous clusters of weaknesses in the over 800 security weaknesses in the Common Weakness Enumeration( CWE) Repository( cwe. mitre. org, Annex A) such as injection weaknesses( e. g. SQL, command, and LDAP injection), buffer overflow weaknesses( e. g. reading or writing before or behind the buffer), and others. Knowledge of the structure of these weaknesses is critical if coding is to be secure. OMG is developing a Dependable Developer Certification to test knowledge of the most severe weaknesses that affect the security, reliability, performance efficiency, and maintainability of software( i. e. the weaknesses in ISO / IEC 5055:2021).
The exam involves questions at both the conceptual and coding levels to ensure developers both understand and can recognize ISO / IEC 5055:2021 weaknesses. The following is an example question on a code snippet from CWE-134( Use of Externally Controlled Format String) in the CWE Repository. Each question has five possible answers only one of which is correct.
Q: Is the following code snippet vulnerable to external control by a bad actor? # include < stdio. h >
void printWrapper( char * string) {
printf( string); 8
May 2025