Secure Software Architecture

2. Secure Software Architecture#

Note

All security related points from Programming for the Web can be found here in Secure Software Architecture.

2.1. Designing Software#

Describe the benefits of developing secure software

Including

  • data protection

  • minimising cyber attacks and vulnerabilities

Interpret and apply fundamental software development steps to develop secure code

Including

requirements definition
determining specifications
design
development

  • Implicit

integration
testing and debugging
installation
maintenance
Describe how the capabilities and experience of end users influence the secure design features of software

2.2. Developing Secure Code#

Explore fundamental software design security concepts when developing programming code

Including

  • confidentiality

  • integrity

  • availability

  • authentication

  • authorisation

  • accountability

Apply security features incorporated into software including data protection, security, privacy and regulatory compliance
Use and explain the contribution of cryptography and sandboxing to the ‘security by design’ approach in the development of software solutions
Use and explain the ‘privacy by design’ approach in the development of software solutions

Including

  • proactive not reactive approach

  • embed privacy into design

  • respect for user privacy

Test and evaluate the security and resilience of software by determining vulnerabilities, hardening systems, handling breaches, maintaining business continuity and conducting disaster recovery

Coming at a later date.

Apply and evaluate strategies used by software developers to manage the security of programming code

Including

  • code review

  • static application security testing (SAST)

  • dynamic application security testing (DAST)

  • vulnerability assessment

  • penetration testing

Design, develop and implement code using defensive data input handling practices, including input validation, sanitisation and error handling
Design, develop and implement a safe application programming interface (API) to minimise software vulnerabilities
Design, develop and implement code considering efficient execution for the user

Including

memory management

Coming at a later date.

session management
exception management

To be covered in Year 11 Programming Fundamentals 2026.

Design, develop and implement secure code to minimise vulnerabilities in user action controls

Including

broken authentication and session management

Coming at a later date.

cross-site scripting (XSS) and cross-site request forgery (CSRF)
invalid forwarding and redirecting

Coming at a later date.

race conditions
Design, develop and implement secure code to protect user file and hardware vulnerabilities from file attacks and side channel attacks

Coming at a later date.

2.3. Impact Of Safe And Secure Software Development#

Apply and describe the benefits of collaboration to develop safe and secure software

Including

  • considering various points of view

  • delegating tasks based on expertise

  • quality of the solution

Investigate and explain the benefits to an enterprise of the implementation of safe and secure development practices

Including

  • improved products or services

  • influence on future software development

  • improved work practices

  • productivity

  • business interactivity

Evaluate the social, ethical and legal issues and ramifications that affect people and enterprises resulting from the development and implementation of safe and secure software

Including

  • employment

  • data security

  • privacy

  • copyright

  • intellectual property

  • digital disruption