Fraunhofer Institute for Experimental Software Engineering IESE
IT security is an important requirement for enterprises that depend on information technology, and users increasingly rely on the security and privacy of IT-enabled products and services. However, the growing sophistication, complexity, and mobility of software and systems are an impediment to provably secure system design and to the reconciliation of security needs with other, equally important system qualities.
Building Security in
Security is not an isolated quality that can be added to a system as an afterthought. It requires careful consideration right from the inception of the engineering process, and continual attention throughout the lifecycle of a system or service. To achieve an adequate level of security assurance at acceptable costs, analytical and constructive skills need to be combined judiciously, and at different levels of abstraction.
However, security — though it is important — is only one of several system qualities. In most cases, it is not the predominant engineering target, but only a secondary concern. Moreover, achieving maximum security is often in conflict with competing goals such as simplicity, compatibility, or appealing user experience. Therefore, it is crucial to reconcile such diverse requirements and to strike a balance between security and other design objectives.
To help our clients build security into their systems during every phase of development, we provide expertise, methods, and tools for
- Combining analytical security assessments with constructive security design
- Complementing network and infrastructure security with software and application security
- Integrating security-related best practices along the system lifecycle with software engineering principles and best practices for requirements engineering, design, and quality assurance
- Interlocking security engineering with other quality assurance activities such as safety or usability engineering.
We help you to master your security engineering challenges.