Abstract: Security agencies still consider this threat as one of the most common software vulnerabilities. Aiming to increasing security resistance against this software threat, emphasize on software design phase is highly reasonable where cost and time required for fixing error in design level is several times lesser than coding or implementation levels. In this purpose, we use the Secure SDLC . In this paper, we describe how to apply the secure SDLC. Software design phase in such a way that additional cost and time are not required for system analyzing and defining threat scenario.

Keywords: Secure software, software design, software threats, security analysis, SDLC