Security lost in rush for software richness

In the rush to develop feature-rich software security is taking a back seat in the minds of software developers.

Information security expert, Professor Eugene Spafford, from Purdue University in the US, blamed poor design for the increasing number of vulnerabilities and predicted a "software-related catastophe", unless security coding and design principles were enacted by researchers and teachers in the area of software development.

Melbourne-based independent developer Bill Tinker agreed security can take a back seat in software development, but said it takes "considerable effort" to implement security, which is why it is sometimes ignored.

"I think the situation is equivalent to backing up -- it won't be until somebody gets hit that they will see the value in going through the effort," he said.

Australian Software Metrics Association past president and Charismatek Software Metrics managing director, Paul Radford said software is becoming more complex and extra discipline is needed within more agile methodologies.

"We need overall control mechanisms that facilitate more agile processes. Also, impatience and new age gurus lead to greater hype and hope, with less discipline in design, architecture and security."

Join the newsletter!

Error: Please check your email address.
Show Comments

Market Place