2. Secure Software Architecture#
Legend
Here - found in the module
Moved - found in a different module
Implicit - covered by the process of completing this or a different module
Coming Soon - to be provided at a later date
Not Planned - not covered in this book
2.1. Designing Software#
Describe the benefits of developing secure software
Including:
data protection
minimising cyber attacks and vulnerabilities
Interpret and apply fundamental software development steps to develop secure code
Including:
requirements definition
determining specifications
design
development
Implicit
integration
testing and debugging
installation
maintenance
Describe how the capabilities and experience of end users influence the secure design features of software
2.2. Developing Secure Code#
Explore fundamental software design security concepts when developing programming code
Including:
confidentiality
integrity
availability
authentication
authorisation
accountability
Apply security features incorporated into software including data protection, security, privacy and regulatory compliance
Coming soon.
Use and explain the contribution of cryptography and sandboxing to the ‘security by design’ approach in the development of software solutions
Coming soon.
Use and explain the ‘privacy by design’ approach in the development of software solutions
Including:
proactive not reactive approach
embed privacy into design
respect for user privacy
Test and evaluate the security and resilience of software by determining vulnerabilities, hardening systems, handling breaches, maintaining business continuity and conducting disaster recovery
Coming soon.
Apply and evaluate strategies used by software developers to manage the security of programming code
Including:
code review
static application security testing (SAST)
dynamic application security testing (DAST)
vulnerability assessment
penetration testing
Design, develop and implement code using defensive data input handling practices, including input validation, sanitisation and error handling
Design, develop and implement a safe application programming interface (API) to minimise software vulnerabilities
Coming soon.
Design, develop and implement code considering efficient execution for the user
Including:
memory management
Coming soon.
session management
exception management
To be covered in Year 11 Programming Fundamentals 2026.
Design, develop and implement secure code to minimise vulnerabilities in user action controls
Including:
broken authentication and session management
Coming soon.
cross-site scripting (XSS) and cross-site request forgery (CSRF)
invalid forwarding and redirecting
Coming soon.
race conditions
Design, develop and implement secure code to protect user file and hardware vulnerabilities from file attacks and side channel attacks
Coming soon.
2.3. Impact Of Safe And Secure Software Development#
Apply and describe the benefits of collaboration to develop safe and secure software
Coming soon.
Including:
considering various points of view
Coming soon.
delegating tasks based on expertise
Coming soon.
quality of the solution
Coming soon.
Investigate and explain the benefits to an enterprise of the implementation of safe and secure development practices
Including:
improved products or services
influence on future software development
improved work practices
productivity
business interactivity
Evaluate the social, ethical and legal issues and ramifications that affect people and enterprises resulting from the development and implementation of safe and secure software
Including: