Secure by design

The cyber security and systems engineering concept known as "secure by design" (SbD) mandates that security be incorporated into systems from the outset rather than as an afterthought. Instead of being retrofitted later through patching or external controls, it focuses on integrating security requirements into the architecture itself by incorporating protections at the very beginning of the design process for hardware, software, and services.

Assuming that systems will be attacked, Secure by Design entails limiting their architecture to make compromises challenging, contained, and recoverable. It highlights strategies like defence in depth, minimising attack surfaces, the least privilege principle, and integrating detection and response mechanisms. SbD treats security as a design constraint on par with performance, usability, and cost, in contrast to reactive approaches that mainly rely on vulnerability management after deployment.

Since significant cyber events, such as supply chain breaches and ransomware campaigns, have shown the shortcomings of reactive security, Secure by Design has gained popularity in the twenty-first century. SbD practices are now more frequently required by governments, businesses, and standards organisations in a variety of domains, from consumer Internet of Things (IoT) devices to defence systems. There are similarities between the idea and related paradigms like safety by design, privacy by design, and the larger trend towards resilient systems engineering.

Core Concepts

Secure by Design is based on a number of fundamental concepts:

Security as a design constraint: security specifications must be incorporated into the conceptual design process and upheld at all stages of the project's development.
Anticipate attacks because it is assumed that systems function in hostile environments with active adversaries.
Least privilege: only the most essential permissions are given to users, processes, and services.
Layered security controls and defence in depth lessen the chance of total compromise.
Reduce the attack surface by only exposing necessary features, interfaces, and services.
Constant assurance: security measures need to be continuously tested, observed, and enhanced.
Steer clear of secrecy; strong, open design should be the foundation of security, not proprietary obscurity.

These ideas complement and overlap with related paradigms like safety by design, privacy by design, and Zero Trust Architecture (ZTA).

Methodologies

Secure by Design is not a single method; it is a design philosophy that can be used in many different development lifecycles, such as Agile, Waterfall, and DevSecOps. Some well-known frameworks and methods are:

The Microsoft Security Development Lifecycle (SDL) adds security to every step of making a product.
NIST SP 800-160 Volume 2 uses systems security engineering to make systems that are hard to break.
SEI Secure Design Patterns (Carnegie Mellon University, 2009) – strategies that can be used over and over again to solve common security problems.
MoD Secure by Design Implementation Guide – a set of best practices for the UK defence sector.

Government and Industry Adoption

Secure by Design has been required or suggested in a number of fields:

The National Institute of Standards and Technology (NIST) in the United States promotes SbD through SP 800-160 and SP 800-53 (security controls). The Cybersecurity and Infrastructure Security Agency (CISA) has also put out Secure by Design guidelines for software makers.
The UK government requires SbD in digital services through the Government Digital Service (GDS) and the Ministry of Defence. This means designing with risk in mind, providing continuous assurance, and reducing attack surfaces.
The Cyber Resilience Act stresses security throughout the life cycles of products in the European Union, which is in line with SbD principles.
Consumer IoT: ETSI TS 103 645 sets security standards that are used in IoT rules in the UK and EU.

Criticism and Challenges

While widely endorsed, Secure by Design faces challenges in practice:

Cost and complexity – early investment in security design can increase upfront costs.
Legacy systems – applying SbD to older architectures is often impractical.
Supply chain reliance – third-party software and components may undermine SbD practices.
Human factors – poorly designed controls may cause users to bypass them, reducing effectiveness.

Despite these challenges, SbD is increasingly seen as essential in countering advanced persistent threats (APTs), ransomware, and supply chain attacks.

References

External links

v t e Information security
Threats	Adware Advanced persistent threat Arbitrary code execution Backdoors Bombs Fork Logic Time Zip Hardware backdoors Code injection Crimeware Cross-site scripting Cross-site leaks DOM clobbering History sniffing Cryptojacking Botnets Data breach Drive-by download Browser Helper Objects Viruses Data scraping Denial-of-service attack Eavesdropping Email fraud Email spoofing Exploits Fraudulent dialers Hacktivism Infostealer Insecure direct object reference Keystroke loggers Malware Payload Phishing Voice Polymorphic engine Privilege escalation Ransomware Rootkits Scareware Shellcode Spamming Social engineering Spyware Software bugs Trojan horses Hardware Trojans Remote access trojans Vulnerability Web shells Wiper Worms SQL injection Rogue security software Zombie	vectorial version
Defenses	Application security Secure coding Secure by default Secure by design Misuse case Computer access control Authentication Multi-factor authentication Authorization Computer security software Antivirus software Security-focused operating system Data-centric security Software obfuscation Data masking Encryption Firewall Intrusion detection system Host-based intrusion detection system (HIDS) Anomaly detection Information security management Information risk management Security information and event management (SIEM) Runtime application self-protection Site isolation
Related security topics	Computer security Automotive security Cybercrime Cybersex trafficking Computer fraud Cybergeddon Cyberterrorism Cyberwarfare Electronic warfare Information warfare Internet security Mobile security Network security Copy protection Digital rights management

v t e Computer science
Note: This template roughly follows the 2012 ACM Computing Classification System.
Hardware	Printed circuit board Peripheral Integrated circuit Very-large-scale integration System on a chip (SoC) Energy consumption (green computing) Electronic design automation Hardware acceleration Processor Size / Form
Computer systems organization	Computer architecture Computational complexity Dependability Embedded system Real-time computing Cyber-physical system Fault tolerance Wireless sensor network
Networks	Network architecture Network protocol Network components Network scheduler Network performance evaluation Network service
Software organization	Interpreter Middleware Virtual machine Operating system Software quality
Software notations and tools	Programming paradigm Programming language Compiler Domain-specific language Modeling language Software framework Integrated development environment Software configuration management Software library Software repository
Software development	Control variable Software development process Requirements analysis Software design Software construction Software deployment Software engineering Software maintenance Programming team Open-source model
Theory of computation	Model of computation Stochastic Formal language Automata theory Computability theory Computational complexity theory Logic Semantics
Algorithms	Algorithm design Analysis of algorithms Algorithmic efficiency Randomized algorithm Computational geometry
Mathematics of computing	Discrete mathematics Probability Statistics Mathematical software Information theory Mathematical analysis Numerical analysis Theoretical computer science
Information systems	Database management system Information storage systems Enterprise information system Social information systems Geographic information system Decision support system Process control system Multimedia information system Data mining Digital library Computing platform Digital marketing World Wide Web Information retrieval
Security	Cryptography Formal methods Security hacker Security services Intrusion detection system Hardware security Network security Information security Application security
Human-centered computing	Interaction design Augmented reality Virtual reality Social computing Ubiquitous computing Visualization Accessibility Human–computer interaction Mobile computing
Concurrency	Concurrent computing Parallel computing Distributed computing Multithreading Multiprocessing
Artificial intelligence	Natural language processing Knowledge representation and reasoning Computer vision Automated planning and scheduling Search methodology Control method Philosophy of artificial intelligence Distributed artificial intelligence
Machine learning	Supervised learning Unsupervised learning Reinforcement learning Multi-task learning Cross-validation
Graphics	Animation Rendering Photograph manipulation Graphics processing unit Image compression Solid modeling
Applied computing	Quantum computing E-commerce Enterprise software Computational mathematics Computational physics Computational chemistry Computational biology Computational social science Computational engineering Differentiable computing Computational healthcare Digital art Electronic publishing Cyberwarfare Electronic voting Video games Word processing Operations research Educational technology Document management
Category Outline Glossaries